feat(M3-002): implement AnthropicAdapter for Claude Sonnet 4.6, Opus 4.6, and Haiku 4.5

Adds AnthropicAdapter implementing IProviderAdapter. Installs @anthropic-ai/sdk, registers the three Claude models with the Pi ModelRegistry, implements healthCheck() via client.models.list(), and createCompletion() with streaming via messages.stream(). Replaces the legacy inline registerAnthropicProvider() method in ProviderService. Gracefully skips registration when ANTHROPIC_API_KEY is not set. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
chore: M1 + M2 milestones complete — 18/65 tasks done (#307 )
2026-03-21 16:30:15 -05:00 · 2026-03-21 21:21:20 +00:00 · 2026-03-21 21:19:07 +00:00 · 2026-03-21 21:16:50 +00:00 · 2026-03-21 21:16:45 +00:00 · 2026-03-21 21:08:19 +00:00
187 changed files with 24513 additions and 1535 deletions
--- a/.env.example
+++ b/.env.example
@@ -62,9 +62,15 @@ OTEL_SERVICE_NAME=mosaic-gateway
 # Comma-separated list of Ollama model IDs to register (default: llama3.2,codellama,mistral)
 # OLLAMA_MODELS=llama3.2,codellama,mistral

-# OpenAI — required for embedding and log-summarization features
+# Anthropic (claude-sonnet-4-6, claude-opus-4-6, claude-haiku-4-5)
+# ANTHROPIC_API_KEY=sk-ant-...
+
+# OpenAI (gpt-4o, gpt-4o-mini, o3-mini)
 # OPENAI_API_KEY=sk-...

+# Z.ai / GLM (glm-4.5, glm-4.5-air, glm-4.5-flash)
+# ZAI_API_KEY=...
+
 # Custom providers — JSON array of provider configs
 # Format: [{"id":"<id>","baseUrl":"<url>","apiKey":"<key>","models":[{"id":"<model-id>","name":"<label>"}]}]
 # MOSAIC_CUSTOM_PROVIDERS=
@@ -123,7 +129,26 @@ OTEL_SERVICE_NAME=mosaic-gateway
 # TELEGRAM_GATEWAY_URL=http://localhost:4000


-# ─── Authentik SSO (optional — set AUTHENTIK_CLIENT_ID to enable) ────────────
+# ─── SSO Providers (add credentials to enable) ───────────────────────────────
+
+# --- Authentik (optional — set AUTHENTIK_CLIENT_ID to enable) ---
 # AUTHENTIK_ISSUER=https://auth.example.com/application/o/mosaic/
 # AUTHENTIK_CLIENT_ID=
 # AUTHENTIK_CLIENT_SECRET=
+
+# --- WorkOS (optional — set WORKOS_CLIENT_ID to enable) ---
+# WORKOS_ISSUER=https://your-company.authkit.app
+# WORKOS_CLIENT_ID=client_...
+# WORKOS_CLIENT_SECRET=sk_live_...
+
+# --- Keycloak (optional — set KEYCLOAK_CLIENT_ID to enable) ---
+# KEYCLOAK_ISSUER=https://auth.example.com/realms/master
+# Legacy alternative if you prefer to compose the issuer from separate vars:
+# KEYCLOAK_URL=https://auth.example.com
+# KEYCLOAK_REALM=master
+# KEYCLOAK_CLIENT_ID=mosaic
+# KEYCLOAK_CLIENT_SECRET=
+
+# Feature flags — set to true alongside provider credentials to show SSO buttons in the UI
+# NEXT_PUBLIC_WORKOS_ENABLED=true
+# NEXT_PUBLIC_KEYCLOAK_ENABLED=true
--- a/.woodpecker/ci.yml
+++ b/.woodpecker/ci.yml
@@ -5,9 +5,10 @@ variables:
 when:
  - event: [push, pull_request, manual]

-# Turbo remote cache is at turbo.mosaicstack.dev (ducktors/turborepo-remote-cache).
-# TURBO_TOKEN is a Woodpecker secret injected via from_secret into the environment.
-# Turbo picks up TURBO_API, TURBO_TOKEN, and TURBO_TEAM automatically.
+# Turbo remote cache (turbo.mosaicstack.dev) is configured via Woodpecker
+# repository-level environment variables (TURBO_API, TURBO_TEAM, TURBO_TOKEN).
+# This avoids from_secret which is blocked on pull_request events.
+# If the env vars aren't set, turbo falls back to local cache only.

 steps:
  install:
@@ -18,11 +19,6 @@ steps:

  typecheck:
    image: *node_image
-    environment:
-      TURBO_API: https://turbo.mosaicstack.dev
-      TURBO_TEAM: mosaic
-      TURBO_TOKEN:
-        from_secret: turbo_token
    commands:
      - *enable_pnpm
      - pnpm typecheck
@@ -32,11 +28,6 @@ steps:
  # lint, format, and test are independent — run in parallel after typecheck
  lint:
    image: *node_image
-    environment:
-      TURBO_API: https://turbo.mosaicstack.dev
-      TURBO_TEAM: mosaic
-      TURBO_TOKEN:
-        from_secret: turbo_token
    commands:
      - *enable_pnpm
      - pnpm lint
@@ -53,11 +44,6 @@ steps:

  test:
    image: *node_image
-    environment:
-      TURBO_API: https://turbo.mosaicstack.dev
-      TURBO_TEAM: mosaic
-      TURBO_TOKEN:
-        from_secret: turbo_token
    commands:
      - *enable_pnpm
      - pnpm test
@@ -66,11 +52,6 @@ steps:

  build:
    image: *node_image
-    environment:
-      TURBO_API: https://turbo.mosaicstack.dev
-      TURBO_TEAM: mosaic
-      TURBO_TOKEN:
-        from_secret: turbo_token
    commands:
      - *enable_pnpm
      - pnpm build
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -53,3 +53,28 @@ pnpm typecheck && pnpm lint && pnpm format:check  # Quality gates
 - ESM everywhere (`"type": "module"`, `.js` extensions in imports)
 - NodeNext module resolution in all tsconfigs
 - Scratchpads are mandatory for non-trivial tasks
+
+## docs/TASKS.md — Schema (CANONICAL)
+
+The `agent` column specifies the required model for each task. **This is set at task creation by the orchestrator and must not be changed by workers.**
+
+| Value    | When to use                                                 | Budget                     |
+| -------- | ----------------------------------------------------------- | -------------------------- |
+| `codex`  | All coding tasks (default for implementation)               | OpenAI credits — preferred |
+| `glm-5`  | Cost-sensitive coding where Codex is unavailable            | Z.ai credits               |
+| `haiku`  | Review gates, verify tasks, status checks, docs-only        | Cheapest Claude tier       |
+| `sonnet` | Complex planning, multi-file reasoning, architecture review | Claude quota               |
+| `opus`   | Major cross-cutting architecture decisions ONLY             | Most expensive — minimize  |
+| `—`      | No preference / auto-select cheapest capable                | Pipeline decides           |
+
+Pipeline crons read this column and spawn accordingly. Workers never modify `docs/TASKS.md` — only the orchestrator writes it.
+
+**Full schema:**
+
+```
+| id | status | description | issue | agent | repo | branch | depends_on | estimate | notes |
+```
+
+- `status`: `not-started` | `in-progress` | `done` | `failed` | `blocked` | `needs-qa`
+- `agent`: model value from table above (set before spawning)
+- `estimate`: token budget e.g. `8K`, `25K`
--- a/apps/gateway/package.json
+++ b/apps/gateway/package.json
@@ -12,18 +12,19 @@
    "test": "vitest run --passWithNoTests"
  },
  "dependencies": {
+    "@anthropic-ai/sdk": "^0.80.0",
    "@fastify/helmet": "^13.0.2",
    "@mariozechner/pi-ai": "~0.57.1",
    "@mariozechner/pi-coding-agent": "~0.57.1",
    "@modelcontextprotocol/sdk": "^1.27.1",
    "@mosaic/auth": "workspace:^",
-    "@mosaic/queue": "workspace:^",
    "@mosaic/brain": "workspace:^",
    "@mosaic/coord": "workspace:^",
    "@mosaic/db": "workspace:^",
    "@mosaic/discord-plugin": "workspace:^",
    "@mosaic/log": "workspace:^",
    "@mosaic/memory": "workspace:^",
+    "@mosaic/queue": "workspace:^",
    "@mosaic/telegram-plugin": "workspace:^",
    "@mosaic/types": "workspace:^",
    "@nestjs/common": "^11.0.0",
--- a/apps/gateway/src/tests/conversation-persistence.test.ts
+++ b/apps/gateway/src/tests/conversation-persistence.test.ts
@@ -0,0 +1,605 @@
+/**
+ * Integration tests for conversation persistence and context resume (M1-008).
+ *
+ * Verifies the full flow end-to-end using in-memory mocks:
+ * 1. User messages are persisted when sent via ChatGateway.
+ * 2. Assistant responses are persisted with metadata on agent:end.
+ * 3. Conversation history is loaded and injected into context on session resume.
+ * 4. The search endpoint returns matching messages.
+ */
+
+import { BadRequestException, NotFoundException } from '@nestjs/common';
+import { describe, expect, it, vi, beforeEach } from 'vitest';
+import type { ConversationHistoryMessage } from '../agent/agent.service.js';
+import { ConversationsController } from '../conversations/conversations.controller.js';
+import type { Message } from '@mosaic/brain';
+
+// ---------------------------------------------------------------------------
+// Shared test data
+// ---------------------------------------------------------------------------
+
+const USER_ID = 'user-test-001';
+const CONV_ID = 'conv-test-001';
+
+function makeConversation(overrides?: Record<string, unknown>) {
+  return {
+    id: CONV_ID,
+    userId: USER_ID,
+    title: null,
+    projectId: null,
+    archived: false,
+    createdAt: new Date('2026-01-01T00:00:00Z'),
+    updatedAt: new Date('2026-01-01T00:00:00Z'),
+    ...overrides,
+  };
+}
+
+function makeMessage(
+  role: 'user' | 'assistant' | 'system',
+  content: string,
+  overrides?: Record<string, unknown>,
+) {
+  return {
+    id: `msg-${role}-${Math.random().toString(36).slice(2)}`,
+    conversationId: CONV_ID,
+    role,
+    content,
+    metadata: null,
+    createdAt: new Date('2026-01-01T00:01:00Z'),
+    ...overrides,
+  };
+}
+
+// ---------------------------------------------------------------------------
+// Helper: build a mock ConversationsRepo
+// ---------------------------------------------------------------------------
+
+function createMockBrain(options?: {
+  conversation?: ReturnType<typeof makeConversation> | undefined;
+  messages?: ReturnType<typeof makeMessage>[];
+  searchResults?: Array<{
+    messageId: string;
+    conversationId: string;
+    conversationTitle: string | null;
+    role: 'user' | 'assistant' | 'system';
+    content: string;
+    createdAt: Date;
+  }>;
+}) {
+  const conversation = options?.conversation;
+  const messages = options?.messages ?? [];
+  const searchResults = options?.searchResults ?? [];
+
+  return {
+    conversations: {
+      findAll: vi.fn().mockResolvedValue(conversation ? [conversation] : []),
+      findById: vi.fn().mockResolvedValue(conversation),
+      create: vi.fn().mockResolvedValue(conversation ?? makeConversation()),
+      update: vi.fn().mockResolvedValue(conversation),
+      remove: vi.fn().mockResolvedValue(true),
+      findMessages: vi.fn().mockResolvedValue(messages),
+      addMessage: vi.fn().mockImplementation((data: unknown) => {
+        const d = data as {
+          conversationId: string;
+          role: 'user' | 'assistant' | 'system';
+          content: string;
+          metadata?: Record<string, unknown>;
+        };
+        return Promise.resolve(makeMessage(d.role, d.content, { metadata: d.metadata ?? null }));
+      }),
+      searchMessages: vi.fn().mockResolvedValue(searchResults),
+    },
+  };
+}
+
+// ---------------------------------------------------------------------------
+// 1. ConversationsRepo: addMessage persists user message
+// ---------------------------------------------------------------------------
+
+describe('ConversationsRepo.addMessage — user message persistence', () => {
+  it('persists a user message and returns the saved record', async () => {
+    const brain = createMockBrain({ conversation: makeConversation() });
+
+    const result = await brain.conversations.addMessage(
+      {
+        conversationId: CONV_ID,
+        role: 'user',
+        content: 'Hello, agent!',
+        metadata: { timestamp: '2026-01-01T00:01:00.000Z' },
+      },
+      USER_ID,
+    );
+
+    expect(brain.conversations.addMessage).toHaveBeenCalledOnce();
+    expect(result).toBeDefined();
+    expect(result!.role).toBe('user');
+    expect(result!.content).toBe('Hello, agent!');
+    expect(result!.conversationId).toBe(CONV_ID);
+  });
+
+  it('returns undefined when conversation does not belong to the user', async () => {
+    // Simulate the repo enforcement: ownership mismatch returns undefined
+    const brain = createMockBrain({ conversation: undefined });
+    brain.conversations.addMessage = vi.fn().mockResolvedValue(undefined);
+
+    const result = await brain.conversations.addMessage(
+      { conversationId: CONV_ID, role: 'user', content: 'Hello' },
+      'other-user',
+    );
+
+    expect(result).toBeUndefined();
+  });
+});
+
+// ---------------------------------------------------------------------------
+// 2. ConversationsRepo.addMessage — assistant response with metadata
+// ---------------------------------------------------------------------------
+
+describe('ConversationsRepo.addMessage — assistant response metadata', () => {
+  it('persists assistant message with model, provider, tokens and toolCalls metadata', async () => {
+    const assistantMetadata = {
+      timestamp: '2026-01-01T00:02:00.000Z',
+      model: 'claude-3-5-sonnet-20241022',
+      provider: 'anthropic',
+      toolCalls: [
+        {
+          toolCallId: 'tc-001',
+          toolName: 'read_file',
+          args: { path: '/foo/bar.ts' },
+          isError: false,
+        },
+      ],
+      tokenUsage: {
+        input: 1000,
+        output: 250,
+        cacheRead: 0,
+        cacheWrite: 0,
+        total: 1250,
+      },
+    };
+
+    const brain = createMockBrain({ conversation: makeConversation() });
+
+    const result = await brain.conversations.addMessage(
+      {
+        conversationId: CONV_ID,
+        role: 'assistant',
+        content: 'Here is the file content you requested.',
+        metadata: assistantMetadata,
+      },
+      USER_ID,
+    );
+
+    expect(result).toBeDefined();
+    expect(result!.role).toBe('assistant');
+    expect(result!.content).toBe('Here is the file content you requested.');
+    expect(result!.metadata).toMatchObject({
+      model: 'claude-3-5-sonnet-20241022',
+      provider: 'anthropic',
+      tokenUsage: { input: 1000, output: 250, total: 1250 },
+    });
+    expect((result!.metadata as Record<string, unknown>)['toolCalls']).toHaveLength(1);
+    expect(
+      (
+        (result!.metadata as Record<string, unknown>)['toolCalls'] as Array<Record<string, unknown>>
+      )[0]!['toolName'],
+    ).toBe('read_file');
+  });
+});
+
+// ---------------------------------------------------------------------------
+// 3. ChatGateway.loadConversationHistory — session resume loads history
+// ---------------------------------------------------------------------------
+
+describe('Conversation resume — history loading', () => {
+  it('maps DB messages to ConversationHistoryMessage shape', () => {
+    // Simulate what ChatGateway.loadConversationHistory does:
+    // convert DB Message rows to ConversationHistoryMessage for context injection.
+    const dbMessages = [
+      makeMessage('user', 'What is the capital of France?', {
+        createdAt: new Date('2026-01-01T00:01:00Z'),
+      }),
+      makeMessage('assistant', 'The capital of France is Paris.', {
+        createdAt: new Date('2026-01-01T00:01:05Z'),
+      }),
+      makeMessage('user', 'And Germany?', { createdAt: new Date('2026-01-01T00:02:00Z') }),
+      makeMessage('assistant', 'The capital of Germany is Berlin.', {
+        createdAt: new Date('2026-01-01T00:02:05Z'),
+      }),
+    ];
+
+    // Replicate the mapping logic from ChatGateway
+    const history: ConversationHistoryMessage[] = dbMessages.map((msg) => ({
+      role: msg.role as 'user' | 'assistant' | 'system',
+      content: msg.content,
+      createdAt: msg.createdAt,
+    }));
+
+    expect(history).toHaveLength(4);
+    expect(history[0]).toEqual({
+      role: 'user',
+      content: 'What is the capital of France?',
+      createdAt: new Date('2026-01-01T00:01:00Z'),
+    });
+    expect(history[1]).toEqual({
+      role: 'assistant',
+      content: 'The capital of France is Paris.',
+      createdAt: new Date('2026-01-01T00:01:05Z'),
+    });
+    expect(history[2]!.role).toBe('user');
+    expect(history[3]!.role).toBe('assistant');
+  });
+
+  it('returns empty array when conversation has no messages', async () => {
+    const brain = createMockBrain({ conversation: makeConversation(), messages: [] });
+
+    const messages = await brain.conversations.findMessages(CONV_ID, USER_ID);
+    expect(messages).toHaveLength(0);
+
+    // Gateway produces empty history → no context injection
+    const history: ConversationHistoryMessage[] = (messages as Message[]).map((msg) => ({
+      role: msg.role as 'user' | 'assistant' | 'system',
+      content: msg.content,
+      createdAt: msg.createdAt,
+    }));
+    expect(history).toHaveLength(0);
+  });
+
+  it('returns empty array when conversation does not belong to the user', async () => {
+    const brain = createMockBrain({ conversation: undefined });
+    brain.conversations.findMessages = vi.fn().mockResolvedValue([]);
+
+    const messages = await brain.conversations.findMessages(CONV_ID, 'other-user');
+    expect(messages).toHaveLength(0);
+  });
+
+  it('preserves message order (ascending by createdAt)', async () => {
+    const ordered = [
+      makeMessage('user', 'First', { createdAt: new Date('2026-01-01T00:01:00Z') }),
+      makeMessage('assistant', 'Second', { createdAt: new Date('2026-01-01T00:01:05Z') }),
+      makeMessage('user', 'Third', { createdAt: new Date('2026-01-01T00:02:00Z') }),
+    ];
+    const brain = createMockBrain({ conversation: makeConversation(), messages: ordered });
+
+    const messages = await brain.conversations.findMessages(CONV_ID, USER_ID);
+    expect(messages[0]!.content).toBe('First');
+    expect(messages[1]!.content).toBe('Second');
+    expect(messages[2]!.content).toBe('Third');
+  });
+});
+
+// ---------------------------------------------------------------------------
+// 4. AgentService.buildHistoryPromptSection — context injection format
+// ---------------------------------------------------------------------------
+
+describe('AgentService — buildHistoryPromptSection (context injection)', () => {
+  /**
+   * Replicate the private method logic to test it in isolation.
+   * The real method lives in AgentService but is private; we mirror the
+   * exact logic here so the test is independent of the service's constructor.
+   */
+  function buildHistoryPromptSection(
+    history: ConversationHistoryMessage[],
+    contextWindow: number,
+    _sessionId: string,
+  ): string {
+    const TOKEN_BUDGET = Math.floor(contextWindow * 0.8);
+    const HISTORY_HEADER = '## Conversation History (resumed session)\n\n';
+
+    const formatMessage = (msg: ConversationHistoryMessage): string => {
+      const roleLabel =
+        msg.role === 'user' ? 'User' : msg.role === 'assistant' ? 'Assistant' : 'System';
+      return `**${roleLabel}:** ${msg.content}`;
+    };
+
+    const estimateTokens = (text: string) => Math.ceil(text.length / 4);
+
+    const formatted = history.map((msg) => formatMessage(msg));
+    const fullHistory = formatted.join('\n\n');
+    const fullTokens = estimateTokens(HISTORY_HEADER + fullHistory);
+
+    if (fullTokens <= TOKEN_BUDGET) {
+      return HISTORY_HEADER + fullHistory;
+    }
+
+    // History exceeds budget — summarize oldest messages, keep recent verbatim
+    const SUMMARY_RESERVE = Math.floor(TOKEN_BUDGET * 0.2);
+    const verbatimBudget = TOKEN_BUDGET - SUMMARY_RESERVE;
+
+    let verbatimTokens = 0;
+    let verbatimCutIndex = history.length;
+    for (let i = history.length - 1; i >= 0; i--) {
+      const t = estimateTokens(formatted[i]!);
+      if (verbatimTokens + t > verbatimBudget) break;
+      verbatimTokens += t;
+      verbatimCutIndex = i;
+    }
+
+    const summarizedMessages = history.slice(0, verbatimCutIndex);
+    const verbatimMessages = history.slice(verbatimCutIndex);
+
+    let summaryText = '';
+    if (summarizedMessages.length > 0) {
+      const topics = summarizedMessages
+        .filter((m) => m.role === 'user')
+        .map((m) => m.content.slice(0, 120).replace(/\n/g, ' '))
+        .join('; ');
+      summaryText =
+        `**Previous conversation summary** (${summarizedMessages.length} messages omitted for brevity):\n` +
+        `Topics discussed: ${topics || '(no user messages in summarized portion)'}`;
+    }
+
+    const verbatimSection = verbatimMessages.map((m) => formatMessage(m)).join('\n\n');
+
+    const parts: string[] = [HISTORY_HEADER];
+    if (summaryText) parts.push(summaryText);
+    if (verbatimSection) parts.push(verbatimSection);
+
+    return parts.join('\n\n');
+  }
+
+  it('includes header and all messages when history fits within context budget', () => {
+    const history: ConversationHistoryMessage[] = [
+      { role: 'user', content: 'Hello', createdAt: new Date() },
+      { role: 'assistant', content: 'Hi there!', createdAt: new Date() },
+    ];
+
+    const result = buildHistoryPromptSection(history, 8192, 'session-1');
+
+    expect(result).toContain('## Conversation History (resumed session)');
+    expect(result).toContain('**User:** Hello');
+    expect(result).toContain('**Assistant:** Hi there!');
+  });
+
+  it('labels roles correctly (user, assistant, system)', () => {
+    const history: ConversationHistoryMessage[] = [
+      { role: 'system', content: 'You are helpful.', createdAt: new Date() },
+      { role: 'user', content: 'Ping', createdAt: new Date() },
+      { role: 'assistant', content: 'Pong', createdAt: new Date() },
+    ];
+
+    const result = buildHistoryPromptSection(history, 8192, 'session-2');
+
+    expect(result).toContain('**System:** You are helpful.');
+    expect(result).toContain('**User:** Ping');
+    expect(result).toContain('**Assistant:** Pong');
+  });
+
+  it('summarizes old messages when history exceeds 80% of context window', () => {
+    // Create enough messages to exceed a tiny context window budget
+    const longContent = 'A'.repeat(200);
+    const history: ConversationHistoryMessage[] = Array.from({ length: 20 }, (_, i) => ({
+      role: (i % 2 === 0 ? 'user' : 'assistant') as 'user' | 'assistant',
+      content: `${longContent} message ${i}`,
+      createdAt: new Date(),
+    }));
+
+    // Use a small context window so history definitely exceeds 80%
+    const result = buildHistoryPromptSection(history, 512, 'session-3');
+
+    // Should contain the summary prefix
+    expect(result).toContain('messages omitted for brevity');
+    expect(result).toContain('Topics discussed:');
+  });
+
+  it('returns only header for empty history', () => {
+    const result = buildHistoryPromptSection([], 8192, 'session-4');
+    // With empty history, the full history join is '' and the section is just the header
+    expect(result).toContain('## Conversation History (resumed session)');
+  });
+});
+
+// ---------------------------------------------------------------------------
+// 5. ConversationsController.search — GET /api/conversations/search
+// ---------------------------------------------------------------------------
+
+describe('ConversationsController — search endpoint', () => {
+  let brain: ReturnType<typeof createMockBrain>;
+  let controller: ConversationsController;
+
+  beforeEach(() => {
+    const searchResults = [
+      {
+        messageId: 'msg-001',
+        conversationId: CONV_ID,
+        conversationTitle: 'Test Chat',
+        role: 'user' as const,
+        content: 'What is the capital of France?',
+        createdAt: new Date('2026-01-01T00:01:00Z'),
+      },
+      {
+        messageId: 'msg-002',
+        conversationId: CONV_ID,
+        conversationTitle: 'Test Chat',
+        role: 'assistant' as const,
+        content: 'The capital of France is Paris.',
+        createdAt: new Date('2026-01-01T00:01:05Z'),
+      },
+    ];
+    brain = createMockBrain({ searchResults });
+    controller = new ConversationsController(brain as never);
+  });
+
+  it('returns matching messages for a valid search query', async () => {
+    const results = await controller.search({ q: 'France' }, { id: USER_ID });
+
+    expect(brain.conversations.searchMessages).toHaveBeenCalledWith(USER_ID, 'France', 20, 0);
+    expect(results).toHaveLength(2);
+    expect(results[0]).toMatchObject({
+      messageId: 'msg-001',
+      role: 'user',
+      content: 'What is the capital of France?',
+    });
+    expect(results[1]).toMatchObject({
+      messageId: 'msg-002',
+      role: 'assistant',
+      content: 'The capital of France is Paris.',
+    });
+  });
+
+  it('uses custom limit and offset when provided', async () => {
+    await controller.search({ q: 'Paris', limit: 5, offset: 10 }, { id: USER_ID });
+
+    expect(brain.conversations.searchMessages).toHaveBeenCalledWith(USER_ID, 'Paris', 5, 10);
+  });
+
+  it('throws BadRequestException when query is empty', async () => {
+    await expect(controller.search({ q: '' }, { id: USER_ID })).rejects.toBeInstanceOf(
+      BadRequestException,
+    );
+    await expect(controller.search({ q: '   ' }, { id: USER_ID })).rejects.toBeInstanceOf(
+      BadRequestException,
+    );
+  });
+
+  it('trims whitespace from query before passing to repo', async () => {
+    await controller.search({ q: '  Berlin  ' }, { id: USER_ID });
+
+    expect(brain.conversations.searchMessages).toHaveBeenCalledWith(
+      USER_ID,
+      'Berlin',
+      expect.any(Number),
+      expect.any(Number),
+    );
+  });
+
+  it('returns empty array when no messages match', async () => {
+    brain.conversations.searchMessages = vi.fn().mockResolvedValue([]);
+
+    const results = await controller.search({ q: 'xyzzy-no-match' }, { id: USER_ID });
+
+    expect(results).toHaveLength(0);
+  });
+});
+
+// ---------------------------------------------------------------------------
+// 6. ConversationsController — messages CRUD
+// ---------------------------------------------------------------------------
+
+describe('ConversationsController — message CRUD', () => {
+  it('listMessages returns 404 when conversation is not owned by user', async () => {
+    const brain = createMockBrain({ conversation: undefined });
+    const controller = new ConversationsController(brain as never);
+
+    await expect(controller.listMessages(CONV_ID, { id: USER_ID })).rejects.toBeInstanceOf(
+      NotFoundException,
+    );
+  });
+
+  it('listMessages returns the messages for an owned conversation', async () => {
+    const msgs = [makeMessage('user', 'Test message'), makeMessage('assistant', 'Test reply')];
+    const brain = createMockBrain({ conversation: makeConversation(), messages: msgs });
+    const controller = new ConversationsController(brain as never);
+
+    const result = await controller.listMessages(CONV_ID, { id: USER_ID });
+
+    expect(result).toHaveLength(2);
+    expect(result[0]!.role).toBe('user');
+    expect(result[1]!.role).toBe('assistant');
+  });
+
+  it('addMessage returns the persisted message', async () => {
+    const brain = createMockBrain({ conversation: makeConversation() });
+    const controller = new ConversationsController(brain as never);
+
+    const result = await controller.addMessage(
+      CONV_ID,
+      { role: 'user', content: 'Persisted content' },
+      { id: USER_ID },
+    );
+
+    expect(result).toBeDefined();
+    expect(result.role).toBe('user');
+    expect(result.content).toBe('Persisted content');
+  });
+});
+
+// ---------------------------------------------------------------------------
+// 7. End-to-end persistence flow simulation
+// ---------------------------------------------------------------------------
+
+describe('End-to-end persistence flow', () => {
+  it('simulates a full conversation: persist user message → persist assistant response → resume with history', async () => {
+    // ── Step 1: Conversation is created ────────────────────────────────────
+    const brain = createMockBrain({ conversation: makeConversation() });
+
+    await brain.conversations.create({ id: CONV_ID, userId: USER_ID });
+    expect(brain.conversations.create).toHaveBeenCalledOnce();
+
+    // ── Step 2: User message is persisted ──────────────────────────────────
+    const userMsg = await brain.conversations.addMessage(
+      {
+        conversationId: CONV_ID,
+        role: 'user',
+        content: 'Explain monads in simple terms.',
+        metadata: { timestamp: '2026-01-01T00:01:00.000Z' },
+      },
+      USER_ID,
+    );
+
+    expect(userMsg).toBeDefined();
+    expect(userMsg!.role).toBe('user');
+
+    // ── Step 3: Assistant response is persisted with metadata ───────────────
+    const assistantMeta = {
+      timestamp: '2026-01-01T00:01:10.000Z',
+      model: 'claude-3-5-sonnet-20241022',
+      provider: 'anthropic',
+      toolCalls: [],
+      tokenUsage: { input: 500, output: 120, cacheRead: 0, cacheWrite: 0, total: 620 },
+    };
+
+    const assistantMsg = await brain.conversations.addMessage(
+      {
+        conversationId: CONV_ID,
+        role: 'assistant',
+        content: 'A monad is a design pattern that wraps values in a context...',
+        metadata: assistantMeta,
+      },
+      USER_ID,
+    );
+
+    expect(assistantMsg).toBeDefined();
+    expect(assistantMsg!.role).toBe('assistant');
+
+    // ── Step 4: On session resume, history is loaded ────────────────────────
+    const storedMessages = [
+      makeMessage('user', 'Explain monads in simple terms.', {
+        createdAt: new Date('2026-01-01T00:01:00Z'),
+        metadata: { timestamp: '2026-01-01T00:01:00.000Z' },
+      }),
+      makeMessage('assistant', 'A monad is a design pattern that wraps values in a context...', {
+        createdAt: new Date('2026-01-01T00:01:10Z'),
+        metadata: assistantMeta,
+      }),
+    ];
+
+    brain.conversations.findMessages = vi.fn().mockResolvedValue(storedMessages);
+
+    const dbMessages = await brain.conversations.findMessages(CONV_ID, USER_ID);
+    expect(dbMessages).toHaveLength(2);
+
+    // ── Step 5: History is mapped for context injection ─────────────────────
+    const history: ConversationHistoryMessage[] = (dbMessages as Message[]).map((msg) => ({
+      role: msg.role as 'user' | 'assistant' | 'system',
+      content: msg.content,
+      createdAt: msg.createdAt,
+    }));
+
+    expect(history[0]).toMatchObject({
+      role: 'user',
+      content: 'Explain monads in simple terms.',
+    });
+    expect(history[1]).toMatchObject({
+      role: 'assistant',
+      content: 'A monad is a design pattern that wraps values in a context...',
+    });
+
+    // ── Step 6: History roles are valid for injection ───────────────────────
+    for (const msg of history) {
+      expect(['user', 'assistant', 'system']).toContain(msg.role);
+      expect(typeof msg.content).toBe('string');
+      expect(msg.createdAt).toBeInstanceOf(Date);
+    }
+  });
+});
--- a/apps/gateway/src/tests/cross-user-isolation.test.ts
+++ b/apps/gateway/src/tests/cross-user-isolation.test.ts
@@ -0,0 +1,470 @@
+/**
+ * Integration test: Cross-user data isolation (M2-007)
+ *
+ * Verifies that every repository query path is scoped to the requesting user —
+ * no user can read, write, or enumerate another user's records.
+ *
+ * Test strategy:
+ *  - Two real users (User A, User B) are inserted directly into the database.
+ *  - Realistic data (conversations + messages, agent configs, preferences,
+ *    insights) is created for each user.
+ *  - A shared system agent is inserted so both users can see it via
+ *    findAccessible().
+ *  - All assertions are made against the live database (no mocks).
+ *  - All inserted rows are cleaned up in the afterAll hook.
+ *
+ * Requires: DATABASE_URL pointing at a running PostgreSQL instance with
+ * pgvector enabled and the Mosaic schema already applied.
+ */
+
+import { afterAll, beforeAll, describe, expect, it } from 'vitest';
+import { createDb } from '@mosaic/db';
+import { createConversationsRepo } from '@mosaic/brain';
+import { createAgentsRepo } from '@mosaic/brain';
+import { createPreferencesRepo, createInsightsRepo } from '@mosaic/memory';
+import { users, conversations, messages, agents, preferences, insights } from '@mosaic/db';
+import { eq } from '@mosaic/db';
+import type { DbHandle } from '@mosaic/db';
+
+// ─── Fixed IDs so the afterAll cleanup is deterministic ──────────────────────
+
+const USER_A_ID = 'test-iso-user-a';
+const USER_B_ID = 'test-iso-user-b';
+const CONV_A_ID = 'aaaaaaaa-0000-0000-0000-000000000001';
+const CONV_B_ID = 'bbbbbbbb-0000-0000-0000-000000000001';
+const MSG_A_ID = 'aaaaaaaa-0000-0000-0000-000000000002';
+const MSG_B_ID = 'bbbbbbbb-0000-0000-0000-000000000002';
+const AGENT_A_ID = 'aaaaaaaa-0000-0000-0000-000000000003';
+const AGENT_B_ID = 'bbbbbbbb-0000-0000-0000-000000000003';
+const AGENT_SYS_ID = 'ffffffff-0000-0000-0000-000000000001';
+const PREF_A_ID = 'aaaaaaaa-0000-0000-0000-000000000004';
+const PREF_B_ID = 'bbbbbbbb-0000-0000-0000-000000000004';
+const INSIGHT_A_ID = 'aaaaaaaa-0000-0000-0000-000000000005';
+const INSIGHT_B_ID = 'bbbbbbbb-0000-0000-0000-000000000005';
+
+// ─── Test fixture ─────────────────────────────────────────────────────────────
+
+let handle: DbHandle;
+
+beforeAll(async () => {
+  handle = createDb();
+  const db = handle.db;
+
+  // Insert two users
+  await db
+    .insert(users)
+    .values([
+      {
+        id: USER_A_ID,
+        name: 'Isolation Test User A',
+        email: 'test-iso-user-a@example.invalid',
+        emailVerified: false,
+      },
+      {
+        id: USER_B_ID,
+        name: 'Isolation Test User B',
+        email: 'test-iso-user-b@example.invalid',
+        emailVerified: false,
+      },
+    ])
+    .onConflictDoNothing();
+
+  // Conversations — one per user
+  await db
+    .insert(conversations)
+    .values([
+      { id: CONV_A_ID, userId: USER_A_ID, title: 'User A conversation' },
+      { id: CONV_B_ID, userId: USER_B_ID, title: 'User B conversation' },
+    ])
+    .onConflictDoNothing();
+
+  // Messages — one per conversation
+  await db
+    .insert(messages)
+    .values([
+      {
+        id: MSG_A_ID,
+        conversationId: CONV_A_ID,
+        role: 'user',
+        content: 'Hello from User A',
+      },
+      {
+        id: MSG_B_ID,
+        conversationId: CONV_B_ID,
+        role: 'user',
+        content: 'Hello from User B',
+      },
+    ])
+    .onConflictDoNothing();
+
+  // Agent configs — private agents (one per user) + one system agent
+  await db
+    .insert(agents)
+    .values([
+      {
+        id: AGENT_A_ID,
+        name: 'Agent A (private)',
+        provider: 'test',
+        model: 'test-model',
+        ownerId: USER_A_ID,
+        isSystem: false,
+      },
+      {
+        id: AGENT_B_ID,
+        name: 'Agent B (private)',
+        provider: 'test',
+        model: 'test-model',
+        ownerId: USER_B_ID,
+        isSystem: false,
+      },
+      {
+        id: AGENT_SYS_ID,
+        name: 'Shared System Agent',
+        provider: 'test',
+        model: 'test-model',
+        ownerId: null,
+        isSystem: true,
+      },
+    ])
+    .onConflictDoNothing();
+
+  // Preferences — one per user (same key, different values)
+  await db
+    .insert(preferences)
+    .values([
+      {
+        id: PREF_A_ID,
+        userId: USER_A_ID,
+        key: 'theme',
+        value: 'dark',
+        category: 'appearance',
+      },
+      {
+        id: PREF_B_ID,
+        userId: USER_B_ID,
+        key: 'theme',
+        value: 'light',
+        category: 'appearance',
+      },
+    ])
+    .onConflictDoNothing();
+
+  // Insights — no embedding to keep the fixture simple; embedding-based search
+  // is tested separately with a zero-vector that falls outside maxDistance
+  await db
+    .insert(insights)
+    .values([
+      {
+        id: INSIGHT_A_ID,
+        userId: USER_A_ID,
+        content: 'User A insight',
+        source: 'user',
+        category: 'general',
+        relevanceScore: 1.0,
+      },
+      {
+        id: INSIGHT_B_ID,
+        userId: USER_B_ID,
+        content: 'User B insight',
+        source: 'user',
+        category: 'general',
+        relevanceScore: 1.0,
+      },
+    ])
+    .onConflictDoNothing();
+});
+
+afterAll(async () => {
+  if (!handle) return;
+  const db = handle.db;
+
+  // Delete in dependency order (FK constraints)
+  await db.delete(messages).where(eq(messages.id, MSG_A_ID));
+  await db.delete(messages).where(eq(messages.id, MSG_B_ID));
+  await db.delete(conversations).where(eq(conversations.id, CONV_A_ID));
+  await db.delete(conversations).where(eq(conversations.id, CONV_B_ID));
+  await db.delete(agents).where(eq(agents.id, AGENT_A_ID));
+  await db.delete(agents).where(eq(agents.id, AGENT_B_ID));
+  await db.delete(agents).where(eq(agents.id, AGENT_SYS_ID));
+  await db.delete(preferences).where(eq(preferences.id, PREF_A_ID));
+  await db.delete(preferences).where(eq(preferences.id, PREF_B_ID));
+  await db.delete(insights).where(eq(insights.id, INSIGHT_A_ID));
+  await db.delete(insights).where(eq(insights.id, INSIGHT_B_ID));
+  await db.delete(users).where(eq(users.id, USER_A_ID));
+  await db.delete(users).where(eq(users.id, USER_B_ID));
+
+  await handle.close();
+});
+
+// ─── Conversations isolation ──────────────────────────────────────────────────
+
+describe('ConversationsRepo — cross-user isolation', () => {
+  it('User A can find their own conversation by id', async () => {
+    const repo = createConversationsRepo(handle.db);
+    const conv = await repo.findById(CONV_A_ID, USER_A_ID);
+    expect(conv).toBeDefined();
+    expect(conv!.id).toBe(CONV_A_ID);
+  });
+
+  it('User B cannot find User A conversation by id (returns undefined)', async () => {
+    const repo = createConversationsRepo(handle.db);
+    const conv = await repo.findById(CONV_A_ID, USER_B_ID);
+    expect(conv).toBeUndefined();
+  });
+
+  it('User A cannot find User B conversation by id (returns undefined)', async () => {
+    const repo = createConversationsRepo(handle.db);
+    const conv = await repo.findById(CONV_B_ID, USER_A_ID);
+    expect(conv).toBeUndefined();
+  });
+
+  it('findAll returns only own conversations for User A', async () => {
+    const repo = createConversationsRepo(handle.db);
+    const convs = await repo.findAll(USER_A_ID);
+    const ids = convs.map((c) => c.id);
+    expect(ids).toContain(CONV_A_ID);
+    expect(ids).not.toContain(CONV_B_ID);
+  });
+
+  it('findAll returns only own conversations for User B', async () => {
+    const repo = createConversationsRepo(handle.db);
+    const convs = await repo.findAll(USER_B_ID);
+    const ids = convs.map((c) => c.id);
+    expect(ids).toContain(CONV_B_ID);
+    expect(ids).not.toContain(CONV_A_ID);
+  });
+});
+
+// ─── Messages isolation ───────────────────────────────────────────────────────
+
+describe('ConversationsRepo.findMessages — cross-user isolation', () => {
+  it('User A can read messages from their own conversation', async () => {
+    const repo = createConversationsRepo(handle.db);
+    const msgs = await repo.findMessages(CONV_A_ID, USER_A_ID);
+    const ids = msgs.map((m) => m.id);
+    expect(ids).toContain(MSG_A_ID);
+  });
+
+  it('User B cannot read messages from User A conversation (returns empty array)', async () => {
+    const repo = createConversationsRepo(handle.db);
+    const msgs = await repo.findMessages(CONV_A_ID, USER_B_ID);
+    expect(msgs).toHaveLength(0);
+  });
+
+  it('User A cannot read messages from User B conversation (returns empty array)', async () => {
+    const repo = createConversationsRepo(handle.db);
+    const msgs = await repo.findMessages(CONV_B_ID, USER_A_ID);
+    expect(msgs).toHaveLength(0);
+  });
+
+  it('addMessage is rejected when user does not own the conversation', async () => {
+    const repo = createConversationsRepo(handle.db);
+    const result = await repo.addMessage(
+      {
+        conversationId: CONV_A_ID,
+        role: 'user',
+        content: 'Attempted injection by User B',
+      },
+      USER_B_ID,
+    );
+    expect(result).toBeUndefined();
+  });
+});
+
+// ─── Agent configs isolation ──────────────────────────────────────────────────
+
+describe('AgentsRepo.findAccessible — cross-user isolation', () => {
+  it('User A sees their own private agent', async () => {
+    const repo = createAgentsRepo(handle.db);
+    const accessible = await repo.findAccessible(USER_A_ID);
+    const ids = accessible.map((a) => a.id);
+    expect(ids).toContain(AGENT_A_ID);
+  });
+
+  it('User A does NOT see User B private agent', async () => {
+    const repo = createAgentsRepo(handle.db);
+    const accessible = await repo.findAccessible(USER_A_ID);
+    const ids = accessible.map((a) => a.id);
+    expect(ids).not.toContain(AGENT_B_ID);
+  });
+
+  it('User B does NOT see User A private agent', async () => {
+    const repo = createAgentsRepo(handle.db);
+    const accessible = await repo.findAccessible(USER_B_ID);
+    const ids = accessible.map((a) => a.id);
+    expect(ids).not.toContain(AGENT_A_ID);
+  });
+
+  it('Both users can see the shared system agent', async () => {
+    const repo = createAgentsRepo(handle.db);
+    const accessibleA = await repo.findAccessible(USER_A_ID);
+    const accessibleB = await repo.findAccessible(USER_B_ID);
+    expect(accessibleA.map((a) => a.id)).toContain(AGENT_SYS_ID);
+    expect(accessibleB.map((a) => a.id)).toContain(AGENT_SYS_ID);
+  });
+
+  it('findSystem returns the system agent for any caller', async () => {
+    const repo = createAgentsRepo(handle.db);
+    const system = await repo.findSystem();
+    const ids = system.map((a) => a.id);
+    expect(ids).toContain(AGENT_SYS_ID);
+  });
+
+  it('update with ownerId prevents User B from modifying User A agent', async () => {
+    const repo = createAgentsRepo(handle.db);
+    const result = await repo.update(AGENT_A_ID, { model: 'hacked' }, USER_B_ID);
+    expect(result).toBeUndefined();
+
+    // Verify the agent was not actually mutated
+    const unchanged = await repo.findById(AGENT_A_ID);
+    expect(unchanged?.model).toBe('test-model');
+  });
+
+  it('remove prevents User B from deleting User A agent', async () => {
+    const repo = createAgentsRepo(handle.db);
+    const deleted = await repo.remove(AGENT_A_ID, USER_B_ID);
+    expect(deleted).toBe(false);
+
+    // Verify the agent still exists
+    const still = await repo.findById(AGENT_A_ID);
+    expect(still).toBeDefined();
+  });
+});
+
+// ─── Preferences isolation ────────────────────────────────────────────────────
+
+describe('PreferencesRepo — cross-user isolation', () => {
+  it('User A can retrieve their own preferences', async () => {
+    const repo = createPreferencesRepo(handle.db);
+    const prefs = await repo.findByUser(USER_A_ID);
+    const ids = prefs.map((p) => p.id);
+    expect(ids).toContain(PREF_A_ID);
+  });
+
+  it('User A preferences do not contain User B preferences', async () => {
+    const repo = createPreferencesRepo(handle.db);
+    const prefs = await repo.findByUser(USER_A_ID);
+    const ids = prefs.map((p) => p.id);
+    expect(ids).not.toContain(PREF_B_ID);
+  });
+
+  it('User B preferences do not contain User A preferences', async () => {
+    const repo = createPreferencesRepo(handle.db);
+    const prefs = await repo.findByUser(USER_B_ID);
+    const ids = prefs.map((p) => p.id);
+    expect(ids).not.toContain(PREF_A_ID);
+  });
+
+  it('findByUserAndKey is scoped to the requesting user', async () => {
+    const repo = createPreferencesRepo(handle.db);
+    // Both users have key "theme" — each should only see their own value
+    const prefA = await repo.findByUserAndKey(USER_A_ID, 'theme');
+    const prefB = await repo.findByUserAndKey(USER_B_ID, 'theme');
+
+    expect(prefA).toBeDefined();
+    // Drizzle returns JSONB values as parsed JS values; '"dark"' (JSON string) → 'dark'
+    expect(prefA!.value).toBe('dark');
+    expect(prefB).toBeDefined();
+    expect(prefB!.value).toBe('light');
+  });
+
+  it('remove is scoped to the requesting user (cannot delete another user pref)', async () => {
+    const repo = createPreferencesRepo(handle.db);
+    // User B tries to delete User A's "theme" preference — should silently fail
+    const deleted = await repo.remove(USER_B_ID, 'theme');
+    // This only deletes USER_B's own "theme" row; re-insert it for afterAll cleanup
+    expect(deleted).toBe(true); // deletes User B's OWN theme pref
+
+    // User A's theme pref must be untouched
+    const prefA = await repo.findByUserAndKey(USER_A_ID, 'theme');
+    expect(prefA).toBeDefined();
+
+    // Re-insert User B's preference so afterAll cleanup still finds it
+    await repo.upsert({
+      id: PREF_B_ID,
+      userId: USER_B_ID,
+      key: 'theme',
+      value: 'light',
+      category: 'appearance',
+    });
+  });
+});
+
+// ─── Insights isolation ───────────────────────────────────────────────────────
+
+describe('InsightsRepo — cross-user isolation', () => {
+  it('User A can retrieve their own insights', async () => {
+    const repo = createInsightsRepo(handle.db);
+    const list = await repo.findByUser(USER_A_ID);
+    const ids = list.map((i) => i.id);
+    expect(ids).toContain(INSIGHT_A_ID);
+  });
+
+  it('User A insights do not contain User B insights', async () => {
+    const repo = createInsightsRepo(handle.db);
+    const list = await repo.findByUser(USER_A_ID);
+    const ids = list.map((i) => i.id);
+    expect(ids).not.toContain(INSIGHT_B_ID);
+  });
+
+  it('User B insights do not contain User A insights', async () => {
+    const repo = createInsightsRepo(handle.db);
+    const list = await repo.findByUser(USER_B_ID);
+    const ids = list.map((i) => i.id);
+    expect(ids).not.toContain(INSIGHT_A_ID);
+  });
+
+  it('findById is scoped to the requesting user', async () => {
+    const repo = createInsightsRepo(handle.db);
+    const own = await repo.findById(INSIGHT_A_ID, USER_A_ID);
+    const cross = await repo.findById(INSIGHT_A_ID, USER_B_ID);
+
+    expect(own).toBeDefined();
+    expect(cross).toBeUndefined();
+  });
+
+  it('searchByEmbedding returns only own insights', async () => {
+    const repo = createInsightsRepo(handle.db);
+    // Our test insights have no embedding — the query filters WHERE embedding IS NOT NULL
+    // so the result set is empty, which already proves no cross-user leakage.
+    // Using a 1536-dimension zero vector as the query embedding.
+    const zeroVector = Array<number>(1536).fill(0);
+
+    const resultsA = await repo.searchByEmbedding(USER_A_ID, zeroVector, 50, 2.0);
+    const resultsB = await repo.searchByEmbedding(USER_B_ID, zeroVector, 50, 2.0);
+
+    // The raw SQL query returns row objects directly (not wrapped in { insight }).
+    // Cast via unknown to extract id safely regardless of the return shape.
+    const toId = (r: unknown): string =>
+      ((r as Record<string, unknown>)['id'] as string | undefined) ??
+      ((r as Record<string, Record<string, unknown>>)['insight']?.['id'] as string | undefined) ??
+      '';
+    const idsInA = resultsA.map(toId);
+    const idsInB = resultsB.map(toId);
+
+    // User B's insight must never appear in User A's search results
+    expect(idsInA).not.toContain(INSIGHT_B_ID);
+    // User A's insight must never appear in User B's search results
+    expect(idsInB).not.toContain(INSIGHT_A_ID);
+  });
+
+  it('update is scoped to the requesting user', async () => {
+    const repo = createInsightsRepo(handle.db);
+    const result = await repo.update(INSIGHT_A_ID, USER_B_ID, { content: 'hacked' });
+    expect(result).toBeUndefined();
+
+    // Verify the insight was not mutated
+    const unchanged = await repo.findById(INSIGHT_A_ID, USER_A_ID);
+    expect(unchanged?.content).toBe('User A insight');
+  });
+
+  it('remove is scoped to the requesting user', async () => {
+    const repo = createInsightsRepo(handle.db);
+    const deleted = await repo.remove(INSIGHT_A_ID, USER_B_ID);
+    expect(deleted).toBe(false);
+
+    // Verify the insight still exists
+    const still = await repo.findById(INSIGHT_A_ID, USER_A_ID);
+    expect(still).toBeDefined();
+  });
+});
--- a/apps/gateway/src/tests/resource-ownership.test.ts
+++ b/apps/gateway/src/tests/resource-ownership.test.ts
@@ -1,4 +1,4 @@
-import { ForbiddenException } from '@nestjs/common';
+import { ForbiddenException, NotFoundException } from '@nestjs/common';
 import { describe, expect, it, vi } from 'vitest';
 import { ConversationsController } from '../conversations/conversations.controller.js';
 import { MissionsController } from '../missions/missions.controller.js';
@@ -18,6 +18,7 @@ function createBrain() {
    },
    projects: {
      findAll: vi.fn(),
+      findAllForUser: vi.fn(),
      findById: vi.fn(),
      create: vi.fn(),
      update: vi.fn(),
@@ -25,12 +26,21 @@ function createBrain() {
    },
    missions: {
      findAll: vi.fn(),
+      findAllByUser: vi.fn(),
      findById: vi.fn(),
+      findByIdAndUser: vi.fn(),
      findByProject: vi.fn(),
      create: vi.fn(),
      update: vi.fn(),
      remove: vi.fn(),
    },
+    missionTasks: {
+      findByMissionAndUser: vi.fn(),
+      findByIdAndUser: vi.fn(),
+      create: vi.fn(),
+      update: vi.fn(),
+      remove: vi.fn(),
+    },
    tasks: {
      findAll: vi.fn(),
      findById: vi.fn(),
@@ -47,32 +57,35 @@ function createBrain() {
 describe('Resource ownership checks', () => {
  it('forbids access to another user conversation', async () => {
    const brain = createBrain();
-    brain.conversations.findById.mockResolvedValue({ id: 'conv-1', userId: 'user-2' });
+    // The repo enforces ownership via the WHERE clause; it returns undefined when the
+    // conversation does not belong to the requesting user.
+    brain.conversations.findById.mockResolvedValue(undefined);
    const controller = new ConversationsController(brain as never);

    await expect(controller.findOne('conv-1', { id: 'user-1' })).rejects.toBeInstanceOf(
-      ForbiddenException,
+      NotFoundException,
    );
  });

  it('forbids access to another user project', async () => {
    const brain = createBrain();
    brain.projects.findById.mockResolvedValue({ id: 'project-1', ownerId: 'user-2' });
-    const controller = new ProjectsController(brain as never);
+    const teamsService = { canAccessProject: vi.fn().mockResolvedValue(false) };
+    const controller = new ProjectsController(brain as never, teamsService as never);

    await expect(controller.findOne('project-1', { id: 'user-1' })).rejects.toBeInstanceOf(
      ForbiddenException,
    );
  });

-  it('forbids access to a mission owned by another project owner', async () => {
+  it('forbids access to a mission owned by another user', async () => {
    const brain = createBrain();
-    brain.missions.findById.mockResolvedValue({ id: 'mission-1', projectId: 'project-1' });
-    brain.projects.findById.mockResolvedValue({ id: 'project-1', ownerId: 'user-2' });
+    // findByIdAndUser returns undefined when the mission doesn't belong to the user
+    brain.missions.findByIdAndUser.mockResolvedValue(undefined);
    const controller = new MissionsController(brain as never);

    await expect(controller.findOne('mission-1', { id: 'user-1' })).rejects.toBeInstanceOf(
-      ForbiddenException,
+      NotFoundException,
    );
  });

--- a/apps/gateway/src/admin/admin.guard.ts
+++ b/apps/gateway/src/admin/admin.guard.ts
@@ -8,8 +8,11 @@ import {
 } from '@nestjs/common';
 import { fromNodeHeaders } from 'better-auth/node';
 import type { Auth } from '@mosaic/auth';
+import type { Db } from '@mosaic/db';
+import { eq, users as usersTable } from '@mosaic/db';
 import type { FastifyRequest } from 'fastify';
 import { AUTH } from '../auth/auth.tokens.js';
+import { DB } from '../database/database.module.js';

 interface UserWithRole {
  id: string;
@@ -18,7 +21,10 @@ interface UserWithRole {

@Injectable()
 export class AdminGuard implements CanActivate {
-  constructor(@Inject(AUTH) private readonly auth: Auth) {}
+  constructor(
+    @Inject(AUTH) private readonly auth: Auth,
+    @Inject(DB) private readonly db: Db,
+  ) {}

  async canActivate(context: ExecutionContext): Promise<boolean> {
    const request = context.switchToHttp().getRequest<FastifyRequest>();
@@ -32,7 +38,21 @@ export class AdminGuard implements CanActivate {

    const user = result.user as UserWithRole;

-    if (user.role !== 'admin') {
+    // Ensure the role field is populated. better-auth should include additionalFields
+    // in the session, but as a fallback, fetch the role from the database if needed.
+    let userRole = user.role;
+    if (!userRole) {
+      const [dbUser] = await this.db
+        .select({ role: usersTable.role })
+        .from(usersTable)
+        .where(eq(usersTable.id, user.id))
+        .limit(1);
+      userRole = dbUser?.role ?? 'member';
+      // Update the session user object with the fetched role
+      (user as UserWithRole).role = userRole;
+    }
+
+    if (userRole !== 'admin') {
      throw new ForbiddenException('Admin access required');
    }

--- a/apps/gateway/src/agent/tests/provider.service.test.ts
+++ b/apps/gateway/src/agent/tests/provider.service.test.ts
@@ -0,0 +1,143 @@
+import { beforeEach, afterEach, describe, expect, it } from 'vitest';
+import { ProviderService } from '../provider.service.js';
+
+const ENV_KEYS = [
+  'ANTHROPIC_API_KEY',
+  'OPENAI_API_KEY',
+  'ZAI_API_KEY',
+  'OLLAMA_BASE_URL',
+  'OLLAMA_HOST',
+  'OLLAMA_MODELS',
+  'MOSAIC_CUSTOM_PROVIDERS',
+] as const;
+
+type EnvKey = (typeof ENV_KEYS)[number];
+
+describe('ProviderService', () => {
+  const savedEnv = new Map<EnvKey, string | undefined>();
+
+  beforeEach(() => {
+    for (const key of ENV_KEYS) {
+      savedEnv.set(key, process.env[key]);
+      delete process.env[key];
+    }
+  });
+
+  afterEach(() => {
+    for (const key of ENV_KEYS) {
+      const value = savedEnv.get(key);
+      if (value === undefined) {
+        delete process.env[key];
+      } else {
+        process.env[key] = value;
+      }
+    }
+  });
+
+  it('skips API-key providers when env vars are missing (no models become available)', async () => {
+    const service = new ProviderService();
+    await service.onModuleInit();
+
+    // Pi's built-in registry may include model definitions for all providers, but
+    // without API keys none of them should be available (usable).
+    const availableModels = service.listAvailableModels();
+    const availableProviderIds = new Set(availableModels.map((m) => m.provider));
+
+    expect(availableProviderIds).not.toContain('anthropic');
+    expect(availableProviderIds).not.toContain('openai');
+    expect(availableProviderIds).not.toContain('zai');
+
+    // Providers list may show built-in providers, but they should not be marked available
+    const providers = service.listProviders();
+    for (const p of providers.filter((p) => ['anthropic', 'openai', 'zai'].includes(p.id))) {
+      expect(p.available).toBe(false);
+    }
+  });
+
+  it('registers Anthropic provider with correct models when ANTHROPIC_API_KEY is set', async () => {
+    process.env['ANTHROPIC_API_KEY'] = 'test-anthropic';
+
+    const service = new ProviderService();
+    await service.onModuleInit();
+
+    const providers = service.listProviders();
+    const anthropic = providers.find((p) => p.id === 'anthropic');
+    expect(anthropic).toBeDefined();
+    expect(anthropic!.available).toBe(true);
+    expect(anthropic!.models.map((m) => m.id)).toEqual([
+      'claude-sonnet-4-6',
+      'claude-opus-4-6',
+      'claude-haiku-4-5',
+    ]);
+    // contextWindow override from Pi built-in (200000)
+    for (const m of anthropic!.models) {
+      expect(m.contextWindow).toBe(200000);
+      // maxTokens capped at 8192 per task spec
+      expect(m.maxTokens).toBe(8192);
+    }
+  });
+
+  it('registers OpenAI provider with correct models when OPENAI_API_KEY is set', async () => {
+    process.env['OPENAI_API_KEY'] = 'test-openai';
+
+    const service = new ProviderService();
+    await service.onModuleInit();
+
+    const providers = service.listProviders();
+    const openai = providers.find((p) => p.id === 'openai');
+    expect(openai).toBeDefined();
+    expect(openai!.available).toBe(true);
+    expect(openai!.models.map((m) => m.id)).toEqual(['gpt-4o', 'gpt-4o-mini', 'o3-mini']);
+  });
+
+  it('registers Z.ai provider with correct models when ZAI_API_KEY is set', async () => {
+    process.env['ZAI_API_KEY'] = 'test-zai';
+
+    const service = new ProviderService();
+    await service.onModuleInit();
+
+    const providers = service.listProviders();
+    const zai = providers.find((p) => p.id === 'zai');
+    expect(zai).toBeDefined();
+    expect(zai!.available).toBe(true);
+    expect(zai!.models.map((m) => m.id)).toEqual(['glm-4.5', 'glm-4.5-air', 'glm-4.5-flash']);
+  });
+
+  it('registers all three providers when all keys are set', async () => {
+    process.env['ANTHROPIC_API_KEY'] = 'test-anthropic';
+    process.env['OPENAI_API_KEY'] = 'test-openai';
+    process.env['ZAI_API_KEY'] = 'test-zai';
+
+    const service = new ProviderService();
+    await service.onModuleInit();
+
+    const providerIds = service.listProviders().map((p) => p.id);
+    expect(providerIds).toContain('anthropic');
+    expect(providerIds).toContain('openai');
+    expect(providerIds).toContain('zai');
+  });
+
+  it('can find registered Anthropic models by provider+id', async () => {
+    process.env['ANTHROPIC_API_KEY'] = 'test-anthropic';
+
+    const service = new ProviderService();
+    await service.onModuleInit();
+
+    const sonnet = service.findModel('anthropic', 'claude-sonnet-4-6');
+    expect(sonnet).toBeDefined();
+    expect(sonnet!.provider).toBe('anthropic');
+    expect(sonnet!.id).toBe('claude-sonnet-4-6');
+  });
+
+  it('can find registered Z.ai models by provider+id', async () => {
+    process.env['ZAI_API_KEY'] = 'test-zai';
+
+    const service = new ProviderService();
+    await service.onModuleInit();
+
+    const glm = service.findModel('zai', 'glm-4.5');
+    expect(glm).toBeDefined();
+    expect(glm!.provider).toBe('zai');
+    expect(glm!.id).toBe('glm-4.5');
+  });
+});
--- a/apps/gateway/src/agent/adapters/anthropic.adapter.ts
+++ b/apps/gateway/src/agent/adapters/anthropic.adapter.ts
@@ -0,0 +1,191 @@
+import { Logger } from '@nestjs/common';
+import Anthropic from '@anthropic-ai/sdk';
+import type { ModelRegistry } from '@mariozechner/pi-coding-agent';
+import type {
+  CompletionEvent,
+  CompletionParams,
+  IProviderAdapter,
+  ModelInfo,
+  ProviderHealth,
+} from '@mosaic/types';
+
+/**
+ * Anthropic provider adapter.
+ *
+ * Registers Claude models with the Pi ModelRegistry via the Anthropic SDK.
+ * Configuration is driven by environment variables:
+ *   ANTHROPIC_API_KEY — Anthropic API key (required)
+ */
+export class AnthropicAdapter implements IProviderAdapter {
+  readonly name = 'anthropic';
+
+  private readonly logger = new Logger(AnthropicAdapter.name);
+  private client: Anthropic | null = null;
+  private registeredModels: ModelInfo[] = [];
+
+  constructor(private readonly registry: ModelRegistry) {}
+
+  async register(): Promise<void> {
+    const apiKey = process.env['ANTHROPIC_API_KEY'];
+    if (!apiKey) {
+      this.logger.warn('Skipping Anthropic provider registration: ANTHROPIC_API_KEY not set');
+      return;
+    }
+
+    this.client = new Anthropic({ apiKey });
+
+    const models: ModelInfo[] = [
+      {
+        id: 'claude-opus-4-6',
+        provider: 'anthropic',
+        name: 'Claude Opus 4.6',
+        reasoning: true,
+        contextWindow: 200000,
+        maxTokens: 32000,
+        inputTypes: ['text', 'image'],
+        cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+      },
+      {
+        id: 'claude-sonnet-4-6',
+        provider: 'anthropic',
+        name: 'Claude Sonnet 4.6',
+        reasoning: true,
+        contextWindow: 200000,
+        maxTokens: 16000,
+        inputTypes: ['text', 'image'],
+        cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+      },
+      {
+        id: 'claude-haiku-4-5',
+        provider: 'anthropic',
+        name: 'Claude Haiku 4.5',
+        reasoning: false,
+        contextWindow: 200000,
+        maxTokens: 8192,
+        inputTypes: ['text', 'image'],
+        cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+      },
+    ];
+
+    this.registry.registerProvider('anthropic', {
+      apiKey,
+      baseUrl: 'https://api.anthropic.com',
+      api: 'anthropic' as never,
+      models: models.map((m) => ({
+        id: m.id,
+        name: m.name,
+        reasoning: m.reasoning,
+        input: m.inputTypes as ('text' | 'image')[],
+        cost: m.cost,
+        contextWindow: m.contextWindow,
+        maxTokens: m.maxTokens,
+      })),
+    });
+
+    this.registeredModels = models;
+
+    this.logger.log(
+      `Anthropic provider registered with models: ${models.map((m) => m.id).join(', ')}`,
+    );
+  }
+
+  listModels(): ModelInfo[] {
+    return this.registeredModels;
+  }
+
+  async healthCheck(): Promise<ProviderHealth> {
+    const apiKey = process.env['ANTHROPIC_API_KEY'];
+    if (!apiKey) {
+      return {
+        status: 'down',
+        lastChecked: new Date().toISOString(),
+        error: 'ANTHROPIC_API_KEY not configured',
+      };
+    }
+
+    const start = Date.now();
+
+    try {
+      const client = this.client ?? new Anthropic({ apiKey });
+      await client.models.list({ limit: 1 });
+      const latencyMs = Date.now() - start;
+      return { status: 'healthy', latencyMs, lastChecked: new Date().toISOString() };
+    } catch (err) {
+      const latencyMs = Date.now() - start;
+      const error = err instanceof Error ? err.message : String(err);
+      const status = error.includes('401') || error.includes('403') ? 'degraded' : 'down';
+      return { status, latencyMs, lastChecked: new Date().toISOString(), error };
+    }
+  }
+
+  /**
+   * Stream a completion from Anthropic using the messages API.
+   * Maps Anthropic streaming events to the CompletionEvent format.
+   *
+   * Note: Currently reserved for future direct-completion use. The Pi SDK
+   * integration routes completions through ModelRegistry / AgentSession.
+   */
+  async *createCompletion(params: CompletionParams): AsyncIterable<CompletionEvent> {
+    const apiKey = process.env['ANTHROPIC_API_KEY'];
+    if (!apiKey) {
+      throw new Error('AnthropicAdapter: ANTHROPIC_API_KEY not configured');
+    }
+
+    const client = this.client ?? new Anthropic({ apiKey });
+
+    // Separate system messages from user/assistant messages
+    const systemMessages = params.messages.filter((m) => m.role === 'system');
+    const conversationMessages = params.messages.filter((m) => m.role !== 'system');
+
+    const systemPrompt =
+      systemMessages.length > 0 ? systemMessages.map((m) => m.content).join('\n') : undefined;
+
+    const stream = await client.messages.stream({
+      model: params.model,
+      max_tokens: params.maxTokens ?? 1024,
+      ...(systemPrompt !== undefined ? { system: systemPrompt } : {}),
+      messages: conversationMessages.map((m) => ({
+        role: m.role as 'user' | 'assistant',
+        content: m.content,
+      })),
+      ...(params.temperature !== undefined ? { temperature: params.temperature } : {}),
+      ...(params.tools && params.tools.length > 0
+        ? {
+            tools: params.tools.map((t) => ({
+              name: t.name,
+              description: t.description,
+              input_schema: t.parameters as Anthropic.Tool['input_schema'],
+            })),
+          }
+        : {}),
+    });
+
+    for await (const event of stream) {
+      if (event.type === 'content_block_delta' && event.delta.type === 'text_delta') {
+        yield { type: 'text_delta', content: event.delta.text };
+      } else if (event.type === 'content_block_delta' && event.delta.type === 'input_json_delta') {
+        yield { type: 'tool_call', name: '', arguments: event.delta.partial_json };
+      } else if (event.type === 'message_delta' && event.usage) {
+        yield {
+          type: 'done',
+          usage: {
+            inputTokens:
+              (event as { usage: { input_tokens?: number; output_tokens: number } }).usage
+                .input_tokens ?? 0,
+            outputTokens: event.usage.output_tokens,
+          },
+        };
+      }
+    }
+
+    // Emit final done event with full usage from the completed message
+    const finalMessage = await stream.finalMessage();
+    yield {
+      type: 'done',
+      usage: {
+        inputTokens: finalMessage.usage.input_tokens,
+        outputTokens: finalMessage.usage.output_tokens,
+      },
+    };
+  }
+}
--- a/apps/gateway/src/agent/adapters/index.ts
+++ b/apps/gateway/src/agent/adapters/index.ts
@@ -0,0 +1,2 @@
+export { OllamaAdapter } from './ollama.adapter.js';
+export { AnthropicAdapter } from './anthropic.adapter.js';
--- a/apps/gateway/src/agent/adapters/ollama.adapter.ts
+++ b/apps/gateway/src/agent/adapters/ollama.adapter.ts
@@ -0,0 +1,125 @@
+import { Logger } from '@nestjs/common';
+import type { ModelRegistry } from '@mariozechner/pi-coding-agent';
+import type {
+  CompletionEvent,
+  CompletionParams,
+  IProviderAdapter,
+  ModelInfo,
+  ProviderHealth,
+} from '@mosaic/types';
+
+/**
+ * Ollama provider adapter.
+ *
+ * Registers local Ollama models with the Pi ModelRegistry via the OpenAI-compatible
+ * completions API. Configuration is driven by environment variables:
+ *   OLLAMA_BASE_URL or OLLAMA_HOST — base URL of the Ollama instance
+ *   OLLAMA_MODELS              — comma-separated list of model IDs (default: llama3.2,codellama,mistral)
+ */
+export class OllamaAdapter implements IProviderAdapter {
+  readonly name = 'ollama';
+
+  private readonly logger = new Logger(OllamaAdapter.name);
+  private registeredModels: ModelInfo[] = [];
+
+  constructor(private readonly registry: ModelRegistry) {}
+
+  async register(): Promise<void> {
+    const ollamaUrl = process.env['OLLAMA_BASE_URL'] ?? process.env['OLLAMA_HOST'];
+    if (!ollamaUrl) {
+      this.logger.debug('Skipping Ollama provider registration: OLLAMA_BASE_URL not set');
+      return;
+    }
+
+    const modelsEnv = process.env['OLLAMA_MODELS'] ?? 'llama3.2,codellama,mistral';
+    const modelIds = modelsEnv
+      .split(',')
+      .map((id: string) => id.trim())
+      .filter(Boolean);
+
+    this.registry.registerProvider('ollama', {
+      baseUrl: `${ollamaUrl}/v1`,
+      apiKey: 'ollama',
+      api: 'openai-completions' as never,
+      models: modelIds.map((id) => ({
+        id,
+        name: id,
+        reasoning: false,
+        input: ['text'] as ('text' | 'image')[],
+        cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+        contextWindow: 8192,
+        maxTokens: 4096,
+      })),
+    });
+
+    this.registeredModels = modelIds.map((id) => ({
+      id,
+      provider: 'ollama',
+      name: id,
+      reasoning: false,
+      contextWindow: 8192,
+      maxTokens: 4096,
+      inputTypes: ['text'] as ('text' | 'image')[],
+      cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+    }));
+
+    this.logger.log(
+      `Ollama provider registered at ${ollamaUrl} with models: ${modelIds.join(', ')}`,
+    );
+  }
+
+  listModels(): ModelInfo[] {
+    return this.registeredModels;
+  }
+
+  async healthCheck(): Promise<ProviderHealth> {
+    const ollamaUrl = process.env['OLLAMA_BASE_URL'] ?? process.env['OLLAMA_HOST'];
+    if (!ollamaUrl) {
+      return {
+        status: 'down',
+        lastChecked: new Date().toISOString(),
+        error: 'OLLAMA_BASE_URL not configured',
+      };
+    }
+
+    const checkUrl = `${ollamaUrl}/v1/models`;
+    const start = Date.now();
+
+    try {
+      const res = await fetch(checkUrl, {
+        method: 'GET',
+        headers: { Accept: 'application/json' },
+        signal: AbortSignal.timeout(5000),
+      });
+      const latencyMs = Date.now() - start;
+
+      if (!res.ok) {
+        return {
+          status: 'degraded',
+          latencyMs,
+          lastChecked: new Date().toISOString(),
+          error: `HTTP ${res.status}`,
+        };
+      }
+
+      return { status: 'healthy', latencyMs, lastChecked: new Date().toISOString() };
+    } catch (err) {
+      const latencyMs = Date.now() - start;
+      const error = err instanceof Error ? err.message : String(err);
+      return { status: 'down', latencyMs, lastChecked: new Date().toISOString(), error };
+    }
+  }
+
+  /**
+   * createCompletion is reserved for future direct-completion use.
+   * The current integration routes completions through Pi SDK's ModelRegistry/AgentSession.
+   */
+  async *createCompletion(_params: CompletionParams): AsyncIterable<CompletionEvent> {
+    throw new Error(
+      'OllamaAdapter.createCompletion is not yet implemented. ' +
+        'Use Pi SDK AgentSession for completions.',
+    );
+    // Satisfy the AsyncGenerator return type — unreachable but required for TypeScript.
+    yield undefined as never;
+  }
+}
--- a/apps/gateway/src/agent/agent-config.dto.ts
+++ b/apps/gateway/src/agent/agent-config.dto.ts
@@ -0,0 +1,97 @@
+import {
+  IsArray,
+  IsBoolean,
+  IsIn,
+  IsObject,
+  IsOptional,
+  IsString,
+  IsUUID,
+  MaxLength,
+} from 'class-validator';
+
+const agentStatuses = ['idle', 'active', 'error', 'offline'] as const;
+
+export class CreateAgentConfigDto {
+  @IsString()
+  @MaxLength(255)
+  name!: string;
+
+  @IsString()
+  @MaxLength(255)
+  provider!: string;
+
+  @IsString()
+  @MaxLength(255)
+  model!: string;
+
+  @IsOptional()
+  @IsIn(agentStatuses)
+  status?: 'idle' | 'active' | 'error' | 'offline';
+
+  @IsOptional()
+  @IsUUID()
+  projectId?: string;
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(50_000)
+  systemPrompt?: string;
+
+  @IsOptional()
+  @IsArray()
+  allowedTools?: string[];
+
+  @IsOptional()
+  @IsArray()
+  skills?: string[];
+
+  @IsOptional()
+  @IsBoolean()
+  isSystem?: boolean;
+
+  @IsOptional()
+  @IsObject()
+  config?: Record<string, unknown>;
+}
+
+export class UpdateAgentConfigDto {
+  @IsOptional()
+  @IsString()
+  @MaxLength(255)
+  name?: string;
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(255)
+  provider?: string;
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(255)
+  model?: string;
+
+  @IsOptional()
+  @IsIn(agentStatuses)
+  status?: 'idle' | 'active' | 'error' | 'offline';
+
+  @IsOptional()
+  @IsUUID()
+  projectId?: string | null;
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(50_000)
+  systemPrompt?: string | null;
+
+  @IsOptional()
+  @IsArray()
+  allowedTools?: string[] | null;
+
+  @IsOptional()
+  @IsArray()
+  skills?: string[] | null;
+
+  @IsOptional()
+  @IsObject()
+  config?: Record<string, unknown> | null;
+}
--- a/apps/gateway/src/agent/agent-configs.controller.ts
+++ b/apps/gateway/src/agent/agent-configs.controller.ts
@@ -0,0 +1,89 @@
+import {
+  Body,
+  Controller,
+  Delete,
+  ForbiddenException,
+  Get,
+  HttpCode,
+  HttpStatus,
+  Inject,
+  NotFoundException,
+  Param,
+  Patch,
+  Post,
+  UseGuards,
+} from '@nestjs/common';
+import type { Brain } from '@mosaic/brain';
+import { BRAIN } from '../brain/brain.tokens.js';
+import { AuthGuard } from '../auth/auth.guard.js';
+import { CurrentUser } from '../auth/current-user.decorator.js';
+import { CreateAgentConfigDto, UpdateAgentConfigDto } from './agent-config.dto.js';
+
+@Controller('api/agents')
+@UseGuards(AuthGuard)
+export class AgentConfigsController {
+  constructor(@Inject(BRAIN) private readonly brain: Brain) {}
+
+  @Get()
+  async list(@CurrentUser() user: { id: string; role?: string }) {
+    return this.brain.agents.findAccessible(user.id);
+  }
+
+  @Get(':id')
+  async findOne(@Param('id') id: string, @CurrentUser() user: { id: string }) {
+    const agent = await this.brain.agents.findById(id);
+    if (!agent) throw new NotFoundException('Agent not found');
+    if (!agent.isSystem && agent.ownerId !== user.id) {
+      throw new ForbiddenException('Agent does not belong to the current user');
+    }
+    return agent;
+  }
+
+  @Post()
+  async create(@Body() dto: CreateAgentConfigDto, @CurrentUser() user: { id: string }) {
+    return this.brain.agents.create({
+      ...dto,
+      ownerId: user.id,
+      isSystem: false,
+    });
+  }
+
+  @Patch(':id')
+  async update(
+    @Param('id') id: string,
+    @Body() dto: UpdateAgentConfigDto,
+    @CurrentUser() user: { id: string; role?: string },
+  ) {
+    const agent = await this.brain.agents.findById(id);
+    if (!agent) throw new NotFoundException('Agent not found');
+    if (agent.isSystem && user.role !== 'admin') {
+      throw new ForbiddenException('Only admins can update system agents');
+    }
+    if (!agent.isSystem && agent.ownerId !== user.id) {
+      throw new ForbiddenException('Agent does not belong to the current user');
+    }
+
+    // Pass ownerId for user agents so the repo WHERE clause enforces ownership.
+    // For system agents (admin path) pass undefined so the WHERE matches only on id.
+    const ownerId = agent.isSystem ? undefined : user.id;
+    const updated = await this.brain.agents.update(id, dto, ownerId);
+    if (!updated) throw new NotFoundException('Agent not found');
+    return updated;
+  }
+
+  @Delete(':id')
+  @HttpCode(HttpStatus.NO_CONTENT)
+  async remove(@Param('id') id: string, @CurrentUser() user: { id: string; role?: string }) {
+    const agent = await this.brain.agents.findById(id);
+    if (!agent) throw new NotFoundException('Agent not found');
+    if (agent.isSystem) {
+      throw new ForbiddenException('Cannot delete system agents');
+    }
+    if (agent.ownerId !== user.id) {
+      throw new ForbiddenException('Agent does not belong to the current user');
+    }
+    // Pass ownerId so the repo WHERE clause enforces ownership at the DB level.
+    const deleted = await this.brain.agents.remove(id, user.id);
+    if (!deleted) throw new NotFoundException('Agent not found');
+  }
+}
--- a/apps/gateway/src/agent/agent.module.ts
+++ b/apps/gateway/src/agent/agent.module.ts
@@ -5,15 +5,17 @@ import { RoutingService } from './routing.service.js';
 import { SkillLoaderService } from './skill-loader.service.js';
 import { ProvidersController } from './providers.controller.js';
 import { SessionsController } from './sessions.controller.js';
+import { AgentConfigsController } from './agent-configs.controller.js';
 import { CoordModule } from '../coord/coord.module.js';
 import { McpClientModule } from '../mcp-client/mcp-client.module.js';
 import { SkillsModule } from '../skills/skills.module.js';
+import { GCModule } from '../gc/gc.module.js';

@Global()
@Module({
-  imports: [CoordModule, McpClientModule, SkillsModule],
+  imports: [CoordModule, McpClientModule, SkillsModule, GCModule],
  providers: [ProviderService, RoutingService, SkillLoaderService, AgentService],
-  controllers: [ProvidersController, SessionsController],
+  controllers: [ProvidersController, SessionsController, AgentConfigsController],
  exports: [AgentService, ProviderService, RoutingService, SkillLoaderService],
 })
 export class AgentModule {}
--- a/apps/gateway/src/agent/agent.service.ts
+++ b/apps/gateway/src/agent/agent.service.ts
@@ -1,4 +1,4 @@
-import { Inject, Injectable, Logger, type OnModuleDestroy } from '@nestjs/common';
+import { Inject, Injectable, Logger, Optional, type OnModuleDestroy } from '@nestjs/common';
 import {
  createAgentSession,
  DefaultResourceLoader,
@@ -24,6 +24,16 @@ import { createGitTools } from './tools/git-tools.js';
 import { createShellTools } from './tools/shell-tools.js';
 import { createWebTools } from './tools/web-tools.js';
 import type { SessionInfoDto } from './session.dto.js';
+import { SystemOverrideService } from '../preferences/system-override.service.js';
+import { PreferencesService } from '../preferences/preferences.service.js';
+import { SessionGCService } from '../gc/session-gc.service.js';
+
+/** A single message from DB conversation history, used for context injection. */
+export interface ConversationHistoryMessage {
+  role: 'user' | 'assistant' | 'system';
+  content: string;
+  createdAt: Date;
+}

 export interface AgentSessionOptions {
  provider?: string;
@@ -49,6 +59,20 @@ export interface AgentSessionOptions {
  allowedTools?: string[];
  /** Whether the requesting user has admin privileges. Controls default tool access. */
  isAdmin?: boolean;
+  /**
+   * DB agent config ID. When provided, loads agent config from DB and merges
+   * provider, model, systemPrompt, and allowedTools. Explicit call-site options
+   * take precedence over config values.
+   */
+  agentConfigId?: string;
+  /** ID of the user who owns this session. Used for preferences and system override lookups. */
+  userId?: string;
+  /**
+   * Prior conversation messages to inject as context when resuming a session.
+   * These messages are formatted and prepended to the system prompt so the
+   * agent is aware of what was discussed in previous sessions.
+   */
+  conversationHistory?: ConversationHistoryMessage[];
 }

 export interface AgentSession {
@@ -67,6 +91,8 @@ export interface AgentSession {
  sandboxDir: string;
  /** Tool names available in this session, or null when all tools are available. */
  allowedTools: string[] | null;
+  /** User ID that owns this session, used for preference lookups. */
+  userId?: string;
 }

@Injectable()
@@ -83,20 +109,32 @@ export class AgentService implements OnModuleDestroy {
    @Inject(CoordService) private readonly coordService: CoordService,
    @Inject(McpClientService) private readonly mcpClientService: McpClientService,
    @Inject(SkillLoaderService) private readonly skillLoaderService: SkillLoaderService,
+    @Optional()
+    @Inject(SystemOverrideService)
+    private readonly systemOverride: SystemOverrideService | null,
+    @Optional()
+    @Inject(PreferencesService)
+    private readonly preferencesService: PreferencesService | null,
+    @Inject(SessionGCService) private readonly gc: SessionGCService,
  ) {}

  /**
-   * Build the full set of custom tools scoped to the given sandbox directory.
+   * Build the full set of custom tools scoped to the given sandbox directory and session user.
   * Brain/coord/memory/web tools are stateless with respect to cwd; file/git/shell
   * tools receive the resolved sandboxDir so they operate within the sandbox.
+   * Memory tools are bound to sessionUserId so the LLM cannot access another user's data.
   */
-  private buildToolsForSandbox(sandboxDir: string): ToolDefinition[] {
+  private buildToolsForSandbox(
+    sandboxDir: string,
+    sessionUserId: string | undefined,
+  ): ToolDefinition[] {
    return [
      ...createBrainTools(this.brain),
      ...createCoordTools(this.coordService),
      ...createMemoryTools(
        this.memory,
        this.embeddingService.available ? this.embeddingService : null,
+        sessionUserId,
      ),
      ...createFileTools(sandboxDir),
      ...createGitTools(sandboxDir),
@@ -146,16 +184,39 @@ export class AgentService implements OnModuleDestroy {
    sessionId: string,
    options?: AgentSessionOptions,
  ): Promise<AgentSession> {
-    const model = this.resolveModel(options);
+    // Merge DB agent config when agentConfigId is provided
+    let mergedOptions = options;
+    if (options?.agentConfigId) {
+      const agentConfig = await this.brain.agents.findById(options.agentConfigId);
+      if (agentConfig) {
+        mergedOptions = {
+          provider: options.provider ?? agentConfig.provider,
+          modelId: options.modelId ?? agentConfig.model,
+          systemPrompt: options.systemPrompt ?? agentConfig.systemPrompt ?? undefined,
+          allowedTools: options.allowedTools ?? agentConfig.allowedTools ?? undefined,
+          sandboxDir: options.sandboxDir,
+          isAdmin: options.isAdmin,
+          agentConfigId: options.agentConfigId,
+        };
+        this.logger.log(
+          `Merged agent config "${agentConfig.name}" (${agentConfig.id}) into session ${sessionId}`,
+        );
+      }
+    }
+
+    const model = this.resolveModel(mergedOptions);
    const providerName = model?.provider ?? 'default';
    const modelId = model?.id ?? 'default';

    // Resolve sandbox directory: option > env var > process.cwd()
    const sandboxDir =
-      options?.sandboxDir ?? process.env['AGENT_FILE_SANDBOX_DIR'] ?? process.cwd();
+      mergedOptions?.sandboxDir ?? process.env['AGENT_FILE_SANDBOX_DIR'] ?? process.cwd();

    // Resolve allowed tool set
-    const allowedTools = this.resolveAllowedTools(options?.isAdmin ?? false, options?.allowedTools);
+    const allowedTools = this.resolveAllowedTools(
+      mergedOptions?.isAdmin ?? false,
+      mergedOptions?.allowedTools,
+    );

    this.logger.log(
      `Creating agent session: ${sessionId} (provider=${providerName}, model=${modelId}, sandbox=${sandboxDir}, tools=${allowedTools === null ? 'all' : allowedTools.join(',') || 'none'})`,
@@ -173,8 +234,8 @@ export class AgentService implements OnModuleDestroy {
      );
    }

-    // Build per-session tools scoped to the sandbox directory
-    const sandboxTools = this.buildToolsForSandbox(sandboxDir);
+    // Build per-session tools scoped to the sandbox directory and authenticated user
+    const sandboxTools = this.buildToolsForSandbox(sandboxDir, mergedOptions?.userId);

    // Combine static tools with dynamically discovered MCP client tools and skill tools
    const mcpTools = this.mcpClientService.getToolDefinitions();
@@ -194,9 +255,22 @@ export class AgentService implements OnModuleDestroy {
    }

    // Build system prompt: platform prompt + skill additions appended
-    const platformPrompt = options?.systemPrompt ?? process.env['AGENT_SYSTEM_PROMPT'] ?? undefined;
-    const appendSystemPrompt =
-      promptAdditions.length > 0 ? promptAdditions.join('\n\n') : undefined;
+    const platformPrompt =
+      mergedOptions?.systemPrompt ?? process.env['AGENT_SYSTEM_PROMPT'] ?? undefined;
+
+    // Format conversation history for context injection (M1-004 / M1-005)
+    const historyPromptSection = mergedOptions?.conversationHistory?.length
+      ? this.buildHistoryPromptSection(
+          mergedOptions.conversationHistory,
+          model?.contextWindow ?? 8192,
+          sessionId,
+        )
+      : undefined;
+
+    const appendParts: string[] = [];
+    if (promptAdditions.length > 0) appendParts.push(promptAdditions.join('\n\n'));
+    if (historyPromptSection) appendParts.push(historyPromptSection);
+    const appendSystemPrompt = appendParts.length > 0 ? appendParts.join('\n\n') : undefined;

    // Construct a resource loader that injects the configured system prompt
    const resourceLoader = new DefaultResourceLoader({
@@ -255,6 +329,7 @@ export class AgentService implements OnModuleDestroy {
      skillPromptAdditions: promptAdditions,
      sandboxDir,
      allowedTools,
+      userId: mergedOptions?.userId,
    };

    this.sessions.set(sessionId, session);
@@ -263,6 +338,92 @@ export class AgentService implements OnModuleDestroy {
    return session;
  }

+  /**
+   * Estimate token count for a string using a rough 4-chars-per-token heuristic.
+   */
+  private estimateTokens(text: string): number {
+    return Math.ceil(text.length / 4);
+  }
+
+  /**
+   * Build a conversation history section for injection into the system prompt.
+   * Implements M1-004 (history loading) and M1-005 (context window management).
+   *
+   * - Formats messages as a readable conversation transcript.
+   * - If the full history exceeds 80% of the model's context window, older messages
+   *   are summarized and only the most recent messages are kept verbatim.
+   * - Summarization is a simple extractive approach (no LLM required).
+   */
+  private buildHistoryPromptSection(
+    history: ConversationHistoryMessage[],
+    contextWindow: number,
+    sessionId: string,
+  ): string {
+    const TOKEN_BUDGET = Math.floor(contextWindow * 0.8);
+    const HISTORY_HEADER = '## Conversation History (resumed session)\n\n';
+
+    const formatMessage = (msg: ConversationHistoryMessage): string => {
+      const roleLabel =
+        msg.role === 'user' ? 'User' : msg.role === 'assistant' ? 'Assistant' : 'System';
+      return `**${roleLabel}:** ${msg.content}`;
+    };
+
+    const formatted = history.map((msg) => formatMessage(msg));
+    const fullHistory = formatted.join('\n\n');
+    const fullTokens = this.estimateTokens(HISTORY_HEADER + fullHistory);
+
+    if (fullTokens <= TOKEN_BUDGET) {
+      this.logger.debug(
+        `Session ${sessionId}: injecting full history (${history.length} msgs, ~${fullTokens} tokens)`,
+      );
+      return HISTORY_HEADER + fullHistory;
+    }
+
+    // History exceeds budget — summarize oldest messages, keep recent verbatim
+    this.logger.log(
+      `Session ${sessionId}: history (~${fullTokens} tokens) exceeds ${TOKEN_BUDGET} token budget; summarizing oldest messages`,
+    );
+
+    // Reserve 20% of the budget for the summary prefix, rest for verbatim messages
+    const SUMMARY_RESERVE = Math.floor(TOKEN_BUDGET * 0.2);
+    const verbatimBudget = TOKEN_BUDGET - SUMMARY_RESERVE;
+
+    let verbatimTokens = 0;
+    let verbatimCutIndex = history.length;
+    for (let i = history.length - 1; i >= 0; i--) {
+      const t = this.estimateTokens(formatted[i]!);
+      if (verbatimTokens + t > verbatimBudget) break;
+      verbatimTokens += t;
+      verbatimCutIndex = i;
+    }
+
+    const summarizedMessages = history.slice(0, verbatimCutIndex);
+    const verbatimMessages = history.slice(verbatimCutIndex);
+
+    let summaryText = '';
+    if (summarizedMessages.length > 0) {
+      const topics = summarizedMessages
+        .filter((m) => m.role === 'user')
+        .map((m) => m.content.slice(0, 120).replace(/\n/g, ' '))
+        .join('; ');
+      summaryText =
+        `**Previous conversation summary** (${summarizedMessages.length} messages omitted for brevity):\n` +
+        `Topics discussed: ${topics || '(no user messages in summarized portion)'}`;
+    }
+
+    const verbatimSection = verbatimMessages.map((m) => formatMessage(m)).join('\n\n');
+
+    const parts: string[] = [HISTORY_HEADER];
+    if (summaryText) parts.push(summaryText);
+    if (verbatimSection) parts.push(verbatimSection);
+
+    const result = parts.join('\n\n');
+    this.logger.log(
+      `Session ${sessionId}: summarized ${summarizedMessages.length} messages, kept ${verbatimMessages.length} verbatim (~${this.estimateTokens(result)} tokens)`,
+    );
+    return result;
+  }
+
  private resolveModel(options?: AgentSessionOptions) {
    if (!options?.provider && !options?.modelId) {
      return this.providerService.getDefaultModel() ?? null;
@@ -338,8 +499,20 @@ export class AgentService implements OnModuleDestroy {
      throw new Error(`No agent session found: ${sessionId}`);
    }
    session.promptCount += 1;
+
+    // Prepend session-scoped system override if present (renew TTL on each turn)
+    let effectiveMessage = message;
+    if (this.systemOverride) {
+      const override = await this.systemOverride.get(sessionId);
+      if (override) {
+        effectiveMessage = `[System Override]\n${override}\n\n${message}`;
+        await this.systemOverride.renew(sessionId);
+        this.logger.debug(`Applied system override for session ${sessionId}`);
+      }
+    }
+
    try {
-      await session.piSession.prompt(message);
+      await session.piSession.prompt(effectiveMessage);
    } catch (err) {
      this.logger.error(
        `Prompt failed for session=${sessionId}, messageLength=${message.length}`,
@@ -375,6 +548,14 @@ export class AgentService implements OnModuleDestroy {
    session.listeners.clear();
    session.channels.clear();
    this.sessions.delete(sessionId);
+
+    // Run GC cleanup for this session (fire and forget, errors are logged)
+    this.gc.collect(sessionId).catch((err: unknown) => {
+      this.logger.error(
+        `GC collect failed for session ${sessionId}`,
+        err instanceof Error ? err.stack : String(err),
+      );
+    });
  }

  async onModuleDestroy(): Promise<void> {
--- a/apps/gateway/src/agent/model-capabilities.ts
+++ b/apps/gateway/src/agent/model-capabilities.ts
@@ -0,0 +1,204 @@
+import type { ModelCapability } from '@mosaic/types';
+
+/**
+ * Comprehensive capability matrix for all target models.
+ * Cost fields are optional and will be filled in when real pricing data is available.
+ */
+export const MODEL_CAPABILITIES: ModelCapability[] = [
+  {
+    id: 'claude-opus-4-6',
+    provider: 'anthropic',
+    displayName: 'Claude Opus 4.6',
+    tier: 'premium',
+    contextWindow: 200000,
+    maxOutputTokens: 32000,
+    capabilities: {
+      tools: true,
+      vision: true,
+      streaming: true,
+      reasoning: true,
+      embedding: false,
+    },
+  },
+  {
+    id: 'claude-sonnet-4-6',
+    provider: 'anthropic',
+    displayName: 'Claude Sonnet 4.6',
+    tier: 'standard',
+    contextWindow: 200000,
+    maxOutputTokens: 16000,
+    capabilities: {
+      tools: true,
+      vision: true,
+      streaming: true,
+      reasoning: true,
+      embedding: false,
+    },
+  },
+  {
+    id: 'claude-haiku-4-5',
+    provider: 'anthropic',
+    displayName: 'Claude Haiku 4.5',
+    tier: 'cheap',
+    contextWindow: 200000,
+    maxOutputTokens: 8192,
+    capabilities: {
+      tools: true,
+      vision: true,
+      streaming: true,
+      reasoning: false,
+      embedding: false,
+    },
+  },
+  {
+    id: 'codex-gpt-5.4',
+    provider: 'openai',
+    displayName: 'Codex gpt-5.4',
+    tier: 'premium',
+    contextWindow: 128000,
+    maxOutputTokens: 16384,
+    capabilities: {
+      tools: true,
+      vision: true,
+      streaming: true,
+      reasoning: true,
+      embedding: false,
+    },
+  },
+  {
+    id: 'glm-5',
+    provider: 'zai',
+    displayName: 'GLM-5',
+    tier: 'standard',
+    contextWindow: 128000,
+    maxOutputTokens: 8192,
+    capabilities: {
+      tools: true,
+      vision: false,
+      streaming: true,
+      reasoning: false,
+      embedding: false,
+    },
+  },
+  {
+    id: 'llama3.2',
+    provider: 'ollama',
+    displayName: 'llama3.2',
+    tier: 'local',
+    contextWindow: 128000,
+    maxOutputTokens: 8192,
+    capabilities: {
+      tools: true,
+      vision: false,
+      streaming: true,
+      reasoning: false,
+      embedding: false,
+    },
+  },
+  {
+    id: 'codellama',
+    provider: 'ollama',
+    displayName: 'codellama',
+    tier: 'local',
+    contextWindow: 16000,
+    maxOutputTokens: 4096,
+    capabilities: {
+      tools: true,
+      vision: false,
+      streaming: true,
+      reasoning: false,
+      embedding: false,
+    },
+  },
+  {
+    id: 'mistral',
+    provider: 'ollama',
+    displayName: 'mistral',
+    tier: 'local',
+    contextWindow: 32000,
+    maxOutputTokens: 8192,
+    capabilities: {
+      tools: true,
+      vision: false,
+      streaming: true,
+      reasoning: false,
+      embedding: false,
+    },
+  },
+  {
+    id: 'nomic-embed-text',
+    provider: 'ollama',
+    displayName: 'nomic-embed-text',
+    tier: 'local',
+    contextWindow: 8192,
+    maxOutputTokens: 0,
+    capabilities: {
+      tools: false,
+      vision: false,
+      streaming: false,
+      reasoning: false,
+      embedding: true,
+    },
+  },
+  {
+    id: 'mxbai-embed-large',
+    provider: 'ollama',
+    displayName: 'mxbai-embed-large',
+    tier: 'local',
+    contextWindow: 8192,
+    maxOutputTokens: 0,
+    capabilities: {
+      tools: false,
+      vision: false,
+      streaming: false,
+      reasoning: false,
+      embedding: true,
+    },
+  },
+];
+
+/**
+ * Look up a model by its ID.
+ * Returns undefined if the model is not found.
+ */
+export function getModelCapability(modelId: string): ModelCapability | undefined {
+  return MODEL_CAPABILITIES.find((m) => m.id === modelId);
+}
+
+/**
+ * Find models matching a partial capability filter.
+ * All provided filter keys must match for a model to be included.
+ */
+export function findModelsByCapability(
+  filter: Partial<Pick<ModelCapability, 'tier' | 'provider'>> & {
+    capabilities?: Partial<ModelCapability['capabilities']>;
+  },
+): ModelCapability[] {
+  return MODEL_CAPABILITIES.filter((model) => {
+    if (filter.tier !== undefined && model.tier !== filter.tier) return false;
+    if (filter.provider !== undefined && model.provider !== filter.provider) return false;
+    if (filter.capabilities) {
+      for (const [key, value] of Object.entries(filter.capabilities) as [
+        keyof ModelCapability['capabilities'],
+        boolean,
+      ][]) {
+        if (model.capabilities[key] !== value) return false;
+      }
+    }
+    return true;
+  });
+}
+
+/**
+ * Get all models for a specific provider.
+ */
+export function getModelsByProvider(provider: string): ModelCapability[] {
+  return MODEL_CAPABILITIES.filter((m) => m.provider === provider);
+}
+
+/**
+ * Get the full list of all known models.
+ */
+export function getAllModels(): ModelCapability[] {
+  return MODEL_CAPABILITIES;
+}
--- a/apps/gateway/src/agent/provider.service.ts
+++ b/apps/gateway/src/agent/provider.service.ts
@@ -1,25 +1,104 @@
 import { Injectable, Logger, type OnModuleInit } from '@nestjs/common';
 import { ModelRegistry, AuthStorage } from '@mariozechner/pi-coding-agent';
-import type { Model, Api } from '@mariozechner/pi-ai';
-import type { ModelInfo, ProviderInfo, CustomProviderConfig } from '@mosaic/types';
+import { getModel, type Model, type Api } from '@mariozechner/pi-ai';
+import type {
+  CustomProviderConfig,
+  IProviderAdapter,
+  ModelInfo,
+  ProviderHealth,
+  ProviderInfo,
+} from '@mosaic/types';
+import { AnthropicAdapter, OllamaAdapter } from './adapters/index.js';
 import type { TestConnectionResultDto } from './provider.dto.js';

+/** DI injection token for the provider adapter array. */
+export const PROVIDER_ADAPTERS = Symbol('PROVIDER_ADAPTERS');
+
@Injectable()
 export class ProviderService implements OnModuleInit {
  private readonly logger = new Logger(ProviderService.name);
  private registry!: ModelRegistry;

-  onModuleInit(): void {
+  /**
+   * Adapters registered with this service.
+   * Built-in adapters (Ollama) are always present; additional adapters can be
+   * supplied via the PROVIDER_ADAPTERS injection token in the future.
+   */
+  private adapters: IProviderAdapter[] = [];
+
+  async onModuleInit(): Promise<void> {
    const authStorage = AuthStorage.inMemory();
    this.registry = new ModelRegistry(authStorage);

-    this.registerOllamaProvider();
+    // Build the default set of adapters that rely on the registry
+    this.adapters = [new OllamaAdapter(this.registry), new AnthropicAdapter(this.registry)];
+
+    // Run all adapter registrations first (Ollama, Anthropic, and any future adapters)
+    await this.registerAll();
+
+    // Register API-key providers directly (OpenAI, Z.ai, custom)
+    // These do not yet have dedicated adapter classes (M3-003 through M3-005).
+    this.registerOpenAIProvider();
+    this.registerZaiProvider();
    this.registerCustomProviders();

    const available = this.registry.getAvailable();
    this.logger.log(`Providers initialized: ${available.length} models available`);
  }

+  // ---------------------------------------------------------------------------
+  // Adapter-pattern API
+  // ---------------------------------------------------------------------------
+
+  /**
+   * Call register() on each adapter in order.
+   * Errors from individual adapters are logged and do not abort the others.
+   */
+  async registerAll(): Promise<void> {
+    for (const adapter of this.adapters) {
+      try {
+        await adapter.register();
+      } catch (err) {
+        this.logger.error(
+          `Adapter "${adapter.name}" registration failed`,
+          err instanceof Error ? err.stack : String(err),
+        );
+      }
+    }
+  }
+
+  /**
+   * Return the adapter registered under the given provider name, or undefined.
+   */
+  getAdapter(providerName: string): IProviderAdapter | undefined {
+    return this.adapters.find((a) => a.name === providerName);
+  }
+
+  /**
+   * Run healthCheck() on all adapters and return results keyed by provider name.
+   */
+  async healthCheckAll(): Promise<Record<string, ProviderHealth>> {
+    const results: Record<string, ProviderHealth> = {};
+    await Promise.all(
+      this.adapters.map(async (adapter) => {
+        try {
+          results[adapter.name] = await adapter.healthCheck();
+        } catch (err) {
+          results[adapter.name] = {
+            status: 'down',
+            lastChecked: new Date().toISOString(),
+            error: err instanceof Error ? err.message : String(err),
+          };
+        }
+      }),
+    );
+    return results;
+  }
+
+  // ---------------------------------------------------------------------------
+  // Legacy / Pi-SDK-facing API (preserved for AgentService and RoutingService)
+  // ---------------------------------------------------------------------------
+
  getRegistry(): ModelRegistry {
    return this.registry;
  }
@@ -66,6 +145,18 @@ export class ProviderService implements OnModuleInit {
  }

  async testConnection(providerId: string, baseUrl?: string): Promise<TestConnectionResultDto> {
+    // Delegate to the adapter when one exists and no URL override is given
+    const adapter = this.getAdapter(providerId);
+    if (adapter && !baseUrl) {
+      const health = await adapter.healthCheck();
+      return {
+        providerId,
+        reachable: health.status !== 'down',
+        latencyMs: health.latencyMs,
+        error: health.error,
+      };
+    }
+
    // Resolve baseUrl: explicit override > registered provider > ollama env
    let resolvedUrl = baseUrl;

@@ -140,34 +231,49 @@ export class ProviderService implements OnModuleInit {
    this.logger.log(`Registered custom provider: ${config.id} (${config.models.length} models)`);
  }

-  private registerOllamaProvider(): void {
-    const ollamaUrl = process.env['OLLAMA_BASE_URL'] ?? process.env['OLLAMA_HOST'];
-    if (!ollamaUrl) return;
+  // ---------------------------------------------------------------------------
+  // Private helpers — direct registry registration for providers without adapters yet
+  // (OpenAI, Z.ai will move to adapters in M3-003 through M3-005)
+  // ---------------------------------------------------------------------------

-    const modelsEnv = process.env['OLLAMA_MODELS'] ?? 'llama3.2,codellama,mistral';
-    const modelIds = modelsEnv
-      .split(',')
-      .map((modelId: string) => modelId.trim())
-      .filter(Boolean);
+  private registerOpenAIProvider(): void {
+    const apiKey = process.env['OPENAI_API_KEY'];
+    if (!apiKey) {
+      this.logger.debug('Skipping OpenAI provider registration: OPENAI_API_KEY not set');
+      return;
+    }

-    this.registry.registerProvider('ollama', {
-      baseUrl: `${ollamaUrl}/v1`,
-      apiKey: 'ollama',
-      api: 'openai-completions' as never,
-      models: modelIds.map((id) => ({
-        id,
-        name: id,
-        reasoning: false,
-        input: ['text'] as ('text' | 'image')[],
-        cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
-        contextWindow: 8192,
-        maxTokens: 4096,
-      })),
+    const models = ['gpt-4o', 'gpt-4o-mini', 'o3-mini'].map((id) =>
+      this.cloneBuiltInModel('openai', id),
+    );
+
+    this.registry.registerProvider('openai', {
+      apiKey,
+      baseUrl: 'https://api.openai.com/v1',
+      models,
    });

-    this.logger.log(
-      `Ollama provider registered at ${ollamaUrl} with models: ${modelIds.join(', ')}`,
+    this.logger.log('OpenAI provider registered with 3 models');
+  }
+
+  private registerZaiProvider(): void {
+    const apiKey = process.env['ZAI_API_KEY'];
+    if (!apiKey) {
+      this.logger.debug('Skipping Z.ai provider registration: ZAI_API_KEY not set');
+      return;
+    }
+
+    const models = ['glm-4.5', 'glm-4.5-air', 'glm-4.5-flash'].map((id) =>
+      this.cloneBuiltInModel('zai', id),
    );
+
+    this.registry.registerProvider('zai', {
+      apiKey,
+      baseUrl: 'https://open.bigmodel.cn/api/paas/v4',
+      models,
+    });
+
+    this.logger.log('Z.ai provider registered with 3 models');
  }

  private registerCustomProviders(): void {
@@ -184,6 +290,19 @@ export class ProviderService implements OnModuleInit {
    }
  }

+  private cloneBuiltInModel(
+    provider: string,
+    modelId: string,
+    overrides: Partial<Model<Api>> = {},
+  ): Model<Api> {
+    const model = getModel(provider as never, modelId as never) as Model<Api> | undefined;
+    if (!model) {
+      throw new Error(`Built-in model not found: ${provider}:${modelId}`);
+    }
+
+    return { ...model, ...overrides };
+  }
+
  private toModelInfo(model: Model<Api>): ModelInfo {
    return {
      id: model.id,
--- a/apps/gateway/src/agent/tools/file-tools.ts
+++ b/apps/gateway/src/agent/tools/file-tools.ts
@@ -1,20 +1,7 @@
 import { Type } from '@sinclair/typebox';
 import type { ToolDefinition } from '@mariozechner/pi-coding-agent';
 import { readFile, writeFile, readdir, stat } from 'node:fs/promises';
-import { resolve, relative, join } from 'node:path';
-
-/**
- * Safety constraint: all file operations are restricted to a base directory.
- * Paths that escape the sandbox via ../ traversal are rejected.
- */
-function resolveSafe(baseDir: string, inputPath: string): string {
-  const resolved = resolve(baseDir, inputPath);
-  const rel = relative(baseDir, resolved);
-  if (rel.startsWith('..') || resolve(resolved) !== resolve(join(baseDir, rel))) {
-    throw new Error(`Path escape detected: "${inputPath}" resolves outside base directory`);
-  }
-  return resolved;
-}
+import { guardPath, guardPathUnsafe, SandboxEscapeError } from './path-guard.js';

 const MAX_READ_BYTES = 512 * 1024; // 512 KB read limit
 const MAX_WRITE_BYTES = 1024 * 1024; // 1 MB write limit
@@ -37,8 +24,14 @@ export function createFileTools(baseDir: string): ToolDefinition[] {
      const { path, encoding } = params as { path: string; encoding?: string };
      let safePath: string;
      try {
-        safePath = resolveSafe(baseDir, path);
+        safePath = guardPath(path, baseDir);
      } catch (err) {
+        if (err instanceof SandboxEscapeError) {
+          return {
+            content: [{ type: 'text' as const, text: `Error: ${err.message}` }],
+            details: undefined,
+          };
+        }
        return {
          content: [{ type: 'text' as const, text: `Error: ${String(err)}` }],
          details: undefined,
@@ -99,8 +92,14 @@ export function createFileTools(baseDir: string): ToolDefinition[] {
      };
      let safePath: string;
      try {
-        safePath = resolveSafe(baseDir, path);
+        safePath = guardPathUnsafe(path, baseDir);
      } catch (err) {
+        if (err instanceof SandboxEscapeError) {
+          return {
+            content: [{ type: 'text' as const, text: `Error: ${err.message}` }],
+            details: undefined,
+          };
+        }
        return {
          content: [{ type: 'text' as const, text: `Error: ${String(err)}` }],
          details: undefined,
@@ -151,8 +150,14 @@ export function createFileTools(baseDir: string): ToolDefinition[] {
      const target = path ?? '.';
      let safePath: string;
      try {
-        safePath = resolveSafe(baseDir, target);
+        safePath = guardPath(target, baseDir);
      } catch (err) {
+        if (err instanceof SandboxEscapeError) {
+          return {
+            content: [{ type: 'text' as const, text: `Error: ${err.message}` }],
+            details: undefined,
+          };
+        }
        return {
          content: [{ type: 'text' as const, text: `Error: ${String(err)}` }],
          details: undefined,
--- a/apps/gateway/src/agent/tools/git-tools.ts
+++ b/apps/gateway/src/agent/tools/git-tools.ts
@@ -2,29 +2,13 @@ import { Type } from '@sinclair/typebox';
 import type { ToolDefinition } from '@mariozechner/pi-coding-agent';
 import { exec } from 'node:child_process';
 import { promisify } from 'node:util';
-import { resolve, relative } from 'node:path';
+import { guardPath, guardPathUnsafe, SandboxEscapeError } from './path-guard.js';

 const execAsync = promisify(exec);

 const GIT_TIMEOUT_MS = 15_000;
 const MAX_OUTPUT_BYTES = 100 * 1024; // 100 KB

-/**
- * Clamp a user-supplied cwd to within the sandbox directory.
- * If the resolved path escapes the sandbox (via ../ or absolute path outside),
- * falls back to the sandbox directory itself.
- */
-function clampCwd(sandboxDir: string, requestedCwd?: string): string {
-  if (!requestedCwd) return sandboxDir;
-  const resolved = resolve(sandboxDir, requestedCwd);
-  const rel = relative(sandboxDir, resolved);
-  if (rel.startsWith('..') || rel.startsWith('/')) {
-    // Escape attempt — fall back to sandbox root
-    return sandboxDir;
-  }
-  return resolved;
-}
-
 async function runGit(
  args: string[],
  cwd?: string,
@@ -74,7 +58,21 @@ export function createGitTools(sandboxDir?: string): ToolDefinition[] {
    }),
    async execute(_toolCallId, params) {
      const { cwd } = params as { cwd?: string };
-      const safeCwd = clampCwd(defaultCwd, cwd);
+      let safeCwd: string;
+      try {
+        safeCwd = guardPath(cwd ?? '.', defaultCwd);
+      } catch (err) {
+        if (err instanceof SandboxEscapeError) {
+          return {
+            content: [{ type: 'text' as const, text: `Error: ${err.message}` }],
+            details: undefined,
+          };
+        }
+        return {
+          content: [{ type: 'text' as const, text: `Error: ${String(err)}` }],
+          details: undefined,
+        };
+      }
      const result = await runGit(['status', '--short', '--branch'], safeCwd);
      const text = result.error
        ? `Error: ${result.error}\n${result.stderr}`
@@ -107,7 +105,21 @@ export function createGitTools(sandboxDir?: string): ToolDefinition[] {
        oneline?: boolean;
        cwd?: string;
      };
-      const safeCwd = clampCwd(defaultCwd, cwd);
+      let safeCwd: string;
+      try {
+        safeCwd = guardPath(cwd ?? '.', defaultCwd);
+      } catch (err) {
+        if (err instanceof SandboxEscapeError) {
+          return {
+            content: [{ type: 'text' as const, text: `Error: ${err.message}` }],
+            details: undefined,
+          };
+        }
+        return {
+          content: [{ type: 'text' as const, text: `Error: ${String(err)}` }],
+          details: undefined,
+        };
+      }
      const args = ['log', `--max-count=${limit ?? 20}`];
      if (oneline !== false) args.push('--oneline');
      const result = await runGit(args, safeCwd);
@@ -148,12 +160,43 @@ export function createGitTools(sandboxDir?: string): ToolDefinition[] {
        path?: string;
        cwd?: string;
      };
-      const safeCwd = clampCwd(defaultCwd, cwd);
+      let safeCwd: string;
+      try {
+        safeCwd = guardPath(cwd ?? '.', defaultCwd);
+      } catch (err) {
+        if (err instanceof SandboxEscapeError) {
+          return {
+            content: [{ type: 'text' as const, text: `Error: ${err.message}` }],
+            details: undefined,
+          };
+        }
+        return {
+          content: [{ type: 'text' as const, text: `Error: ${String(err)}` }],
+          details: undefined,
+        };
+      }
+      let safePath: string | undefined;
+      if (path !== undefined) {
+        try {
+          safePath = guardPathUnsafe(path, defaultCwd);
+        } catch (err) {
+          if (err instanceof SandboxEscapeError) {
+            return {
+              content: [{ type: 'text' as const, text: `Error: ${err.message}` }],
+              details: undefined,
+            };
+          }
+          return {
+            content: [{ type: 'text' as const, text: `Error: ${String(err)}` }],
+            details: undefined,
+          };
+        }
+      }
      const args = ['diff'];
      if (staged) args.push('--cached');
      if (ref) args.push(ref);
      args.push('--');
-      if (path) args.push(path);
+      if (safePath !== undefined) args.push(safePath);
      const result = await runGit(args, safeCwd);
      const text = result.error
        ? `Error: ${result.error}\n${result.stderr}`
--- a/apps/gateway/src/agent/tools/memory-tools.ts
+++ b/apps/gateway/src/agent/tools/memory-tools.ts
@@ -3,23 +3,45 @@ import type { ToolDefinition } from '@mariozechner/pi-coding-agent';
 import type { Memory } from '@mosaic/memory';
 import type { EmbeddingProvider } from '@mosaic/memory';

+/**
+ * Create memory tools bound to the session's authenticated userId.
+ *
+ * SECURITY: userId is resolved from the authenticated session at tool-creation
+ * time and is never accepted as a user-supplied or LLM-supplied parameter.
+ * This prevents cross-user data access via parameter injection.
+ */
 export function createMemoryTools(
  memory: Memory,
  embeddingProvider: EmbeddingProvider | null,
+  /** Authenticated user ID from the session. All memory operations are scoped to this user. */
+  sessionUserId: string | undefined,
 ): ToolDefinition[] {
+  /** Return an error result when no session user is bound. */
+  function noUserError() {
+    return {
+      content: [
+        {
+          type: 'text' as const,
+          text: 'Memory tools unavailable — no authenticated user bound to this session',
+        },
+      ],
+      details: undefined,
+    };
+  }
+
  const searchMemory: ToolDefinition = {
    name: 'memory_search',
    label: 'Search Memory',
    description:
      'Search across stored insights and knowledge using natural language. Returns semantically similar results.',
    parameters: Type.Object({
-      userId: Type.String({ description: 'User ID to search memory for' }),
      query: Type.String({ description: 'Natural language search query' }),
      limit: Type.Optional(Type.Number({ description: 'Max results (default 5)' })),
    }),
    async execute(_toolCallId, params) {
-      const { userId, query, limit } = params as {
-        userId: string;
+      if (!sessionUserId) return noUserError();
+
+      const { query, limit } = params as {
        query: string;
        limit?: number;
      };
@@ -37,7 +59,7 @@ export function createMemoryTools(
      }

      const embedding = await embeddingProvider.embed(query);
-      const results = await memory.insights.searchByEmbedding(userId, embedding, limit ?? 5);
+      const results = await memory.insights.searchByEmbedding(sessionUserId, embedding, limit ?? 5);
      return {
        content: [{ type: 'text' as const, text: JSON.stringify(results, null, 2) }],
        details: undefined,
@@ -48,9 +70,8 @@ export function createMemoryTools(
  const getPreferences: ToolDefinition = {
    name: 'memory_get_preferences',
    label: 'Get User Preferences',
-    description: 'Retrieve stored preferences for a user.',
+    description: 'Retrieve stored preferences for the current session user.',
    parameters: Type.Object({
-      userId: Type.String({ description: 'User ID' }),
      category: Type.Optional(
        Type.String({
          description: 'Filter by category: communication, coding, workflow, appearance, general',
@@ -58,11 +79,13 @@ export function createMemoryTools(
      ),
    }),
    async execute(_toolCallId, params) {
-      const { userId, category } = params as { userId: string; category?: string };
+      if (!sessionUserId) return noUserError();
+
+      const { category } = params as { category?: string };
      type Cat = 'communication' | 'coding' | 'workflow' | 'appearance' | 'general';
      const prefs = category
-        ? await memory.preferences.findByUserAndCategory(userId, category as Cat)
-        : await memory.preferences.findByUser(userId);
+        ? await memory.preferences.findByUserAndCategory(sessionUserId, category as Cat)
+        : await memory.preferences.findByUser(sessionUserId);
      return {
        content: [{ type: 'text' as const, text: JSON.stringify(prefs, null, 2) }],
        details: undefined,
@@ -76,7 +99,6 @@ export function createMemoryTools(
    description:
      'Store a learned user preference (e.g., "prefers tables over paragraphs", "timezone: America/Chicago").',
    parameters: Type.Object({
-      userId: Type.String({ description: 'User ID' }),
      key: Type.String({ description: 'Preference key' }),
      value: Type.String({ description: 'Preference value (JSON string)' }),
      category: Type.Optional(
@@ -86,8 +108,9 @@ export function createMemoryTools(
      ),
    }),
    async execute(_toolCallId, params) {
-      const { userId, key, value, category } = params as {
-        userId: string;
+      if (!sessionUserId) return noUserError();
+
+      const { key, value, category } = params as {
        key: string;
        value: string;
        category?: string;
@@ -100,7 +123,7 @@ export function createMemoryTools(
        parsedValue = value;
      }
      const pref = await memory.preferences.upsert({
-        userId,
+        userId: sessionUserId,
        key,
        value: parsedValue,
        category: (category as Cat) ?? 'general',
@@ -119,7 +142,6 @@ export function createMemoryTools(
    description:
      'Store a learned insight, decision, or knowledge extracted from the current interaction.',
    parameters: Type.Object({
-      userId: Type.String({ description: 'User ID' }),
      content: Type.String({ description: 'The insight or knowledge to store' }),
      category: Type.Optional(
        Type.String({
@@ -128,8 +150,9 @@ export function createMemoryTools(
      ),
    }),
    async execute(_toolCallId, params) {
-      const { userId, content, category } = params as {
-        userId: string;
+      if (!sessionUserId) return noUserError();
+
+      const { content, category } = params as {
        content: string;
        category?: string;
      };
@@ -141,7 +164,7 @@ export function createMemoryTools(
      }

      const insight = await memory.insights.create({
-        userId,
+        userId: sessionUserId,
        content,
        embedding,
        source: 'agent',
--- a/apps/gateway/src/agent/tools/path-guard.test.ts
+++ b/apps/gateway/src/agent/tools/path-guard.test.ts
@@ -0,0 +1,104 @@
+import { describe, it, expect } from 'vitest';
+import { guardPath, guardPathUnsafe, SandboxEscapeError } from './path-guard.js';
+import path from 'node:path';
+import os from 'node:os';
+import fs from 'node:fs';
+
+describe('guardPathUnsafe', () => {
+  const sandbox = '/tmp/test-sandbox';
+
+  it('allows paths inside sandbox', () => {
+    const result = guardPathUnsafe('foo/bar.txt', sandbox);
+    expect(result).toBe(path.resolve(sandbox, 'foo/bar.txt'));
+  });
+
+  it('allows sandbox root itself', () => {
+    const result = guardPathUnsafe('.', sandbox);
+    expect(result).toBe(path.resolve(sandbox));
+  });
+
+  it('rejects path traversal with ../', () => {
+    expect(() => guardPathUnsafe('../escape.txt', sandbox)).toThrow(SandboxEscapeError);
+  });
+
+  it('rejects absolute path outside sandbox', () => {
+    expect(() => guardPathUnsafe('/etc/passwd', sandbox)).toThrow(SandboxEscapeError);
+  });
+
+  it('rejects deeply nested traversal', () => {
+    expect(() => guardPathUnsafe('a/b/../../../../../../etc/passwd', sandbox)).toThrow(
+      SandboxEscapeError,
+    );
+  });
+
+  it('rejects path that starts with sandbox name but is sibling', () => {
+    expect(() => guardPathUnsafe('/tmp/test-sandbox-evil/file.txt', sandbox)).toThrow(
+      SandboxEscapeError,
+    );
+  });
+
+  it('returns the resolved absolute path for nested paths', () => {
+    const result = guardPathUnsafe('deep/nested/file.ts', sandbox);
+    expect(result).toBe('/tmp/test-sandbox/deep/nested/file.ts');
+  });
+
+  it('SandboxEscapeError includes the user path and sandbox in message', () => {
+    let caught: unknown;
+    try {
+      guardPathUnsafe('../escape.txt', sandbox);
+    } catch (err) {
+      caught = err;
+    }
+    expect(caught).toBeInstanceOf(SandboxEscapeError);
+    const e = caught as SandboxEscapeError;
+    expect(e.userPath).toBe('../escape.txt');
+    expect(e.sandboxDir).toBe(sandbox);
+    expect(e.message).toContain('Path escape attempt blocked');
+  });
+});
+
+describe('guardPath', () => {
+  let tmpDir: string;
+
+  it('allows an existing path inside a real temp sandbox', () => {
+    tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'path-guard-test-'));
+    try {
+      const subdir = path.join(tmpDir, 'subdir');
+      fs.mkdirSync(subdir);
+      const result = guardPath('subdir', tmpDir);
+      expect(result).toBe(subdir);
+    } finally {
+      fs.rmSync(tmpDir, { recursive: true, force: true });
+    }
+  });
+
+  it('allows sandbox root itself', () => {
+    tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'path-guard-test-'));
+    try {
+      const result = guardPath('.', tmpDir);
+      // realpathSync resolves the tmpdir symlinks (macOS /var -> /private/var)
+      const realTmp = fs.realpathSync.native(tmpDir);
+      expect(result).toBe(realTmp);
+    } finally {
+      fs.rmSync(tmpDir, { recursive: true, force: true });
+    }
+  });
+
+  it('rejects path traversal with ../ on existing sandbox', () => {
+    tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'path-guard-test-'));
+    try {
+      expect(() => guardPath('../escape', tmpDir)).toThrow(SandboxEscapeError);
+    } finally {
+      fs.rmSync(tmpDir, { recursive: true, force: true });
+    }
+  });
+
+  it('rejects absolute path outside sandbox', () => {
+    tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'path-guard-test-'));
+    try {
+      expect(() => guardPath('/etc/passwd', tmpDir)).toThrow(SandboxEscapeError);
+    } finally {
+      fs.rmSync(tmpDir, { recursive: true, force: true });
+    }
+  });
+});
--- a/apps/gateway/src/agent/tools/path-guard.ts
+++ b/apps/gateway/src/agent/tools/path-guard.ts
@@ -0,0 +1,58 @@
+import path from 'node:path';
+import fs from 'node:fs';
+
+/**
+ * Resolves a user-provided path and verifies it is inside the allowed sandbox directory.
+ * Throws SandboxEscapeError if the resolved path is outside the sandbox.
+ *
+ * Uses realpathSync to resolve symlinks in the sandbox root. The user-supplied path
+ * is checked for containment AFTER lexical resolution but BEFORE resolving any symlinks
+ * within the user path — so symlink escape attempts are caught too.
+ *
+ * @param userPath - The path provided by the agent (may be relative or absolute)
+ * @param sandboxDir - The allowed root directory (already validated on session creation)
+ * @returns The resolved absolute path, guaranteed to be within sandboxDir
+ */
+export function guardPath(userPath: string, sandboxDir: string): string {
+  const resolved = path.resolve(sandboxDir, userPath);
+  const sandboxResolved = fs.realpathSync.native(sandboxDir);
+
+  // Normalize both paths to resolve any symlinks in the sandbox root itself.
+  // For the user path, we check containment BEFORE resolving symlinks in the path
+  // (so we catch symlink escape attempts too — the resolved path must still be under sandbox)
+  if (!resolved.startsWith(sandboxResolved + path.sep) && resolved !== sandboxResolved) {
+    throw new SandboxEscapeError(userPath, sandboxDir, resolved);
+  }
+
+  return resolved;
+}
+
+/**
+ * Validates a path without resolving symlinks in the user-provided portion.
+ * Use for paths that may not exist yet (creates, writes).
+ *
+ * Performs a lexical containment check only using path.resolve.
+ */
+export function guardPathUnsafe(userPath: string, sandboxDir: string): string {
+  const resolved = path.resolve(sandboxDir, userPath);
+  const sandboxAbs = path.resolve(sandboxDir);
+
+  if (!resolved.startsWith(sandboxAbs + path.sep) && resolved !== sandboxAbs) {
+    throw new SandboxEscapeError(userPath, sandboxDir, resolved);
+  }
+
+  return resolved;
+}
+
+export class SandboxEscapeError extends Error {
+  constructor(
+    public readonly userPath: string,
+    public readonly sandboxDir: string,
+    public readonly resolvedPath: string,
+  ) {
+    super(
+      `Path escape attempt blocked: "${userPath}" resolves to "${resolvedPath}" which is outside sandbox "${sandboxDir}"`,
+    );
+    this.name = 'SandboxEscapeError';
+  }
+}
--- a/apps/gateway/src/agent/tools/shell-tools.ts
+++ b/apps/gateway/src/agent/tools/shell-tools.ts
@@ -1,7 +1,7 @@
 import { Type } from '@sinclair/typebox';
 import type { ToolDefinition } from '@mariozechner/pi-coding-agent';
 import { spawn } from 'node:child_process';
-import { resolve, relative } from 'node:path';
+import { guardPath, SandboxEscapeError } from './path-guard.js';

 const DEFAULT_TIMEOUT_MS = 30_000;
 const MAX_OUTPUT_BYTES = 100 * 1024; // 100 KB
@@ -68,22 +68,6 @@ function extractBaseCommand(command: string): string {
  return firstToken.split('/').pop() ?? firstToken;
 }

-/**
- * Clamp a user-supplied cwd to within the sandbox directory.
- * If the resolved path escapes the sandbox (via ../ or absolute path outside),
- * falls back to the sandbox directory itself.
- */
-function clampCwd(sandboxDir: string, requestedCwd?: string): string {
-  if (!requestedCwd) return sandboxDir;
-  const resolved = resolve(sandboxDir, requestedCwd);
-  const rel = relative(sandboxDir, resolved);
-  if (rel.startsWith('..') || rel.startsWith('/')) {
-    // Escape attempt — fall back to sandbox root
-    return sandboxDir;
-  }
-  return resolved;
-}
-
 function runCommand(
  command: string,
  options: { timeoutMs: number; cwd?: string },
@@ -185,7 +169,21 @@ export function createShellTools(sandboxDir?: string): ToolDefinition[] {
      }

      const timeoutMs = Math.min(timeout ?? DEFAULT_TIMEOUT_MS, 60_000);
-      const safeCwd = clampCwd(defaultCwd, cwd);
+      let safeCwd: string;
+      try {
+        safeCwd = guardPath(cwd ?? '.', defaultCwd);
+      } catch (err) {
+        if (err instanceof SandboxEscapeError) {
+          return {
+            content: [{ type: 'text' as const, text: `Error: ${err.message}` }],
+            details: undefined,
+          };
+        }
+        return {
+          content: [{ type: 'text' as const, text: `Error: ${String(err)}` }],
+          details: undefined,
+        };
+      }

      const result = await runCommand(command, {
        timeoutMs,
--- a/apps/gateway/src/app.module.ts
+++ b/apps/gateway/src/app.module.ts
@@ -17,6 +17,11 @@ import { SkillsModule } from './skills/skills.module.js';
 import { PluginModule } from './plugin/plugin.module.js';
 import { McpModule } from './mcp/mcp.module.js';
 import { AdminModule } from './admin/admin.module.js';
+import { CommandsModule } from './commands/commands.module.js';
+import { PreferencesModule } from './preferences/preferences.module.js';
+import { GCModule } from './gc/gc.module.js';
+import { ReloadModule } from './reload/reload.module.js';
+import { WorkspaceModule } from './workspace/workspace.module.js';
 import { ThrottlerGuard, ThrottlerModule } from '@nestjs/throttler';

@Module({
@@ -38,6 +43,11 @@ import { ThrottlerGuard, ThrottlerModule } from '@nestjs/throttler';
    PluginModule,
    McpModule,
    AdminModule,
+    PreferencesModule,
+    CommandsModule,
+    GCModule,
+    ReloadModule,
+    WorkspaceModule,
  ],
  controllers: [HealthController],
  providers: [
--- a/apps/gateway/src/auth/auth.module.ts
+++ b/apps/gateway/src/auth/auth.module.ts
@@ -3,9 +3,11 @@ import { createAuth, type Auth } from '@mosaic/auth';
 import type { Db } from '@mosaic/db';
 import { DB } from '../database/database.module.js';
 import { AUTH } from './auth.tokens.js';
+import { SsoController } from './sso.controller.js';

@Global()
@Module({
+  controllers: [SsoController],
  providers: [
    {
      provide: AUTH,
--- a/apps/gateway/src/auth/sso.controller.spec.ts
+++ b/apps/gateway/src/auth/sso.controller.spec.ts
@@ -0,0 +1,40 @@
+import { afterEach, describe, expect, it, vi } from 'vitest';
+import { SsoController } from './sso.controller.js';
+
+describe('SsoController', () => {
+  afterEach(() => {
+    vi.unstubAllEnvs();
+  });
+
+  it('lists configured OIDC providers', () => {
+    vi.stubEnv('WORKOS_CLIENT_ID', 'workos-client');
+    vi.stubEnv('WORKOS_CLIENT_SECRET', 'workos-secret');
+    vi.stubEnv('WORKOS_ISSUER', 'https://auth.workos.com/sso/client_123');
+
+    const controller = new SsoController();
+    const providers = controller.list();
+
+    expect(providers.find((provider) => provider.id === 'workos')).toMatchObject({
+      configured: true,
+      loginMode: 'oidc',
+      callbackPath: '/api/auth/oauth2/callback/workos',
+      teamSync: { enabled: true, claim: 'organization_id' },
+    });
+  });
+
+  it('prefers SAML fallback for Keycloak when only the SAML login URL is configured', () => {
+    vi.stubEnv('KEYCLOAK_SAML_LOGIN_URL', 'https://sso.example.com/realms/mosaic/protocol/saml');
+
+    const controller = new SsoController();
+    const providers = controller.list();
+
+    expect(providers.find((provider) => provider.id === 'keycloak')).toMatchObject({
+      configured: true,
+      loginMode: 'saml',
+      samlFallback: {
+        configured: true,
+        loginUrl: 'https://sso.example.com/realms/mosaic/protocol/saml',
+      },
+    });
+  });
+});
--- a/apps/gateway/src/auth/sso.controller.ts
+++ b/apps/gateway/src/auth/sso.controller.ts
@@ -0,0 +1,10 @@
+import { Controller, Get } from '@nestjs/common';
+import { buildSsoDiscovery, type SsoProviderDiscovery } from '@mosaic/auth';
+
+@Controller('api/sso/providers')
+export class SsoController {
+  @Get()
+  list(): SsoProviderDiscovery[] {
+    return buildSsoDiscovery();
+  }
+}
--- a/apps/gateway/src/chat/chat.dto.ts
+++ b/apps/gateway/src/chat/chat.dto.ts
@@ -28,4 +28,8 @@ export class ChatSocketMessageDto {
  @IsString()
  @MaxLength(255)
  modelId?: string;
+
+  @IsOptional()
+  @IsUUID()
+  agentId?: string;
 }
--- a/apps/gateway/src/chat/chat.gateway.ts
+++ b/apps/gateway/src/chat/chat.gateway.ts
@@ -12,12 +12,29 @@ import {
 import { Server, Socket } from 'socket.io';
 import type { AgentSessionEvent } from '@mariozechner/pi-coding-agent';
 import type { Auth } from '@mosaic/auth';
-import { AgentService } from '../agent/agent.service.js';
+import type { Brain } from '@mosaic/brain';
+import type { SetThinkingPayload, SlashCommandPayload, SystemReloadPayload } from '@mosaic/types';
+import { AgentService, type ConversationHistoryMessage } from '../agent/agent.service.js';
 import { AUTH } from '../auth/auth.tokens.js';
+import { BRAIN } from '../brain/brain.tokens.js';
+import { CommandRegistryService } from '../commands/command-registry.service.js';
+import { CommandExecutorService } from '../commands/command-executor.service.js';
 import { v4 as uuid } from 'uuid';
 import { ChatSocketMessageDto } from './chat.dto.js';
 import { validateSocketSession } from './chat.gateway-auth.js';

+/** Per-client state tracking streaming accumulation for persistence. */
+interface ClientSession {
+  conversationId: string;
+  cleanup: () => void;
+  /** Accumulated assistant response text for the current turn. */
+  assistantText: string;
+  /** Tool calls observed during the current turn. */
+  toolCalls: Array<{ toolCallId: string; toolName: string; args: unknown; isError: boolean }>;
+  /** Tool calls in-flight (started but not ended yet). */
+  pendingToolCalls: Map<string, { toolName: string; args: unknown }>;
+}
+
@WebSocketGateway({
  cors: {
    origin: process.env['GATEWAY_CORS_ORIGIN'] ?? 'http://localhost:3000',
@@ -29,14 +46,14 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
  server!: Server;

  private readonly logger = new Logger(ChatGateway.name);
-  private readonly clientSessions = new Map<
-    string,
-    { conversationId: string; cleanup: () => void }
-  >();
+  private readonly clientSessions = new Map<string, ClientSession>();

  constructor(
    @Inject(AgentService) private readonly agentService: AgentService,
    @Inject(AUTH) private readonly auth: Auth,
+    @Inject(BRAIN) private readonly brain: Brain,
+    @Inject(CommandRegistryService) private readonly commandRegistry: CommandRegistryService,
+    @Inject(CommandExecutorService) private readonly commandExecutor: CommandExecutorService,
  ) {}

  afterInit(): void {
@@ -54,6 +71,9 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
    client.data.user = session.user;
    client.data.session = session.session;
    this.logger.log(`Client connected: ${client.id}`);
+
+    // Broadcast command manifest to the newly connected client
+    client.emit('commands:manifest', { manifest: this.commandRegistry.getManifest() });
  }

  handleDisconnect(client: Socket): void {
@@ -72,6 +92,7 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
    @MessageBody() data: ChatSocketMessageDto,
  ): Promise<void> {
    const conversationId = data.conversationId ?? uuid();
+    const userId = (client.data.user as { id: string } | undefined)?.id;

    this.logger.log(`Message from ${client.id} in conversation ${conversationId}`);

@@ -79,10 +100,22 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
    try {
      let agentSession = this.agentService.getSession(conversationId);
      if (!agentSession) {
+        // When resuming an existing conversation, load prior messages to inject as context (M1-004)
+        const conversationHistory = await this.loadConversationHistory(conversationId, userId);
+
        agentSession = await this.agentService.createSession(conversationId, {
          provider: data.provider,
          modelId: data.modelId,
+          agentConfigId: data.agentId,
+          userId,
+          conversationHistory: conversationHistory.length > 0 ? conversationHistory : undefined,
        });
+
+        if (conversationHistory.length > 0) {
+          this.logger.log(
+            `Loaded ${conversationHistory.length} prior messages for conversation=${conversationId}`,
+          );
+        }
      }
    } catch (err) {
      this.logger.error(
@@ -96,6 +129,33 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
      return;
    }

+    // Ensure conversation record exists in the DB before persisting messages
+    if (userId) {
+      await this.ensureConversation(conversationId, userId);
+    }
+
+    // Persist the user message
+    if (userId) {
+      try {
+        await this.brain.conversations.addMessage(
+          {
+            conversationId,
+            role: 'user',
+            content: data.content,
+            metadata: {
+              timestamp: new Date().toISOString(),
+            },
+          },
+          userId,
+        );
+      } catch (err) {
+        this.logger.error(
+          `Failed to persist user message for conversation=${conversationId}`,
+          err instanceof Error ? err.stack : String(err),
+        );
+      }
+    }
+
    // Always clean up previous listener to prevent leak
    const existing = this.clientSessions.get(client.id);
    if (existing) {
@@ -107,11 +167,32 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
      this.relayEvent(client, conversationId, event);
    });

-    this.clientSessions.set(client.id, { conversationId, cleanup });
+    this.clientSessions.set(client.id, {
+      conversationId,
+      cleanup,
+      assistantText: '',
+      toolCalls: [],
+      pendingToolCalls: new Map(),
+    });

    // Track channel connection
    this.agentService.addChannel(conversationId, `websocket:${client.id}`);

+    // Send session info so the client knows the model/provider
+    {
+      const agentSession = this.agentService.getSession(conversationId);
+      if (agentSession) {
+        const piSession = agentSession.piSession;
+        client.emit('session:info', {
+          conversationId,
+          provider: agentSession.provider,
+          modelId: agentSession.modelId,
+          thinkingLevel: piSession.thinkingLevel,
+          availableThinkingLevels: piSession.getAvailableThinkingLevels(),
+        });
+      }
+    }
+
    // Send acknowledgment
    client.emit('message:ack', { conversationId, messageId: uuid() });

@@ -130,6 +211,109 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
    }
  }

+  @SubscribeMessage('set:thinking')
+  handleSetThinking(
+    @ConnectedSocket() client: Socket,
+    @MessageBody() data: SetThinkingPayload,
+  ): void {
+    const session = this.agentService.getSession(data.conversationId);
+    if (!session) {
+      client.emit('error', {
+        conversationId: data.conversationId,
+        error: 'No active session for this conversation.',
+      });
+      return;
+    }
+
+    const validLevels = session.piSession.getAvailableThinkingLevels();
+    if (!validLevels.includes(data.level as never)) {
+      client.emit('error', {
+        conversationId: data.conversationId,
+        error: `Invalid thinking level "${data.level}". Available: ${validLevels.join(', ')}`,
+      });
+      return;
+    }
+
+    session.piSession.setThinkingLevel(data.level as never);
+    this.logger.log(
+      `Thinking level set to "${data.level}" for conversation ${data.conversationId}`,
+    );
+
+    client.emit('session:info', {
+      conversationId: data.conversationId,
+      provider: session.provider,
+      modelId: session.modelId,
+      thinkingLevel: session.piSession.thinkingLevel,
+      availableThinkingLevels: session.piSession.getAvailableThinkingLevels(),
+    });
+  }
+
+  @SubscribeMessage('command:execute')
+  async handleCommandExecute(
+    @ConnectedSocket() client: Socket,
+    @MessageBody() payload: SlashCommandPayload,
+  ): Promise<void> {
+    const userId = (client.data.user as { id: string } | undefined)?.id ?? 'unknown';
+    const result = await this.commandExecutor.execute(payload, userId);
+    client.emit('command:result', result);
+  }
+
+  broadcastReload(payload: SystemReloadPayload): void {
+    this.server.emit('system:reload', payload);
+    this.logger.log('Broadcasted system:reload to all connected clients');
+  }
+
+  /**
+   * Ensure a conversation record exists in the DB.
+   * Creates it if absent — safe to call concurrently since a duplicate insert
+   * would fail on the PK constraint and be caught here.
+   */
+  private async ensureConversation(conversationId: string, userId: string): Promise<void> {
+    try {
+      const existing = await this.brain.conversations.findById(conversationId, userId);
+      if (!existing) {
+        await this.brain.conversations.create({
+          id: conversationId,
+          userId,
+        });
+      }
+    } catch (err) {
+      this.logger.error(
+        `Failed to ensure conversation record for conversation=${conversationId}`,
+        err instanceof Error ? err.stack : String(err),
+      );
+    }
+  }
+
+  /**
+   * Load prior conversation messages from DB for context injection on session resume (M1-004).
+   * Returns an empty array when no history exists, the conversation is not owned by the user,
+   * or userId is not provided.
+   */
+  private async loadConversationHistory(
+    conversationId: string,
+    userId: string | undefined,
+  ): Promise<ConversationHistoryMessage[]> {
+    if (!userId) return [];
+
+    try {
+      const messages = await this.brain.conversations.findMessages(conversationId, userId);
+      if (messages.length === 0) return [];
+
+      return messages.map((msg) => ({
+        role: msg.role as 'user' | 'assistant' | 'system',
+        content: msg.content,
+        createdAt: msg.createdAt,
+      }));
+    } catch (err) {
+      this.logger.error(
+        `Failed to load conversation history for conversation=${conversationId}`,
+        err instanceof Error ? err.stack : String(err),
+      );
+      return [];
+    }
+  }
+
  private relayEvent(client: Socket, conversationId: string, event: AgentSessionEvent): void {
    if (!client.connected) {
      this.logger.warn(
@@ -139,17 +323,98 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
    }

    switch (event.type) {
-      case 'agent_start':
+      case 'agent_start': {
+        // Reset accumulation buffers for the new turn
+        const cs = this.clientSessions.get(client.id);
+        if (cs) {
+          cs.assistantText = '';
+          cs.toolCalls = [];
+          cs.pendingToolCalls.clear();
+        }
        client.emit('agent:start', { conversationId });
        break;
+      }

-      case 'agent_end':
-        client.emit('agent:end', { conversationId });
+      case 'agent_end': {
+        // Gather usage stats from the Pi session
+        const agentSession = this.agentService.getSession(conversationId);
+        const piSession = agentSession?.piSession;
+        const stats = piSession?.getSessionStats();
+        const contextUsage = piSession?.getContextUsage();
+
+        const usagePayload = stats
+          ? {
+              provider: agentSession?.provider ?? 'unknown',
+              modelId: agentSession?.modelId ?? 'unknown',
+              thinkingLevel: piSession?.thinkingLevel ?? 'off',
+              tokens: stats.tokens,
+              cost: stats.cost,
+              context: {
+                percent: contextUsage?.percent ?? null,
+                window: contextUsage?.contextWindow ?? 0,
+              },
+            }
+          : undefined;
+
+        client.emit('agent:end', {
+          conversationId,
+          usage: usagePayload,
+        });
+
+        // Persist the assistant message with metadata
+        const cs = this.clientSessions.get(client.id);
+        const userId = (client.data.user as { id: string } | undefined)?.id;
+        if (cs && userId && cs.assistantText.trim().length > 0) {
+          const metadata: Record<string, unknown> = {
+            timestamp: new Date().toISOString(),
+            model: agentSession?.modelId ?? 'unknown',
+            provider: agentSession?.provider ?? 'unknown',
+            toolCalls: cs.toolCalls,
+          };
+
+          if (stats?.tokens) {
+            metadata['tokenUsage'] = {
+              input: stats.tokens.input,
+              output: stats.tokens.output,
+              cacheRead: stats.tokens.cacheRead,
+              cacheWrite: stats.tokens.cacheWrite,
+              total: stats.tokens.total,
+            };
+          }
+
+          this.brain.conversations
+            .addMessage(
+              {
+                conversationId,
+                role: 'assistant',
+                content: cs.assistantText,
+                metadata,
+              },
+              userId,
+            )
+            .catch((err: unknown) => {
+              this.logger.error(
+                `Failed to persist assistant message for conversation=${conversationId}`,
+                err instanceof Error ? err.stack : String(err),
+              );
+            });
+
+          // Reset accumulation
+          cs.assistantText = '';
+          cs.toolCalls = [];
+          cs.pendingToolCalls.clear();
+        }
        break;
+      }

      case 'message_update': {
        const assistantEvent = event.assistantMessageEvent;
        if (assistantEvent.type === 'text_delta') {
+          // Accumulate assistant text for persistence
+          const cs = this.clientSessions.get(client.id);
+          if (cs) {
+            cs.assistantText += assistantEvent.delta;
+          }
          client.emit('agent:text', {
            conversationId,
            text: assistantEvent.delta,
@@ -163,15 +428,36 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
        break;
      }

-      case 'tool_execution_start':
+      case 'tool_execution_start': {
+        // Track pending tool call for later recording
+        const cs = this.clientSessions.get(client.id);
+        if (cs) {
+          cs.pendingToolCalls.set(event.toolCallId, {
+            toolName: event.toolName,
+            args: event.args,
+          });
+        }
        client.emit('agent:tool:start', {
          conversationId,
          toolCallId: event.toolCallId,
          toolName: event.toolName,
        });
        break;
+      }

-      case 'tool_execution_end':
+      case 'tool_execution_end': {
+        // Finalise tool call record
+        const cs = this.clientSessions.get(client.id);
+        if (cs) {
+          const pending = cs.pendingToolCalls.get(event.toolCallId);
+          cs.toolCalls.push({
+            toolCallId: event.toolCallId,
+            toolName: event.toolName,
+            args: pending?.args ?? null,
+            isError: event.isError,
+          });
+          cs.pendingToolCalls.delete(event.toolCallId);
+        }
        client.emit('agent:tool:end', {
          conversationId,
          toolCallId: event.toolCallId,
@@ -182,3 +468,4 @@ export class ChatGateway implements OnGatewayInit, OnGatewayConnection, OnGatewa
      }
    }
  }
+}
--- a/apps/gateway/src/chat/chat.module.ts
+++ b/apps/gateway/src/chat/chat.module.ts
@@ -1,9 +1,12 @@
-import { Module } from '@nestjs/common';
+import { forwardRef, Module } from '@nestjs/common';
+import { CommandsModule } from '../commands/commands.module.js';
 import { ChatGateway } from './chat.gateway.js';
 import { ChatController } from './chat.controller.js';

@Module({
+  imports: [forwardRef(() => CommandsModule)],
  controllers: [ChatController],
  providers: [ChatGateway],
+  exports: [ChatGateway],
 })
 export class ChatModule {}
--- a/apps/gateway/src/commands/command-executor-p8012.spec.ts
+++ b/apps/gateway/src/commands/command-executor-p8012.spec.ts
@@ -0,0 +1,213 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { CommandExecutorService } from './command-executor.service.js';
+import type { SlashCommandPayload } from '@mosaic/types';
+
+// Minimal mock implementations
+const mockRegistry = {
+  getManifest: vi.fn(() => ({
+    version: 1,
+    commands: [
+      { name: 'provider', aliases: [], scope: 'agent', execution: 'hybrid', available: true },
+      { name: 'mission', aliases: [], scope: 'agent', execution: 'socket', available: true },
+      { name: 'agent', aliases: ['a'], scope: 'agent', execution: 'socket', available: true },
+      { name: 'prdy', aliases: [], scope: 'agent', execution: 'socket', available: true },
+      { name: 'tools', aliases: [], scope: 'agent', execution: 'socket', available: true },
+    ],
+    skills: [],
+  })),
+};
+
+const mockAgentService = {
+  getSession: vi.fn(() => undefined),
+};
+
+const mockSystemOverride = {
+  set: vi.fn(),
+  get: vi.fn(),
+  clear: vi.fn(),
+  renew: vi.fn(),
+};
+
+const mockSessionGC = {
+  sweepOrphans: vi.fn(() => ({ orphanedSessions: 0, totalCleaned: [], duration: 0 })),
+};
+
+const mockRedis = {
+  set: vi.fn().mockResolvedValue('OK'),
+  get: vi.fn(),
+  del: vi.fn(),
+};
+
+function buildService(): CommandExecutorService {
+  return new CommandExecutorService(
+    mockRegistry as never,
+    mockAgentService as never,
+    mockSystemOverride as never,
+    mockSessionGC as never,
+    mockRedis as never,
+    null,
+    null,
+  );
+}
+
+describe('CommandExecutorService — P8-012 commands', () => {
+  let service: CommandExecutorService;
+  const userId = 'user-123';
+  const conversationId = 'conv-456';
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+    service = buildService();
+  });
+
+  // /provider login — missing provider name
+  it('/provider login with no provider name returns usage error', async () => {
+    const payload: SlashCommandPayload = { command: 'provider', args: 'login', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(false);
+    expect(result.message).toContain('Usage: /provider login');
+    expect(result.command).toBe('provider');
+  });
+
+  // /provider login anthropic — success with URL containing poll token
+  it('/provider login <name> returns success with URL and poll token', async () => {
+    const payload: SlashCommandPayload = {
+      command: 'provider',
+      args: 'login anthropic',
+      conversationId,
+    };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.command).toBe('provider');
+    expect(result.message).toContain('anthropic');
+    expect(result.message).toContain('http');
+    // data should contain loginUrl and pollToken
+    expect(result.data).toBeDefined();
+    const data = result.data as Record<string, unknown>;
+    expect(typeof data['loginUrl']).toBe('string');
+    expect(typeof data['pollToken']).toBe('string');
+    expect(data['loginUrl'] as string).toContain('anthropic');
+    expect(data['loginUrl'] as string).toContain(data['pollToken'] as string);
+    // Verify Valkey was called
+    expect(mockRedis.set).toHaveBeenCalledOnce();
+    const [key, value, , ttl] = mockRedis.set.mock.calls[0] as [string, string, string, number];
+    expect(key).toContain('mosaic:auth:poll:');
+    const stored = JSON.parse(value) as { status: string; provider: string; userId: string };
+    expect(stored.status).toBe('pending');
+    expect(stored.provider).toBe('anthropic');
+    expect(stored.userId).toBe(userId);
+    expect(ttl).toBe(300);
+  });
+
+  // /provider with no args — returns usage
+  it('/provider with no args returns usage message', async () => {
+    const payload: SlashCommandPayload = { command: 'provider', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('Usage: /provider');
+  });
+
+  // /provider list
+  it('/provider list returns success', async () => {
+    const payload: SlashCommandPayload = { command: 'provider', args: 'list', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.command).toBe('provider');
+  });
+
+  // /provider logout with no name — usage error
+  it('/provider logout with no name returns error', async () => {
+    const payload: SlashCommandPayload = { command: 'provider', args: 'logout', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(false);
+    expect(result.message).toContain('Usage: /provider logout');
+  });
+
+  // /provider unknown subcommand
+  it('/provider unknown subcommand returns error', async () => {
+    const payload: SlashCommandPayload = {
+      command: 'provider',
+      args: 'unknown',
+      conversationId,
+    };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(false);
+    expect(result.message).toContain('Unknown subcommand');
+  });
+
+  // /mission status
+  it('/mission status returns stub message', async () => {
+    const payload: SlashCommandPayload = { command: 'mission', args: 'status', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.command).toBe('mission');
+    expect(result.message).toContain('Mission status');
+  });
+
+  // /mission with no args
+  it('/mission with no args returns status stub', async () => {
+    const payload: SlashCommandPayload = { command: 'mission', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('Mission status');
+  });
+
+  // /mission set <id>
+  it('/mission set <id> returns confirmation', async () => {
+    const payload: SlashCommandPayload = {
+      command: 'mission',
+      args: 'set my-mission-123',
+      conversationId,
+    };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('my-mission-123');
+  });
+
+  // /agent list
+  it('/agent list returns stub message', async () => {
+    const payload: SlashCommandPayload = { command: 'agent', args: 'list', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.command).toBe('agent');
+    expect(result.message).toContain('agent');
+  });
+
+  // /agent with no args
+  it('/agent with no args returns usage', async () => {
+    const payload: SlashCommandPayload = { command: 'agent', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('Usage: /agent');
+  });
+
+  // /agent <id> — switch
+  it('/agent <id> returns switch confirmation', async () => {
+    const payload: SlashCommandPayload = {
+      command: 'agent',
+      args: 'my-agent-id',
+      conversationId,
+    };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('my-agent-id');
+  });
+
+  // /prdy
+  it('/prdy returns PRD wizard message', async () => {
+    const payload: SlashCommandPayload = { command: 'prdy', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.command).toBe('prdy');
+    expect(result.message).toContain('mosaic prdy');
+  });
+
+  // /tools
+  it('/tools returns tools stub message', async () => {
+    const payload: SlashCommandPayload = { command: 'tools', conversationId };
+    const result = await service.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.command).toBe('tools');
+    expect(result.message).toContain('tools');
+  });
+});
--- a/apps/gateway/src/commands/command-executor.service.ts
+++ b/apps/gateway/src/commands/command-executor.service.ts
@@ -0,0 +1,373 @@
+import { forwardRef, Inject, Injectable, Logger, Optional } from '@nestjs/common';
+import type { QueueHandle } from '@mosaic/queue';
+import type { SlashCommandPayload, SlashCommandResultPayload } from '@mosaic/types';
+import { AgentService } from '../agent/agent.service.js';
+import { ChatGateway } from '../chat/chat.gateway.js';
+import { SessionGCService } from '../gc/session-gc.service.js';
+import { SystemOverrideService } from '../preferences/system-override.service.js';
+import { ReloadService } from '../reload/reload.service.js';
+import { COMMANDS_REDIS } from './commands.tokens.js';
+import { CommandRegistryService } from './command-registry.service.js';
+
+@Injectable()
+export class CommandExecutorService {
+  private readonly logger = new Logger(CommandExecutorService.name);
+
+  constructor(
+    @Inject(CommandRegistryService) private readonly registry: CommandRegistryService,
+    @Inject(AgentService) private readonly agentService: AgentService,
+    @Inject(SystemOverrideService) private readonly systemOverride: SystemOverrideService,
+    @Inject(SessionGCService) private readonly sessionGC: SessionGCService,
+    @Inject(COMMANDS_REDIS) private readonly redis: QueueHandle['redis'],
+    @Optional()
+    @Inject(forwardRef(() => ReloadService))
+    private readonly reloadService: ReloadService | null,
+    @Optional()
+    @Inject(forwardRef(() => ChatGateway))
+    private readonly chatGateway: ChatGateway | null,
+  ) {}
+
+  async execute(payload: SlashCommandPayload, userId: string): Promise<SlashCommandResultPayload> {
+    const { command, args, conversationId } = payload;
+
+    const def = this.registry.getManifest().commands.find((c) => c.name === command);
+    if (!def) {
+      return {
+        command,
+        conversationId,
+        success: false,
+        message: `Unknown command: /${command}`,
+      };
+    }
+
+    try {
+      switch (command) {
+        case 'model':
+          return await this.handleModel(args ?? null, conversationId);
+        case 'thinking':
+          return await this.handleThinking(args ?? null, conversationId);
+        case 'system':
+          return await this.handleSystem(args ?? null, conversationId);
+        case 'new':
+          return {
+            command,
+            conversationId,
+            success: true,
+            message: 'Start a new conversation by selecting New Conversation.',
+          };
+        case 'clear':
+          return {
+            command,
+            conversationId,
+            success: true,
+            message: 'Conversation display cleared.',
+          };
+        case 'compact':
+          return {
+            command,
+            conversationId,
+            success: true,
+            message: 'Context compaction requested.',
+          };
+        case 'retry':
+          return {
+            command,
+            conversationId,
+            success: true,
+            message: 'Retry last message requested.',
+          };
+        case 'gc': {
+          // Admin-only: system-wide GC sweep across all sessions
+          const result = await this.sessionGC.sweepOrphans();
+          return {
+            command: 'gc',
+            success: true,
+            message: `GC sweep complete: ${result.orphanedSessions} orphaned sessions cleaned in ${result.duration}ms.`,
+            conversationId,
+          };
+        }
+        case 'agent':
+          return await this.handleAgent(args ?? null, conversationId);
+        case 'provider':
+          return await this.handleProvider(args ?? null, userId, conversationId);
+        case 'mission':
+          return await this.handleMission(args ?? null, conversationId, userId);
+        case 'prdy':
+          return {
+            command: 'prdy',
+            success: true,
+            message:
+              'PRD wizard: run `mosaic prdy` in your project workspace to create or update a PRD.',
+            conversationId,
+          };
+        case 'tools':
+          return await this.handleTools(conversationId, userId);
+        case 'reload': {
+          if (!this.reloadService) {
+            return {
+              command: 'reload',
+              conversationId,
+              success: false,
+              message: 'ReloadService is not available.',
+            };
+          }
+          const reloadResult = await this.reloadService.reload('command');
+          this.chatGateway?.broadcastReload(reloadResult);
+          return {
+            command: 'reload',
+            success: true,
+            message: reloadResult.message,
+            conversationId,
+          };
+        }
+        default:
+          return {
+            command,
+            conversationId,
+            success: false,
+            message: `Command /${command} is not yet implemented.`,
+          };
+      }
+    } catch (err) {
+      this.logger.error(`Command /${command} failed: ${err}`);
+      return { command, conversationId, success: false, message: String(err) };
+    }
+  }
+
+  private async handleModel(
+    args: string | null,
+    conversationId: string,
+  ): Promise<SlashCommandResultPayload> {
+    if (!args) {
+      return {
+        command: 'model',
+        conversationId,
+        success: true,
+        message: 'Usage: /model <model-name>',
+      };
+    }
+    // Update agent session model if session is active
+    // For now, acknowledge the request — full wiring done in P8-012
+    const session = this.agentService.getSession(conversationId);
+    if (!session) {
+      return {
+        command: 'model',
+        conversationId,
+        success: true,
+        message: `Model switch to "${args}" requested. No active session for this conversation.`,
+      };
+    }
+    return {
+      command: 'model',
+      conversationId,
+      success: true,
+      message: `Model switch to "${args}" requested.`,
+    };
+  }
+
+  private async handleThinking(
+    args: string | null,
+    conversationId: string,
+  ): Promise<SlashCommandResultPayload> {
+    const level = args?.toLowerCase();
+    if (!level || !['none', 'low', 'medium', 'high', 'auto'].includes(level)) {
+      return {
+        command: 'thinking',
+        conversationId,
+        success: true,
+        message: 'Usage: /thinking <none|low|medium|high|auto>',
+      };
+    }
+    return {
+      command: 'thinking',
+      conversationId,
+      success: true,
+      message: `Thinking level set to "${level}".`,
+    };
+  }
+
+  private async handleSystem(
+    args: string | null,
+    conversationId: string,
+  ): Promise<SlashCommandResultPayload> {
+    if (!args || args.trim().length === 0) {
+      // Clear the override when called with no args
+      await this.systemOverride.clear(conversationId);
+      return {
+        command: 'system',
+        conversationId,
+        success: true,
+        message: 'Session system prompt override cleared.',
+      };
+    }
+
+    await this.systemOverride.set(conversationId, args.trim());
+    return {
+      command: 'system',
+      conversationId,
+      success: true,
+      message: `Session system prompt override set (expires in 5 minutes of inactivity).`,
+    };
+  }
+
+  private async handleAgent(
+    args: string | null,
+    conversationId: string,
+  ): Promise<SlashCommandResultPayload> {
+    if (!args) {
+      return {
+        command: 'agent',
+        success: true,
+        message: 'Usage: /agent <agent-id> to switch, or /agent list to see available agents.',
+        conversationId,
+      };
+    }
+
+    if (args === 'list') {
+      return {
+        command: 'agent',
+        success: true,
+        message: 'Agent listing: use the web dashboard for full agent management.',
+        conversationId,
+      };
+    }
+
+    // Switch agent — stub for now (full implementation in P8-015)
+    return {
+      command: 'agent',
+      success: true,
+      message: `Agent switch to "${args}" requested. Restart conversation to apply.`,
+      conversationId,
+    };
+  }
+
+  private async handleProvider(
+    args: string | null,
+    userId: string,
+    conversationId: string,
+  ): Promise<SlashCommandResultPayload> {
+    if (!args) {
+      return {
+        command: 'provider',
+        success: true,
+        message: 'Usage: /provider list | /provider login <name> | /provider logout <name>',
+        conversationId,
+      };
+    }
+
+    const spaceIdx = args.indexOf(' ');
+    const subcommand = spaceIdx >= 0 ? args.slice(0, spaceIdx) : args;
+    const providerName = spaceIdx >= 0 ? args.slice(spaceIdx + 1).trim() : '';
+
+    switch (subcommand) {
+      case 'list':
+        return {
+          command: 'provider',
+          success: true,
+          message: 'Use the web dashboard to manage providers.',
+          conversationId,
+        };
+
+      case 'login': {
+        if (!providerName) {
+          return {
+            command: 'provider',
+            success: false,
+            message: 'Usage: /provider login <provider-name>',
+            conversationId,
+          };
+        }
+        const pollToken = crypto.randomUUID();
+        const key = `mosaic:auth:poll:${pollToken}`;
+        // Store pending state in Valkey (TTL 5 minutes)
+        await this.redis.set(
+          key,
+          JSON.stringify({ status: 'pending', provider: providerName, userId }),
+          'EX',
+          300,
+        );
+        // In production this would construct an OAuth URL
+        const loginUrl = `${process.env['MOSAIC_BASE_URL'] ?? 'http://localhost:3000'}/auth/provider/${providerName}?token=${pollToken}`;
+        return {
+          command: 'provider',
+          success: true,
+          message: `Open this URL to authenticate with ${providerName}:\n${loginUrl}`,
+          conversationId,
+          data: { loginUrl, pollToken, provider: providerName },
+        };
+      }
+
+      case 'logout': {
+        if (!providerName) {
+          return {
+            command: 'provider',
+            success: false,
+            message: 'Usage: /provider logout <provider-name>',
+            conversationId,
+          };
+        }
+        return {
+          command: 'provider',
+          success: true,
+          message: `Logout from ${providerName}: use the web dashboard to revoke provider tokens.`,
+          conversationId,
+        };
+      }
+
+      default:
+        return {
+          command: 'provider',
+          success: false,
+          message: `Unknown subcommand: ${subcommand}. Use list, login, or logout.`,
+          conversationId,
+        };
+    }
+  }
+
+  private async handleMission(
+    args: string | null,
+    conversationId: string,
+    _userId: string,
+  ): Promise<SlashCommandResultPayload> {
+    if (!args || args === 'status') {
+      // TODO: fetch active mission from DB when MissionsService is available
+      return {
+        command: 'mission',
+        success: true,
+        message: 'Mission status: use the web dashboard for full mission management.',
+        conversationId,
+      };
+    }
+
+    if (args.startsWith('set ')) {
+      const missionId = args.slice(4).trim();
+      return {
+        command: 'mission',
+        success: true,
+        message: `Mission set to ${missionId}. Session context updated.`,
+        conversationId,
+      };
+    }
+
+    return {
+      command: 'mission',
+      success: true,
+      message: 'Usage: /mission [status|set <id>|list|tasks]',
+      conversationId,
+    };
+  }
+
+  private async handleTools(
+    conversationId: string,
+    _userId: string,
+  ): Promise<SlashCommandResultPayload> {
+    // TODO: fetch tool list from active agent session
+    return {
+      command: 'tools',
+      success: true,
+      message:
+        'Available tools depend on the active agent configuration. Use the web dashboard to configure tool access.',
+      conversationId,
+    };
+  }
+}
--- a/apps/gateway/src/commands/command-registry.service.spec.ts
+++ b/apps/gateway/src/commands/command-registry.service.spec.ts
@@ -0,0 +1,53 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import { CommandRegistryService } from './command-registry.service.js';
+import type { CommandDef } from '@mosaic/types';
+
+const mockCmd: CommandDef = {
+  name: 'test',
+  description: 'Test command',
+  aliases: ['t'],
+  scope: 'core',
+  execution: 'local',
+  available: true,
+};
+
+describe('CommandRegistryService', () => {
+  let service: CommandRegistryService;
+
+  beforeEach(() => {
+    service = new CommandRegistryService();
+  });
+
+  it('starts with empty manifest', () => {
+    expect(service.getManifest().commands).toHaveLength(0);
+  });
+
+  it('registers a command', () => {
+    service.registerCommand(mockCmd);
+    expect(service.getManifest().commands).toHaveLength(1);
+  });
+
+  it('updates existing command by name', () => {
+    service.registerCommand(mockCmd);
+    service.registerCommand({ ...mockCmd, description: 'Updated' });
+    expect(service.getManifest().commands).toHaveLength(1);
+    expect(service.getManifest().commands[0]?.description).toBe('Updated');
+  });
+
+  it('onModuleInit registers core commands', () => {
+    service.onModuleInit();
+    const manifest = service.getManifest();
+    expect(manifest.commands.length).toBeGreaterThan(5);
+    expect(manifest.commands.some((c) => c.name === 'model')).toBe(true);
+    expect(manifest.commands.some((c) => c.name === 'help')).toBe(true);
+  });
+
+  it('manifest includes skills array', () => {
+    const manifest = service.getManifest();
+    expect(Array.isArray(manifest.skills)).toBe(true);
+  });
+
+  it('manifest version is 1', () => {
+    expect(service.getManifest().version).toBe(1);
+  });
+});
--- a/apps/gateway/src/commands/command-registry.service.ts
+++ b/apps/gateway/src/commands/command-registry.service.ts
@@ -0,0 +1,273 @@
+import { Injectable, type OnModuleInit } from '@nestjs/common';
+import type { CommandDef, CommandManifest } from '@mosaic/types';
+
+@Injectable()
+export class CommandRegistryService implements OnModuleInit {
+  private readonly commands: CommandDef[] = [];
+
+  registerCommand(def: CommandDef): void {
+    const existing = this.commands.findIndex((c) => c.name === def.name);
+    if (existing >= 0) {
+      this.commands[existing] = def;
+    } else {
+      this.commands.push(def);
+    }
+  }
+
+  registerCommands(defs: CommandDef[]): void {
+    for (const def of defs) {
+      this.registerCommand(def);
+    }
+  }
+
+  getManifest(): CommandManifest {
+    return {
+      version: 1,
+      commands: [...this.commands],
+      skills: [],
+    };
+  }
+
+  onModuleInit(): void {
+    this.registerCommands([
+      {
+        name: 'model',
+        description: 'Switch the active model',
+        aliases: ['m'],
+        args: [
+          {
+            name: 'model-name',
+            type: 'string',
+            optional: false,
+            description: 'Model name to switch to',
+          },
+        ],
+        scope: 'core',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'thinking',
+        description: 'Set thinking level (none/low/medium/high/auto)',
+        aliases: ['t'],
+        args: [
+          {
+            name: 'level',
+            type: 'enum',
+            optional: false,
+            values: ['none', 'low', 'medium', 'high', 'auto'],
+            description: 'Thinking level',
+          },
+        ],
+        scope: 'core',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'new',
+        description: 'Start a new conversation',
+        aliases: ['n'],
+        scope: 'core',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'clear',
+        description: 'Clear conversation context and GC session artifacts',
+        aliases: [],
+        scope: 'core',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'compact',
+        description: 'Request context compaction',
+        aliases: [],
+        scope: 'core',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'retry',
+        description: 'Retry the last message',
+        aliases: [],
+        scope: 'core',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'rename',
+        description: 'Rename current conversation',
+        aliases: [],
+        args: [
+          { name: 'name', type: 'string', optional: false, description: 'New conversation name' },
+        ],
+        scope: 'core',
+        execution: 'rest',
+        available: true,
+      },
+      {
+        name: 'history',
+        description: 'Show conversation history',
+        aliases: [],
+        args: [
+          {
+            name: 'limit',
+            type: 'string',
+            optional: true,
+            description: 'Number of messages to show',
+          },
+        ],
+        scope: 'core',
+        execution: 'rest',
+        available: true,
+      },
+      {
+        name: 'export',
+        description: 'Export conversation to markdown or JSON',
+        aliases: [],
+        args: [
+          {
+            name: 'format',
+            type: 'enum',
+            optional: true,
+            values: ['md', 'json'],
+            description: 'Export format',
+          },
+        ],
+        scope: 'core',
+        execution: 'rest',
+        available: true,
+      },
+      {
+        name: 'preferences',
+        description: 'View or set user preferences',
+        aliases: ['pref'],
+        args: [
+          {
+            name: 'action',
+            type: 'enum',
+            optional: true,
+            values: ['show', 'set', 'reset'],
+            description: 'Action to perform',
+          },
+        ],
+        scope: 'core',
+        execution: 'rest',
+        available: true,
+      },
+      {
+        name: 'system',
+        description: 'Set session-scoped system prompt override',
+        aliases: [],
+        args: [
+          {
+            name: 'override',
+            type: 'string',
+            optional: false,
+            description: 'System prompt text to inject for this session',
+          },
+        ],
+        scope: 'core',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'status',
+        description: 'Show session and connection status',
+        aliases: ['s'],
+        scope: 'core',
+        execution: 'hybrid',
+        available: true,
+      },
+      {
+        name: 'help',
+        description: 'Show available commands',
+        aliases: ['h'],
+        scope: 'core',
+        execution: 'local',
+        available: true,
+      },
+      {
+        name: 'gc',
+        description: 'Trigger garbage collection sweep (admin only — system-wide)',
+        aliases: [],
+        scope: 'admin',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'agent',
+        description: 'Switch or list available agents',
+        aliases: ['a'],
+        args: [
+          {
+            name: 'args',
+            type: 'string',
+            optional: true,
+            description: 'list or <agent-id>',
+          },
+        ],
+        scope: 'agent',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'provider',
+        description: 'Manage LLM providers (list/login/logout)',
+        aliases: [],
+        args: [
+          {
+            name: 'args',
+            type: 'string',
+            optional: true,
+            description: 'list | login <name> | logout <name>',
+          },
+        ],
+        scope: 'agent',
+        execution: 'hybrid',
+        available: true,
+      },
+      {
+        name: 'mission',
+        description: 'View or set active mission',
+        aliases: [],
+        args: [
+          {
+            name: 'args',
+            type: 'string',
+            optional: true,
+            description: 'status | set <id> | list | tasks',
+          },
+        ],
+        scope: 'agent',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'prdy',
+        description: 'Launch PRD wizard',
+        aliases: [],
+        scope: 'agent',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'tools',
+        description: 'List available agent tools',
+        aliases: [],
+        scope: 'agent',
+        execution: 'socket',
+        available: true,
+      },
+      {
+        name: 'reload',
+        description: 'Soft-reload gateway plugins and command manifest (admin)',
+        aliases: [],
+        scope: 'admin',
+        execution: 'socket',
+        available: true,
+      },
+    ]);
+  }
+}
--- a/apps/gateway/src/commands/commands.integration.spec.ts
+++ b/apps/gateway/src/commands/commands.integration.spec.ts
@@ -0,0 +1,253 @@
+/**
+ * Integration tests for the gateway command system (P8-019)
+ *
+ * Covers:
+ * - CommandRegistryService.getManifest() returns 12+ core commands
+ * - All core commands have correct execution types
+ * - Alias resolution works for all defined aliases
+ * - CommandExecutorService routes known/unknown commands correctly
+ * - /gc handler calls SessionGCService.sweepOrphans
+ * - /system handler calls SystemOverrideService.set
+ * - Unknown command returns descriptive error
+ */
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { CommandRegistryService } from './command-registry.service.js';
+import { CommandExecutorService } from './command-executor.service.js';
+import type { SlashCommandPayload } from '@mosaic/types';
+
+// ─── Mocks ───────────────────────────────────────────────────────────────────
+
+const mockAgentService = {
+  getSession: vi.fn(() => undefined),
+};
+
+const mockSystemOverride = {
+  set: vi.fn().mockResolvedValue(undefined),
+  get: vi.fn().mockResolvedValue(null),
+  clear: vi.fn().mockResolvedValue(undefined),
+  renew: vi.fn().mockResolvedValue(undefined),
+};
+
+const mockSessionGC = {
+  sweepOrphans: vi.fn().mockResolvedValue({ orphanedSessions: 3, totalCleaned: [], duration: 12 }),
+};
+
+const mockRedis = {
+  set: vi.fn().mockResolvedValue('OK'),
+  get: vi.fn().mockResolvedValue(null),
+  del: vi.fn().mockResolvedValue(0),
+  keys: vi.fn().mockResolvedValue([]),
+};
+
+// ─── Helpers ─────────────────────────────────────────────────────────────────
+
+function buildRegistry(): CommandRegistryService {
+  const svc = new CommandRegistryService();
+  svc.onModuleInit(); // seed core commands
+  return svc;
+}
+
+function buildExecutor(registry: CommandRegistryService): CommandExecutorService {
+  return new CommandExecutorService(
+    registry as never,
+    mockAgentService as never,
+    mockSystemOverride as never,
+    mockSessionGC as never,
+    mockRedis as never,
+    null, // reloadService (optional)
+    null, // chatGateway (optional)
+  );
+}
+
+// ─── Registry Tests ───────────────────────────────────────────────────────────
+
+describe('CommandRegistryService — integration', () => {
+  let registry: CommandRegistryService;
+
+  beforeEach(() => {
+    registry = buildRegistry();
+  });
+
+  it('getManifest() returns 12 or more core commands after onModuleInit', () => {
+    const manifest = registry.getManifest();
+    expect(manifest.commands.length).toBeGreaterThanOrEqual(12);
+  });
+
+  it('manifest version is 1', () => {
+    expect(registry.getManifest().version).toBe(1);
+  });
+
+  it('manifest.skills is an array', () => {
+    expect(Array.isArray(registry.getManifest().skills)).toBe(true);
+  });
+
+  it('all commands have required fields: name, description, execution, scope, available', () => {
+    for (const cmd of registry.getManifest().commands) {
+      expect(typeof cmd.name).toBe('string');
+      expect(typeof cmd.description).toBe('string');
+      expect(['local', 'socket', 'rest', 'hybrid']).toContain(cmd.execution);
+      expect(['core', 'agent', 'admin']).toContain(cmd.scope);
+      expect(typeof cmd.available).toBe('boolean');
+    }
+  });
+
+  // Execution type verification for core commands
+  const expectedExecutionTypes: Record<string, string> = {
+    model: 'socket',
+    thinking: 'socket',
+    new: 'socket',
+    clear: 'socket',
+    compact: 'socket',
+    retry: 'socket',
+    rename: 'rest',
+    history: 'rest',
+    export: 'rest',
+    preferences: 'rest',
+    system: 'socket',
+    help: 'local',
+    gc: 'socket',
+    agent: 'socket',
+    provider: 'hybrid',
+    mission: 'socket',
+    prdy: 'socket',
+    tools: 'socket',
+    reload: 'socket',
+  };
+
+  for (const [name, expectedExecution] of Object.entries(expectedExecutionTypes)) {
+    it(`command "${name}" has execution type "${expectedExecution}"`, () => {
+      const cmd = registry.getManifest().commands.find((c) => c.name === name);
+      expect(cmd, `command "${name}" not found`).toBeDefined();
+      expect(cmd!.execution).toBe(expectedExecution);
+    });
+  }
+
+  // Alias resolution checks
+  const expectedAliases: Array<[string, string]> = [
+    ['m', 'model'],
+    ['t', 'thinking'],
+    ['n', 'new'],
+    ['a', 'agent'],
+    ['s', 'status'],
+    ['h', 'help'],
+    ['pref', 'preferences'],
+  ];
+
+  for (const [alias, commandName] of expectedAliases) {
+    it(`alias "/${alias}" resolves to command "${commandName}" via aliases array`, () => {
+      const cmd = registry
+        .getManifest()
+        .commands.find((c) => c.name === commandName || c.aliases?.includes(alias));
+      expect(cmd, `command with alias "${alias}" not found`).toBeDefined();
+    });
+  }
+});
+
+// ─── Executor Tests ───────────────────────────────────────────────────────────
+
+describe('CommandExecutorService — integration', () => {
+  let registry: CommandRegistryService;
+  let executor: CommandExecutorService;
+  const userId = 'user-integ-001';
+  const conversationId = 'conv-integ-001';
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+    registry = buildRegistry();
+    executor = buildExecutor(registry);
+  });
+
+  // Unknown command returns error
+  it('unknown command returns success:false with descriptive message', async () => {
+    const payload: SlashCommandPayload = { command: 'nonexistent', conversationId };
+    const result = await executor.execute(payload, userId);
+    expect(result.success).toBe(false);
+    expect(result.message).toContain('nonexistent');
+    expect(result.command).toBe('nonexistent');
+  });
+
+  // /gc handler calls SessionGCService.sweepOrphans (admin-only, no userId arg)
+  it('/gc calls SessionGCService.sweepOrphans without arguments', async () => {
+    const payload: SlashCommandPayload = { command: 'gc', conversationId };
+    const result = await executor.execute(payload, userId);
+    expect(mockSessionGC.sweepOrphans).toHaveBeenCalledWith();
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('GC sweep complete');
+    expect(result.message).toContain('3 orphaned sessions');
+  });
+
+  // /system with args calls SystemOverrideService.set
+  it('/system with text calls SystemOverrideService.set', async () => {
+    const override = 'You are a helpful assistant.';
+    const payload: SlashCommandPayload = { command: 'system', args: override, conversationId };
+    const result = await executor.execute(payload, userId);
+    expect(mockSystemOverride.set).toHaveBeenCalledWith(conversationId, override);
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('override set');
+  });
+
+  // /system with no args clears the override
+  it('/system with no args calls SystemOverrideService.clear', async () => {
+    const payload: SlashCommandPayload = { command: 'system', conversationId };
+    const result = await executor.execute(payload, userId);
+    expect(mockSystemOverride.clear).toHaveBeenCalledWith(conversationId);
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('cleared');
+  });
+
+  // /model with model name returns success
+  it('/model with a model name returns success', async () => {
+    const payload: SlashCommandPayload = {
+      command: 'model',
+      args: 'claude-3-opus',
+      conversationId,
+    };
+    const result = await executor.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.command).toBe('model');
+    expect(result.message).toContain('claude-3-opus');
+  });
+
+  // /thinking with valid level returns success
+  it('/thinking with valid level returns success', async () => {
+    const payload: SlashCommandPayload = { command: 'thinking', args: 'high', conversationId };
+    const result = await executor.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('high');
+  });
+
+  // /thinking with invalid level returns usage message
+  it('/thinking with invalid level returns usage message', async () => {
+    const payload: SlashCommandPayload = { command: 'thinking', args: 'invalid', conversationId };
+    const result = await executor.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.message).toContain('Usage:');
+  });
+
+  // /new command returns success
+  it('/new returns success', async () => {
+    const payload: SlashCommandPayload = { command: 'new', conversationId };
+    const result = await executor.execute(payload, userId);
+    expect(result.success).toBe(true);
+    expect(result.command).toBe('new');
+  });
+
+  // /reload without reloadService returns failure
+  it('/reload without ReloadService returns failure', async () => {
+    const payload: SlashCommandPayload = { command: 'reload', conversationId };
+    const result = await executor.execute(payload, userId);
+    expect(result.success).toBe(false);
+    expect(result.message).toContain('ReloadService');
+  });
+
+  // Commands not yet fully implemented return a fallback response
+  const stubCommands = ['clear', 'compact', 'retry'];
+  for (const cmd of stubCommands) {
+    it(`/${cmd} returns success (stub)`, async () => {
+      const payload: SlashCommandPayload = { command: cmd, conversationId };
+      const result = await executor.execute(payload, userId);
+      expect(result.success).toBe(true);
+      expect(result.command).toBe(cmd);
+    });
+  }
+});
--- a/apps/gateway/src/commands/commands.module.ts
+++ b/apps/gateway/src/commands/commands.module.ts
@@ -0,0 +1,37 @@
+import { forwardRef, Inject, Module, type OnApplicationShutdown } from '@nestjs/common';
+import { createQueue, type QueueHandle } from '@mosaic/queue';
+import { ChatModule } from '../chat/chat.module.js';
+import { GCModule } from '../gc/gc.module.js';
+import { ReloadModule } from '../reload/reload.module.js';
+import { CommandExecutorService } from './command-executor.service.js';
+import { CommandRegistryService } from './command-registry.service.js';
+import { COMMANDS_REDIS } from './commands.tokens.js';
+
+const COMMANDS_QUEUE_HANDLE = 'COMMANDS_QUEUE_HANDLE';
+
+@Module({
+  imports: [GCModule, forwardRef(() => ReloadModule), forwardRef(() => ChatModule)],
+  providers: [
+    {
+      provide: COMMANDS_QUEUE_HANDLE,
+      useFactory: (): QueueHandle => {
+        return createQueue();
+      },
+    },
+    {
+      provide: COMMANDS_REDIS,
+      useFactory: (handle: QueueHandle) => handle.redis,
+      inject: [COMMANDS_QUEUE_HANDLE],
+    },
+    CommandRegistryService,
+    CommandExecutorService,
+  ],
+  exports: [CommandRegistryService, CommandExecutorService],
+})
+export class CommandsModule implements OnApplicationShutdown {
+  constructor(@Inject(COMMANDS_QUEUE_HANDLE) private readonly handle: QueueHandle) {}
+
+  async onApplicationShutdown(): Promise<void> {
+    await this.handle.close().catch(() => {});
+  }
+}
--- a/apps/gateway/src/commands/commands.tokens.ts
+++ b/apps/gateway/src/commands/commands.tokens.ts
@@ -0,0 +1 @@
+export const COMMANDS_REDIS = 'COMMANDS_REDIS';
--- a/apps/gateway/src/conversations/conversations.controller.ts
+++ b/apps/gateway/src/conversations/conversations.controller.ts
@@ -1,7 +1,9 @@
 import {
+  BadRequestException,
  Body,
  Controller,
  Delete,
+  ForbiddenException,
  Get,
  HttpCode,
  HttpStatus,
@@ -10,17 +12,18 @@ import {
  Param,
  Patch,
  Post,
+  Query,
  UseGuards,
 } from '@nestjs/common';
 import type { Brain } from '@mosaic/brain';
 import { BRAIN } from '../brain/brain.tokens.js';
 import { AuthGuard } from '../auth/auth.guard.js';
 import { CurrentUser } from '../auth/current-user.decorator.js';
-import { assertOwner } from '../auth/resource-ownership.js';
 import {
  CreateConversationDto,
  UpdateConversationDto,
  SendMessageDto,
+  SearchMessagesDto,
 } from './conversations.dto.js';

@Controller('api/conversations')
@@ -33,9 +36,21 @@ export class ConversationsController {
    return this.brain.conversations.findAll(user.id);
  }

+  @Get('search')
+  async search(@Query() dto: SearchMessagesDto, @CurrentUser() user: { id: string }) {
+    if (!dto.q || dto.q.trim().length === 0) {
+      throw new BadRequestException('Query parameter "q" is required and must not be empty');
+    }
+    const limit = dto.limit ?? 20;
+    const offset = dto.offset ?? 0;
+    return this.brain.conversations.searchMessages(user.id, dto.q.trim(), limit, offset);
+  }
+
  @Get(':id')
  async findOne(@Param('id') id: string, @CurrentUser() user: { id: string }) {
-    return this.getOwnedConversation(id, user.id);
+    const conversation = await this.brain.conversations.findById(id, user.id);
+    if (!conversation) throw new NotFoundException('Conversation not found');
+    return conversation;
  }

  @Post()
@@ -53,8 +68,7 @@ export class ConversationsController {
    @Body() dto: UpdateConversationDto,
    @CurrentUser() user: { id: string },
  ) {
-    await this.getOwnedConversation(id, user.id);
-    const conversation = await this.brain.conversations.update(id, dto);
+    const conversation = await this.brain.conversations.update(id, user.id, dto);
    if (!conversation) throw new NotFoundException('Conversation not found');
    return conversation;
  }
@@ -62,15 +76,16 @@ export class ConversationsController {
  @Delete(':id')
  @HttpCode(HttpStatus.NO_CONTENT)
  async remove(@Param('id') id: string, @CurrentUser() user: { id: string }) {
-    await this.getOwnedConversation(id, user.id);
-    const deleted = await this.brain.conversations.remove(id);
+    const deleted = await this.brain.conversations.remove(id, user.id);
    if (!deleted) throw new NotFoundException('Conversation not found');
  }

  @Get(':id/messages')
  async listMessages(@Param('id') id: string, @CurrentUser() user: { id: string }) {
-    await this.getOwnedConversation(id, user.id);
-    return this.brain.conversations.findMessages(id);
+    // Verify ownership explicitly to return a clear 404 rather than an empty list.
+    const conversation = await this.brain.conversations.findById(id, user.id);
+    if (!conversation) throw new NotFoundException('Conversation not found');
+    return this.brain.conversations.findMessages(id, user.id);
  }

  @Post(':id/messages')
@@ -79,19 +94,16 @@ export class ConversationsController {
    @Body() dto: SendMessageDto,
    @CurrentUser() user: { id: string },
  ) {
-    await this.getOwnedConversation(id, user.id);
-    return this.brain.conversations.addMessage({
+    const message = await this.brain.conversations.addMessage(
+      {
        conversationId: id,
        role: dto.role,
        content: dto.content,
        metadata: dto.metadata,
-    });
-  }
-
-  private async getOwnedConversation(id: string, userId: string) {
-    const conversation = await this.brain.conversations.findById(id);
-    if (!conversation) throw new NotFoundException('Conversation not found');
-    assertOwner(conversation.userId, userId, 'Conversation');
-    return conversation;
+      },
+      user.id,
+    );
+    if (!message) throw new ForbiddenException('Conversation not found or access denied');
+    return message;
  }
 }
--- a/apps/gateway/src/conversations/conversations.dto.ts
+++ b/apps/gateway/src/conversations/conversations.dto.ts
@@ -1,12 +1,35 @@
 import {
  IsBoolean,
  IsIn,
+  IsInt,
  IsObject,
  IsOptional,
  IsString,
  IsUUID,
+  Max,
  MaxLength,
+  Min,
 } from 'class-validator';
+import { Type } from 'class-transformer';
+
+export class SearchMessagesDto {
+  @IsString()
+  @MaxLength(500)
+  q!: string;
+
+  @IsOptional()
+  @Type(() => Number)
+  @IsInt()
+  @Min(1)
+  @Max(100)
+  limit?: number = 20;
+
+  @IsOptional()
+  @Type(() => Number)
+  @IsInt()
+  @Min(0)
+  offset?: number = 0;
+}

 export class CreateConversationDto {
  @IsOptional()
--- a/apps/gateway/src/coord/coord.controller.ts
+++ b/apps/gateway/src/coord/coord.controller.ts
@@ -1,30 +1,17 @@
 import {
  BadRequestException,
-  Body,
  Controller,
-  Delete,
  Get,
-  HttpCode,
-  HttpStatus,
  Inject,
  NotFoundException,
  Param,
-  Patch,
-  Post,
  Query,
  UseGuards,
 } from '@nestjs/common';
 import fs from 'node:fs';
 import path from 'node:path';
 import { AuthGuard } from '../auth/auth.guard.js';
-import { CurrentUser } from '../auth/current-user.decorator.js';
 import { CoordService } from './coord.service.js';
-import type {
-  CreateDbMissionDto,
-  UpdateDbMissionDto,
-  CreateMissionTaskDto,
-  UpdateMissionTaskDto,
-} from './coord.dto.js';

 /** Walk up from cwd to find the monorepo root (has pnpm-workspace.yaml). */
 function findMonorepoRoot(start: string): string {
@@ -57,13 +44,15 @@ function resolveAndValidatePath(raw: string | undefined): string {
  return resolved;
 }

+/**
+ * File-based coord endpoints for agent tool consumption.
+ * DB-backed mission CRUD has moved to MissionsController at /api/missions.
+ */
@Controller('api/coord')
@UseGuards(AuthGuard)
 export class CoordController {
  constructor(@Inject(CoordService) private readonly coordService: CoordService) {}

-  // ── File-based coord endpoints (legacy) ──
-
  @Get('status')
  async missionStatus(@Query('projectPath') projectPath?: string) {
    const resolvedPath = resolveAndValidatePath(projectPath);
@@ -85,121 +74,4 @@ export class CoordController {
    if (!detail) throw new NotFoundException(`Task ${taskId} not found in coord mission`);
    return detail;
  }
-
-  // ── DB-backed mission endpoints ──
-
-  @Get('missions')
-  async listDbMissions(@CurrentUser() user: { id: string }) {
-    return this.coordService.getMissionsByUser(user.id);
-  }
-
-  @Get('missions/:id')
-  async getDbMission(@Param('id') id: string, @CurrentUser() user: { id: string }) {
-    const mission = await this.coordService.getMissionByIdAndUser(id, user.id);
-    if (!mission) throw new NotFoundException('Mission not found');
-    return mission;
-  }
-
-  @Post('missions')
-  async createDbMission(@Body() dto: CreateDbMissionDto, @CurrentUser() user: { id: string }) {
-    return this.coordService.createDbMission({
-      name: dto.name,
-      description: dto.description,
-      projectId: dto.projectId,
-      userId: user.id,
-      phase: dto.phase,
-      milestones: dto.milestones,
-      config: dto.config,
-      status: dto.status,
-    });
-  }
-
-  @Patch('missions/:id')
-  async updateDbMission(
-    @Param('id') id: string,
-    @Body() dto: UpdateDbMissionDto,
-    @CurrentUser() user: { id: string },
-  ) {
-    const mission = await this.coordService.updateDbMission(id, user.id, dto);
-    if (!mission) throw new NotFoundException('Mission not found');
-    return mission;
-  }
-
-  @Delete('missions/:id')
-  @HttpCode(HttpStatus.NO_CONTENT)
-  async deleteDbMission(@Param('id') id: string, @CurrentUser() user: { id: string }) {
-    const deleted = await this.coordService.deleteDbMission(id, user.id);
-    if (!deleted) throw new NotFoundException('Mission not found');
-  }
-
-  // ── DB-backed mission task endpoints ──
-
-  @Get('missions/:missionId/mission-tasks')
-  async listMissionTasks(
-    @Param('missionId') missionId: string,
-    @CurrentUser() user: { id: string },
-  ) {
-    const mission = await this.coordService.getMissionByIdAndUser(missionId, user.id);
-    if (!mission) throw new NotFoundException('Mission not found');
-    return this.coordService.getMissionTasksByMissionAndUser(missionId, user.id);
-  }
-
-  @Get('missions/:missionId/mission-tasks/:taskId')
-  async getMissionTask(
-    @Param('missionId') missionId: string,
-    @Param('taskId') taskId: string,
-    @CurrentUser() user: { id: string },
-  ) {
-    const mission = await this.coordService.getMissionByIdAndUser(missionId, user.id);
-    if (!mission) throw new NotFoundException('Mission not found');
-    const task = await this.coordService.getMissionTaskByIdAndUser(taskId, user.id);
-    if (!task) throw new NotFoundException('Mission task not found');
-    return task;
-  }
-
-  @Post('missions/:missionId/mission-tasks')
-  async createMissionTask(
-    @Param('missionId') missionId: string,
-    @Body() dto: CreateMissionTaskDto,
-    @CurrentUser() user: { id: string },
-  ) {
-    const mission = await this.coordService.getMissionByIdAndUser(missionId, user.id);
-    if (!mission) throw new NotFoundException('Mission not found');
-    return this.coordService.createMissionTask({
-      missionId,
-      taskId: dto.taskId,
-      userId: user.id,
-      status: dto.status,
-      description: dto.description,
-      notes: dto.notes,
-      pr: dto.pr,
-    });
-  }
-
-  @Patch('missions/:missionId/mission-tasks/:taskId')
-  async updateMissionTask(
-    @Param('missionId') missionId: string,
-    @Param('taskId') taskId: string,
-    @Body() dto: UpdateMissionTaskDto,
-    @CurrentUser() user: { id: string },
-  ) {
-    const mission = await this.coordService.getMissionByIdAndUser(missionId, user.id);
-    if (!mission) throw new NotFoundException('Mission not found');
-    const updated = await this.coordService.updateMissionTask(taskId, user.id, dto);
-    if (!updated) throw new NotFoundException('Mission task not found');
-    return updated;
-  }
-
-  @Delete('missions/:missionId/mission-tasks/:taskId')
-  @HttpCode(HttpStatus.NO_CONTENT)
-  async deleteMissionTask(
-    @Param('missionId') missionId: string,
-    @Param('taskId') taskId: string,
-    @CurrentUser() user: { id: string },
-  ) {
-    const mission = await this.coordService.getMissionByIdAndUser(missionId, user.id);
-    if (!mission) throw new NotFoundException('Mission not found');
-    const deleted = await this.coordService.deleteMissionTask(taskId, user.id);
-    if (!deleted) throw new NotFoundException('Mission task not found');
-  }
 }
--- a/apps/gateway/src/coord/coord.service.ts
+++ b/apps/gateway/src/coord/coord.service.ts
@@ -1,6 +1,4 @@
-import { Injectable, Logger, Inject } from '@nestjs/common';
-import type { Brain } from '@mosaic/brain';
-import { BRAIN } from '../brain/brain.tokens.js';
+import { Injectable, Logger } from '@nestjs/common';
 import {
  loadMission,
  getMissionStatus,
@@ -14,12 +12,14 @@ import {
 import { promises as fs } from 'node:fs';
 import path from 'node:path';

+/**
+ * File-based coord operations for agent tool consumption.
+ * DB-backed mission CRUD is handled directly by MissionsController via Brain repos.
+ */
@Injectable()
 export class CoordService {
  private readonly logger = new Logger(CoordService.name);

-  constructor(@Inject(BRAIN) private readonly brain: Brain) {}
-
  async loadMission(projectPath: string): Promise<Mission | null> {
    try {
      return await loadMission(projectPath);
@@ -74,68 +74,4 @@ export class CoordService {
      return [];
    }
  }
-
-  // ── DB-backed methods for multi-tenant mission management ──
-
-  async getMissionsByUser(userId: string) {
-    return this.brain.missions.findAllByUser(userId);
-  }
-
-  async getMissionByIdAndUser(id: string, userId: string) {
-    return this.brain.missions.findByIdAndUser(id, userId);
-  }
-
-  async getMissionsByProjectAndUser(projectId: string, userId: string) {
-    return this.brain.missions.findByProjectAndUser(projectId, userId);
-  }
-
-  async createDbMission(data: Parameters<Brain['missions']['create']>[0]) {
-    return this.brain.missions.create(data);
-  }
-
-  async updateDbMission(
-    id: string,
-    userId: string,
-    data: Parameters<Brain['missions']['update']>[1],
-  ) {
-    const existing = await this.brain.missions.findByIdAndUser(id, userId);
-    if (!existing) return null;
-    return this.brain.missions.update(id, data);
-  }
-
-  async deleteDbMission(id: string, userId: string) {
-    const existing = await this.brain.missions.findByIdAndUser(id, userId);
-    if (!existing) return false;
-    return this.brain.missions.remove(id);
-  }
-
-  // ── DB-backed methods for mission tasks (coord tracking) ──
-
-  async getMissionTasksByMissionAndUser(missionId: string, userId: string) {
-    return this.brain.missionTasks.findByMissionAndUser(missionId, userId);
-  }
-
-  async getMissionTaskByIdAndUser(id: string, userId: string) {
-    return this.brain.missionTasks.findByIdAndUser(id, userId);
-  }
-
-  async createMissionTask(data: Parameters<Brain['missionTasks']['create']>[0]) {
-    return this.brain.missionTasks.create(data);
-  }
-
-  async updateMissionTask(
-    id: string,
-    userId: string,
-    data: Parameters<Brain['missionTasks']['update']>[1],
-  ) {
-    const existing = await this.brain.missionTasks.findByIdAndUser(id, userId);
-    if (!existing) return null;
-    return this.brain.missionTasks.update(id, data);
-  }
-
-  async deleteMissionTask(id: string, userId: string) {
-    const existing = await this.brain.missionTasks.findByIdAndUser(id, userId);
-    if (!existing) return false;
-    return this.brain.missionTasks.remove(id);
-  }
 }
--- a/apps/gateway/src/gc/gc.module.ts
+++ b/apps/gateway/src/gc/gc.module.ts
@@ -0,0 +1,31 @@
+import { Module, type OnApplicationShutdown, Inject } from '@nestjs/common';
+import { createQueue, type QueueHandle } from '@mosaic/queue';
+import { SessionGCService } from './session-gc.service.js';
+import { REDIS } from './gc.tokens.js';
+
+const GC_QUEUE_HANDLE = 'GC_QUEUE_HANDLE';
+
+@Module({
+  providers: [
+    {
+      provide: GC_QUEUE_HANDLE,
+      useFactory: (): QueueHandle => {
+        return createQueue();
+      },
+    },
+    {
+      provide: REDIS,
+      useFactory: (handle: QueueHandle) => handle.redis,
+      inject: [GC_QUEUE_HANDLE],
+    },
+    SessionGCService,
+  ],
+  exports: [SessionGCService],
+})
+export class GCModule implements OnApplicationShutdown {
+  constructor(@Inject(GC_QUEUE_HANDLE) private readonly handle: QueueHandle) {}
+
+  async onApplicationShutdown(): Promise<void> {
+    await this.handle.close().catch(() => {});
+  }
+}
--- a/apps/gateway/src/gc/gc.tokens.ts
+++ b/apps/gateway/src/gc/gc.tokens.ts
@@ -0,0 +1 @@
+export const REDIS = 'REDIS';
--- a/apps/gateway/src/gc/session-gc.service.spec.ts
+++ b/apps/gateway/src/gc/session-gc.service.spec.ts
@@ -0,0 +1,112 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { Logger } from '@nestjs/common';
+import type { QueueHandle } from '@mosaic/queue';
+import type { LogService } from '@mosaic/log';
+import { SessionGCService } from './session-gc.service.js';
+
+type MockRedis = {
+  scan: ReturnType<typeof vi.fn>;
+  del: ReturnType<typeof vi.fn>;
+};
+
+describe('SessionGCService', () => {
+  let service: SessionGCService;
+  let mockRedis: MockRedis;
+  let mockLogService: { logs: { promoteToWarm: ReturnType<typeof vi.fn> } };
+
+  /**
+   * Helper: build a scan mock that returns all provided keys in a single
+   * cursor iteration (cursor '0' in → ['0', keys] out).
+   */
+  function makeScanMock(keys: string[]): ReturnType<typeof vi.fn> {
+    return vi.fn().mockResolvedValue(['0', keys]);
+  }
+
+  beforeEach(() => {
+    mockRedis = {
+      scan: makeScanMock([]),
+      del: vi.fn().mockResolvedValue(0),
+    };
+
+    mockLogService = {
+      logs: {
+        promoteToWarm: vi.fn().mockResolvedValue(0),
+      },
+    };
+
+    // Suppress logger output in tests
+    vi.spyOn(Logger.prototype, 'log').mockImplementation(() => {});
+
+    service = new SessionGCService(
+      mockRedis as unknown as QueueHandle['redis'],
+      mockLogService as unknown as LogService,
+    );
+  });
+
+  it('collect() deletes Valkey keys for session', async () => {
+    mockRedis.scan = makeScanMock(['mosaic:session:abc:system', 'mosaic:session:abc:foo']);
+    const result = await service.collect('abc');
+    expect(mockRedis.del).toHaveBeenCalledWith(
+      'mosaic:session:abc:system',
+      'mosaic:session:abc:foo',
+    );
+    expect(result.cleaned.valkeyKeys).toBe(2);
+  });
+
+  it('collect() with no keys returns empty cleaned valkeyKeys', async () => {
+    mockRedis.scan = makeScanMock([]);
+    const result = await service.collect('abc');
+    expect(result.cleaned.valkeyKeys).toBeUndefined();
+  });
+
+  it('collect() returns sessionId in result', async () => {
+    const result = await service.collect('test-session-id');
+    expect(result.sessionId).toBe('test-session-id');
+  });
+
+  it('fullCollect() deletes all session keys', async () => {
+    mockRedis.scan = makeScanMock(['mosaic:session:abc:system', 'mosaic:session:xyz:foo']);
+    const result = await service.fullCollect();
+    expect(mockRedis.del).toHaveBeenCalled();
+    expect(result.valkeyKeys).toBe(2);
+  });
+
+  it('fullCollect() with no keys returns 0 valkeyKeys', async () => {
+    mockRedis.scan = makeScanMock([]);
+    const result = await service.fullCollect();
+    expect(result.valkeyKeys).toBe(0);
+    expect(mockRedis.del).not.toHaveBeenCalled();
+  });
+
+  it('fullCollect() returns duration', async () => {
+    const result = await service.fullCollect();
+    expect(result.duration).toBeGreaterThanOrEqual(0);
+  });
+
+  it('sweepOrphans() extracts unique session IDs and collects them', async () => {
+    // First scan call returns the global session list; subsequent calls return
+    // per-session keys during collect().
+    mockRedis.scan = vi
+      .fn()
+      .mockResolvedValueOnce([
+        '0',
+        ['mosaic:session:abc:system', 'mosaic:session:abc:messages', 'mosaic:session:xyz:system'],
+      ])
+      // collect('abc') scan
+      .mockResolvedValueOnce(['0', ['mosaic:session:abc:system', 'mosaic:session:abc:messages']])
+      // collect('xyz') scan
+      .mockResolvedValueOnce(['0', ['mosaic:session:xyz:system']]);
+    mockRedis.del.mockResolvedValue(1);
+
+    const result = await service.sweepOrphans();
+    expect(result.orphanedSessions).toBeGreaterThanOrEqual(0);
+    expect(result.duration).toBeGreaterThanOrEqual(0);
+  });
+
+  it('sweepOrphans() returns empty when no session keys', async () => {
+    mockRedis.scan = makeScanMock([]);
+    const result = await service.sweepOrphans();
+    expect(result.orphanedSessions).toBe(0);
+    expect(result.totalCleaned).toHaveLength(0);
+  });
+});
--- a/apps/gateway/src/gc/session-gc.service.ts
+++ b/apps/gateway/src/gc/session-gc.service.ts
@@ -0,0 +1,164 @@
+import { Inject, Injectable, Logger, type OnModuleInit } from '@nestjs/common';
+import type { QueueHandle } from '@mosaic/queue';
+import type { LogService } from '@mosaic/log';
+import { LOG_SERVICE } from '../log/log.tokens.js';
+import { REDIS } from './gc.tokens.js';
+
+export interface GCResult {
+  sessionId: string;
+  cleaned: {
+    valkeyKeys?: number;
+    logsDemoted?: number;
+    tempFilesRemoved?: number;
+  };
+}
+
+export interface GCSweepResult {
+  orphanedSessions: number;
+  totalCleaned: GCResult[];
+  duration: number;
+}
+
+export interface FullGCResult {
+  valkeyKeys: number;
+  logsDemoted: number;
+  jobsPurged: number;
+  tempFilesRemoved: number;
+  duration: number;
+}
+
+@Injectable()
+export class SessionGCService implements OnModuleInit {
+  private readonly logger = new Logger(SessionGCService.name);
+
+  constructor(
+    @Inject(REDIS) private readonly redis: QueueHandle['redis'],
+    @Inject(LOG_SERVICE) private readonly logService: LogService,
+  ) {}
+
+  onModuleInit(): void {
+    // Fire-and-forget: run full GC asynchronously so it does not block the
+    // NestJS bootstrap chain.  Cold-start GC typically takes 100–500 ms
+    // depending on Valkey key count; deferring it removes that latency from
+    // the TTFB of the first HTTP request.
+    this.fullCollect()
+      .then((result) => {
+        this.logger.log(
+          `Full GC complete: ${result.valkeyKeys} Valkey keys, ` +
+            `${result.logsDemoted} logs demoted, ` +
+            `${result.jobsPurged} jobs purged, ` +
+            `${result.tempFilesRemoved} temp dirs removed ` +
+            `(${result.duration}ms)`,
+        );
+      })
+      .catch((err: unknown) => {
+        this.logger.error('Cold-start GC failed', err instanceof Error ? err.stack : String(err));
+      });
+  }
+
+  /**
+   * Scan Valkey for all keys matching a pattern using SCAN (non-blocking).
+   * KEYS is avoided because it blocks the Valkey event loop for the full scan
+   * duration, which can cause latency spikes under production key volumes.
+   */
+  private async scanKeys(pattern: string): Promise<string[]> {
+    const collected: string[] = [];
+    let cursor = '0';
+    do {
+      const [nextCursor, keys] = await this.redis.scan(cursor, 'MATCH', pattern, 'COUNT', 100);
+      cursor = nextCursor;
+      collected.push(...keys);
+    } while (cursor !== '0');
+    return collected;
+  }
+
+  /**
+   * Immediate cleanup for a single session (call from destroySession).
+   */
+  async collect(sessionId: string): Promise<GCResult> {
+    const result: GCResult = { sessionId, cleaned: {} };
+
+    // 1. Valkey: delete all session-scoped keys
+    const pattern = `mosaic:session:${sessionId}:*`;
+    const valkeyKeys = await this.scanKeys(pattern);
+    if (valkeyKeys.length > 0) {
+      await this.redis.del(...valkeyKeys);
+      result.cleaned.valkeyKeys = valkeyKeys.length;
+    }
+
+    // 2. PG: demote hot-tier agent_logs for this session to warm
+    const cutoff = new Date(); // demote all hot logs for this session
+    const logsDemoted = await this.logService.logs.promoteToWarm(cutoff);
+    if (logsDemoted > 0) {
+      result.cleaned.logsDemoted = logsDemoted;
+    }
+
+    return result;
+  }
+
+  /**
+   * Sweep GC — find orphaned artifacts from dead sessions.
+   * System-wide operation: only call from admin-authorized paths or internal
+   * scheduled jobs.  Individual session cleanup is handled by collect().
+   */
+  async sweepOrphans(): Promise<GCSweepResult> {
+    const start = Date.now();
+    const cleaned: GCResult[] = [];
+
+    // 1. Find all session-scoped Valkey keys (non-blocking SCAN)
+    const allSessionKeys = await this.scanKeys('mosaic:session:*');
+
+    // Extract unique session IDs from keys
+    const sessionIds = new Set<string>();
+    for (const key of allSessionKeys) {
+      const match = key.match(/^mosaic:session:([^:]+):/);
+      if (match) sessionIds.add(match[1]!);
+    }
+
+    // 2. For each session ID, collect stale keys
+    for (const sessionId of sessionIds) {
+      const gcResult = await this.collect(sessionId);
+      if (Object.keys(gcResult.cleaned).length > 0) {
+        cleaned.push(gcResult);
+      }
+    }
+
+    return {
+      orphanedSessions: cleaned.length,
+      totalCleaned: cleaned,
+      duration: Date.now() - start,
+    };
+  }
+
+  /**
+   * Full GC — aggressive collection for cold start.
+   * Assumes no sessions survived the restart.
+   */
+  async fullCollect(): Promise<FullGCResult> {
+    const start = Date.now();
+
+    // 1. Valkey: delete ALL session-scoped keys (non-blocking SCAN)
+    const sessionKeys = await this.scanKeys('mosaic:session:*');
+    if (sessionKeys.length > 0) {
+      await this.redis.del(...sessionKeys);
+    }
+
+    // 2. NOTE: channel keys are NOT collected on cold start
+    //    (discord/telegram plugins may reconnect and resume)
+
+    // 3. PG: demote stale hot-tier logs older than 24h to warm
+    const hotCutoff = new Date(Date.now() - 24 * 60 * 60 * 1000);
+    const logsDemoted = await this.logService.logs.promoteToWarm(hotCutoff);
+
+    // 4. No summarization job purge API available yet
+    const jobsPurged = 0;
+
+    return {
+      valkeyKeys: sessionKeys.length,
+      logsDemoted,
+      jobsPurged,
+      tempFilesRemoved: 0,
+      duration: Date.now() - start,
+    };
+  }
+}
--- a/apps/gateway/src/log/cron.service.ts
+++ b/apps/gateway/src/log/cron.service.ts
@@ -7,17 +7,22 @@ import {
 } from '@nestjs/common';
 import cron from 'node-cron';
 import { SummarizationService } from './summarization.service.js';
+import { SessionGCService } from '../gc/session-gc.service.js';

@Injectable()
 export class CronService implements OnModuleInit, OnModuleDestroy {
  private readonly logger = new Logger(CronService.name);
  private readonly tasks: cron.ScheduledTask[] = [];

-  constructor(@Inject(SummarizationService) private readonly summarization: SummarizationService) {}
+  constructor(
+    @Inject(SummarizationService) private readonly summarization: SummarizationService,
+    @Inject(SessionGCService) private readonly sessionGC: SessionGCService,
+  ) {}

  onModuleInit(): void {
    const summarizationSchedule = process.env['SUMMARIZATION_CRON'] ?? '0 */6 * * *'; // every 6 hours
    const tierManagementSchedule = process.env['TIER_MANAGEMENT_CRON'] ?? '0 3 * * *'; // daily at 3am
+    const gcSchedule = process.env['SESSION_GC_CRON'] ?? '0 4 * * *'; // daily at 4am

    this.tasks.push(
      cron.schedule(summarizationSchedule, () => {
@@ -35,8 +40,16 @@ export class CronService implements OnModuleInit, OnModuleDestroy {
      }),
    );

+    this.tasks.push(
+      cron.schedule(gcSchedule, () => {
+        this.sessionGC.sweepOrphans().catch((err) => {
+          this.logger.error(`Session GC sweep failed: ${err}`);
+        });
+      }),
+    );
+
    this.logger.log(
-      `Cron scheduled: summarization="${summarizationSchedule}", tier="${tierManagementSchedule}"`,
+      `Cron scheduled: summarization="${summarizationSchedule}", tier="${tierManagementSchedule}", gc="${gcSchedule}"`,
    );
  }

--- a/apps/gateway/src/log/log.module.ts
+++ b/apps/gateway/src/log/log.module.ts
@@ -6,9 +6,11 @@ import { LOG_SERVICE } from './log.tokens.js';
 import { LogController } from './log.controller.js';
 import { SummarizationService } from './summarization.service.js';
 import { CronService } from './cron.service.js';
+import { GCModule } from '../gc/gc.module.js';

@Global()
@Module({
+  imports: [GCModule],
  providers: [
    {
      provide: LOG_SERVICE,
--- a/apps/gateway/src/log/summarization.service.ts
+++ b/apps/gateway/src/log/summarization.service.ts
@@ -137,7 +137,7 @@ export class SummarizationService {

    const promoted = await this.logService.logs.promoteToCold(warmCutoff);
    const purged = await this.logService.logs.purge(coldCutoff);
-    const decayed = await this.memory.insights.decayOldInsights(decayCutoff);
+    const decayed = await this.memory.insights.decayAllInsights(decayCutoff);

    this.logger.log(
      `Tier management: ${promoted} logs→cold, ${purged} purged, ${decayed} insights decayed`,
--- a/apps/gateway/src/main.ts
+++ b/apps/gateway/src/main.ts
@@ -11,6 +11,7 @@ import { NestFactory } from '@nestjs/core';
 import { Logger, ValidationPipe } from '@nestjs/common';
 import { FastifyAdapter, type NestFastifyApplication } from '@nestjs/platform-fastify';
 import helmet from '@fastify/helmet';
+import { listSsoStartupWarnings } from '@mosaic/auth';
 import { AppModule } from './app.module.js';
 import { mountAuthHandler } from './auth/auth.controller.js';
 import { mountMcpHandler } from './mcp/mcp.controller.js';
@@ -23,13 +24,8 @@ async function bootstrap(): Promise<void> {
    throw new Error('BETTER_AUTH_SECRET is required');
  }

-  if (
-    process.env['AUTHENTIK_CLIENT_ID'] &&
-    (!process.env['AUTHENTIK_CLIENT_SECRET'] || !process.env['AUTHENTIK_ISSUER'])
-  ) {
-    console.warn(
-      '[warn] AUTHENTIK_CLIENT_ID is set but AUTHENTIK_CLIENT_SECRET or AUTHENTIK_ISSUER is missing — Authentik SSO will not work',
-    );
+  for (const warning of listSsoStartupWarnings()) {
+    logger.warn(warning);
  }

  const app = await NestFactory.create<NestFastifyApplication>(
@@ -40,6 +36,7 @@ async function bootstrap(): Promise<void> {
  app.enableCors({
    origin: process.env['GATEWAY_CORS_ORIGIN'] ?? 'http://localhost:3000',
    credentials: true,
+    methods: ['GET', 'HEAD', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
  });

  await app.register(helmet as never, { contentSecurityPolicy: false });
--- a/apps/gateway/src/memory/memory.controller.ts
+++ b/apps/gateway/src/memory/memory.controller.ts
@@ -73,8 +73,8 @@ export class MemoryController {
  }

  @Get('insights/:id')
-  async getInsight(@Param('id') id: string) {
-    const insight = await this.memory.insights.findById(id);
+  async getInsight(@CurrentUser() user: { id: string }, @Param('id') id: string) {
+    const insight = await this.memory.insights.findById(id, user.id);
    if (!insight) throw new NotFoundException('Insight not found');
    return insight;
  }
@@ -97,8 +97,8 @@ export class MemoryController {

  @Delete('insights/:id')
  @HttpCode(HttpStatus.NO_CONTENT)
-  async removeInsight(@Param('id') id: string) {
-    const deleted = await this.memory.insights.remove(id);
+  async removeInsight(@CurrentUser() user: { id: string }, @Param('id') id: string) {
+    const deleted = await this.memory.insights.remove(id, user.id);
    if (!deleted) throw new NotFoundException('Insight not found');
  }

--- a/apps/gateway/src/missions/missions.controller.ts
+++ b/apps/gateway/src/missions/missions.controller.ts
@@ -2,7 +2,6 @@ import {
  Body,
  Controller,
  Delete,
-  ForbiddenException,
  Get,
  HttpCode,
  HttpStatus,
@@ -17,33 +16,42 @@ import type { Brain } from '@mosaic/brain';
 import { BRAIN } from '../brain/brain.tokens.js';
 import { AuthGuard } from '../auth/auth.guard.js';
 import { CurrentUser } from '../auth/current-user.decorator.js';
-import { assertOwner } from '../auth/resource-ownership.js';
-import { CreateMissionDto, UpdateMissionDto } from './missions.dto.js';
+import {
+  CreateMissionDto,
+  UpdateMissionDto,
+  CreateMissionTaskDto,
+  UpdateMissionTaskDto,
+} from './missions.dto.js';

@Controller('api/missions')
@UseGuards(AuthGuard)
 export class MissionsController {
  constructor(@Inject(BRAIN) private readonly brain: Brain) {}

+  // ── Missions CRUD (user-scoped) ──
+
  @Get()
-  async list() {
-    return this.brain.missions.findAll();
+  async list(@CurrentUser() user: { id: string }) {
+    return this.brain.missions.findAllByUser(user.id);
  }

  @Get(':id')
  async findOne(@Param('id') id: string, @CurrentUser() user: { id: string }) {
-    return this.getOwnedMission(id, user.id);
+    const mission = await this.brain.missions.findByIdAndUser(id, user.id);
+    if (!mission) throw new NotFoundException('Mission not found');
+    return mission;
  }

  @Post()
  async create(@Body() dto: CreateMissionDto, @CurrentUser() user: { id: string }) {
-    if (dto.projectId) {
-      await this.getOwnedProject(dto.projectId, user.id, 'Mission');
-    }
    return this.brain.missions.create({
      name: dto.name,
      description: dto.description,
      projectId: dto.projectId,
+      userId: user.id,
+      phase: dto.phase,
+      milestones: dto.milestones,
+      config: dto.config,
      status: dto.status,
    });
  }
@@ -54,10 +62,8 @@ export class MissionsController {
    @Body() dto: UpdateMissionDto,
    @CurrentUser() user: { id: string },
  ) {
-    await this.getOwnedMission(id, user.id);
-    if (dto.projectId) {
-      await this.getOwnedProject(dto.projectId, user.id, 'Mission');
-    }
+    const existing = await this.brain.missions.findByIdAndUser(id, user.id);
+    if (!existing) throw new NotFoundException('Mission not found');
    const mission = await this.brain.missions.update(id, dto);
    if (!mission) throw new NotFoundException('Mission not found');
    return mission;
@@ -66,33 +72,81 @@ export class MissionsController {
  @Delete(':id')
  @HttpCode(HttpStatus.NO_CONTENT)
  async remove(@Param('id') id: string, @CurrentUser() user: { id: string }) {
-    await this.getOwnedMission(id, user.id);
+    const existing = await this.brain.missions.findByIdAndUser(id, user.id);
+    if (!existing) throw new NotFoundException('Mission not found');
    const deleted = await this.brain.missions.remove(id);
    if (!deleted) throw new NotFoundException('Mission not found');
  }

-  private async getOwnedMission(id: string, userId: string) {
-    const mission = await this.brain.missions.findById(id);
+  // ── Mission Tasks sub-routes ──
+
+  @Get(':missionId/tasks')
+  async listTasks(@Param('missionId') missionId: string, @CurrentUser() user: { id: string }) {
+    const mission = await this.brain.missions.findByIdAndUser(missionId, user.id);
    if (!mission) throw new NotFoundException('Mission not found');
-    await this.getOwnedProject(mission.projectId, userId, 'Mission');
-    return mission;
+    return this.brain.missionTasks.findByMissionAndUser(missionId, user.id);
  }

-  private async getOwnedProject(
-    projectId: string | null | undefined,
-    userId: string,
-    resourceName: string,
+  @Get(':missionId/tasks/:taskId')
+  async getTask(
+    @Param('missionId') missionId: string,
+    @Param('taskId') taskId: string,
+    @CurrentUser() user: { id: string },
  ) {
-    if (!projectId) {
-      throw new ForbiddenException(`${resourceName} does not belong to the current user`);
+    const mission = await this.brain.missions.findByIdAndUser(missionId, user.id);
+    if (!mission) throw new NotFoundException('Mission not found');
+    const task = await this.brain.missionTasks.findByIdAndUser(taskId, user.id);
+    if (!task) throw new NotFoundException('Mission task not found');
+    return task;
  }

-    const project = await this.brain.projects.findById(projectId);
-    if (!project) {
-      throw new ForbiddenException(`${resourceName} does not belong to the current user`);
+  @Post(':missionId/tasks')
+  async createTask(
+    @Param('missionId') missionId: string,
+    @Body() dto: CreateMissionTaskDto,
+    @CurrentUser() user: { id: string },
+  ) {
+    const mission = await this.brain.missions.findByIdAndUser(missionId, user.id);
+    if (!mission) throw new NotFoundException('Mission not found');
+    return this.brain.missionTasks.create({
+      missionId,
+      taskId: dto.taskId,
+      userId: user.id,
+      status: dto.status,
+      description: dto.description,
+      notes: dto.notes,
+      pr: dto.pr,
+    });
  }

-    assertOwner(project.ownerId, userId, resourceName);
-    return project;
+  @Patch(':missionId/tasks/:taskId')
+  async updateTask(
+    @Param('missionId') missionId: string,
+    @Param('taskId') taskId: string,
+    @Body() dto: UpdateMissionTaskDto,
+    @CurrentUser() user: { id: string },
+  ) {
+    const mission = await this.brain.missions.findByIdAndUser(missionId, user.id);
+    if (!mission) throw new NotFoundException('Mission not found');
+    const existing = await this.brain.missionTasks.findByIdAndUser(taskId, user.id);
+    if (!existing) throw new NotFoundException('Mission task not found');
+    const updated = await this.brain.missionTasks.update(taskId, dto);
+    if (!updated) throw new NotFoundException('Mission task not found');
+    return updated;
+  }
+
+  @Delete(':missionId/tasks/:taskId')
+  @HttpCode(HttpStatus.NO_CONTENT)
+  async removeTask(
+    @Param('missionId') missionId: string,
+    @Param('taskId') taskId: string,
+    @CurrentUser() user: { id: string },
+  ) {
+    const mission = await this.brain.missions.findByIdAndUser(missionId, user.id);
+    if (!mission) throw new NotFoundException('Mission not found');
+    const existing = await this.brain.missionTasks.findByIdAndUser(taskId, user.id);
+    if (!existing) throw new NotFoundException('Mission task not found');
+    const deleted = await this.brain.missionTasks.remove(taskId);
+    if (!deleted) throw new NotFoundException('Mission task not found');
  }
 }
--- a/apps/gateway/src/missions/missions.dto.ts
+++ b/apps/gateway/src/missions/missions.dto.ts
@@ -1,6 +1,7 @@
-import { IsIn, IsObject, IsOptional, IsString, IsUUID, MaxLength } from 'class-validator';
+import { IsArray, IsIn, IsObject, IsOptional, IsString, IsUUID, MaxLength } from 'class-validator';

 const missionStatuses = ['planning', 'active', 'paused', 'completed', 'failed'] as const;
+const taskStatuses = ['not-started', 'in-progress', 'blocked', 'done', 'cancelled'] as const;

 export class CreateMissionDto {
  @IsString()
@@ -19,6 +20,19 @@ export class CreateMissionDto {
  @IsOptional()
  @IsIn(missionStatuses)
  status?: 'planning' | 'active' | 'paused' | 'completed' | 'failed';
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(255)
+  phase?: string;
+
+  @IsOptional()
+  @IsArray()
+  milestones?: Record<string, unknown>[];
+
+  @IsOptional()
+  @IsObject()
+  config?: Record<string, unknown>;
 }

 export class UpdateMissionDto {
@@ -40,7 +54,70 @@ export class UpdateMissionDto {
  @IsIn(missionStatuses)
  status?: 'planning' | 'active' | 'paused' | 'completed' | 'failed';

+  @IsOptional()
+  @IsString()
+  @MaxLength(255)
+  phase?: string;
+
+  @IsOptional()
+  @IsArray()
+  milestones?: Record<string, unknown>[];
+
+  @IsOptional()
+  @IsObject()
+  config?: Record<string, unknown>;
+
  @IsOptional()
  @IsObject()
  metadata?: Record<string, unknown> | null;
 }
+
+export class CreateMissionTaskDto {
+  @IsOptional()
+  @IsUUID()
+  taskId?: string;
+
+  @IsOptional()
+  @IsIn(taskStatuses)
+  status?: 'not-started' | 'in-progress' | 'blocked' | 'done' | 'cancelled';
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(10_000)
+  description?: string;
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(10_000)
+  notes?: string;
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(255)
+  pr?: string;
+}
+
+export class UpdateMissionTaskDto {
+  @IsOptional()
+  @IsUUID()
+  taskId?: string;
+
+  @IsOptional()
+  @IsIn(taskStatuses)
+  status?: 'not-started' | 'in-progress' | 'blocked' | 'done' | 'cancelled';
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(10_000)
+  description?: string;
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(10_000)
+  notes?: string;
+
+  @IsOptional()
+  @IsString()
+  @MaxLength(255)
+  pr?: string;
+}
--- a/apps/gateway/src/plugin/plugin.interface.ts
+++ b/apps/gateway/src/plugin/plugin.interface.ts
@@ -2,4 +2,10 @@ export interface IChannelPlugin {
  readonly name: string;
  start(): Promise<void>;
  stop(): Promise<void>;
+  /** Called when a new project is bootstrapped. Return channelId if a channel was created. */
+  onProjectCreated?(project: {
+    id: string;
+    name: string;
+    description?: string;
+  }): Promise<{ channelId: string } | null>;
 }
--- a/apps/gateway/src/plugin/plugin.module.ts
+++ b/apps/gateway/src/plugin/plugin.module.ts
@@ -24,6 +24,14 @@ class DiscordChannelPluginAdapter implements IChannelPlugin {
  async stop(): Promise<void> {
    await this.plugin.stop();
  }
+
+  async onProjectCreated(project: {
+    id: string;
+    name: string;
+    description?: string;
+  }): Promise<{ channelId: string } | null> {
+    return this.plugin.createProjectChannel(project);
+  }
 }

 class TelegramChannelPluginAdapter implements IChannelPlugin {
--- a/apps/gateway/src/preferences/preferences.controller.ts
+++ b/apps/gateway/src/preferences/preferences.controller.ts
@@ -0,0 +1,44 @@
+import {
+  Body,
+  Controller,
+  Delete,
+  Get,
+  HttpCode,
+  HttpStatus,
+  Inject,
+  Param,
+  Post,
+  UseGuards,
+} from '@nestjs/common';
+import { PreferencesService } from './preferences.service.js';
+import { AuthGuard } from '../auth/auth.guard.js';
+import { CurrentUser } from '../auth/current-user.decorator.js';
+
+@Controller('api/preferences')
+@UseGuards(AuthGuard)
+export class PreferencesController {
+  constructor(@Inject(PreferencesService) private readonly preferences: PreferencesService) {}
+
+  @Get()
+  async show(@CurrentUser() user: { id: string }): Promise<Record<string, unknown>> {
+    return this.preferences.getEffective(user.id);
+  }
+
+  @Post()
+  @HttpCode(HttpStatus.OK)
+  async set(
+    @CurrentUser() user: { id: string },
+    @Body() body: { key: string; value: unknown },
+  ): Promise<{ success: boolean; message: string }> {
+    return this.preferences.set(user.id, body.key, body.value);
+  }
+
+  @Delete(':key')
+  @HttpCode(HttpStatus.OK)
+  async reset(
+    @CurrentUser() user: { id: string },
+    @Param('key') key: string,
+  ): Promise<{ success: boolean; message: string }> {
+    return this.preferences.reset(user.id, key);
+  }
+}
--- a/apps/gateway/src/preferences/preferences.module.ts
+++ b/apps/gateway/src/preferences/preferences.module.ts
@@ -0,0 +1,12 @@
+import { Global, Module } from '@nestjs/common';
+import { PreferencesService } from './preferences.service.js';
+import { PreferencesController } from './preferences.controller.js';
+import { SystemOverrideService } from './system-override.service.js';
+
+@Global()
+@Module({
+  controllers: [PreferencesController],
+  providers: [PreferencesService, SystemOverrideService],
+  exports: [PreferencesService, SystemOverrideService],
+})
+export class PreferencesModule {}
--- a/apps/gateway/src/preferences/preferences.service.spec.ts
+++ b/apps/gateway/src/preferences/preferences.service.spec.ts
@@ -0,0 +1,152 @@
+import { describe, it, expect, vi } from 'vitest';
+import { PreferencesService, PLATFORM_DEFAULTS, IMMUTABLE_KEYS } from './preferences.service.js';
+import type { Db } from '@mosaic/db';
+
+/**
+ * Build a mock Drizzle DB where the select chain supports:
+ *   db.select().from().where()            → resolves to `listRows`
+ *   db.insert().values().onConflictDoUpdate() → resolves to []
+ */
+function makeMockDb(listRows: Array<{ key: string; value: unknown }> = []): Db {
+  const chainWithLimit = {
+    limit: vi.fn().mockResolvedValue([]),
+    then: (resolve: (v: typeof listRows) => unknown) => Promise.resolve(listRows).then(resolve),
+  };
+  const selectFrom = {
+    from: vi.fn().mockReturnThis(),
+    where: vi.fn().mockReturnValue(chainWithLimit),
+  };
+  const deleteResult = {
+    where: vi.fn().mockResolvedValue([]),
+  };
+  // Single-round-trip upsert chain: insert().values().onConflictDoUpdate()
+  const insertResult = {
+    values: vi.fn().mockReturnThis(),
+    onConflictDoUpdate: vi.fn().mockResolvedValue([]),
+  };
+
+  return {
+    select: vi.fn().mockReturnValue(selectFrom),
+    delete: vi.fn().mockReturnValue(deleteResult),
+    insert: vi.fn().mockReturnValue(insertResult),
+  } as unknown as Db;
+}
+
+describe('PreferencesService', () => {
+  describe('getEffective', () => {
+    it('returns platform defaults when user has no overrides', async () => {
+      const db = makeMockDb([]);
+      const service = new PreferencesService(db);
+      const result = await service.getEffective('user-1');
+
+      expect(result['agent.thinkingLevel']).toBe('auto');
+      expect(result['agent.streamingEnabled']).toBe(true);
+      expect(result['session.autoCompactEnabled']).toBe(true);
+      expect(result['session.autoCompactThreshold']).toBe(0.8);
+    });
+
+    it('applies user overrides for mutable keys', async () => {
+      const db = makeMockDb([
+        { key: 'agent.thinkingLevel', value: 'high' },
+        { key: 'response.language', value: 'es' },
+      ]);
+
+      const service = new PreferencesService(db);
+      const result = await service.getEffective('user-1');
+
+      expect(result['agent.thinkingLevel']).toBe('high');
+      expect(result['response.language']).toBe('es');
+    });
+
+    it('ignores user overrides for immutable keys — enforcement always wins', async () => {
+      const db = makeMockDb([
+        { key: 'limits.maxThinkingLevel', value: 'high' },
+        { key: 'limits.rateLimit', value: 9999 },
+      ]);
+
+      const service = new PreferencesService(db);
+      const result = await service.getEffective('user-1');
+
+      // Should still be null (platform default), not the user-supplied values
+      expect(result['limits.maxThinkingLevel']).toBeNull();
+      expect(result['limits.rateLimit']).toBeNull();
+    });
+  });
+
+  describe('set', () => {
+    it('returns error when attempting to override an immutable key', async () => {
+      const db = makeMockDb();
+      const service = new PreferencesService(db);
+
+      const result = await service.set('user-1', 'limits.maxThinkingLevel', 'high');
+      expect(result.success).toBe(false);
+      expect(result.message).toContain('platform enforcement');
+    });
+
+    it('returns error when attempting to override limits.rateLimit', async () => {
+      const db = makeMockDb();
+      const service = new PreferencesService(db);
+
+      const result = await service.set('user-1', 'limits.rateLimit', 100);
+      expect(result.success).toBe(false);
+      expect(result.message).toContain('platform enforcement');
+    });
+
+    it('upserts a mutable preference and returns success', async () => {
+      // Single-round-trip INSERT … ON CONFLICT DO UPDATE path.
+      const db = makeMockDb([]);
+      const service = new PreferencesService(db);
+      const result = await service.set('user-1', 'agent.thinkingLevel', 'high');
+      expect(result.success).toBe(true);
+      expect(result.message).toContain('"agent.thinkingLevel"');
+    });
+  });
+
+  describe('reset', () => {
+    it('returns error when attempting to reset an immutable key', async () => {
+      const db = makeMockDb();
+      const service = new PreferencesService(db);
+
+      const result = await service.reset('user-1', 'limits.rateLimit');
+      expect(result.success).toBe(false);
+      expect(result.message).toContain('platform enforcement');
+    });
+
+    it('deletes user override and returns default value in message', async () => {
+      const db = makeMockDb();
+      const service = new PreferencesService(db);
+      const result = await service.reset('user-1', 'agent.thinkingLevel');
+
+      expect(result.success).toBe(true);
+      expect(result.message).toContain('"auto"'); // platform default for agent.thinkingLevel
+    });
+  });
+
+  describe('IMMUTABLE_KEYS', () => {
+    it('contains only the enforcement keys', () => {
+      expect(IMMUTABLE_KEYS.has('limits.maxThinkingLevel')).toBe(true);
+      expect(IMMUTABLE_KEYS.has('limits.rateLimit')).toBe(true);
+      expect(IMMUTABLE_KEYS.has('agent.thinkingLevel')).toBe(false);
+    });
+  });
+
+  describe('PLATFORM_DEFAULTS', () => {
+    it('has all expected keys', () => {
+      const expectedKeys = [
+        'agent.defaultModel',
+        'agent.thinkingLevel',
+        'agent.streamingEnabled',
+        'response.language',
+        'response.codeAnnotations',
+        'safety.confirmDestructiveTools',
+        'session.autoCompactThreshold',
+        'session.autoCompactEnabled',
+        'limits.maxThinkingLevel',
+        'limits.rateLimit',
+      ];
+      for (const key of expectedKeys) {
+        expect(Object.prototype.hasOwnProperty.call(PLATFORM_DEFAULTS, key)).toBe(true);
+      }
+    });
+  });
+});
--- a/apps/gateway/src/preferences/preferences.service.ts
+++ b/apps/gateway/src/preferences/preferences.service.ts
@@ -0,0 +1,118 @@
+import { Inject, Injectable, Logger } from '@nestjs/common';
+import { eq, and, sql, type Db, preferences as preferencesTable } from '@mosaic/db';
+import { DB } from '../database/database.module.js';
+
+export const PLATFORM_DEFAULTS: Record<string, unknown> = {
+  'agent.defaultModel': null,
+  'agent.thinkingLevel': 'auto',
+  'agent.streamingEnabled': true,
+  'response.language': 'auto',
+  'response.codeAnnotations': true,
+  'safety.confirmDestructiveTools': true,
+  'session.autoCompactThreshold': 0.8,
+  'session.autoCompactEnabled': true,
+  'limits.maxThinkingLevel': null,
+  'limits.rateLimit': null,
+};
+
+export const IMMUTABLE_KEYS = new Set<string>(['limits.maxThinkingLevel', 'limits.rateLimit']);
+
+@Injectable()
+export class PreferencesService {
+  private readonly logger = new Logger(PreferencesService.name);
+
+  constructor(@Inject(DB) private readonly db: Db) {}
+
+  /**
+   * Returns the effective preference set for a user:
+   * Platform defaults → user overrides (mutable keys only) → enforcements re-applied last
+   */
+  async getEffective(userId: string): Promise<Record<string, unknown>> {
+    const userPrefs = await this.getUserPrefs(userId);
+    const result: Record<string, unknown> = { ...PLATFORM_DEFAULTS };
+
+    for (const [key, value] of Object.entries(userPrefs)) {
+      if (!IMMUTABLE_KEYS.has(key)) {
+        result[key] = value;
+      }
+    }
+
+    // Re-apply immutable keys (enforcements always win)
+    for (const key of IMMUTABLE_KEYS) {
+      result[key] = PLATFORM_DEFAULTS[key];
+    }
+
+    return result;
+  }
+
+  async set(
+    userId: string,
+    key: string,
+    value: unknown,
+  ): Promise<{ success: boolean; message: string }> {
+    if (IMMUTABLE_KEYS.has(key)) {
+      return {
+        success: false,
+        message: `Cannot override "${key}" — this is a platform enforcement. Contact your admin.`,
+      };
+    }
+
+    await this.upsertPref(userId, key, value);
+    return { success: true, message: `Preference "${key}" set to ${JSON.stringify(value)}.` };
+  }
+
+  async reset(userId: string, key: string): Promise<{ success: boolean; message: string }> {
+    if (IMMUTABLE_KEYS.has(key)) {
+      return { success: false, message: `Cannot reset "${key}" — it is a platform enforcement.` };
+    }
+
+    await this.deletePref(userId, key);
+    const defaultVal = PLATFORM_DEFAULTS[key];
+    return {
+      success: true,
+      message: `Preference "${key}" reset to default: ${JSON.stringify(defaultVal)}.`,
+    };
+  }
+
+  private async getUserPrefs(userId: string): Promise<Record<string, unknown>> {
+    const rows = await this.db
+      .select({ key: preferencesTable.key, value: preferencesTable.value })
+      .from(preferencesTable)
+      .where(eq(preferencesTable.userId, userId));
+
+    const result: Record<string, unknown> = {};
+    for (const row of rows) {
+      result[row.key] = row.value;
+    }
+    return result;
+  }
+
+  private async upsertPref(userId: string, key: string, value: unknown): Promise<void> {
+    // Single-round-trip upsert using INSERT … ON CONFLICT DO UPDATE.
+    // Previously this was two queries (SELECT + INSERT/UPDATE), which doubled
+    // the DB round-trips and introduced a TOCTOU window under concurrent writes.
+    await this.db
+      .insert(preferencesTable)
+      .values({
+        userId,
+        key,
+        value: value as never,
+        mutable: true,
+      })
+      .onConflictDoUpdate({
+        target: [preferencesTable.userId, preferencesTable.key],
+        set: {
+          value: sql`excluded.value`,
+          updatedAt: sql`now()`,
+        },
+      });
+    this.logger.debug(`Upserted preference "${key}" for user ${userId}`);
+  }
+
+  private async deletePref(userId: string, key: string): Promise<void> {
+    await this.db
+      .delete(preferencesTable)
+      .where(and(eq(preferencesTable.userId, userId), eq(preferencesTable.key, key)));
+    this.logger.debug(`Deleted preference "${key}" for user ${userId}`);
+  }
+}
--- a/apps/gateway/src/preferences/system-override.service.ts
+++ b/apps/gateway/src/preferences/system-override.service.ts
@@ -0,0 +1,131 @@
+import { Injectable, Logger } from '@nestjs/common';
+import { createQueue, type QueueHandle } from '@mosaic/queue';
+
+const SESSION_SYSTEM_KEY = (sessionId: string) => `mosaic:session:${sessionId}:system`;
+const SESSION_SYSTEM_FRAGMENTS_KEY = (sessionId: string) =>
+  `mosaic:session:${sessionId}:system:fragments`;
+const SYSTEM_OVERRIDE_TTL_SECONDS = 604800; // 7 days
+
+interface OverrideFragment {
+  text: string;
+  addedAt: number;
+}
+
+@Injectable()
+export class SystemOverrideService {
+  private readonly logger = new Logger(SystemOverrideService.name);
+  private readonly handle: QueueHandle;
+
+  constructor() {
+    this.handle = createQueue();
+  }
+
+  async set(sessionId: string, override: string): Promise<void> {
+    // Load existing fragments
+    const existing = await this.handle.redis.get(SESSION_SYSTEM_FRAGMENTS_KEY(sessionId));
+    const fragments: OverrideFragment[] = existing
+      ? (JSON.parse(existing) as OverrideFragment[])
+      : [];
+
+    // Append new fragment
+    fragments.push({ text: override, addedAt: Date.now() });
+
+    // Condense fragments into one coherent override
+    const texts = fragments.map((f) => f.text);
+    const condensed = await this.condenseOverrides(texts);
+
+    // Store both: fragments array and condensed result
+    const pipeline = this.handle.redis.pipeline();
+    pipeline.setex(
+      SESSION_SYSTEM_FRAGMENTS_KEY(sessionId),
+      SYSTEM_OVERRIDE_TTL_SECONDS,
+      JSON.stringify(fragments),
+    );
+    pipeline.setex(SESSION_SYSTEM_KEY(sessionId), SYSTEM_OVERRIDE_TTL_SECONDS, condensed);
+    await pipeline.exec();
+
+    this.logger.debug(
+      `Set system override for session ${sessionId} (${fragments.length} fragment(s), TTL=${SYSTEM_OVERRIDE_TTL_SECONDS}s)`,
+    );
+  }
+
+  async get(sessionId: string): Promise<string | null> {
+    return this.handle.redis.get(SESSION_SYSTEM_KEY(sessionId));
+  }
+
+  async renew(sessionId: string): Promise<void> {
+    const pipeline = this.handle.redis.pipeline();
+    pipeline.expire(SESSION_SYSTEM_KEY(sessionId), SYSTEM_OVERRIDE_TTL_SECONDS);
+    pipeline.expire(SESSION_SYSTEM_FRAGMENTS_KEY(sessionId), SYSTEM_OVERRIDE_TTL_SECONDS);
+    await pipeline.exec();
+  }
+
+  async clear(sessionId: string): Promise<void> {
+    await this.handle.redis.del(
+      SESSION_SYSTEM_KEY(sessionId),
+      SESSION_SYSTEM_FRAGMENTS_KEY(sessionId),
+    );
+    this.logger.debug(`Cleared system override for session ${sessionId}`);
+  }
+
+  /**
+   * Merge an array of override fragments into one coherent string.
+   * If only one fragment exists, returns it as-is.
+   * For multiple fragments, calls Haiku to produce a merged instruction.
+   * Falls back to newline concatenation if the LLM call fails.
+   */
+  async condenseOverrides(fragments: string[]): Promise<string> {
+    if (fragments.length === 0) return '';
+    if (fragments.length === 1) return fragments[0]!;
+
+    const numbered = fragments.map((f, i) => `${i + 1}. ${f}`).join('\n');
+    const prompt =
+      `Merge these system prompt instructions into one coherent paragraph. ` +
+      `If instructions conflict, favor the most recently added (last in the list). ` +
+      `Be concise — output only the merged instruction, nothing else.\n\n` +
+      `Instructions (oldest first):\n${numbered}`;
+
+    const apiKey = process.env['ANTHROPIC_API_KEY'];
+    if (!apiKey) {
+      this.logger.warn('ANTHROPIC_API_KEY not set — falling back to newline concatenation');
+      return fragments.join('\n');
+    }
+
+    try {
+      const response = await fetch('https://api.anthropic.com/v1/messages', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          'x-api-key': apiKey,
+          'anthropic-version': '2023-06-01',
+        },
+        body: JSON.stringify({
+          model: 'claude-haiku-4-5-20251001',
+          max_tokens: 1024,
+          messages: [{ role: 'user', content: prompt }],
+        }),
+      });
+
+      if (!response.ok) {
+        const errorText = await response.text();
+        throw new Error(`Anthropic API error ${response.status}: ${errorText}`);
+      }
+
+      const data = (await response.json()) as {
+        content: Array<{ type: string; text: string }>;
+      };
+
+      const textBlock = data.content.find((c) => c.type === 'text');
+      if (!textBlock) {
+        throw new Error('No text block in Anthropic response');
+      }
+
+      return textBlock.text.trim();
+    } catch (err) {
+      this.logger.error(
+        `Condensation LLM call failed — falling back to newline concatenation: ${String(err)}`,
+      );
+      return fragments.join('\n');
+    }
+  }
+}
--- a/apps/gateway/src/projects/projects.controller.ts
+++ b/apps/gateway/src/projects/projects.controller.ts
@@ -2,6 +2,7 @@ import {
  Body,
  Controller,
  Delete,
+  ForbiddenException,
  Get,
  HttpCode,
  HttpStatus,
@@ -16,22 +17,25 @@ import type { Brain } from '@mosaic/brain';
 import { BRAIN } from '../brain/brain.tokens.js';
 import { AuthGuard } from '../auth/auth.guard.js';
 import { CurrentUser } from '../auth/current-user.decorator.js';
-import { assertOwner } from '../auth/resource-ownership.js';
+import { TeamsService } from '../workspace/teams.service.js';
 import { CreateProjectDto, UpdateProjectDto } from './projects.dto.js';

@Controller('api/projects')
@UseGuards(AuthGuard)
 export class ProjectsController {
-  constructor(@Inject(BRAIN) private readonly brain: Brain) {}
+  constructor(
+    @Inject(BRAIN) private readonly brain: Brain,
+    private readonly teamsService: TeamsService,
+  ) {}

  @Get()
-  async list() {
-    return this.brain.projects.findAll();
+  async list(@CurrentUser() user: { id: string }) {
+    return this.brain.projects.findAllForUser(user.id);
  }

  @Get(':id')
  async findOne(@Param('id') id: string, @CurrentUser() user: { id: string }) {
-    return this.getOwnedProject(id, user.id);
+    return this.getAccessibleProject(id, user.id);
  }

  @Post()
@@ -50,7 +54,7 @@ export class ProjectsController {
    @Body() dto: UpdateProjectDto,
    @CurrentUser() user: { id: string },
  ) {
-    await this.getOwnedProject(id, user.id);
+    await this.getAccessibleProject(id, user.id);
    const project = await this.brain.projects.update(id, dto);
    if (!project) throw new NotFoundException('Project not found');
    return project;
@@ -59,15 +63,21 @@ export class ProjectsController {
  @Delete(':id')
  @HttpCode(HttpStatus.NO_CONTENT)
  async remove(@Param('id') id: string, @CurrentUser() user: { id: string }) {
-    await this.getOwnedProject(id, user.id);
+    await this.getAccessibleProject(id, user.id);
    const deleted = await this.brain.projects.remove(id);
    if (!deleted) throw new NotFoundException('Project not found');
  }

-  private async getOwnedProject(id: string, userId: string) {
+  /**
+   * Verify the requesting user can access the project — either as the direct
+   * owner or as a member of the owning team.  Throws NotFoundException when the
+   * project does not exist and ForbiddenException when the user lacks access.
+   */
+  private async getAccessibleProject(id: string, userId: string) {
    const project = await this.brain.projects.findById(id);
    if (!project) throw new NotFoundException('Project not found');
-    assertOwner(project.ownerId, userId, 'Project');
+    const canAccess = await this.teamsService.canAccessProject(userId, id);
+    if (!canAccess) throw new ForbiddenException('Project does not belong to the current user');
    return project;
  }
 }
--- a/apps/gateway/src/projects/projects.module.ts
+++ b/apps/gateway/src/projects/projects.module.ts
@@ -1,7 +1,9 @@
 import { Module } from '@nestjs/common';
 import { ProjectsController } from './projects.controller.js';
+import { WorkspaceModule } from '../workspace/workspace.module.js';

@Module({
+  imports: [WorkspaceModule],
  controllers: [ProjectsController],
 })
 export class ProjectsModule {}
--- a/apps/gateway/src/reload/mosaic-plugin.interface.ts
+++ b/apps/gateway/src/reload/mosaic-plugin.interface.ts
@@ -0,0 +1,20 @@
+export interface MosaicPlugin {
+  /** Called when the plugin is loaded/reloaded */
+  onLoad(): Promise<void>;
+
+  /** Called before the plugin is unloaded during reload */
+  onUnload(): Promise<void>;
+
+  /** Plugin identifier for registry */
+  readonly pluginName: string;
+}
+
+export function isMosaicPlugin(obj: unknown): obj is MosaicPlugin {
+  return (
+    typeof obj === 'object' &&
+    obj !== null &&
+    typeof (obj as MosaicPlugin).onLoad === 'function' &&
+    typeof (obj as MosaicPlugin).onUnload === 'function' &&
+    typeof (obj as MosaicPlugin).pluginName === 'string'
+  );
+}
--- a/apps/gateway/src/reload/reload.controller.ts
+++ b/apps/gateway/src/reload/reload.controller.ts
@@ -0,0 +1,22 @@
+import { Controller, HttpCode, HttpStatus, Inject, Post, UseGuards } from '@nestjs/common';
+import type { SystemReloadPayload } from '@mosaic/types';
+import { AdminGuard } from '../admin/admin.guard.js';
+import { ChatGateway } from '../chat/chat.gateway.js';
+import { ReloadService } from './reload.service.js';
+
+@Controller('api/admin')
+@UseGuards(AdminGuard)
+export class ReloadController {
+  constructor(
+    @Inject(ReloadService) private readonly reloadService: ReloadService,
+    @Inject(ChatGateway) private readonly chatGateway: ChatGateway,
+  ) {}
+
+  @Post('reload')
+  @HttpCode(HttpStatus.OK)
+  async triggerReload(): Promise<SystemReloadPayload> {
+    const result = await this.reloadService.reload('rest');
+    this.chatGateway.broadcastReload(result);
+    return result;
+  }
+}
--- a/apps/gateway/src/reload/reload.module.ts
+++ b/apps/gateway/src/reload/reload.module.ts
@@ -0,0 +1,14 @@
+import { forwardRef, Module } from '@nestjs/common';
+import { AdminGuard } from '../admin/admin.guard.js';
+import { ChatModule } from '../chat/chat.module.js';
+import { CommandsModule } from '../commands/commands.module.js';
+import { ReloadController } from './reload.controller.js';
+import { ReloadService } from './reload.service.js';
+
+@Module({
+  imports: [forwardRef(() => CommandsModule), forwardRef(() => ChatModule)],
+  controllers: [ReloadController],
+  providers: [ReloadService, AdminGuard],
+  exports: [ReloadService],
+})
+export class ReloadModule {}
--- a/apps/gateway/src/reload/reload.service.spec.ts
+++ b/apps/gateway/src/reload/reload.service.spec.ts
@@ -0,0 +1,106 @@
+import { describe, expect, it, vi } from 'vitest';
+import { ReloadService } from './reload.service.js';
+
+function createMockCommandRegistry() {
+  return {
+    getManifest: vi.fn().mockReturnValue({
+      version: 1,
+      commands: [],
+      skills: [],
+    }),
+  };
+}
+
+function createService() {
+  const registry = createMockCommandRegistry();
+  const service = new ReloadService(registry as never);
+  return { service, registry };
+}
+
+describe('ReloadService', () => {
+  it('reload() calls onUnload then onLoad for registered MosaicPlugin', async () => {
+    const { service } = createService();
+
+    const callOrder: string[] = [];
+    const mockPlugin = {
+      pluginName: 'test-plugin',
+      onLoad: vi.fn().mockImplementation(() => {
+        callOrder.push('onLoad');
+        return Promise.resolve();
+      }),
+      onUnload: vi.fn().mockImplementation(() => {
+        callOrder.push('onUnload');
+        return Promise.resolve();
+      }),
+    };
+
+    service.registerPlugin('test-plugin', mockPlugin);
+    const result = await service.reload('command');
+
+    expect(mockPlugin.onUnload).toHaveBeenCalledOnce();
+    expect(mockPlugin.onLoad).toHaveBeenCalledOnce();
+    expect(callOrder).toEqual(['onUnload', 'onLoad']);
+    expect(result.message).toContain('test-plugin');
+  });
+
+  it('reload() continues if one plugin throws during onUnload', async () => {
+    const { service } = createService();
+
+    const badPlugin = {
+      pluginName: 'bad-plugin',
+      onLoad: vi.fn().mockResolvedValue(undefined),
+      onUnload: vi.fn().mockRejectedValue(new Error('unload failed')),
+    };
+
+    service.registerPlugin('bad-plugin', badPlugin);
+    const result = await service.reload('command');
+
+    expect(result.message).toContain('bad-plugin');
+    expect(result.message).toContain('unload failed');
+  });
+
+  it('reload() skips non-MosaicPlugin objects', async () => {
+    const { service } = createService();
+
+    const notAPlugin = { foo: 'bar' };
+    service.registerPlugin('not-a-plugin', notAPlugin);
+
+    // Should not throw
+    const result = await service.reload('command');
+    expect(result).toBeDefined();
+    expect(result.message).not.toContain('not-a-plugin');
+  });
+
+  it('reload() returns SystemReloadPayload with commands, skills, providers, message', async () => {
+    const { service, registry } = createService();
+    registry.getManifest.mockReturnValue({
+      version: 1,
+      commands: [
+        {
+          name: 'test',
+          description: 'test cmd',
+          aliases: [],
+          scope: 'core',
+          execution: 'socket',
+          available: true,
+        },
+      ],
+      skills: [],
+    });
+
+    const result = await service.reload('rest');
+
+    expect(result).toHaveProperty('commands');
+    expect(result).toHaveProperty('skills');
+    expect(result).toHaveProperty('providers');
+    expect(result).toHaveProperty('message');
+    expect(result.commands).toHaveLength(1);
+  });
+
+  it('registerPlugin() logs plugin registration', () => {
+    const { service } = createService();
+
+    // Should not throw and should register
+    expect(() => service.registerPlugin('my-plugin', {})).not.toThrow();
+  });
+});
--- a/apps/gateway/src/reload/reload.service.ts
+++ b/apps/gateway/src/reload/reload.service.ts
@@ -0,0 +1,92 @@
+import {
+  Inject,
+  Injectable,
+  Logger,
+  type OnApplicationBootstrap,
+  type OnApplicationShutdown,
+} from '@nestjs/common';
+import type { SystemReloadPayload } from '@mosaic/types';
+import { CommandRegistryService } from '../commands/command-registry.service.js';
+import { isMosaicPlugin } from './mosaic-plugin.interface.js';
+
+@Injectable()
+export class ReloadService implements OnApplicationBootstrap, OnApplicationShutdown {
+  private readonly logger = new Logger(ReloadService.name);
+  private readonly plugins: Map<string, unknown> = new Map();
+  private shutdownHandlerAttached = false;
+
+  constructor(
+    @Inject(CommandRegistryService) private readonly commandRegistry: CommandRegistryService,
+  ) {}
+
+  onApplicationBootstrap(): void {
+    if (!this.shutdownHandlerAttached) {
+      process.on('SIGHUP', () => {
+        this.logger.log('SIGHUP received — triggering soft reload');
+        this.reload('sighup').catch((err: unknown) => {
+          this.logger.error(`SIGHUP reload failed: ${err}`);
+        });
+      });
+      this.shutdownHandlerAttached = true;
+    }
+  }
+
+  onApplicationShutdown(): void {
+    process.removeAllListeners('SIGHUP');
+  }
+
+  registerPlugin(name: string, plugin: unknown): void {
+    this.plugins.set(name, plugin);
+    this.logger.log(`Plugin registered: ${name}`);
+  }
+
+  /**
+   * Soft reload — unload plugins, reload plugins, broadcast.
+   * Does NOT restart the HTTP server or drop connections.
+   */
+  async reload(
+    trigger: 'command' | 'rest' | 'sighup' | 'file-watch',
+  ): Promise<SystemReloadPayload> {
+    this.logger.log(`Soft reload triggered by: ${trigger}`);
+    const reloaded: string[] = [];
+    const errors: string[] = [];
+
+    // 1. Unload all registered MosaicPlugin instances
+    for (const [name, plugin] of this.plugins) {
+      if (isMosaicPlugin(plugin)) {
+        try {
+          await plugin.onUnload();
+          reloaded.push(name);
+        } catch (err) {
+          errors.push(`${name}: unload failed — ${err}`);
+        }
+      }
+    }
+
+    // 2. Reload all MosaicPlugin instances
+    for (const [name, plugin] of this.plugins) {
+      if (isMosaicPlugin(plugin)) {
+        try {
+          await plugin.onLoad();
+        } catch (err) {
+          errors.push(`${name}: load failed — ${err}`);
+        }
+      }
+    }
+
+    const manifest = this.commandRegistry.getManifest();
+
+    const errorSuffix = errors.length > 0 ? ` Errors: ${errors.join(', ')}` : '';
+    const payload: SystemReloadPayload = {
+      commands: manifest.commands,
+      skills: manifest.skills,
+      providers: [],
+      message: `Reload complete (trigger=${trigger}). Plugins reloaded: [${reloaded.join(', ')}].${errorSuffix}`,
+    };
+
+    this.logger.log(
+      `Reload complete. Reloaded: [${reloaded.join(', ')}]. Errors: ${errors.length}`,
+    );
+    return payload;
+  }
+}
--- a/apps/gateway/src/workspace/project-bootstrap.service.ts
+++ b/apps/gateway/src/workspace/project-bootstrap.service.ts
@@ -0,0 +1,98 @@
+import { Inject, Injectable, Logger } from '@nestjs/common';
+import type { Brain } from '@mosaic/brain';
+import { BRAIN } from '../brain/brain.tokens.js';
+import { PluginService } from '../plugin/plugin.service.js';
+import { WorkspaceService } from './workspace.service.js';
+
+export interface BootstrapProjectParams {
+  name: string;
+  description?: string;
+  userId: string;
+  teamId?: string;
+  repoUrl?: string;
+}
+
+export interface BootstrapProjectResult {
+  projectId: string;
+  workspacePath: string;
+}
+
+@Injectable()
+export class ProjectBootstrapService {
+  private readonly logger = new Logger(ProjectBootstrapService.name);
+
+  constructor(
+    @Inject(BRAIN) private readonly brain: Brain,
+    private readonly workspace: WorkspaceService,
+    private readonly pluginService: PluginService,
+  ) {}
+
+  /**
+   * Bootstrap a new project: create DB record + workspace directory.
+   * Returns the created project with its workspace path.
+   */
+  async bootstrap(params: BootstrapProjectParams): Promise<BootstrapProjectResult> {
+    const ownerType: 'user' | 'team' = params.teamId ? 'team' : 'user';
+
+    this.logger.log(
+      `Bootstrapping project "${params.name}" for ${ownerType} ${params.teamId ?? params.userId}`,
+    );
+
+    // 1. Create DB record
+    const project = await this.brain.projects.create({
+      name: params.name,
+      description: params.description,
+      ownerId: params.userId,
+      teamId: params.teamId ?? null,
+      ownerType,
+    });
+
+    // 2. Create workspace directory (includes docs structure)
+    const workspacePath = await this.workspace.create(
+      {
+        id: project.id,
+        ownerType,
+        userId: params.userId,
+        teamId: params.teamId ?? null,
+      },
+      params.repoUrl,
+    );
+
+    // 3. Create default agent config for the project
+    await this.brain.agents.create({
+      name: 'default',
+      provider: '',
+      model: '',
+      projectId: project.id,
+      ownerId: params.userId,
+      isSystem: false,
+      status: 'active',
+    });
+
+    // 4. Notify plugins so they can set up project-specific resources (e.g. Discord channel)
+    try {
+      for (const plugin of this.pluginService.getPlugins()) {
+        if (plugin.onProjectCreated) {
+          const result = await plugin.onProjectCreated({
+            id: project.id,
+            name: params.name,
+            description: params.description,
+          });
+          if (result?.channelId) {
+            await this.brain.projects.update(project.id, {
+              metadata: { discordChannelId: result.channelId },
+            });
+          }
+        }
+      }
+    } catch (err) {
+      this.logger.warn(
+        `Plugin project notification failed: ${err instanceof Error ? err.message : String(err)}`,
+      );
+    }
+
+    this.logger.log(`Project ${project.id} bootstrapped at ${workspacePath}`);
+
+    return { projectId: project.id, workspacePath };
+  }
+}
--- a/apps/gateway/src/workspace/teams.controller.ts
+++ b/apps/gateway/src/workspace/teams.controller.ts
@@ -0,0 +1,30 @@
+import { Controller, Get, Param, UseGuards } from '@nestjs/common';
+import { AuthGuard } from '../auth/auth.guard.js';
+import { TeamsService } from './teams.service.js';
+
+@Controller('api/teams')
+@UseGuards(AuthGuard)
+export class TeamsController {
+  constructor(private readonly teams: TeamsService) {}
+
+  @Get()
+  async list() {
+    return this.teams.findAll();
+  }
+
+  @Get(':teamId')
+  async findOne(@Param('teamId') teamId: string) {
+    return this.teams.findById(teamId);
+  }
+
+  @Get(':teamId/members')
+  async listMembers(@Param('teamId') teamId: string) {
+    return this.teams.listMembers(teamId);
+  }
+
+  @Get(':teamId/members/:userId')
+  async checkMembership(@Param('teamId') teamId: string, @Param('userId') userId: string) {
+    const isMember = await this.teams.isMember(teamId, userId);
+    return { isMember };
+  }
+}
--- a/apps/gateway/src/workspace/teams.service.ts
+++ b/apps/gateway/src/workspace/teams.service.ts
@@ -0,0 +1,73 @@
+import { Inject, Injectable, Logger } from '@nestjs/common';
+import { eq, and, type Db, teams, teamMembers, projects } from '@mosaic/db';
+import { DB } from '../database/database.module.js';
+
+@Injectable()
+export class TeamsService {
+  private readonly logger = new Logger(TeamsService.name);
+
+  constructor(@Inject(DB) private readonly db: Db) {}
+
+  /**
+   * Check if a user is a member of a team.
+   */
+  async isMember(teamId: string, userId: string): Promise<boolean> {
+    const rows = await this.db
+      .select({ id: teamMembers.id })
+      .from(teamMembers)
+      .where(and(eq(teamMembers.teamId, teamId), eq(teamMembers.userId, userId)));
+    return rows.length > 0;
+  }
+
+  /**
+   * Check project access for a user.
+   * - ownerType === 'user': project.ownerId must equal userId
+   * - ownerType === 'team': userId must be a member of project.teamId
+   */
+  async canAccessProject(userId: string, projectId: string): Promise<boolean> {
+    const rows = await this.db
+      .select({
+        id: projects.id,
+        ownerType: projects.ownerType,
+        ownerId: projects.ownerId,
+        teamId: projects.teamId,
+      })
+      .from(projects)
+      .where(eq(projects.id, projectId));
+
+    const project = rows[0];
+    if (!project) return false;
+
+    if (project.ownerType === 'user') {
+      return project.ownerId === userId;
+    }
+
+    if (project.ownerType === 'team' && project.teamId) {
+      return this.isMember(project.teamId, userId);
+    }
+
+    return false;
+  }
+
+  /**
+   * List all teams (for admin/listing endpoints).
+   */
+  async findAll() {
+    return this.db.select().from(teams);
+  }
+
+  /**
+   * Find a team by ID.
+   */
+  async findById(id: string) {
+    const rows = await this.db.select().from(teams).where(eq(teams.id, id));
+    return rows[0];
+  }
+
+  /**
+   * List members of a team.
+   */
+  async listMembers(teamId: string) {
+    return this.db.select().from(teamMembers).where(eq(teamMembers.teamId, teamId));
+  }
+}
--- a/apps/gateway/src/workspace/workspace.controller.ts
+++ b/apps/gateway/src/workspace/workspace.controller.ts
@@ -0,0 +1,30 @@
+import { Body, Controller, Post, UseGuards } from '@nestjs/common';
+import { AuthGuard } from '../auth/auth.guard.js';
+import { CurrentUser } from '../auth/current-user.decorator.js';
+import { ProjectBootstrapService } from './project-bootstrap.service.js';
+
+@Controller('api/workspaces')
+@UseGuards(AuthGuard)
+export class WorkspaceController {
+  constructor(private readonly bootstrap: ProjectBootstrapService) {}
+
+  @Post()
+  async create(
+    @CurrentUser() user: { id: string },
+    @Body()
+    body: {
+      name: string;
+      description?: string;
+      teamId?: string;
+      repoUrl?: string;
+    },
+  ) {
+    return this.bootstrap.bootstrap({
+      name: body.name,
+      description: body.description,
+      userId: user.id,
+      teamId: body.teamId,
+      repoUrl: body.repoUrl,
+    });
+  }
+}
--- a/apps/gateway/src/workspace/workspace.module.ts
+++ b/apps/gateway/src/workspace/workspace.module.ts
@@ -0,0 +1,13 @@
+import { Module } from '@nestjs/common';
+import { WorkspaceService } from './workspace.service.js';
+import { ProjectBootstrapService } from './project-bootstrap.service.js';
+import { TeamsService } from './teams.service.js';
+import { WorkspaceController } from './workspace.controller.js';
+import { TeamsController } from './teams.controller.js';
+
+@Module({
+  controllers: [WorkspaceController, TeamsController],
+  providers: [WorkspaceService, ProjectBootstrapService, TeamsService],
+  exports: [WorkspaceService, ProjectBootstrapService, TeamsService],
+})
+export class WorkspaceModule {}
--- a/apps/gateway/src/workspace/workspace.service.spec.ts
+++ b/apps/gateway/src/workspace/workspace.service.spec.ts
@@ -0,0 +1,79 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import { WorkspaceService } from './workspace.service.js';
+import path from 'node:path';
+
+describe('WorkspaceService', () => {
+  let service: WorkspaceService;
+
+  beforeEach(() => {
+    service = new WorkspaceService();
+  });
+
+  describe('resolvePath', () => {
+    it('resolves user workspace path', () => {
+      const result = service.resolvePath({
+        id: 'proj1',
+        ownerType: 'user',
+        userId: 'user1',
+        teamId: null,
+      });
+      expect(result).toContain(path.join('users', 'user1', 'proj1'));
+    });
+
+    it('resolves team workspace path', () => {
+      const result = service.resolvePath({
+        id: 'proj1',
+        ownerType: 'team',
+        userId: 'user1',
+        teamId: 'team1',
+      });
+      expect(result).toContain(path.join('teams', 'team1', 'proj1'));
+    });
+
+    it('falls back to user path when ownerType is team but teamId is null', () => {
+      const result = service.resolvePath({
+        id: 'proj1',
+        ownerType: 'team',
+        userId: 'user1',
+        teamId: null,
+      });
+      expect(result).toContain(path.join('users', 'user1', 'proj1'));
+    });
+
+    it('uses MOSAIC_ROOT env var as the base path', () => {
+      const originalRoot = process.env['MOSAIC_ROOT'];
+      process.env['MOSAIC_ROOT'] = '/custom/root';
+      const customService = new WorkspaceService();
+      const result = customService.resolvePath({
+        id: 'proj1',
+        ownerType: 'user',
+        userId: 'user1',
+        teamId: null,
+      });
+      expect(result).toMatch(/^\/custom\/root/);
+      // Restore
+      if (originalRoot === undefined) {
+        delete process.env['MOSAIC_ROOT'];
+      } else {
+        process.env['MOSAIC_ROOT'] = originalRoot;
+      }
+    });
+
+    it('defaults to /opt/mosaic when MOSAIC_ROOT is unset', () => {
+      const originalRoot = process.env['MOSAIC_ROOT'];
+      delete process.env['MOSAIC_ROOT'];
+      const defaultService = new WorkspaceService();
+      const result = defaultService.resolvePath({
+        id: 'proj2',
+        ownerType: 'user',
+        userId: 'user2',
+        teamId: null,
+      });
+      expect(result).toMatch(/^\/opt\/mosaic/);
+      // Restore
+      if (originalRoot !== undefined) {
+        process.env['MOSAIC_ROOT'] = originalRoot;
+      }
+    });
+  });
+});
--- a/apps/gateway/src/workspace/workspace.service.ts
+++ b/apps/gateway/src/workspace/workspace.service.ts
@@ -0,0 +1,116 @@
+import { Injectable, Logger } from '@nestjs/common';
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { execFile } from 'node:child_process';
+import { promisify } from 'node:util';
+
+const execFileAsync = promisify(execFile);
+
+export interface WorkspaceProject {
+  id: string;
+  ownerType: 'user' | 'team';
+  userId: string;
+  teamId: string | null;
+}
+
+@Injectable()
+export class WorkspaceService {
+  private readonly logger = new Logger(WorkspaceService.name);
+  private readonly mosaicRoot: string;
+
+  constructor() {
+    this.mosaicRoot = process.env['MOSAIC_ROOT'] ?? '/opt/mosaic';
+  }
+
+  /**
+   * Resolve the workspace path for a project.
+   * Solo: $MOSAIC_ROOT/.workspaces/users/<userId>/<projectId>/
+   * Team: $MOSAIC_ROOT/.workspaces/teams/<teamId>/<projectId>/
+   */
+  resolvePath(project: WorkspaceProject): string {
+    if (project.ownerType === 'team' && project.teamId) {
+      return path.join(this.mosaicRoot, '.workspaces', 'teams', project.teamId, project.id);
+    }
+    return path.join(this.mosaicRoot, '.workspaces', 'users', project.userId, project.id);
+  }
+
+  /**
+   * Create a workspace directory and initialize it as a git repo.
+   * If repoUrl is provided, clone instead of init.
+   */
+  async create(project: WorkspaceProject, repoUrl?: string): Promise<string> {
+    const workspacePath = this.resolvePath(project);
+
+    // Create directory
+    await fs.mkdir(workspacePath, { recursive: true });
+
+    if (repoUrl) {
+      // Clone existing repo
+      await execFileAsync('git', ['clone', repoUrl, '.'], { cwd: workspacePath });
+      this.logger.log(`Cloned ${repoUrl} into workspace ${workspacePath}`);
+    } else {
+      // Init new git repo
+      await execFileAsync('git', ['init'], { cwd: workspacePath });
+      await execFileAsync('git', ['commit', '--allow-empty', '-m', 'Initial workspace commit'], {
+        cwd: workspacePath,
+        env: {
+          ...process.env,
+          GIT_AUTHOR_NAME: 'Mosaic',
+          GIT_AUTHOR_EMAIL: 'mosaic@localhost',
+          GIT_COMMITTER_NAME: 'Mosaic',
+          GIT_COMMITTER_EMAIL: 'mosaic@localhost',
+        },
+      });
+      this.logger.log(`Initialized git workspace at ${workspacePath}`);
+    }
+
+    // Create standard docs structure
+    await fs.mkdir(path.join(workspacePath, 'docs', 'plans'), { recursive: true });
+    await fs.mkdir(path.join(workspacePath, 'docs', 'reports'), { recursive: true });
+    this.logger.log(`Created docs structure at ${workspacePath}`);
+
+    return workspacePath;
+  }
+
+  /**
+   * Delete a workspace directory recursively.
+   */
+  async delete(project: WorkspaceProject): Promise<void> {
+    const workspacePath = this.resolvePath(project);
+    try {
+      await fs.rm(workspacePath, { recursive: true, force: true });
+      this.logger.log(`Deleted workspace at ${workspacePath}`);
+    } catch (err) {
+      this.logger.warn(`Failed to delete workspace at ${workspacePath}: ${err}`);
+    }
+  }
+
+  /**
+   * Check whether the workspace directory exists.
+   */
+  async exists(project: WorkspaceProject): Promise<boolean> {
+    const workspacePath = this.resolvePath(project);
+    try {
+      await fs.access(workspacePath);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+
+  /**
+   * Create the base user workspace directory (call on user registration).
+   */
+  async createUserRoot(userId: string): Promise<void> {
+    const userRoot = path.join(this.mosaicRoot, '.workspaces', 'users', userId);
+    await fs.mkdir(userRoot, { recursive: true });
+  }
+
+  /**
+   * Create the base team workspace directory (call on team creation).
+   */
+  async createTeamRoot(teamId: string): Promise<void> {
+    const teamRoot = path.join(this.mosaicRoot, '.workspaces', 'teams', teamId);
+    await fs.mkdir(teamRoot, { recursive: true });
+  }
+}
--- a/apps/web/next.config.ts
+++ b/apps/web/next.config.ts
@@ -3,6 +3,30 @@ import type { NextConfig } from 'next';
 const nextConfig: NextConfig = {
  output: 'standalone',
  transpilePackages: ['@mosaic/design-tokens'],
+
+  // Enable gzip/brotli compression for all responses.
+  compress: true,
+
+  // Reduce bundle size: disable source maps in production builds.
+  productionBrowserSourceMaps: false,
+
+  // Image optimisation: allow the gateway origin as an external image source.
+  images: {
+    formats: ['image/avif', 'image/webp'],
+    remotePatterns: [
+      {
+        protocol: 'https',
+        hostname: '**',
+      },
+    ],
+  },
+
+  // Experimental: enable React compiler for automatic memoisation (Next 15+).
+  // Falls back gracefully if the compiler plugin is not installed.
+  experimental: {
+    // Turbopack is the default in dev for Next 15; keep it opt-in for now.
+    // turbo: {},
+  },
 };

 export default nextConfig;
--- a/apps/web/package.json
+++ b/apps/web/package.json
@@ -18,6 +18,7 @@
    "next": "^16.0.0",
    "react": "^19.0.0",
    "react-dom": "^19.0.0",
+    "react-markdown": "^10.1.0",
    "socket.io-client": "^4.8.0",
    "tailwind-merge": "^3.5.0"
  },
@@ -27,6 +28,7 @@
    "@types/node": "^22.0.0",
    "@types/react": "^19.0.0",
    "@types/react-dom": "^19.0.0",
+    "jsdom": "^29.0.0",
    "tailwindcss": "^4.0.0",
    "typescript": "^5.8.0",
    "vitest": "^2.0.0"
--- a/apps/web/src/app/(auth)/login/page.tsx
+++ b/apps/web/src/app/(auth)/login/page.tsx
@@ -1,14 +1,27 @@
 'use client';

-import { useState } from 'react';
+import { useEffect, useState } from 'react';
 import { useRouter } from 'next/navigation';
 import Link from 'next/link';
-import { signIn } from '@/lib/auth-client';
+import { api } from '@/lib/api';
+import { authClient, signIn } from '@/lib/auth-client';
+import type { SsoProviderDiscovery } from '@/lib/sso';
+import { SsoProviderButtons } from '@/components/auth/sso-provider-buttons';

 export default function LoginPage(): React.ReactElement {
  const router = useRouter();
  const [error, setError] = useState<string | null>(null);
  const [loading, setLoading] = useState(false);
+  const [ssoProviders, setSsoProviders] = useState<SsoProviderDiscovery[]>([]);
+  const [ssoLoadingProviderId, setSsoLoadingProviderId] = useState<
+    SsoProviderDiscovery['id'] | null
+  >(null);
+
+  useEffect(() => {
+    api<SsoProviderDiscovery[]>('/api/sso/providers')
+      .catch(() => [] as SsoProviderDiscovery[])
+      .then((providers) => setSsoProviders(providers.filter((provider) => provider.configured)));
+  }, []);

  async function handleSubmit(e: React.FormEvent<HTMLFormElement>): Promise<void> {
    e.preventDefault();
@@ -30,6 +43,27 @@ export default function LoginPage(): React.ReactElement {
    router.push('/chat');
  }

+  async function handleSsoSignIn(providerId: SsoProviderDiscovery['id']): Promise<void> {
+    setError(null);
+    setSsoLoadingProviderId(providerId);
+
+    try {
+      const result = await authClient.signIn.oauth2({
+        providerId,
+        callbackURL: '/chat',
+        newUserCallbackURL: '/chat',
+      });
+
+      if (result.error) {
+        setError(result.error.message ?? `Sign in with ${providerId} failed`);
+        setSsoLoadingProviderId(null);
+      }
+    } catch (err: unknown) {
+      setError(err instanceof Error ? err.message : `Sign in with ${providerId} failed`);
+      setSsoLoadingProviderId(null);
+    }
+  }
+
  return (
    <div>
      <h1 className="text-2xl font-semibold">Sign in</h1>
@@ -86,6 +120,14 @@ export default function LoginPage(): React.ReactElement {
        </button>
      </form>

+      <SsoProviderButtons
+        providers={ssoProviders}
+        loadingProviderId={ssoLoadingProviderId}
+        onOidcSignIn={(providerId) => {
+          void handleSsoSignIn(providerId);
+        }}
+      />
+
      <p className="mt-4 text-center text-sm text-text-muted">
        Don&apos;t have an account?{' '}
        <Link href="/register" className="text-blue-400 hover:text-blue-300">
--- a/apps/web/src/app/(dashboard)/chat/page.tsx
+++ b/apps/web/src/app/(dashboard)/chat/page.tsx
@@ -4,18 +4,42 @@ import { useCallback, useEffect, useRef, useState } from 'react';
 import { api } from '@/lib/api';
 import { destroySocket, getSocket } from '@/lib/socket';
 import type { Conversation, Message } from '@/lib/types';
-import { ConversationList } from '@/components/chat/conversation-list';
+import {
+  ConversationSidebar,
+  type ConversationSidebarRef,
+} from '@/components/chat/conversation-sidebar';
 import { MessageBubble } from '@/components/chat/message-bubble';
 import { ChatInput } from '@/components/chat/chat-input';
 import { StreamingMessage } from '@/components/chat/streaming-message';

+interface ModelInfo {
+  id: string;
+  provider: string;
+  name: string;
+  reasoning: boolean;
+  contextWindow: number;
+  maxTokens: number;
+  inputTypes: ('text' | 'image')[];
+  cost: { input: number; output: number; cacheRead: number; cacheWrite: number };
+}
+
+interface ProviderInfo {
+  id: string;
+  name: string;
+  available: boolean;
+  models: ModelInfo[];
+}
+
 export default function ChatPage(): React.ReactElement {
-  const [conversations, setConversations] = useState<Conversation[]>([]);
  const [activeId, setActiveId] = useState<string | null>(null);
  const [messages, setMessages] = useState<Message[]>([]);
  const [streamingText, setStreamingText] = useState('');
  const [isStreaming, setIsStreaming] = useState(false);
+  const [isSidebarOpen, setIsSidebarOpen] = useState(true);
+  const [models, setModels] = useState<ModelInfo[]>([]);
+  const [selectedModelId, setSelectedModelId] = useState('');
  const messagesEndRef = useRef<HTMLDivElement>(null);
+  const sidebarRef = useRef<ConversationSidebarRef>(null);

  // Track the active conversation ID in a ref so socket event handlers always
  // see the current value without needing to be re-registered.
@@ -26,11 +50,30 @@ export default function ChatPage(): React.ReactElement {
  // without stale-closure issues.
  const streamingTextRef = useRef('');

-  // Load conversations on mount
  useEffect(() => {
-    api<Conversation[]>('/api/conversations')
-      .then(setConversations)
-      .catch(() => {});
+    const savedState = window.localStorage.getItem('mosaic-sidebar-open');
+    if (savedState !== null) {
+      setIsSidebarOpen(savedState === 'true');
+    }
+  }, []);
+
+  useEffect(() => {
+    window.localStorage.setItem('mosaic-sidebar-open', String(isSidebarOpen));
+  }, [isSidebarOpen]);
+
+  useEffect(() => {
+    api<ProviderInfo[]>('/api/providers')
+      .then((providers) => {
+        const availableModels = providers
+          .filter((provider) => provider.available)
+          .flatMap((provider) => provider.models);
+        setModels(availableModels);
+        setSelectedModelId((current) => current || availableModels[0]?.id || '');
+      })
+      .catch(() => {
+        setModels([]);
+        setSelectedModelId('');
+      });
  }, []);

  // Load messages when active conversation changes
@@ -91,6 +134,7 @@ export default function ChatPage(): React.ReactElement {
            createdAt: new Date().toISOString(),
          },
        ]);
+        sidebarRef.current?.refresh();
      }
    }

@@ -131,54 +175,27 @@ export default function ChatPage(): React.ReactElement {
    };
  }, []);

-  const handleNewConversation = useCallback(async () => {
+  const handleNewConversation = useCallback(async (projectId?: string | null) => {
    const conv = await api<Conversation>('/api/conversations', {
      method: 'POST',
-      body: { title: 'New conversation' },
+      body: { title: 'New conversation', projectId: projectId ?? null },
    });
-    setConversations((prev) => [conv, ...prev]);
+
+    sidebarRef.current?.addConversation({
+      id: conv.id,
+      title: conv.title,
+      projectId: conv.projectId,
+      updatedAt: conv.updatedAt,
+      archived: conv.archived,
+    });
+
    setActiveId(conv.id);
    setMessages([]);
+    setIsSidebarOpen(true);
  }, []);

-  const handleRename = useCallback(async (id: string, title: string) => {
-    const updated = await api<Conversation>(`/api/conversations/${id}`, {
-      method: 'PATCH',
-      body: { title },
-    });
-    setConversations((prev) => prev.map((c) => (c.id === id ? updated : c)));
-  }, []);
-
-  const handleDelete = useCallback(
-    async (id: string) => {
-      await api<void>(`/api/conversations/${id}`, { method: 'DELETE' });
-      setConversations((prev) => prev.filter((c) => c.id !== id));
-      if (activeId === id) {
-        setActiveId(null);
-        setMessages([]);
-      }
-    },
-    [activeId],
-  );
-
-  const handleArchive = useCallback(
-    async (id: string, archived: boolean) => {
-      const updated = await api<Conversation>(`/api/conversations/${id}`, {
-        method: 'PATCH',
-        body: { archived },
-      });
-      setConversations((prev) => prev.map((c) => (c.id === id ? updated : c)));
-      // If archiving the active conversation, deselect it
-      if (archived && activeId === id) {
-        setActiveId(null);
-        setMessages([]);
-      }
-    },
-    [activeId],
-  );
-
  const handleSend = useCallback(
-    async (content: string) => {
+    async (content: string, options?: { modelId?: string }) => {
      let convId = activeId;

      // Auto-create conversation if none selected
@@ -188,26 +205,25 @@ export default function ChatPage(): React.ReactElement {
          method: 'POST',
          body: { title: autoTitle },
        });
-        setConversations((prev) => [conv, ...prev]);
+        sidebarRef.current?.addConversation({
+          id: conv.id,
+          title: conv.title,
+          projectId: conv.projectId,
+          updatedAt: conv.updatedAt,
+          archived: conv.archived,
+        });
        setActiveId(conv.id);
        convId = conv.id;
-      } else {
-        // Auto-title: if the active conversation still has the default "New
-        // conversation" title and this is the first message, update the title
-        // from the message content.
-        const activeConv = conversations.find((c) => c.id === convId);
-        if (activeConv?.title === 'New conversation' && messages.length === 0) {
+      } else if (messages.length === 0) {
+        // Auto-title the initial placeholder conversation from the first user message.
        const autoTitle = content.slice(0, 60);
        api<Conversation>(`/api/conversations/${convId}`, {
          method: 'PATCH',
          body: { title: autoTitle },
        })
-            .then((updated) => {
-              setConversations((prev) => prev.map((c) => (c.id === convId ? updated : c)));
-            })
+          .then(() => sidebarRef.current?.refresh())
          .catch(() => {});
      }
-      }

      // Optimistic user message in local UI state
      setMessages((prev) => [
@@ -237,24 +253,67 @@ export default function ChatPage(): React.ReactElement {
      if (!socket.connected) {
        socket.connect();
      }
-      socket.emit('message', { conversationId: convId, content });
+      socket.emit('message', {
+        conversationId: convId,
+        content,
+        modelId: (options?.modelId ?? selectedModelId) || undefined,
+      });
    },
-    [activeId, conversations, messages],
+    [activeId, messages, selectedModelId],
  );

  return (
-    <div className="-m-6 flex h-[calc(100vh-3.5rem)]">
-      <ConversationList
-        conversations={conversations}
-        activeId={activeId}
-        onSelect={setActiveId}
-        onNew={handleNewConversation}
-        onRename={handleRename}
-        onDelete={handleDelete}
-        onArchive={handleArchive}
+    <div
+      className="-m-6 flex h-[calc(100vh-3.5rem)] overflow-hidden"
+      style={{ background: 'var(--bg-deep, var(--color-surface-bg, #0a0f1a))' }}
+    >
+      <ConversationSidebar
+        ref={sidebarRef}
+        isOpen={isSidebarOpen}
+        onClose={() => setIsSidebarOpen(false)}
+        currentConversationId={activeId}
+        onSelectConversation={(conversationId) => {
+          setActiveId(conversationId);
+          setMessages([]);
+          if (conversationId && window.innerWidth < 768) {
+            setIsSidebarOpen(false);
+          }
+        }}
+        onNewConversation={(projectId) => {
+          void handleNewConversation(projectId);
+        }}
      />

-      <div className="flex flex-1 flex-col">
+      <div className="flex min-w-0 flex-1 flex-col">
+        <div
+          className="flex items-center gap-3 border-b px-4 py-3"
+          style={{ borderColor: 'var(--border)' }}
+        >
+          <button
+            type="button"
+            onClick={() => setIsSidebarOpen((open) => !open)}
+            className="rounded-lg border p-2 transition-colors"
+            style={{
+              borderColor: 'var(--border)',
+              background: 'var(--surface)',
+              color: 'var(--text)',
+            }}
+            aria-label={isSidebarOpen ? 'Close conversation sidebar' : 'Open conversation sidebar'}
+          >
+            <svg viewBox="0 0 24 24" className="h-4 w-4" fill="none" stroke="currentColor">
+              <path strokeWidth="2" strokeLinecap="round" d="M4 7h16M4 12h16M4 17h16" />
+            </svg>
+          </button>
+          <div>
+            <h1 className="text-sm font-semibold" style={{ color: 'var(--text)' }}>
+              Mosaic Chat
+            </h1>
+            <p className="text-xs" style={{ color: 'var(--muted)' }}>
+              {activeId ? 'Active conversation selected' : 'Choose or start a conversation'}
+            </p>
+          </div>
+        </div>
+
        {activeId ? (
          <>
            <div className="flex-1 space-y-4 overflow-y-auto p-6">
@@ -264,19 +323,36 @@ export default function ChatPage(): React.ReactElement {
              {isStreaming && <StreamingMessage text={streamingText} />}
              <div ref={messagesEndRef} />
            </div>
-            <ChatInput onSend={handleSend} disabled={isStreaming} />
+            <ChatInput
+              onSend={handleSend}
+              isStreaming={isStreaming}
+              models={models}
+              selectedModelId={selectedModelId}
+              onModelChange={setSelectedModelId}
+            />
          </>
        ) : (
-          <div className="flex flex-1 items-center justify-center">
-            <div className="text-center">
-              <h2 className="text-lg font-medium text-text-secondary">Welcome to Mosaic Chat</h2>
-              <p className="mt-1 text-sm text-text-muted">
+          <div className="flex flex-1 items-center justify-center px-6">
+            <div
+              className="max-w-md rounded-2xl border px-8 py-10 text-center"
+              style={{
+                borderColor: 'var(--border)',
+                background: 'var(--surface)',
+              }}
+            >
+              <h2 className="text-lg font-medium" style={{ color: 'var(--text)' }}>
+                Welcome to Mosaic Chat
+              </h2>
+              <p className="mt-1 text-sm" style={{ color: 'var(--muted)' }}>
                Select a conversation or start a new one
              </p>
              <button
                type="button"
-                onClick={handleNewConversation}
-                className="mt-4 rounded-lg bg-blue-600 px-4 py-2 text-sm font-medium text-white transition-colors hover:bg-blue-700"
+                onClick={() => {
+                  void handleNewConversation();
+                }}
+                className="mt-4 rounded-lg px-4 py-2 text-sm font-medium text-white transition-colors"
+                style={{ background: 'var(--primary)' }}
              >
                Start new conversation
              </button>
--- a/apps/web/src/app/(dashboard)/settings/page.tsx
+++ b/apps/web/src/app/(dashboard)/settings/page.tsx
@@ -3,6 +3,8 @@
 import { useCallback, useEffect, useState } from 'react';
 import { api } from '@/lib/api';
 import { authClient, useSession } from '@/lib/auth-client';
+import type { SsoProviderDiscovery } from '@/lib/sso';
+import { SsoProviderSection } from '@/components/settings/sso-provider-section';

 // ─── Types ────────────────────────────────────────────────────────────────────

@@ -424,7 +426,9 @@ function NotificationsTab(): React.ReactElement {

 function ProvidersTab(): React.ReactElement {
  const [providers, setProviders] = useState<ProviderInfo[]>([]);
+  const [ssoProviders, setSsoProviders] = useState<SsoProviderDiscovery[]>([]);
  const [loading, setLoading] = useState(true);
+  const [ssoLoading, setSsoLoading] = useState(true);
  const [testStatuses, setTestStatuses] = useState<Record<string, ProviderTestStatus>>({});

  useEffect(() => {
@@ -434,6 +438,13 @@ function ProvidersTab(): React.ReactElement {
      .finally(() => setLoading(false));
  }, []);

+  useEffect(() => {
+    api<SsoProviderDiscovery[]>('/api/sso/providers')
+      .catch(() => [] as SsoProviderDiscovery[])
+      .then((providers) => setSsoProviders(providers))
+      .finally(() => setSsoLoading(false));
+  }, []);
+
  const testConnection = useCallback(async (providerId: string): Promise<void> => {
    setTestStatuses((prev) => ({
      ...prev,
@@ -464,7 +475,13 @@ function ProvidersTab(): React.ReactElement {
    .find((m) => providers.find((p) => p.id === m.provider)?.available);

  return (
-    <section className="space-y-4">
+    <section className="space-y-6">
+      <div className="space-y-4">
+        <h2 className="text-lg font-medium text-text-secondary">SSO Providers</h2>
+        <SsoProviderSection providers={ssoProviders} loading={ssoLoading} />
+      </div>
+
+      <div className="space-y-4">
        <h2 className="text-lg font-medium text-text-secondary">LLM Providers</h2>
        {loading ? (
          <p className="text-sm text-text-muted">Loading providers...</p>
@@ -472,7 +489,9 @@ function ProvidersTab(): React.ReactElement {
          <div className="rounded-lg border border-surface-border bg-surface-card p-4">
            <p className="text-sm text-text-muted">
              No providers configured. Set{' '}
-            <code className="rounded bg-surface-elevated px-1 py-0.5 text-xs">OLLAMA_BASE_URL</code>{' '}
+              <code className="rounded bg-surface-elevated px-1 py-0.5 text-xs">
+                OLLAMA_BASE_URL
+              </code>{' '}
              or{' '}
              <code className="rounded bg-surface-elevated px-1 py-0.5 text-xs">
                MOSAIC_CUSTOM_PROVIDERS
@@ -493,6 +512,7 @@ function ProvidersTab(): React.ReactElement {
            ))}
          </div>
        )}
+      </div>
    </section>
  );
 }
--- a/apps/web/src/app/auth/provider/[provider]/page.tsx
+++ b/apps/web/src/app/auth/provider/[provider]/page.tsx
@@ -0,0 +1,77 @@
+'use client';
+
+import Link from 'next/link';
+import { useEffect, useState } from 'react';
+import { useParams, useSearchParams } from 'next/navigation';
+import { signIn } from '@/lib/auth-client';
+import { getSsoProvider } from '@/lib/sso-providers';
+
+export default function AuthProviderRedirectPage(): React.ReactElement {
+  const params = useParams<{ provider: string }>();
+  const searchParams = useSearchParams();
+  const providerId = typeof params.provider === 'string' ? params.provider : '';
+  const provider = getSsoProvider(providerId);
+  const callbackURL = searchParams.get('callbackURL') ?? '/chat';
+  const [error, setError] = useState<string | null>(null);
+
+  useEffect(() => {
+    const currentProvider = provider;
+
+    if (!currentProvider) {
+      setError('Unknown SSO provider.');
+      return;
+    }
+
+    if (!currentProvider.enabled) {
+      setError(`${currentProvider.buttonLabel} is not enabled in this deployment.`);
+      return;
+    }
+
+    const activeProvider = currentProvider;
+    let cancelled = false;
+
+    async function redirectToProvider(): Promise<void> {
+      const result = await signIn.oauth2({
+        providerId: activeProvider.id,
+        callbackURL,
+      });
+
+      if (!cancelled && result?.error) {
+        setError(result.error.message ?? `${activeProvider.buttonLabel} sign in failed.`);
+      }
+    }
+
+    void redirectToProvider();
+
+    return () => {
+      cancelled = true;
+    };
+  }, [callbackURL, provider]);
+
+  return (
+    <div className="mx-auto flex min-h-[50vh] max-w-md flex-col justify-center">
+      <h1 className="text-2xl font-semibold text-text-primary">Single sign-on</h1>
+      <p className="mt-2 text-sm text-text-secondary">
+        {provider
+          ? `Redirecting you to ${provider.buttonLabel.replace('Continue with ', '')}...`
+          : 'Preparing your sign-in request...'}
+      </p>
+
+      {error ? (
+        <div className="mt-6 rounded-lg border border-error/30 bg-error/10 px-4 py-3 text-sm text-error">
+          <p>{error}</p>
+          <Link
+            href="/login"
+            className="mt-3 inline-block font-medium text-blue-400 hover:text-blue-300"
+          >
+            Return to login
+          </Link>
+        </div>
+      ) : (
+        <div className="mt-6 rounded-lg border border-surface-border bg-surface-elevated px-4 py-3 text-sm text-text-secondary">
+          If the redirect does not start automatically, return to the login page and try again.
+        </div>
+      )}
+    </div>
+  );
+}
--- a/apps/web/src/app/globals.css
+++ b/apps/web/src/app/globals.css
@@ -1,101 +1,186 @@
@import 'tailwindcss';

-/*
- * Mosaic Stack design tokens mapped to Tailwind v4 theme.
- * Source: @mosaic/design-tokens (AD-13)
- * Fonts: Outfit (sans), Fira Code (mono)
- * Palette: deep blue-grays + blue/purple/teal accents
- * Default: dark theme
- */
+/* =============================================================================
+   MOSAIC DESIGN SYSTEM — Reference token system from dashboard design
+   ============================================================================= */

-@theme {
-  /* ─── Fonts ─── */
-  --font-sans: 'Outfit', system-ui, -apple-system, sans-serif;
-  --font-mono: 'Fira Code', ui-monospace, Menlo, monospace;
+/* -----------------------------------------------------------------------------
+   Primitive Tokens (Dark-first — dark is the default theme)
+   ----------------------------------------------------------------------------- */
+:root {
+  /* Mosaic design tokens — dark palette (default) */
+  --ms-bg-950: #080b12;
+  --ms-bg-900: #0f141d;
+  --ms-bg-850: #151b26;
+  --ms-surface-800: #1b2331;
+  --ms-surface-750: #232d3f;
+  --ms-border-700: #2f3b52;
+  --ms-text-100: #eef3ff;
+  --ms-text-300: #c5d0e6;
+  --ms-text-500: #8f9db7;
+  --ms-blue-500: #2f80ff;
+  --ms-blue-400: #56a0ff;
+  --ms-red-500: #e5484d;
+  --ms-red-400: #f06a6f;
+  --ms-purple-500: #8b5cf6;
+  --ms-purple-400: #a78bfa;
+  --ms-teal-500: #14b8a6;
+  --ms-teal-400: #2dd4bf;
+  --ms-amber-500: #f59e0b;
+  --ms-amber-400: #fbbf24;
+  --ms-pink-500: #ec4899;
+  --ms-emerald-500: #10b981;
+  --ms-orange-500: #f97316;
+  --ms-cyan-500: #06b6d4;
+  --ms-indigo-500: #6366f1;

-  /* ─── Neutral blue-gray scale ─── */
-  --color-gray-50: #f0f2f5;
-  --color-gray-100: #dce0e8;
-  --color-gray-200: #b8c0cc;
-  --color-gray-300: #8e99a9;
-  --color-gray-400: #6b7a8d;
-  --color-gray-500: #4e5d70;
-  --color-gray-600: #3b4859;
-  --color-gray-700: #2a3544;
-  --color-gray-800: #1c2433;
-  --color-gray-900: #111827;
-  --color-gray-950: #0a0f1a;
+  /* Semantic aliases — dark theme is default */
+  --bg: var(--ms-bg-900);
+  --bg-deep: var(--ms-bg-950);
+  --bg-mid: var(--ms-bg-850);
+  --surface: var(--ms-surface-800);
+  --surface-2: var(--ms-surface-750);
+  --border: var(--ms-border-700);
+  --text: var(--ms-text-100);
+  --text-2: var(--ms-text-300);
+  --muted: var(--ms-text-500);
+  --primary: var(--ms-blue-500);
+  --primary-l: var(--ms-blue-400);
+  --danger: var(--ms-red-500);
+  --success: var(--ms-teal-500);
+  --warn: var(--ms-amber-500);
+  --purple: var(--ms-purple-500);

-  /* ─── Primary — blue ─── */
-  --color-blue-50: #eff4ff;
-  --color-blue-100: #dae5ff;
-  --color-blue-200: #bdd1ff;
-  --color-blue-300: #8fb4ff;
-  --color-blue-400: #5b8bff;
-  --color-blue-500: #3b6cf7;
-  --color-blue-600: #2551e0;
-  --color-blue-700: #1d40c0;
-  --color-blue-800: #1e369c;
-  --color-blue-900: #1e317b;
-  --color-blue-950: #162050;
+  /* Typography */
+  --font: var(--font-outfit, 'Outfit'), system-ui, sans-serif;
+  --mono: var(--font-fira-code, 'Fira Code'), 'Cascadia Code', monospace;

-  /* ─── Accent — purple ─── */
-  --color-purple-50: #f3f0ff;
-  --color-purple-100: #e7dfff;
-  --color-purple-200: #d2c3ff;
-  --color-purple-300: #b49aff;
-  --color-purple-400: #9466ff;
-  --color-purple-500: #7c3aed;
-  --color-purple-600: #6d28d9;
-  --color-purple-700: #5b21b6;
-  --color-purple-800: #4c1d95;
-  --color-purple-900: #3b1578;
-  --color-purple-950: #230d4d;
+  /* Radius scale */
+  --r: 8px;
+  --r-sm: 5px;
+  --r-lg: 12px;
+  --r-xl: 16px;

-  /* ─── Accent — teal ─── */
-  --color-teal-50: #effcf9;
-  --color-teal-100: #d0f7ef;
-  --color-teal-200: #a4eddf;
-  --color-teal-300: #6fddcb;
-  --color-teal-400: #3ec5b2;
-  --color-teal-500: #25aa99;
-  --color-teal-600: #1c897e;
-  --color-teal-700: #1b6e66;
-  --color-teal-800: #1a5853;
-  --color-teal-900: #194945;
-  --color-teal-950: #082d2b;
+  /* Layout dimensions */
+  --sidebar-w: 260px;
+  --topbar-h: 56px;
+  --terminal-h: 220px;

-  /* ─── Semantic surface tokens ─── */
-  --color-surface-bg: #0a0f1a;
-  --color-surface-card: #111827;
-  --color-surface-elevated: #1c2433;
-  --color-surface-border: #2a3544;
+  /* Easing */
+  --ease: cubic-bezier(0.16, 1, 0.3, 1);

-  /* ─── Semantic text tokens ─── */
-  --color-text-primary: #f0f2f5;
-  --color-text-secondary: #8e99a9;
-  --color-text-muted: #6b7a8d;
-
-  /* ─── Status colors ─── */
-  --color-success: #22c55e;
-  --color-warning: #f59e0b;
-  --color-error: #ef4444;
-  --color-info: #3b82f6;
-
-  /* ─── Sidebar width ─── */
-  --spacing-sidebar: 16rem;
+  /* Legacy shadow tokens (retained for component compat) */
+  --shadow-sm: 0 1px 2px 0 rgb(0 0 0 / 0.3);
+  --shadow-md: 0 4px 6px -1px rgb(0 0 0 / 0.4), 0 2px 4px -2px rgb(0 0 0 / 0.3);
+  --shadow-lg: 0 10px 15px -3px rgb(0 0 0 / 0.5), 0 4px 6px -4px rgb(0 0 0 / 0.4);
 }

-/* ─── Base styles ─── */
-body {
-  background-color: var(--color-surface-bg);
-  color: var(--color-text-primary);
-  font-family: var(--font-sans);
+[data-theme='light'] {
+  --ms-bg-950: #f8faff;
+  --ms-bg-900: #f0f4fc;
+  --ms-bg-850: #e8edf8;
+  --ms-surface-800: #dde4f2;
+  --ms-surface-750: #d0d9ec;
+  --ms-border-700: #b8c4de;
+  --ms-text-100: #0f141d;
+  --ms-text-300: #2f3b52;
+  --ms-text-500: #5a6a87;
+  --bg: var(--ms-bg-900);
+  --bg-deep: var(--ms-bg-950);
+  --bg-mid: var(--ms-bg-850);
+  --surface: var(--ms-surface-800);
+  --surface-2: var(--ms-surface-750);
+  --border: var(--ms-border-700);
+  --text: var(--ms-text-100);
+  --text-2: var(--ms-text-300);
+  --muted: var(--ms-text-500);
+  --shadow-sm: 0 1px 2px 0 rgb(0 0 0 / 0.05), 0 1px 3px 0 rgb(0 0 0 / 0.05);
+  --shadow-md: 0 4px 6px -1px rgb(0 0 0 / 0.08), 0 2px 4px -2px rgb(0 0 0 / 0.06);
+  --shadow-lg: 0 10px 15px -3px rgb(0 0 0 / 0.1), 0 4px 6px -4px rgb(0 0 0 / 0.08);
+}
+
+@theme {
+  --font-sans: var(--font);
+  --font-mono: var(--mono);
+  --color-surface-bg: var(--bg);
+  --color-surface-card: var(--surface);
+  --color-surface-elevated: var(--surface-2);
+  --color-surface-border: var(--border);
+  --color-text-primary: var(--text);
+  --color-text-secondary: var(--text-2);
+  --color-text-muted: var(--muted);
+  --color-accent: var(--primary);
+  --color-success: var(--success);
+  --color-warning: var(--warn);
+  --color-error: var(--danger);
+  --color-info: var(--primary-l);
+  --spacing-sidebar: var(--sidebar-w);
+}
+
+*,
+*::before,
+*::after {
+  box-sizing: border-box;
+}
+
+html {
+  font-size: 15px;
+  font-feature-settings: 'cv02', 'cv03', 'cv04', 'cv11';
  -webkit-font-smoothing: antialiased;
  -moz-osx-font-smoothing: grayscale;
 }

-/* ─── Scrollbar styling ─── */
+body {
+  font-family: var(--font);
+  background: var(--bg);
+  color: var(--text);
+  line-height: 1.5;
+}
+
+a {
+  color: inherit;
+  text-decoration: none;
+}
+
+button {
+  font-family: inherit;
+  cursor: pointer;
+  border: none;
+  background: none;
+  color: inherit;
+}
+
+input,
+select,
+textarea {
+  font-family: inherit;
+}
+
+ul {
+  list-style: none;
+}
+
+body::before {
+  content: '';
+  position: fixed;
+  inset: 0;
+  pointer-events: none;
+  z-index: 9999;
+  background-image: url("data:image/svg+xml,%3Csvg viewBox='0 0 200 200' xmlns='http://www.w3.org/2000/svg'%3E%3Cfilter id='n'%3E%3CfeTurbulence type='fractalNoise' baseFrequency='0.9' numOctaves='4' stitchTiles='stitch'/%3E%3C/filter%3E%3Crect width='100%25' height='100%25' filter='url(%23n)' opacity='1'/%3E%3C/svg%3E");
+  opacity: 0.025;
+}
+
+@layer base {
+  :focus-visible {
+    outline: 2px solid var(--ms-blue-400);
+    outline-offset: 2px;
+  }
+
+  :focus:not(:focus-visible) {
+    outline: none;
+  }
+}
+
 ::-webkit-scrollbar {
  width: 6px;
  height: 6px;
@@ -106,10 +191,96 @@ body {
 }

 ::-webkit-scrollbar-thumb {
-  background: var(--color-gray-600);
+  background: var(--border);
  border-radius: 3px;
 }

 ::-webkit-scrollbar-thumb:hover {
-  background: var(--color-gray-500);
+  background: var(--muted);
+}
+
+* {
+  scrollbar-width: thin;
+  scrollbar-color: var(--border) transparent;
+}
+
+.app-shell {
+  display: grid;
+  grid-template-columns: var(--sidebar-w) 1fr;
+  grid-template-rows: var(--topbar-h) 1fr;
+  height: 100vh;
+  overflow: hidden;
+}
+
+.app-header {
+  grid-column: 1 / -1;
+  grid-row: 1;
+  background: var(--bg-deep);
+  border-bottom: 1px solid var(--border);
+  display: flex;
+  align-items: center;
+  padding: 0 20px;
+  gap: 12px;
+  z-index: 100;
+}
+
+.app-sidebar {
+  grid-column: 1;
+  grid-row: 2;
+  background: var(--bg-deep);
+  border-right: 1px solid var(--border);
+  display: flex;
+  flex-direction: column;
+  overflow: hidden;
+}
+
+.app-main {
+  grid-column: 2;
+  grid-row: 2;
+  background: var(--bg);
+  display: flex;
+  flex-direction: column;
+  overflow: hidden;
+  position: relative;
+}
+
+@media (max-width: 767px) {
+  .app-shell {
+    grid-template-columns: 1fr;
+  }
+
+  .app-sidebar {
+    position: fixed;
+    left: 0;
+    top: var(--topbar-h);
+    bottom: 0;
+    width: 240px;
+    z-index: 150;
+    transform: translateX(-100%);
+    transition: transform 0.2s ease;
+  }
+
+  .app-sidebar[data-mobile-open='true'] {
+    transform: translateX(0);
+  }
+
+  .app-main,
+  .app-header {
+    grid-column: 1;
+  }
+}
+
+@media (min-width: 768px) and (max-width: 1023px) {
+  .app-shell[data-sidebar-hidden='true'] {
+    grid-template-columns: 1fr;
+  }
+
+  .app-shell[data-sidebar-hidden='true'] .app-sidebar {
+    display: none;
+  }
+
+  .app-shell[data-sidebar-hidden='true'] .app-main,
+  .app-shell[data-sidebar-hidden='true'] .app-header {
+    grid-column: 1;
+  }
 }
--- a/apps/web/src/app/layout.tsx
+++ b/apps/web/src/app/layout.tsx
@@ -1,30 +1,41 @@
+import type { Metadata } from 'next';
 import type { ReactNode } from 'react';
-import { Outfit, Fira_Code } from 'next/font/google';
+import { ThemeProvider } from '@/providers/theme-provider';
 import './globals.css';

-const outfit = Outfit({
-  subsets: ['latin'],
-  variable: '--font-sans',
-  display: 'swap',
-  weight: ['300', '400', '500', '600', '700'],
-});
-
-const firaCode = Fira_Code({
-  subsets: ['latin'],
-  variable: '--font-mono',
-  display: 'swap',
-  weight: ['400', '500', '700'],
-});
-
-export const metadata = {
+export const metadata: Metadata = {
  title: 'Mosaic',
  description: 'Mosaic Stack Dashboard',
 };

+function themeScript(): string {
+  return `
+    (function () {
+      try {
+        var theme = window.localStorage.getItem('mosaic-theme') || 'dark';
+        document.documentElement.setAttribute('data-theme', theme === 'light' ? 'light' : 'dark');
+      } catch (error) {
+        document.documentElement.setAttribute('data-theme', 'dark');
+      }
+    })();
+  `;
+}
+
 export default function RootLayout({ children }: { children: ReactNode }): React.ReactElement {
  return (
-    <html lang="en" className={`dark ${outfit.variable} ${firaCode.variable}`}>
-      <body>{children}</body>
+    <html lang="en" suppressHydrationWarning>
+      <head>
+        <link rel="preconnect" href="https://fonts.googleapis.com" />
+        <link rel="preconnect" href="https://fonts.gstatic.com" crossOrigin="anonymous" />
+        <link
+          rel="stylesheet"
+          href="https://fonts.googleapis.com/css2?family=Outfit:wght@300;400;500;600;700&family=Fira+Code:wght@400;500&display=swap"
+        />
+        <script dangerouslySetInnerHTML={{ __html: themeScript() }} />
+      </head>
+      <body>
+        <ThemeProvider>{children}</ThemeProvider>
+      </body>
    </html>
  );
 }
--- a/apps/web/src/components/auth/sso-provider-buttons.spec.tsx
+++ b/apps/web/src/components/auth/sso-provider-buttons.spec.tsx
@@ -0,0 +1,45 @@
+import React from 'react';
+import { describe, expect, it, vi } from 'vitest';
+import { renderToStaticMarkup } from 'react-dom/server';
+import { SsoProviderButtons } from './sso-provider-buttons.js';
+
+describe('SsoProviderButtons', () => {
+  it('renders OIDC sign-in buttons and SAML fallback links', () => {
+    const html = renderToStaticMarkup(
+      <SsoProviderButtons
+        providers={[
+          {
+            id: 'workos',
+            name: 'WorkOS',
+            protocols: ['oidc'],
+            configured: true,
+            loginMode: 'oidc',
+            callbackPath: '/api/auth/oauth2/callback/workos',
+            teamSync: { enabled: true, claim: 'organization_id' },
+            samlFallback: { configured: false, loginUrl: null },
+            warnings: [],
+          },
+          {
+            id: 'keycloak',
+            name: 'Keycloak',
+            protocols: ['oidc', 'saml'],
+            configured: true,
+            loginMode: 'saml',
+            callbackPath: null,
+            teamSync: { enabled: true, claim: 'groups' },
+            samlFallback: {
+              configured: true,
+              loginUrl: 'https://sso.example.com/realms/mosaic/protocol/saml',
+            },
+            warnings: [],
+          },
+        ]}
+        onOidcSignIn={vi.fn()}
+      />,
+    );
+
+    expect(html).toContain('Continue with WorkOS');
+    expect(html).toContain('Continue with Keycloak (SAML)');
+    expect(html).toContain('https://sso.example.com/realms/mosaic/protocol/saml');
+  });
+});
--- a/apps/web/src/components/auth/sso-provider-buttons.tsx
+++ b/apps/web/src/components/auth/sso-provider-buttons.tsx
@@ -0,0 +1,55 @@
+import React from 'react';
+import type { SsoProviderDiscovery } from '@/lib/sso';
+
+interface SsoProviderButtonsProps {
+  providers: SsoProviderDiscovery[];
+  loadingProviderId?: string | null;
+  onOidcSignIn: (providerId: SsoProviderDiscovery['id']) => void;
+}
+
+export function SsoProviderButtons({
+  providers,
+  loadingProviderId = null,
+  onOidcSignIn,
+}: SsoProviderButtonsProps): React.ReactElement | null {
+  const visibleProviders = providers.filter((provider) => provider.configured);
+
+  if (visibleProviders.length === 0) {
+    return null;
+  }
+
+  return (
+    <div className="mt-6 space-y-3 border-t border-surface-border pt-6">
+      <p className="text-sm font-medium text-text-secondary">Single sign-on</p>
+      <div className="space-y-3">
+        {visibleProviders.map((provider) => {
+          if (provider.loginMode === 'saml' && provider.samlFallback.loginUrl) {
+            return (
+              <a
+                key={provider.id}
+                href={provider.samlFallback.loginUrl}
+                className="flex w-full items-center justify-center rounded-lg border border-surface-border bg-surface-elevated px-4 py-2.5 text-sm font-medium text-text-primary transition-colors hover:border-accent/50 hover:text-accent"
+              >
+                Continue with {provider.name} (SAML)
+              </a>
+            );
+          }
+
+          return (
+            <button
+              key={provider.id}
+              type="button"
+              disabled={loadingProviderId === provider.id}
+              onClick={() => onOidcSignIn(provider.id)}
+              className="flex w-full items-center justify-center rounded-lg border border-surface-border bg-surface-elevated px-4 py-2.5 text-sm font-medium text-text-primary transition-colors hover:border-accent/50 hover:text-accent disabled:opacity-50"
+            >
+              {loadingProviderId === provider.id
+                ? `Redirecting to ${provider.name}...`
+                : `Continue with ${provider.name}`}
+            </button>
+          );
+        })}
+      </div>
+    </div>
+  );
+}
--- a/apps/web/src/components/chat/chat-input.tsx
+++ b/apps/web/src/components/chat/chat-input.tsx
@@ -1,52 +1,192 @@
 'use client';

-import { useRef, useState } from 'react';
+import { useEffect, useMemo, useRef, useState } from 'react';
+import type { ModelInfo } from '@/lib/types';

 interface ChatInputProps {
-  onSend: (content: string) => void;
-  disabled?: boolean;
+  onSend: (content: string, options?: { modelId?: string }) => void;
+  onStop?: () => void;
+  isStreaming?: boolean;
+  models: ModelInfo[];
+  selectedModelId: string;
+  onModelChange: (modelId: string) => void;
+  onRequestEditLastMessage?: () => string | null;
 }

-export function ChatInput({ onSend, disabled }: ChatInputProps): React.ReactElement {
+const MAX_HEIGHT = 220;
+
+export function ChatInput({
+  onSend,
+  onStop,
+  isStreaming = false,
+  models,
+  selectedModelId,
+  onModelChange,
+  onRequestEditLastMessage,
+}: ChatInputProps): React.ReactElement {
  const [value, setValue] = useState('');
  const textareaRef = useRef<HTMLTextAreaElement>(null);
+  const selectedModel = useMemo(
+    () => models.find((model) => model.id === selectedModelId) ?? models[0],
+    [models, selectedModelId],
+  );

-  function handleSubmit(e: React.FormEvent): void {
-    e.preventDefault();
+  useEffect(() => {
+    const textarea = textareaRef.current;
+    if (!textarea) return;
+    textarea.style.height = 'auto';
+    textarea.style.height = `${Math.min(textarea.scrollHeight, MAX_HEIGHT)}px`;
+  }, [value]);
+
+  useEffect(() => {
+    function handleGlobalFocus(event: KeyboardEvent): void {
+      if (
+        (event.metaKey || event.ctrlKey) &&
+        (event.key === '/' || event.key.toLowerCase() === 'k')
+      ) {
+        const target = event.target as HTMLElement | null;
+        if (target?.closest('input, textarea, [contenteditable="true"]')) return;
+        event.preventDefault();
+        textareaRef.current?.focus();
+      }
+    }
+
+    document.addEventListener('keydown', handleGlobalFocus);
+    return () => document.removeEventListener('keydown', handleGlobalFocus);
+  }, []);
+
+  function handleSubmit(event: React.FormEvent): void {
+    event.preventDefault();
    const trimmed = value.trim();
-    if (!trimmed || disabled) return;
-    onSend(trimmed);
+    if (!trimmed || isStreaming) return;
+    onSend(trimmed, { modelId: selectedModel?.id });
    setValue('');
    textareaRef.current?.focus();
  }

-  function handleKeyDown(e: React.KeyboardEvent<HTMLTextAreaElement>): void {
-    if (e.key === 'Enter' && !e.shiftKey) {
-      e.preventDefault();
-      handleSubmit(e);
+  function handleKeyDown(event: React.KeyboardEvent<HTMLTextAreaElement>): void {
+    if (event.key === 'Enter' && (event.metaKey || event.ctrlKey)) {
+      event.preventDefault();
+      handleSubmit(event);
+      return;
+    }
+
+    if (event.key === 'ArrowUp' && value.length === 0 && onRequestEditLastMessage) {
+      const lastMessage = onRequestEditLastMessage();
+      if (lastMessage) {
+        event.preventDefault();
+        setValue(lastMessage);
+      }
    }
  }

+  const charCount = value.length;
+  const tokenEstimate = Math.ceil(charCount / 4);
+
  return (
-    <form onSubmit={handleSubmit} className="border-t border-surface-border bg-surface-card p-4">
+    <form
+      onSubmit={handleSubmit}
+      className="border-t px-4 py-4 backdrop-blur-xl md:px-6"
+      style={{
+        backgroundColor: 'color-mix(in srgb, var(--color-surface) 88%, transparent)',
+        borderColor: 'var(--color-border)',
+      }}
+    >
+      <div
+        className="rounded-[28px] border p-3 shadow-[var(--shadow-ms-lg)]"
+        style={{
+          backgroundColor: 'var(--color-surface-2)',
+          borderColor: 'var(--color-border)',
+        }}
+      >
+        <div className="mb-3 flex flex-wrap items-center gap-3">
+          <label className="flex min-w-0 items-center gap-2 text-xs text-[var(--color-muted)]">
+            <span className="uppercase tracking-[0.18em]">Model</span>
+            <select
+              value={selectedModelId}
+              onChange={(event) => onModelChange(event.target.value)}
+              className="rounded-full border px-3 py-1.5 text-sm outline-none"
+              style={{
+                backgroundColor: 'var(--color-surface)',
+                borderColor: 'var(--color-border)',
+                color: 'var(--color-text)',
+              }}
+            >
+              {models.map((model) => (
+                <option key={`${model.provider}:${model.id}`} value={model.id}>
+                  {model.name} · {model.provider}
+                </option>
+              ))}
+            </select>
+          </label>
+          <div className="ml-auto hidden items-center gap-2 text-xs text-[var(--color-muted)] md:flex">
+            <span className="rounded-full border border-[var(--color-border)] px-2 py-1">
+              ⌘/ focus
+            </span>
+            <span className="rounded-full border border-[var(--color-border)] px-2 py-1">
+              ⌘K focus
+            </span>
+            <span className="rounded-full border border-[var(--color-border)] px-2 py-1">
+              ⌘↵ send
+            </span>
+          </div>
+        </div>
+
        <div className="flex items-end gap-3">
          <textarea
            ref={textareaRef}
            value={value}
-          onChange={(e) => setValue(e.target.value)}
+            onChange={(event) => setValue(event.target.value)}
            onKeyDown={handleKeyDown}
-          disabled={disabled}
+            disabled={isStreaming}
            rows={1}
-          placeholder="Type a message... (Enter to send, Shift+Enter for newline)"
-          className="max-h-32 min-h-[2.5rem] flex-1 resize-none rounded-lg border border-surface-border bg-surface-elevated px-3 py-2 text-sm text-text-primary placeholder:text-text-muted focus:border-blue-500 focus:outline-none focus:ring-1 focus:ring-blue-500 disabled:opacity-50"
+            placeholder="Ask Mosaic something..."
+            className="min-h-[3.25rem] flex-1 resize-none bg-transparent px-1 py-2 text-sm outline-none placeholder:text-[var(--color-muted)] disabled:opacity-60"
+            style={{
+              color: 'var(--color-text)',
+              maxHeight: `${MAX_HEIGHT}px`,
+            }}
          />
+
+          {isStreaming ? (
+            <button
+              type="button"
+              onClick={onStop}
+              className="inline-flex h-11 items-center gap-2 rounded-full border px-4 text-sm font-medium transition-colors"
+              style={{
+                backgroundColor: 'var(--color-surface)',
+                borderColor: 'var(--color-border)',
+                color: 'var(--color-text)',
+              }}
+            >
+              <span className="inline-block h-2.5 w-2.5 rounded-sm bg-[var(--color-danger)]" />
+              Stop
+            </button>
+          ) : (
            <button
              type="submit"
-          disabled={disabled || !value.trim()}
-          className="rounded-lg bg-blue-600 px-4 py-2 text-sm font-medium text-white transition-colors hover:bg-blue-700 disabled:opacity-50"
+              disabled={!value.trim()}
+              className="inline-flex h-11 items-center gap-2 rounded-full px-4 text-sm font-semibold text-white transition-all disabled:cursor-not-allowed disabled:opacity-45"
+              style={{ backgroundColor: 'var(--color-ms-blue-500)' }}
            >
-          Send
+              <span>Send</span>
+              <span aria-hidden="true">↗</span>
            </button>
+          )}
+        </div>
+
+        <div className="mt-3 flex flex-wrap items-center gap-2 text-xs text-[var(--color-muted)]">
+          <span>{charCount.toLocaleString()} chars</span>
+          <span>·</span>
+          <span>~{tokenEstimate.toLocaleString()} tokens</span>
+          {selectedModel ? (
+            <>
+              <span>·</span>
+              <span>{selectedModel.reasoning ? 'Reasoning on' : 'Fast response'}</span>
+            </>
+          ) : null}
+          <span className="ml-auto">Shift+Enter newline · Arrow ↑ edit last</span>
+        </div>
      </div>
    </form>
  );
--- a/apps/web/src/components/chat/conversation-list.tsx
+++ b/apps/web/src/components/chat/conversation-list.tsx
@@ -7,6 +7,8 @@ import type { Conversation } from '@/lib/types';
 interface ConversationListProps {
  conversations: Conversation[];
  activeId: string | null;
+  isOpen: boolean;
+  onClose: () => void;
  onSelect: (id: string) => void;
  onNew: () => void;
  onRename: (id: string, title: string) => void;
@@ -20,7 +22,6 @@ interface ContextMenuState {
  y: number;
 }

-/** Format a date as relative time (e.g. "2h ago", "Yesterday"). */
 function formatRelativeTime(dateStr: string): string {
  const date = new Date(dateStr);
  const now = new Date();
@@ -40,6 +41,8 @@ function formatRelativeTime(dateStr: string): string {
 export function ConversationList({
  conversations,
  activeId,
+  isOpen,
+  onClose,
  onSelect,
  onNew,
  onRename,
@@ -54,24 +57,24 @@ export function ConversationList({
  const [showArchived, setShowArchived] = useState(false);
  const renameInputRef = useRef<HTMLInputElement>(null);

-  const activeConversations = conversations.filter((c) => !c.archived);
-  const archivedConversations = conversations.filter((c) => c.archived);
+  const activeConversations = conversations.filter((conversation) => !conversation.archived);
+  const archivedConversations = conversations.filter((conversation) => conversation.archived);

  const filteredActive = searchQuery
-    ? activeConversations.filter((c) =>
-        (c.title ?? 'Untitled').toLowerCase().includes(searchQuery.toLowerCase()),
+    ? activeConversations.filter((conversation) =>
+        (conversation.title ?? 'Untitled').toLowerCase().includes(searchQuery.toLowerCase()),
      )
    : activeConversations;

  const filteredArchived = searchQuery
-    ? archivedConversations.filter((c) =>
-        (c.title ?? 'Untitled').toLowerCase().includes(searchQuery.toLowerCase()),
+    ? archivedConversations.filter((conversation) =>
+        (conversation.title ?? 'Untitled').toLowerCase().includes(searchQuery.toLowerCase()),
      )
    : archivedConversations;

-  const handleContextMenu = useCallback((e: React.MouseEvent, conversationId: string) => {
-    e.preventDefault();
-    setContextMenu({ conversationId, x: e.clientX, y: e.clientY });
+  const handleContextMenu = useCallback((event: React.MouseEvent, conversationId: string) => {
+    event.preventDefault();
+    setContextMenu({ conversationId, x: event.clientX, y: event.clientY });
    setDeleteConfirmId(null);
  }, []);

@@ -97,7 +100,7 @@ export function ConversationList({
    }
    setRenamingId(null);
    setRenameValue('');
-  }, [renamingId, renameValue, onRename]);
+  }, [onRename, renameValue, renamingId]);

  const cancelRename = useCallback(() => {
    setRenamingId(null);
@@ -105,24 +108,20 @@ export function ConversationList({
  }, []);

  const handleRenameKeyDown = useCallback(
-    (e: React.KeyboardEvent<HTMLInputElement>) => {
-      if (e.key === 'Enter') commitRename();
-      if (e.key === 'Escape') cancelRename();
+    (event: React.KeyboardEvent<HTMLInputElement>) => {
+      if (event.key === 'Enter') commitRename();
+      if (event.key === 'Escape') cancelRename();
    },
-    [commitRename, cancelRename],
+    [cancelRename, commitRename],
  );

-  const handleDeleteClick = useCallback((id: string) => {
-    setDeleteConfirmId(id);
-  }, []);
-
  const confirmDelete = useCallback(
    (id: string) => {
      onDelete(id);
      setDeleteConfirmId(null);
      closeContextMenu();
    },
-    [onDelete, closeContextMenu],
+    [closeContextMenu, onDelete],
  );

  const handleArchiveToggle = useCallback(
@@ -130,47 +129,59 @@ export function ConversationList({
      onArchive(id, archived);
      closeContextMenu();
    },
-    [onArchive, closeContextMenu],
+    [closeContextMenu, onArchive],
  );

-  const contextConv = contextMenu
-    ? conversations.find((c) => c.id === contextMenu.conversationId)
+  const contextConversation = contextMenu
+    ? conversations.find((conversation) => conversation.id === contextMenu.conversationId)
    : null;

-  function renderConversationItem(conv: Conversation): React.ReactElement {
-    const isActive = activeId === conv.id;
-    const isRenaming = renamingId === conv.id;
+  function renderConversationItem(conversation: Conversation): React.ReactElement {
+    const isActive = activeId === conversation.id;
+    const isRenaming = renamingId === conversation.id;

    return (
-      <div key={conv.id} className="group relative">
+      <div key={conversation.id} className="group relative">
        {isRenaming ? (
          <div className="px-3 py-2">
            <input
              ref={renameInputRef}
              value={renameValue}
-              onChange={(e) => setRenameValue(e.target.value)}
+              onChange={(event) => setRenameValue(event.target.value)}
              onBlur={commitRename}
              onKeyDown={handleRenameKeyDown}
-              className="w-full rounded border border-blue-500 bg-surface-elevated px-2 py-0.5 text-sm text-text-primary outline-none"
+              className="w-full rounded-xl border px-3 py-2 text-sm outline-none"
+              style={{
+                borderColor: 'var(--color-ms-blue-500)',
+                backgroundColor: 'var(--color-surface-2)',
+                color: 'var(--color-text)',
+              }}
              maxLength={255}
            />
          </div>
        ) : (
          <button
            type="button"
-            onClick={() => onSelect(conv.id)}
-            onDoubleClick={() => startRename(conv.id, conv.title)}
-            onContextMenu={(e) => handleContextMenu(e, conv.id)}
+            onClick={() => {
+              onSelect(conversation.id);
+              if (window.innerWidth < 768) onClose();
+            }}
+            onDoubleClick={() => startRename(conversation.id, conversation.title)}
+            onContextMenu={(event) => handleContextMenu(event, conversation.id)}
            className={cn(
-              'w-full px-3 py-2 text-left text-sm transition-colors',
-              isActive
-                ? 'bg-blue-600/20 text-blue-400'
-                : 'text-text-secondary hover:bg-surface-elevated',
+              'w-full rounded-2xl px-3 py-2 text-left text-sm transition-colors',
+              isActive ? 'shadow-[var(--shadow-ms-sm)]' : 'hover:bg-white/5',
            )}
+            style={{
+              backgroundColor: isActive
+                ? 'color-mix(in srgb, var(--color-ms-blue-500) 22%, transparent)'
+                : 'transparent',
+              color: isActive ? 'var(--color-text)' : 'var(--color-text-2)',
+            }}
          >
-            <span className="block truncate">{conv.title ?? 'Untitled'}</span>
-            <span className="block text-xs text-text-muted">
-              {formatRelativeTime(conv.updatedAt)}
+            <span className="block truncate font-medium">{conversation.title ?? 'Untitled'}</span>
+            <span className="block text-xs text-[var(--color-muted)]">
+              {formatRelativeTime(conversation.updatedAt)}
            </span>
          </button>
        )}
@@ -180,127 +191,138 @@ export function ConversationList({

  return (
    <>
-      {/* Backdrop to close context menu */}
-      {contextMenu && (
-        <div className="fixed inset-0 z-10" onClick={closeContextMenu} aria-hidden="true" />
-      )}
+      {isOpen ? (
+        <button
+          type="button"
+          className="fixed inset-0 z-20 bg-black/45 md:hidden"
+          onClick={onClose}
+          aria-label="Close conversation sidebar"
+        />
+      ) : null}

-      <div className="flex h-full w-64 flex-col border-r border-surface-border bg-surface-card">
-        {/* Header */}
-        <div className="flex items-center justify-between p-3">
-          <h2 className="text-sm font-medium text-text-secondary">Conversations</h2>
+      {contextMenu ? (
+        <div className="fixed inset-0 z-10" onClick={closeContextMenu} aria-hidden="true" />
+      ) : null}
+
+      <div
+        className={cn(
+          'fixed inset-y-0 left-0 z-30 flex h-full w-[18.5rem] flex-col border-r px-3 py-3 transition-transform duration-200 md:static md:z-auto',
+          isOpen
+            ? 'translate-x-0'
+            : '-translate-x-full md:w-0 md:min-w-0 md:overflow-hidden md:border-r-0 md:px-0 md:py-0',
+        )}
+        style={{
+          backgroundColor: 'var(--color-surface)',
+          borderColor: 'var(--color-border)',
+        }}
+      >
+        <div className="flex items-center justify-between px-1 pb-3">
+          <h2 className="text-sm font-medium text-[var(--color-text-2)]">Conversations</h2>
          <button
            type="button"
            onClick={onNew}
-            className="rounded-md px-2 py-1 text-xs text-blue-400 transition-colors hover:bg-surface-elevated"
+            className="rounded-full px-3 py-1 text-xs transition-colors hover:bg-white/5"
+            style={{ color: 'var(--color-ms-blue-400)' }}
          >
            + New
          </button>
        </div>

-        {/* Search input */}
-        <div className="px-3 pb-2">
+        <div className="pb-3">
          <input
            type="search"
            value={searchQuery}
-            onChange={(e) => setSearchQuery(e.target.value)}
-            placeholder="Search conversations\u2026"
-            className="w-full rounded-md border border-surface-border bg-surface-elevated px-3 py-1.5 text-xs text-text-primary placeholder:text-text-muted focus:border-blue-500 focus:outline-none"
+            onChange={(event) => setSearchQuery(event.target.value)}
+            placeholder="Search conversations…"
+            className="w-full rounded-2xl border px-3 py-2 text-xs placeholder:text-[var(--color-muted)] focus:outline-none"
+            style={{
+              backgroundColor: 'var(--color-surface-2)',
+              borderColor: 'var(--color-border)',
+              color: 'var(--color-text)',
+            }}
          />
        </div>

-        {/* Conversation list */}
-        <div className="flex-1 overflow-y-auto">
-          {filteredActive.length === 0 && !searchQuery && (
-            <p className="px-3 py-2 text-xs text-text-muted">No conversations yet</p>
-          )}
-          {filteredActive.length === 0 && searchQuery && (
-            <p className="px-3 py-2 text-xs text-text-muted">
-              No results for &ldquo;{searchQuery}&rdquo;
+        <div className="flex-1 overflow-y-auto space-y-1">
+          {filteredActive.length === 0 && !searchQuery ? (
+            <p className="px-1 py-2 text-xs text-[var(--color-muted)]">No conversations yet</p>
+          ) : null}
+          {filteredActive.length === 0 && searchQuery ? (
+            <p className="px-1 py-2 text-xs text-[var(--color-muted)]">
+              No results for “{searchQuery}”
            </p>
-          )}
-          {filteredActive.map((conv) => renderConversationItem(conv))}
+          ) : null}
+          {filteredActive.map((conversation) => renderConversationItem(conversation))}

-          {/* Archived section */}
-          {archivedConversations.length > 0 && (
-            <div className="mt-2">
+          {archivedConversations.length > 0 ? (
+            <div className="pt-2">
              <button
                type="button"
-                onClick={() => setShowArchived((v) => !v)}
-                className="flex w-full items-center gap-1 px-3 py-1 text-xs text-text-muted transition-colors hover:text-text-secondary"
+                onClick={() => setShowArchived((prev) => !prev)}
+                className="flex w-full items-center gap-2 px-1 py-1 text-xs text-[var(--color-muted)] transition-colors hover:text-[var(--color-text-2)]"
              >
                <span
-                  className={cn(
-                    'inline-block transition-transform',
-                    showArchived ? 'rotate-90' : '',
-                  )}
+                  className={cn('inline-block transition-transform', showArchived && 'rotate-90')}
                >
-                  &#9658;
+                  ▶
                </span>
                Archived ({archivedConversations.length})
              </button>
-              {showArchived && (
-                <div className="opacity-60">
-                  {filteredArchived.map((conv) => renderConversationItem(conv))}
+              {showArchived ? (
+                <div className="mt-1 space-y-1 opacity-70">
+                  {filteredArchived.map((conversation) => renderConversationItem(conversation))}
                </div>
-              )}
+              ) : null}
            </div>
-          )}
+          ) : null}
        </div>
      </div>

-      {/* Context menu */}
-      {contextMenu && contextConv && (
+      {contextMenu && contextConversation ? (
        <div
-          className="fixed z-20 min-w-36 rounded-md border border-surface-border bg-surface-card py-1 shadow-lg"
-          style={{ top: contextMenu.y, left: contextMenu.x }}
+          className="fixed z-30 min-w-40 rounded-2xl border py-1 shadow-[var(--shadow-ms-lg)]"
+          style={{
+            top: contextMenu.y,
+            left: contextMenu.x,
+            backgroundColor: 'var(--color-surface)',
+            borderColor: 'var(--color-border)',
+          }}
        >
          <button
            type="button"
-            className="w-full px-3 py-1.5 text-left text-sm text-text-secondary hover:bg-surface-elevated"
-            onClick={() => startRename(contextConv.id, contextConv.title)}
+            className="w-full px-3 py-2 text-left text-sm text-[var(--color-text-2)] transition-colors hover:bg-white/5"
+            onClick={() => startRename(contextConversation.id, contextConversation.title)}
          >
            Rename
          </button>
          <button
            type="button"
-            className="w-full px-3 py-1.5 text-left text-sm text-text-secondary hover:bg-surface-elevated"
-            onClick={() => handleArchiveToggle(contextConv.id, !contextConv.archived)}
+            className="w-full px-3 py-2 text-left text-sm text-[var(--color-text-2)] transition-colors hover:bg-white/5"
+            onClick={() =>
+              handleArchiveToggle(contextConversation.id, !contextConversation.archived)
+            }
          >
-            {contextConv.archived ? 'Unarchive' : 'Archive'}
+            {contextConversation.archived ? 'Restore' : 'Archive'}
          </button>
-          <hr className="my-1 border-surface-border" />
-          {deleteConfirmId === contextConv.id ? (
-            <div className="px-3 py-1.5">
-              <p className="mb-1.5 text-xs text-red-400">Delete this conversation?</p>
-              <div className="flex gap-2">
+          {deleteConfirmId === contextConversation.id ? (
            <button
              type="button"
-                  className="rounded bg-red-600 px-2 py-0.5 text-xs text-white hover:bg-red-700"
-                  onClick={() => confirmDelete(contextConv.id)}
+              className="w-full px-3 py-2 text-left text-sm text-[var(--color-danger)] transition-colors hover:bg-white/5"
+              onClick={() => confirmDelete(contextConversation.id)}
            >
-                  Delete
+              Confirm delete
            </button>
-                <button
-                  type="button"
-                  className="rounded px-2 py-0.5 text-xs text-text-muted hover:bg-surface-elevated"
-                  onClick={() => setDeleteConfirmId(null)}
-                >
-                  Cancel
-                </button>
-              </div>
-            </div>
          ) : (
            <button
              type="button"
-              className="w-full px-3 py-1.5 text-left text-sm text-red-400 hover:bg-surface-elevated"
-              onClick={() => handleDeleteClick(contextConv.id)}
+              className="w-full px-3 py-2 text-left text-sm text-[var(--color-danger)] transition-colors hover:bg-white/5"
+              onClick={() => setDeleteConfirmId(contextConversation.id)}
            >
-              Delete
+              Delete…
            </button>
          )}
        </div>
-      )}
+      ) : null}
    </>
  );
 }
--- a/apps/web/src/components/chat/conversation-sidebar.tsx
+++ b/apps/web/src/components/chat/conversation-sidebar.tsx
@@ -0,0 +1,576 @@
+'use client';
+
+import {
+  forwardRef,
+  useCallback,
+  useEffect,
+  useImperativeHandle,
+  useMemo,
+  useRef,
+  useState,
+} from 'react';
+import { api } from '@/lib/api';
+import type { Conversation, Project } from '@/lib/types';
+
+export interface ConversationSummary {
+  id: string;
+  title: string | null;
+  projectId: string | null;
+  updatedAt: string;
+  archived?: boolean;
+}
+
+export interface ConversationSidebarRef {
+  refresh: () => void;
+  addConversation: (conversation: ConversationSummary) => void;
+}
+
+interface ConversationSidebarProps {
+  isOpen: boolean;
+  onClose: () => void;
+  currentConversationId: string | null;
+  onSelectConversation: (conversationId: string | null) => void;
+  onNewConversation: (projectId?: string | null) => void;
+}
+
+interface GroupedConversations {
+  key: string;
+  label: string;
+  projectId: string | null;
+  conversations: ConversationSummary[];
+}
+
+function toSummary(conversation: Conversation): ConversationSummary {
+  return {
+    id: conversation.id,
+    title: conversation.title,
+    projectId: conversation.projectId,
+    updatedAt: conversation.updatedAt,
+    archived: conversation.archived,
+  };
+}
+
+function formatRelativeTime(dateStr: string): string {
+  const date = new Date(dateStr);
+  const now = new Date();
+  const diffMs = now.getTime() - date.getTime();
+  const diffMinutes = Math.floor(diffMs / 60_000);
+  const diffHours = Math.floor(diffMs / 3_600_000);
+  const diffDays = Math.floor(diffMs / 86_400_000);
+
+  if (diffMinutes < 1) return 'Just now';
+  if (diffMinutes < 60) return `${diffMinutes}m ago`;
+  if (diffHours < 24) return `${diffHours}h ago`;
+  if (diffDays === 1) return 'Yesterday';
+  if (diffDays < 7) return `${diffDays}d ago`;
+
+  return date.toLocaleDateString(undefined, { month: 'short', day: 'numeric' });
+}
+
+export const ConversationSidebar = forwardRef<ConversationSidebarRef, ConversationSidebarProps>(
+  function ConversationSidebar(
+    { isOpen, onClose, currentConversationId, onSelectConversation, onNewConversation },
+    ref,
+  ): React.ReactElement {
+    const [conversations, setConversations] = useState<ConversationSummary[]>([]);
+    const [projects, setProjects] = useState<Project[]>([]);
+    const [searchQuery, setSearchQuery] = useState('');
+    const [isLoading, setIsLoading] = useState(true);
+    const [error, setError] = useState<string | null>(null);
+    const [renamingId, setRenamingId] = useState<string | null>(null);
+    const [renameValue, setRenameValue] = useState('');
+    const [pendingDeleteId, setPendingDeleteId] = useState<string | null>(null);
+    const [hoveredId, setHoveredId] = useState<string | null>(null);
+    const renameInputRef = useRef<HTMLInputElement>(null);
+
+    const loadSidebarData = useCallback(async (): Promise<void> => {
+      try {
+        setIsLoading(true);
+        setError(null);
+
+        const [loadedConversations, loadedProjects] = await Promise.all([
+          api<Conversation[]>('/api/conversations'),
+          api<Project[]>('/api/projects').catch(() => [] as Project[]),
+        ]);
+
+        setConversations(
+          loadedConversations
+            .filter((conversation) => !conversation.archived)
+            .map(toSummary)
+            .sort((a, b) => Date.parse(b.updatedAt) - Date.parse(a.updatedAt)),
+        );
+        setProjects(loadedProjects);
+      } catch (err) {
+        setError(err instanceof Error ? err.message : 'Failed to load conversations');
+      } finally {
+        setIsLoading(false);
+      }
+    }, []);
+
+    useEffect(() => {
+      void loadSidebarData();
+    }, [loadSidebarData]);
+
+    useEffect(() => {
+      if (!renamingId) return;
+      const timer = window.setTimeout(() => renameInputRef.current?.focus(), 0);
+      return () => window.clearTimeout(timer);
+    }, [renamingId]);
+
+    useImperativeHandle(
+      ref,
+      () => ({
+        refresh: () => {
+          void loadSidebarData();
+        },
+        addConversation: (conversation) => {
+          setConversations((prev) => {
+            const next = [conversation, ...prev.filter((item) => item.id !== conversation.id)];
+            return next.sort((a, b) => Date.parse(b.updatedAt) - Date.parse(a.updatedAt));
+          });
+        },
+      }),
+      [loadSidebarData],
+    );
+
+    const filteredConversations = useMemo(() => {
+      const query = searchQuery.trim().toLowerCase();
+      if (!query) return conversations;
+
+      return conversations.filter((conversation) =>
+        (conversation.title ?? 'Untitled conversation').toLowerCase().includes(query),
+      );
+    }, [conversations, searchQuery]);
+
+    const groupedConversations = useMemo<GroupedConversations[]>(() => {
+      if (projects.length === 0) {
+        return [
+          {
+            key: 'all',
+            label: 'All conversations',
+            projectId: null,
+            conversations: filteredConversations,
+          },
+        ];
+      }
+
+      const byProject = new Map<string | null, ConversationSummary[]>();
+      for (const conversation of filteredConversations) {
+        const key = conversation.projectId ?? null;
+        const items = byProject.get(key) ?? [];
+        items.push(conversation);
+        byProject.set(key, items);
+      }
+
+      const groups: GroupedConversations[] = [];
+
+      for (const project of projects) {
+        const projectConversations = byProject.get(project.id);
+        if (!projectConversations?.length) continue;
+
+        groups.push({
+          key: project.id,
+          label: project.name,
+          projectId: project.id,
+          conversations: projectConversations,
+        });
+      }
+
+      const ungrouped = byProject.get(null);
+      if (ungrouped?.length) {
+        groups.push({
+          key: 'general',
+          label: 'General',
+          projectId: null,
+          conversations: ungrouped,
+        });
+      }
+
+      if (groups.length === 0) {
+        groups.push({
+          key: 'all',
+          label: 'All conversations',
+          projectId: null,
+          conversations: filteredConversations,
+        });
+      }
+
+      return groups;
+    }, [filteredConversations, projects]);
+
+    const startRename = useCallback((conversation: ConversationSummary): void => {
+      setPendingDeleteId(null);
+      setRenamingId(conversation.id);
+      setRenameValue(conversation.title ?? '');
+    }, []);
+
+    const cancelRename = useCallback((): void => {
+      setRenamingId(null);
+      setRenameValue('');
+    }, []);
+
+    const commitRename = useCallback(async (): Promise<void> => {
+      if (!renamingId) return;
+
+      const title = renameValue.trim() || 'Untitled conversation';
+
+      try {
+        const updated = await api<Conversation>(`/api/conversations/${renamingId}`, {
+          method: 'PATCH',
+          body: { title },
+        });
+
+        const summary = toSummary(updated);
+        setConversations((prev) =>
+          prev
+            .map((conversation) => (conversation.id === renamingId ? summary : conversation))
+            .sort((a, b) => Date.parse(b.updatedAt) - Date.parse(a.updatedAt)),
+        );
+      } catch (err) {
+        setError(err instanceof Error ? err.message : 'Failed to rename conversation');
+      } finally {
+        setRenamingId(null);
+        setRenameValue('');
+      }
+    }, [renameValue, renamingId]);
+
+    const deleteConversation = useCallback(
+      async (conversationId: string): Promise<void> => {
+        try {
+          await api<void>(`/api/conversations/${conversationId}`, { method: 'DELETE' });
+          setConversations((prev) =>
+            prev.filter((conversation) => conversation.id !== conversationId),
+          );
+          if (currentConversationId === conversationId) {
+            onSelectConversation(null);
+          }
+        } catch (err) {
+          setError(err instanceof Error ? err.message : 'Failed to delete conversation');
+        } finally {
+          setPendingDeleteId(null);
+        }
+      },
+      [currentConversationId, onSelectConversation],
+    );
+
+    return (
+      <>
+        {isOpen ? (
+          <button
+            type="button"
+            aria-label="Close conversation sidebar"
+            className="fixed inset-0 z-30 bg-black/50 md:hidden"
+            onClick={onClose}
+          />
+        ) : null}
+
+        <aside
+          aria-label="Conversation sidebar"
+          className="fixed left-0 top-0 z-40 flex h-full flex-col border-r md:relative md:z-0"
+          style={{
+            width: 'var(--sidebar-w)',
+            background: 'var(--bg)',
+            borderColor: 'var(--border)',
+            transform: isOpen ? 'translateX(0)' : 'translateX(calc(-1 * var(--sidebar-w)))',
+            transition: 'transform 220ms var(--ease)',
+          }}
+        >
+          <div
+            className="flex items-center justify-between border-b px-4 py-3"
+            style={{ borderColor: 'var(--border)' }}
+          >
+            <div>
+              <p className="text-sm font-semibold" style={{ color: 'var(--text)' }}>
+                Conversations
+              </p>
+              <p className="text-xs" style={{ color: 'var(--muted)' }}>
+                Search, rename, and manage threads
+              </p>
+            </div>
+            <button
+              type="button"
+              onClick={onClose}
+              className="rounded-md p-2 md:hidden"
+              style={{ color: 'var(--text-2)' }}
+            >
+              <svg viewBox="0 0 24 24" className="h-4 w-4" fill="none" stroke="currentColor">
+                <path strokeWidth="2" strokeLinecap="round" d="M6 6l12 12M18 6 6 18" />
+              </svg>
+            </button>
+          </div>
+
+          <div className="space-y-3 border-b p-3" style={{ borderColor: 'var(--border)' }}>
+            <button
+              type="button"
+              onClick={() => onNewConversation(null)}
+              className="flex w-full items-center justify-center gap-2 rounded-lg border px-3 py-2 text-sm font-medium transition-colors"
+              style={{
+                borderColor: 'var(--primary)',
+                background: 'color-mix(in srgb, var(--primary) 12%, transparent)',
+                color: 'var(--text)',
+              }}
+            >
+              <svg viewBox="0 0 24 24" className="h-4 w-4" fill="none" stroke="currentColor">
+                <path strokeWidth="2" strokeLinecap="round" d="M12 5v14M5 12h14" />
+              </svg>
+              New conversation
+            </button>
+
+            <div className="relative">
+              <svg
+                viewBox="0 0 24 24"
+                className="pointer-events-none absolute left-3 top-1/2 h-4 w-4 -translate-y-1/2"
+                fill="none"
+                stroke="currentColor"
+                style={{ color: 'var(--muted)' }}
+              >
+                <circle cx="11" cy="11" r="7" strokeWidth="2" />
+                <path d="m20 20-3.5-3.5" strokeWidth="2" strokeLinecap="round" />
+              </svg>
+              <input
+                type="search"
+                value={searchQuery}
+                onChange={(event) => setSearchQuery(event.target.value)}
+                placeholder="Search conversations"
+                className="w-full rounded-lg border px-9 py-2 text-sm outline-none"
+                style={{
+                  background: 'var(--surface)',
+                  borderColor: 'var(--border)',
+                  color: 'var(--text)',
+                }}
+              />
+            </div>
+          </div>
+
+          <div className="flex-1 overflow-y-auto p-3">
+            {isLoading ? (
+              <div className="py-8 text-center text-sm" style={{ color: 'var(--muted)' }}>
+                Loading conversations...
+              </div>
+            ) : error ? (
+              <div
+                className="space-y-3 rounded-xl border p-4 text-sm"
+                style={{
+                  background: 'color-mix(in srgb, var(--danger) 10%, var(--surface))',
+                  borderColor: 'color-mix(in srgb, var(--danger) 35%, var(--border))',
+                  color: 'var(--text)',
+                }}
+              >
+                <p>{error}</p>
+                <button
+                  type="button"
+                  onClick={() => void loadSidebarData()}
+                  className="rounded-md px-3 py-1.5 text-xs font-medium"
+                  style={{ background: 'var(--danger)', color: 'white' }}
+                >
+                  Retry
+                </button>
+              </div>
+            ) : filteredConversations.length === 0 ? (
+              <div className="py-10 text-center">
+                <p className="text-sm" style={{ color: 'var(--text-2)' }}>
+                  {searchQuery ? 'No matching conversations' : 'No conversations yet'}
+                </p>
+                <p className="mt-1 text-xs" style={{ color: 'var(--muted)' }}>
+                  {searchQuery ? 'Try another title search.' : 'Start a new conversation to begin.'}
+                </p>
+              </div>
+            ) : (
+              <div className="space-y-4">
+                {groupedConversations.map((group) => (
+                  <section key={group.key} className="space-y-2">
+                    {projects.length > 0 ? (
+                      <div className="flex items-center justify-between px-1">
+                        <h3
+                          className="text-[11px] font-semibold uppercase tracking-[0.16em]"
+                          style={{ color: 'var(--muted)' }}
+                        >
+                          {group.label}
+                        </h3>
+                        <button
+                          type="button"
+                          onClick={() => onNewConversation(group.projectId)}
+                          className="rounded-md px-2 py-1 text-[11px] font-medium"
+                          style={{ color: 'var(--ms-blue-500)' }}
+                        >
+                          New
+                        </button>
+                      </div>
+                    ) : null}
+
+                    <div className="space-y-1">
+                      {group.conversations.map((conversation) => {
+                        const isActive = currentConversationId === conversation.id;
+                        const isRenaming = renamingId === conversation.id;
+                        const showActions =
+                          hoveredId === conversation.id ||
+                          isRenaming ||
+                          pendingDeleteId === conversation.id;
+
+                        return (
+                          <div
+                            key={conversation.id}
+                            onMouseEnter={() => setHoveredId(conversation.id)}
+                            onMouseLeave={() =>
+                              setHoveredId((current) =>
+                                current === conversation.id ? null : current,
+                              )
+                            }
+                            className="rounded-xl border p-2 transition-colors"
+                            style={{
+                              borderColor: isActive
+                                ? 'color-mix(in srgb, var(--primary) 60%, var(--border))'
+                                : 'transparent',
+                              background: isActive ? 'var(--surface-2)' : 'transparent',
+                            }}
+                          >
+                            {isRenaming ? (
+                              <input
+                                ref={renameInputRef}
+                                value={renameValue}
+                                onChange={(event) => setRenameValue(event.target.value)}
+                                onBlur={() => void commitRename()}
+                                onKeyDown={(event) => {
+                                  if (event.key === 'Enter') {
+                                    event.preventDefault();
+                                    void commitRename();
+                                  }
+                                  if (event.key === 'Escape') {
+                                    event.preventDefault();
+                                    cancelRename();
+                                  }
+                                }}
+                                maxLength={255}
+                                className="w-full rounded-md border px-2 py-1.5 text-sm outline-none"
+                                style={{
+                                  background: 'var(--surface)',
+                                  borderColor: 'var(--ms-blue-500)',
+                                  color: 'var(--text)',
+                                }}
+                              />
+                            ) : (
+                              <button
+                                type="button"
+                                onClick={() => onSelectConversation(conversation.id)}
+                                className="block w-full text-left"
+                              >
+                                <div className="flex items-start gap-2">
+                                  <div className="min-w-0 flex-1">
+                                    <p
+                                      className="truncate text-sm font-medium"
+                                      style={{
+                                        color: isActive ? 'var(--text)' : 'var(--text-2)',
+                                      }}
+                                    >
+                                      {conversation.title ?? 'Untitled conversation'}
+                                    </p>
+                                    <p className="mt-1 text-xs" style={{ color: 'var(--muted)' }}>
+                                      {formatRelativeTime(conversation.updatedAt)}
+                                    </p>
+                                  </div>
+
+                                  {showActions ? (
+                                    <div className="flex items-center gap-1">
+                                      <button
+                                        type="button"
+                                        onClick={(event) => {
+                                          event.stopPropagation();
+                                          startRename(conversation);
+                                        }}
+                                        className="rounded-md p-1.5 transition-colors"
+                                        style={{ color: 'var(--text-2)' }}
+                                        aria-label={`Rename ${conversation.title ?? 'conversation'}`}
+                                      >
+                                        <svg
+                                          viewBox="0 0 24 24"
+                                          className="h-3.5 w-3.5"
+                                          fill="none"
+                                          stroke="currentColor"
+                                        >
+                                          <path
+                                            d="M4 20h4l10.5-10.5a1.4 1.4 0 0 0 0-2L16.5 5.5a1.4 1.4 0 0 0-2 0L4 16v4Z"
+                                            strokeWidth="1.8"
+                                            strokeLinejoin="round"
+                                          />
+                                        </svg>
+                                      </button>
+                                      <button
+                                        type="button"
+                                        onClick={(event) => {
+                                          event.stopPropagation();
+                                          setPendingDeleteId((current) =>
+                                            current === conversation.id ? null : conversation.id,
+                                          );
+                                          setRenamingId(null);
+                                        }}
+                                        className="rounded-md p-1.5 transition-colors"
+                                        style={{ color: 'var(--danger)' }}
+                                        aria-label={`Delete ${conversation.title ?? 'conversation'}`}
+                                      >
+                                        <svg
+                                          viewBox="0 0 24 24"
+                                          className="h-3.5 w-3.5"
+                                          fill="none"
+                                          stroke="currentColor"
+                                        >
+                                          <path
+                                            d="M4 7h16M10 11v6M14 11v6M6 7l1 12h10l1-12M9 7V4h6v3"
+                                            strokeWidth="1.8"
+                                            strokeLinecap="round"
+                                            strokeLinejoin="round"
+                                          />
+                                        </svg>
+                                      </button>
+                                    </div>
+                                  ) : null}
+                                </div>
+                              </button>
+                            )}
+
+                            {pendingDeleteId === conversation.id ? (
+                              <div
+                                className="mt-2 flex items-center justify-between rounded-lg border px-2 py-2"
+                                style={{
+                                  borderColor:
+                                    'color-mix(in srgb, var(--danger) 45%, var(--border))',
+                                  background:
+                                    'color-mix(in srgb, var(--danger) 10%, var(--surface))',
+                                }}
+                              >
+                                <p className="text-xs" style={{ color: 'var(--text-2)' }}>
+                                  Delete this conversation?
+                                </p>
+                                <div className="flex items-center gap-2">
+                                  <button
+                                    type="button"
+                                    onClick={() => setPendingDeleteId(null)}
+                                    className="rounded-md px-2 py-1 text-xs"
+                                    style={{ color: 'var(--text-2)' }}
+                                  >
+                                    Cancel
+                                  </button>
+                                  <button
+                                    type="button"
+                                    onClick={() => void deleteConversation(conversation.id)}
+                                    className="rounded-md px-2 py-1 text-xs font-medium"
+                                    style={{ background: 'var(--danger)', color: 'white' }}
+                                  >
+                                    Delete
+                                  </button>
+                                </div>
+                              </div>
+                            ) : null}
+                          </div>
+                        );
+                      })}
+                    </div>
+                  </section>
+                ))}
+              </div>
+            )}
+          </div>
+        </aside>
+      </>
+    );
+  },
+);
--- a/apps/web/src/components/chat/message-bubble.tsx
+++ b/apps/web/src/components/chat/message-bubble.tsx
@@ -1,5 +1,7 @@
 'use client';

+import { useCallback, useMemo, useState } from 'react';
+import ReactMarkdown from 'react-markdown';
 import { cn } from '@/lib/cn';
 import type { Message } from '@/lib/types';

@@ -9,27 +11,261 @@ interface MessageBubbleProps {

 export function MessageBubble({ message }: MessageBubbleProps): React.ReactElement {
  const isUser = message.role === 'user';
+  const isSystem = message.role === 'system';
+  const [copied, setCopied] = useState(false);
+  const [thinkingExpanded, setThinkingExpanded] = useState(false);
+  const { response, thinking } = useMemo(
+    () => parseThinking(message.content, message.thinking),
+    [message.content, message.thinking],
+  );
+
+  const handleCopy = useCallback(async (): Promise<void> => {
+    try {
+      await navigator.clipboard.writeText(response);
+      setCopied(true);
+      window.setTimeout(() => setCopied(false), 1800);
+    } catch (error) {
+      console.error('[MessageBubble] Failed to copy message:', error);
+    }
+  }, [response]);
+
+  if (isSystem) {
+    return (
+      <div className="flex justify-center">
+        <div
+          className="max-w-[42rem] rounded-full border px-3 py-1.5 text-xs backdrop-blur-sm"
+          style={{
+            borderColor: 'var(--color-border)',
+            backgroundColor: 'color-mix(in srgb, var(--color-surface) 70%, transparent)',
+            color: 'var(--color-muted)',
+          }}
+        >
+          <span>{response}</span>
+        </div>
+      </div>
+    );
+  }

  return (
-    <div className={cn('flex', isUser ? 'justify-end' : 'justify-start')}>
+    <div className={cn('group flex', isUser ? 'justify-end' : 'justify-start')}>
      <div
        className={cn(
-          'max-w-[75%] rounded-xl px-4 py-3 text-sm',
-          isUser
-            ? 'bg-blue-600 text-white'
-            : 'border border-surface-border bg-surface-elevated text-text-primary',
+          'flex max-w-[min(78ch,85%)] flex-col gap-2',
+          isUser ? 'items-end' : 'items-start',
        )}
      >
-        <div className="whitespace-pre-wrap break-words">{message.content}</div>
-        <div
-          className={cn('mt-1 text-right text-xs', isUser ? 'text-blue-200' : 'text-text-muted')}
+        <div className={cn('flex items-center gap-2 text-[11px]', isUser && 'flex-row-reverse')}>
+          <span className="font-medium text-[var(--color-text-2)]">
+            {isUser ? 'You' : 'Assistant'}
+          </span>
+          {!isUser && message.model ? (
+            <span
+              className="rounded-full border px-2 py-0.5 font-medium text-[var(--color-text-2)]"
+              style={{
+                backgroundColor: 'color-mix(in srgb, var(--color-surface-2) 82%, transparent)',
+                borderColor: 'var(--color-border)',
+              }}
+              title={message.provider ? `Provider: ${message.provider}` : undefined}
            >
-          {new Date(message.createdAt).toLocaleTimeString([], {
-            hour: '2-digit',
-            minute: '2-digit',
-          })}
+              {message.model}
+            </span>
+          ) : null}
+          {!isUser && typeof message.totalTokens === 'number' && message.totalTokens > 0 ? (
+            <span
+              className="rounded-full border px-2 py-0.5 text-[var(--color-muted)]"
+              style={{ borderColor: 'var(--color-border)' }}
+            >
+              {formatTokenCount(message.totalTokens)}
+            </span>
+          ) : null}
+          <span className="text-[var(--color-muted)]">{formatTimestamp(message.createdAt)}</span>
+        </div>
+
+        {thinking && !isUser ? (
+          <div
+            className="w-full overflow-hidden rounded-2xl border"
+            style={{
+              backgroundColor: 'color-mix(in srgb, var(--color-surface-2) 88%, transparent)',
+              borderColor: 'var(--color-border)',
+            }}
+          >
+            <button
+              type="button"
+              onClick={() => setThinkingExpanded((prev) => !prev)}
+              className="flex w-full items-center gap-2 px-3 py-2 text-left text-xs font-medium text-[var(--color-text-2)] transition-colors hover:bg-black/5"
+              aria-expanded={thinkingExpanded}
+            >
+              <span
+                className={cn(
+                  'inline-block text-[10px] transition-transform',
+                  thinkingExpanded && 'rotate-90',
+                )}
+              >
+                ▶
+              </span>
+              <span>Chain of thought</span>
+              <span className="ml-auto text-[var(--color-muted)]">
+                {thinkingExpanded ? 'Hide' : 'Show'}
+              </span>
+            </button>
+            {thinkingExpanded ? (
+              <pre
+                className="overflow-x-auto border-t px-3 py-3 font-mono text-xs leading-6 whitespace-pre-wrap"
+                style={{
+                  borderColor: 'var(--color-border)',
+                  backgroundColor: 'var(--color-bg-deep)',
+                  color: 'var(--color-text-2)',
+                }}
+              >
+                {thinking}
+              </pre>
+            ) : null}
+          </div>
+        ) : null}
+
+        <div
+          className={cn(
+            'relative w-full rounded-3xl px-4 py-3 text-sm shadow-[var(--shadow-ms-sm)]',
+            !isUser && 'border',
+          )}
+          style={{
+            backgroundColor: isUser ? 'var(--color-ms-blue-500)' : 'var(--color-surface)',
+            color: isUser ? '#fff' : 'var(--color-text)',
+            borderColor: isUser ? 'transparent' : 'var(--color-border)',
+          }}
+        >
+          <div className="max-w-none">
+            <ReactMarkdown
+              components={{
+                p: ({ children }) => <p className="mb-3 leading-7 last:mb-0">{children}</p>,
+                ul: ({ children }) => <ul className="mb-3 list-disc pl-5 last:mb-0">{children}</ul>,
+                ol: ({ children }) => (
+                  <ol className="mb-3 list-decimal pl-5 last:mb-0">{children}</ol>
+                ),
+                li: ({ children }) => <li className="mb-1">{children}</li>,
+                a: ({ href, children }) => (
+                  <a
+                    href={href}
+                    className="font-medium underline underline-offset-4"
+                    target="_blank"
+                    rel="noreferrer"
+                  >
+                    {children}
+                  </a>
+                ),
+                pre: ({ children }) => <div className="mb-3 last:mb-0">{children}</div>,
+                code: ({ className, children, ...props }) => {
+                  const language = className?.replace('language-', '');
+                  const content = String(children).replace(/\n$/, '');
+                  const isInline = !className;
+
+                  if (isInline) {
+                    return (
+                      <code
+                        className="rounded-md px-1.5 py-0.5 font-mono text-[0.9em]"
+                        style={{
+                          backgroundColor:
+                            'color-mix(in srgb, var(--color-bg-deep) 76%, transparent)',
+                        }}
+                        {...props}
+                      >
+                        {children}
+                      </code>
+                    );
+                  }
+
+                  return (
+                    <div
+                      className="overflow-hidden rounded-2xl border"
+                      style={{
+                        backgroundColor: 'var(--color-bg-deep)',
+                        borderColor: 'var(--color-border)',
+                      }}
+                    >
+                      <div
+                        className="border-b px-3 py-2 font-mono text-[11px] uppercase tracking-[0.18em] text-[var(--color-muted)]"
+                        style={{ borderColor: 'var(--color-border)' }}
+                      >
+                        {language || 'code'}
+                      </div>
+                      <pre className="overflow-x-auto p-3">
+                        <code
+                          className={cn('font-mono text-[13px] leading-6', className)}
+                          {...props}
+                        >
+                          {content}
+                        </code>
+                      </pre>
+                    </div>
+                  );
+                },
+                blockquote: ({ children }) => (
+                  <blockquote
+                    className="mb-3 border-l-2 pl-4 italic last:mb-0"
+                    style={{ borderColor: 'var(--color-ms-blue-500)' }}
+                  >
+                    {children}
+                  </blockquote>
+                ),
+              }}
+            >
+              {response}
+            </ReactMarkdown>
+          </div>
+
+          <button
+            type="button"
+            onClick={() => void handleCopy()}
+            className="absolute -right-2 -top-2 rounded-full border p-2 opacity-0 shadow-[var(--shadow-ms-md)] transition-all group-hover:opacity-100 focus:opacity-100"
+            style={{
+              backgroundColor: 'var(--color-surface)',
+              borderColor: 'var(--color-border)',
+              color: copied ? 'var(--color-success)' : 'var(--color-text-2)',
+            }}
+            aria-label={copied ? 'Copied' : 'Copy message'}
+            title={copied ? 'Copied' : 'Copy message'}
+          >
+            {copied ? '✓' : '⧉'}
+          </button>
        </div>
      </div>
    </div>
  );
 }
+
+function parseThinking(
+  content: string,
+  thinking?: string,
+): { response: string; thinking: string | null } {
+  if (thinking) {
+    return { response: content, thinking };
+  }
+
+  const regex = /<(?:thinking|think)>([\s\S]*?)<\/(?:thinking|think)>/gi;
+  const matches = [...content.matchAll(regex)];
+  if (matches.length === 0) {
+    return { response: content, thinking: null };
+  }
+
+  return {
+    response: content.replace(regex, '').trim(),
+    thinking:
+      matches
+        .map((match) => match[1]?.trim() ?? '')
+        .filter(Boolean)
+        .join('\n\n') || null,
+  };
+}
+
+function formatTimestamp(createdAt: string): string {
+  return new Date(createdAt).toLocaleTimeString([], {
+    hour: '2-digit',
+    minute: '2-digit',
+  });
+}
+
+function formatTokenCount(totalTokens: number): string {
+  if (totalTokens >= 1_000_000) return `${(totalTokens / 1_000_000).toFixed(1)}M tokens`;
+  if (totalTokens >= 1_000) return `${(totalTokens / 1_000).toFixed(1)}k tokens`;
+  return `${totalTokens} tokens`;
+}
--- a/apps/web/src/components/chat/streaming-message.tsx
+++ b/apps/web/src/components/chat/streaming-message.tsx
@@ -1,26 +1,97 @@
 'use client';

-/** Renders an in-progress assistant message from streaming text. */
+import { useEffect, useMemo, useState } from 'react';
+
 interface StreamingMessageProps {
  text: string;
+  modelName?: string | null;
+  thinking?: string;
 }

-export function StreamingMessage({ text }: StreamingMessageProps): React.ReactElement {
+const WAITING_QUIPS = [
+  'The AI is warming up... give it a moment.',
+  'Brewing some thoughts...',
+  'Summoning intelligence from the void...',
+  'Consulting the silicon oracle...',
+  'Teaching electrons to think...',
+];
+
+const TIMEOUT_QUIPS = [
+  'The model wandered off. Let’s try to find it again.',
+  'Response is taking the scenic route.',
+  'That answer is clearly overthinking things.',
+  'Still working. Either brilliance or a detour.',
+];
+
+export function StreamingMessage({
+  text,
+  modelName,
+  thinking,
+}: StreamingMessageProps): React.ReactElement {
+  const [elapsedMs, setElapsedMs] = useState(0);
+
+  useEffect(() => {
+    setElapsedMs(0);
+    const startedAt = Date.now();
+    const timer = window.setInterval(() => {
+      setElapsedMs(Date.now() - startedAt);
+    }, 1000);
+    return () => window.clearInterval(timer);
+  }, [text, modelName, thinking]);
+
+  const quip = useMemo(() => {
+    if (elapsedMs >= 18_000) {
+      return TIMEOUT_QUIPS[Math.floor((elapsedMs / 1000) % TIMEOUT_QUIPS.length)];
+    }
+    if (elapsedMs >= 4_000) {
+      return WAITING_QUIPS[Math.floor((elapsedMs / 1000) % WAITING_QUIPS.length)];
+    }
+    return null;
+  }, [elapsedMs]);
+
  return (
    <div className="flex justify-start">
-      <div className="max-w-[75%] rounded-xl border border-surface-border bg-surface-elevated px-4 py-3 text-sm text-text-primary">
+      <div
+        className="max-w-[min(78ch,85%)] rounded-3xl border px-4 py-3 text-sm shadow-[var(--shadow-ms-sm)]"
+        style={{
+          backgroundColor: 'var(--color-surface)',
+          borderColor: 'var(--color-border)',
+          color: 'var(--color-text)',
+        }}
+      >
+        <div className="mb-2 flex items-center gap-2 text-[11px]">
+          <span className="font-medium text-[var(--color-text-2)]">Assistant</span>
+          {modelName ? (
+            <span className="rounded-full border border-[var(--color-border)] px-2 py-0.5 text-[var(--color-text-2)]">
+              {modelName}
+            </span>
+          ) : null}
+          <span className="text-[var(--color-muted)]">{text ? 'Responding…' : 'Thinking…'}</span>
+        </div>
        {text ? (
          <div className="whitespace-pre-wrap break-words">{text}</div>
        ) : (
-          <div className="flex items-center gap-2 text-text-muted">
-            <span className="inline-block h-2 w-2 animate-pulse rounded-full bg-blue-500" />
-            <span className="inline-block h-2 w-2 animate-pulse rounded-full bg-blue-500 [animation-delay:0.2s]" />
-            <span className="inline-block h-2 w-2 animate-pulse rounded-full bg-blue-500 [animation-delay:0.4s]" />
+          <div className="flex items-center gap-2 text-[var(--color-muted)]">
+            <span className="inline-block h-2 w-2 animate-pulse rounded-full bg-[var(--color-ms-blue-500)]" />
+            <span className="inline-block h-2 w-2 animate-pulse rounded-full bg-[var(--color-ms-blue-500)] [animation-delay:0.2s]" />
+            <span className="inline-block h-2 w-2 animate-pulse rounded-full bg-[var(--color-ms-blue-500)] [animation-delay:0.4s]" />
          </div>
        )}
-        <div className="mt-1 flex items-center gap-1 text-xs text-text-muted">
-          <span className="inline-block h-1.5 w-1.5 animate-pulse rounded-full bg-blue-500" />
-          {text ? 'Responding...' : 'Thinking...'}
+        {thinking ? (
+          <div
+            className="mt-3 rounded-2xl border px-3 py-2 font-mono text-xs whitespace-pre-wrap"
+            style={{
+              backgroundColor: 'var(--color-bg-deep)',
+              borderColor: 'var(--color-border)',
+              color: 'var(--color-text-2)',
+            }}
+          >
+            {thinking}
+          </div>
+        ) : null}
+        <div className="mt-2 flex items-center gap-2 text-xs text-[var(--color-muted)]">
+          <span className="inline-block h-1.5 w-1.5 animate-pulse rounded-full bg-[var(--color-ms-blue-500)]" />
+          <span>{quip ?? (text ? 'Responding…' : 'Thinking…')}</span>
        </div>
      </div>
    </div>
--- a/apps/web/src/components/layout/app-header.tsx
+++ b/apps/web/src/components/layout/app-header.tsx
@@ -0,0 +1,239 @@
+'use client';
+
+import Link from 'next/link';
+import { useCallback, useEffect, useMemo, useState } from 'react';
+import { signOut, useSession } from '@/lib/auth-client';
+
+interface AppHeaderProps {
+  conversationTitle?: string | null;
+  isSidebarOpen: boolean;
+  onToggleSidebar: () => void;
+}
+
+type ThemeMode = 'dark' | 'light';
+
+const THEME_STORAGE_KEY = 'mosaic-chat-theme';
+
+export function AppHeader({
+  conversationTitle,
+  isSidebarOpen,
+  onToggleSidebar,
+}: AppHeaderProps): React.ReactElement {
+  const { data: session } = useSession();
+  const [currentTime, setCurrentTime] = useState('');
+  const [version, setVersion] = useState<string | null>(null);
+  const [menuOpen, setMenuOpen] = useState(false);
+  const [theme, setTheme] = useState<ThemeMode>('dark');
+
+  useEffect(() => {
+    function updateTime(): void {
+      setCurrentTime(
+        new Date().toLocaleTimeString([], {
+          hour: '2-digit',
+          minute: '2-digit',
+        }),
+      );
+    }
+
+    updateTime();
+    const interval = window.setInterval(updateTime, 60_000);
+    return () => window.clearInterval(interval);
+  }, []);
+
+  useEffect(() => {
+    fetch('/version.json')
+      .then(async (res) => res.json() as Promise<{ version?: string; commit?: string }>)
+      .then((data) => {
+        if (data.version) {
+          setVersion(data.commit ? `${data.version}+${data.commit}` : data.version);
+        }
+      })
+      .catch(() => setVersion(null));
+  }, []);
+
+  useEffect(() => {
+    const storedTheme = window.localStorage.getItem(THEME_STORAGE_KEY);
+    const nextTheme = storedTheme === 'light' ? 'light' : 'dark';
+    applyTheme(nextTheme);
+    setTheme(nextTheme);
+  }, []);
+
+  const handleThemeToggle = useCallback(() => {
+    const nextTheme = theme === 'dark' ? 'light' : 'dark';
+    applyTheme(nextTheme);
+    window.localStorage.setItem(THEME_STORAGE_KEY, nextTheme);
+    setTheme(nextTheme);
+  }, [theme]);
+
+  const handleSignOut = useCallback(async (): Promise<void> => {
+    await signOut();
+    window.location.href = '/login';
+  }, []);
+
+  const userLabel = session?.user.name ?? session?.user.email ?? 'Mosaic User';
+  const initials = useMemo(() => getInitials(userLabel), [userLabel]);
+
+  return (
+    <header
+      className="sticky top-0 z-20 border-b backdrop-blur-xl"
+      style={{
+        backgroundColor: 'color-mix(in srgb, var(--color-surface) 82%, transparent)',
+        borderColor: 'var(--color-border)',
+      }}
+    >
+      <div className="flex items-center justify-between gap-3 px-4 py-3 md:px-6">
+        <div className="flex min-w-0 items-center gap-3">
+          <button
+            type="button"
+            onClick={onToggleSidebar}
+            className="inline-flex h-10 w-10 items-center justify-center rounded-2xl border transition-colors hover:bg-white/5"
+            style={{ borderColor: 'var(--color-border)', color: 'var(--color-text)' }}
+            aria-label="Toggle conversation sidebar"
+            aria-expanded={isSidebarOpen}
+          >
+            ☰
+          </button>
+
+          <Link href="/chat" className="flex min-w-0 items-center gap-3">
+            <div
+              className="flex h-10 w-10 items-center justify-center rounded-2xl text-sm font-semibold text-white shadow-[var(--shadow-ms-md)]"
+              style={{
+                background:
+                  'linear-gradient(135deg, var(--color-ms-blue-500), var(--color-ms-teal-500))',
+              }}
+            >
+              M
+            </div>
+            <div className="flex min-w-0 items-center gap-3">
+              <div className="text-sm font-semibold text-[var(--color-text)]">Mosaic</div>
+              <div className="hidden h-5 w-px bg-[var(--color-border)] md:block" />
+              <div className="hidden items-center gap-2 md:flex">
+                <span className="relative flex h-2.5 w-2.5">
+                  <span className="absolute inline-flex h-full w-full animate-ping rounded-full bg-[var(--color-ms-teal-500)] opacity-60" />
+                  <span className="relative inline-flex h-2.5 w-2.5 rounded-full bg-[var(--color-ms-teal-500)]" />
+                </span>
+                <span className="text-xs uppercase tracking-[0.18em] text-[var(--color-muted)]">
+                  Online
+                </span>
+              </div>
+            </div>
+          </Link>
+        </div>
+
+        <div className="hidden min-w-0 items-center gap-3 md:flex">
+          <div className="rounded-full border border-[var(--color-border)] px-3 py-1.5 text-xs text-[var(--color-text-2)]">
+            {currentTime || '--:--'}
+          </div>
+          <div className="max-w-[24rem] truncate text-sm font-medium text-[var(--color-text)]">
+            {conversationTitle?.trim() || 'New Session'}
+          </div>
+          {version ? (
+            <div className="rounded-full border border-[var(--color-border)] px-3 py-1.5 text-xs text-[var(--color-muted)]">
+              v{version}
+            </div>
+          ) : null}
+        </div>
+
+        <div className="flex items-center gap-2">
+          <div className="hidden items-center gap-2 lg:flex">
+            <ShortcutHint label="⌘/" text="focus" />
+            <ShortcutHint label="⌘K" text="focus" />
+          </div>
+
+          <button
+            type="button"
+            onClick={handleThemeToggle}
+            className="inline-flex h-10 items-center justify-center rounded-2xl border px-3 text-sm transition-colors hover:bg-white/5"
+            style={{ borderColor: 'var(--color-border)', color: 'var(--color-text)' }}
+            aria-label="Toggle theme"
+          >
+            {theme === 'dark' ? '☀︎' : '☾'}
+          </button>
+
+          <div className="relative">
+            <button
+              type="button"
+              onClick={() => setMenuOpen((prev) => !prev)}
+              className="inline-flex h-10 w-10 items-center justify-center rounded-full border text-sm font-semibold transition-colors hover:bg-white/5"
+              style={{
+                backgroundColor: 'var(--color-surface-2)',
+                borderColor: 'var(--color-border)',
+                color: 'var(--color-text)',
+              }}
+              aria-expanded={menuOpen}
+              aria-label="Open user menu"
+            >
+              {session?.user.image ? (
+                <img
+                  src={session.user.image}
+                  alt={userLabel}
+                  className="h-full w-full rounded-full object-cover"
+                />
+              ) : (
+                initials
+              )}
+            </button>
+            {menuOpen ? (
+              <div
+                className="absolute right-0 top-12 min-w-56 rounded-3xl border p-2 shadow-[var(--shadow-ms-lg)]"
+                style={{
+                  backgroundColor: 'var(--color-surface)',
+                  borderColor: 'var(--color-border)',
+                }}
+              >
+                <div className="border-b px-3 py-2" style={{ borderColor: 'var(--color-border)' }}>
+                  <div className="text-sm font-medium text-[var(--color-text)]">{userLabel}</div>
+                  {session?.user.email ? (
+                    <div className="text-xs text-[var(--color-muted)]">{session.user.email}</div>
+                  ) : null}
+                </div>
+                <div className="p-1">
+                  <Link
+                    href="/settings"
+                    className="flex rounded-2xl px-3 py-2 text-sm text-[var(--color-text-2)] transition-colors hover:bg-white/5"
+                    onClick={() => setMenuOpen(false)}
+                  >
+                    Settings
+                  </Link>
+                  <button
+                    type="button"
+                    onClick={() => void handleSignOut()}
+                    className="flex w-full rounded-2xl px-3 py-2 text-left text-sm text-[var(--color-text-2)] transition-colors hover:bg-white/5"
+                  >
+                    Sign out
+                  </button>
+                </div>
+              </div>
+            ) : null}
+          </div>
+        </div>
+      </div>
+    </header>
+  );
+}
+
+function ShortcutHint({ label, text }: { label: string; text: string }): React.ReactElement {
+  return (
+    <span className="inline-flex items-center gap-2 rounded-full border border-[var(--color-border)] px-3 py-1.5 text-xs text-[var(--color-muted)]">
+      <span className="font-medium text-[var(--color-text-2)]">{label}</span>
+      <span>{text}</span>
+    </span>
+  );
+}
+
+function getInitials(label: string): string {
+  const words = label.split(/\s+/).filter(Boolean).slice(0, 2);
+  if (words.length === 0) return 'M';
+  return words.map((word) => word.charAt(0).toUpperCase()).join('');
+}
+
+function applyTheme(theme: ThemeMode): void {
+  const root = document.documentElement;
+  if (theme === 'light') {
+    root.setAttribute('data-theme', 'light');
+    root.classList.remove('dark');
+  } else {
+    root.removeAttribute('data-theme');
+    root.classList.add('dark');
+  }
+}
--- a/apps/web/src/components/layout/app-shell.tsx
+++ b/apps/web/src/components/layout/app-shell.tsx
@@ -1,4 +1,7 @@
+'use client';
+
 import type { ReactNode } from 'react';
+import { SidebarProvider, useSidebar } from './sidebar-context';
 import { Sidebar } from './sidebar';
 import { Topbar } from './topbar';

@@ -6,14 +9,24 @@ interface AppShellProps {
  children: ReactNode;
 }

-export function AppShell({ children }: AppShellProps): React.ReactElement {
+function AppShellFrame({ children }: AppShellProps): React.ReactElement {
+  const { collapsed, isMobile } = useSidebar();
+
  return (
-    <div className="min-h-screen">
-      <Sidebar />
-      <div className="pl-sidebar">
+    <div className="app-shell" data-sidebar-hidden={!isMobile && collapsed ? 'true' : undefined}>
      <Topbar />
-        <main className="p-6">{children}</main>
+      <Sidebar />
+      <div className="app-main">
+        <main className="h-full overflow-y-auto p-6">{children}</main>
      </div>
    </div>
  );
 }
+
+export function AppShell({ children }: AppShellProps): React.ReactElement {
+  return (
+    <SidebarProvider>
+      <AppShellFrame>{children}</AppShellFrame>
+    </SidebarProvider>
+  );
+}
--- a/apps/web/src/components/layout/sidebar-context.tsx
+++ b/apps/web/src/components/layout/sidebar-context.tsx
@@ -0,0 +1,67 @@
+'use client';
+
+import { createContext, useContext, useEffect, useState, type ReactNode } from 'react';
+
+interface SidebarContextValue {
+  collapsed: boolean;
+  toggleCollapsed: () => void;
+  mobileOpen: boolean;
+  setMobileOpen: (open: boolean) => void;
+  isMobile: boolean;
+}
+
+const MOBILE_MAX_WIDTH = 767;
+const SidebarContext = createContext<SidebarContextValue | undefined>(undefined);
+
+export function SidebarProvider({ children }: { children: ReactNode }): React.JSX.Element {
+  const [collapsed, setCollapsed] = useState(false);
+  const [mobileOpen, setMobileOpen] = useState(false);
+  const [isMobile, setIsMobile] = useState(false);
+
+  useEffect(() => {
+    const mediaQuery = window.matchMedia(`(max-width: ${String(MOBILE_MAX_WIDTH)}px)`);
+
+    const syncState = (matches: boolean): void => {
+      setIsMobile(matches);
+      if (!matches) {
+        setMobileOpen(false);
+      }
+    };
+
+    syncState(mediaQuery.matches);
+
+    const handleChange = (event: MediaQueryListEvent): void => {
+      syncState(event.matches);
+    };
+
+    mediaQuery.addEventListener('change', handleChange);
+
+    return () => {
+      mediaQuery.removeEventListener('change', handleChange);
+    };
+  }, []);
+
+  return (
+    <SidebarContext.Provider
+      value={{
+        collapsed,
+        toggleCollapsed: () => setCollapsed((value) => !value),
+        mobileOpen,
+        setMobileOpen,
+        isMobile,
+      }}
+    >
+      {children}
+    </SidebarContext.Provider>
+  );
+}
+
+export function useSidebar(): SidebarContextValue {
+  const context = useContext(SidebarContext);
+
+  if (!context) {
+    throw new Error('useSidebar must be used within SidebarProvider');
+  }
+
+  return context;
+}
--- a/apps/web/src/components/layout/sidebar.tsx
+++ b/apps/web/src/components/layout/sidebar.tsx
@@ -3,58 +3,178 @@
 import Link from 'next/link';
 import { usePathname } from 'next/navigation';
 import { cn } from '@/lib/cn';
+import { MosaicLogo } from '@/components/ui/mosaic-logo';
+import { useSidebar } from './sidebar-context';

 interface NavItem {
  label: string;
  href: string;
-  icon: string;
+  icon: React.JSX.Element;
+}
+
+function IconChat(): React.JSX.Element {
+  return (
+    <svg
+      width="16"
+      height="16"
+      viewBox="0 0 16 16"
+      fill="none"
+      stroke="currentColor"
+      strokeWidth="1.5"
+    >
+      <path d="M3 4.5A2.5 2.5 0 0 1 5.5 2h5A2.5 2.5 0 0 1 13 4.5v3A2.5 2.5 0 0 1 10.5 10H8l-3.5 3v-3H5.5A2.5 2.5 0 0 1 3 7.5z" />
+    </svg>
+  );
+}
+
+function IconTasks(): React.JSX.Element {
+  return (
+    <svg
+      width="16"
+      height="16"
+      viewBox="0 0 16 16"
+      fill="none"
+      stroke="currentColor"
+      strokeWidth="1.5"
+    >
+      <path d="M6 3h7M6 8h7M6 13h7" />
+      <path d="M2.5 3.5 3.5 4.5 5 2.5M2.5 8.5 3.5 9.5 5 7.5M2.5 13.5 3.5 14.5 5 12.5" />
+    </svg>
+  );
+}
+
+function IconProjects(): React.JSX.Element {
+  return (
+    <svg
+      width="16"
+      height="16"
+      viewBox="0 0 16 16"
+      fill="none"
+      stroke="currentColor"
+      strokeWidth="1.5"
+    >
+      <path d="M2 4.5A1.5 1.5 0 0 1 3.5 3h3l1.5 1.5h4A1.5 1.5 0 0 1 13.5 6v5.5A1.5 1.5 0 0 1 12 13H3.5A1.5 1.5 0 0 1 2 11.5z" />
+    </svg>
+  );
+}
+
+function IconSettings(): React.JSX.Element {
+  return (
+    <svg
+      width="16"
+      height="16"
+      viewBox="0 0 16 16"
+      fill="none"
+      stroke="currentColor"
+      strokeWidth="1.5"
+    >
+      <circle cx="8" cy="8" r="2.25" />
+      <path d="M8 1.5v2M8 12.5v2M1.5 8h2M12.5 8h2M3.05 3.05l1.4 1.4M11.55 11.55l1.4 1.4M3.05 12.95l1.4-1.4M11.55 4.45l1.4-1.4" />
+    </svg>
+  );
+}
+
+function IconAdmin(): React.JSX.Element {
+  return (
+    <svg
+      width="16"
+      height="16"
+      viewBox="0 0 16 16"
+      fill="none"
+      stroke="currentColor"
+      strokeWidth="1.5"
+    >
+      <path d="M8 1.75 13 3.5v3.58c0 3.12-1.88 5.94-5 7.17-3.12-1.23-5-4.05-5-7.17V3.5z" />
+      <path d="M6.25 7.75 7.5 9l2.5-2.5" />
+    </svg>
+  );
 }

 const navItems: NavItem[] = [
-  { label: 'Chat', href: '/chat', icon: '💬' },
-  { label: 'Tasks', href: '/tasks', icon: '📋' },
-  { label: 'Projects', href: '/projects', icon: '📁' },
-  { label: 'Settings', href: '/settings', icon: '⚙️' },
-  { label: 'Admin', href: '/admin', icon: '🛡️' },
+  { label: 'Chat', href: '/chat', icon: <IconChat /> },
+  { label: 'Tasks', href: '/tasks', icon: <IconTasks /> },
+  { label: 'Projects', href: '/projects', icon: <IconProjects /> },
+  { label: 'Settings', href: '/settings', icon: <IconSettings /> },
+  { label: 'Admin', href: '/admin', icon: <IconAdmin /> },
 ];

 export function Sidebar(): React.ReactElement {
  const pathname = usePathname();
+  const { mobileOpen, setMobileOpen } = useSidebar();

  return (
-    <aside className="fixed left-0 top-0 z-30 flex h-screen w-sidebar flex-col border-r border-surface-border bg-surface-card">
-      <div className="flex h-14 items-center px-4">
-        <Link href="/" className="text-lg font-semibold text-text-primary">
+    <>
+      <aside
+        className="app-sidebar"
+        data-mobile-open={mobileOpen ? 'true' : undefined}
+        style={{
+          width: 'var(--sidebar-w)',
+          background: 'var(--surface)',
+          borderRightColor: 'var(--border)',
+        }}
+      >
+        <div
+          className="flex h-16 items-center gap-3 border-b px-5"
+          style={{ borderColor: 'var(--border)' }}
+        >
+          <MosaicLogo size={32} />
+          <div className="flex min-w-0 flex-col">
+            <span className="text-sm font-semibold uppercase tracking-[0.12em] text-[var(--text)]">
              Mosaic
-        </Link>
+            </span>
+            <span className="text-xs text-[var(--muted)]">Mission Control</span>
+          </div>
        </div>

-      <nav className="flex-1 space-y-1 px-2 py-2">
+        <nav className="flex-1 px-3 py-4">
+          <div className="mb-3 px-2 text-[11px] font-medium uppercase tracking-[0.18em] text-[var(--muted)]">
+            Workspace
+          </div>
+          <div className="space-y-1.5">
            {navItems.map((item) => {
              const isActive = pathname === item.href || pathname.startsWith(`${item.href}/`);
+
              return (
                <Link
                  key={item.href}
                  href={item.href}
+                  onClick={() => setMobileOpen(false)}
                  className={cn(
-                'flex items-center gap-3 rounded-lg px-3 py-2 text-sm transition-colors',
-                isActive
-                  ? 'bg-blue-600/20 text-blue-400'
-                  : 'text-text-secondary hover:bg-surface-elevated hover:text-text-primary',
+                    'group flex items-center gap-3 rounded-xl px-3 py-2.5 text-sm transition-all duration-150',
+                    isActive ? 'font-medium' : 'hover:bg-white/4',
                  )}
+                  style={
+                    isActive
+                      ? {
+                          background: 'color-mix(in srgb, var(--primary) 18%, transparent)',
+                          color: 'var(--primary)',
+                        }
+                      : { color: 'var(--text-2)' }
+                  }
                >
-              <span className="text-base" aria-hidden="true">
+                  <span className="shrink-0" aria-hidden="true">
                    {item.icon}
                  </span>
-              {item.label}
+                  <span>{item.label}</span>
                </Link>
              );
            })}
+          </div>
        </nav>

-      <div className="border-t border-surface-border p-4">
-        <p className="text-xs text-text-muted">Mosaic Stack v0.0.4</p>
+        <div className="border-t px-5 py-4" style={{ borderColor: 'var(--border)' }}>
+          <p className="text-xs text-[var(--muted)]">Mosaic Stack v0.0.4</p>
        </div>
      </aside>
+
+      {mobileOpen ? (
+        <button
+          type="button"
+          aria-label="Close sidebar"
+          className="fixed inset-0 z-40 bg-black/40 md:hidden"
+          onClick={() => setMobileOpen(false)}
+        />
+      ) : null}
+    </>
  );
 }
--- a/apps/web/src/components/layout/theme-toggle.tsx
+++ b/apps/web/src/components/layout/theme-toggle.tsx
@@ -0,0 +1,46 @@
+'use client';
+
+import { useTheme } from '@/providers/theme-provider';
+
+interface ThemeToggleProps {
+  className?: string;
+}
+
+export function ThemeToggle({ className = '' }: ThemeToggleProps): React.JSX.Element {
+  const { theme, toggleTheme } = useTheme();
+
+  return (
+    <button
+      type="button"
+      onClick={toggleTheme}
+      className={`btn-ghost rounded-md p-2 ${className}`}
+      title={`Switch to ${theme === 'dark' ? 'light' : 'dark'} mode`}
+      aria-label={`Switch to ${theme === 'dark' ? 'light' : 'dark'} mode`}
+    >
+      {theme === 'dark' ? (
+        <svg
+          className="h-5 w-5"
+          style={{ color: 'var(--warn)' }}
+          fill="none"
+          viewBox="0 0 24 24"
+          stroke="currentColor"
+          strokeWidth={1.5}
+        >
+          <circle cx="12" cy="12" r="4" />
+          <path d="M12 2v2M12 20v2M4.93 4.93l1.41 1.41M17.66 17.66l1.41 1.41M2 12h2M20 12h2M6.34 17.66l-1.41 1.41M19.07 4.93l-1.41 1.41" />
+        </svg>
+      ) : (
+        <svg
+          className="h-5 w-5"
+          style={{ color: 'var(--text-2)' }}
+          fill="none"
+          viewBox="0 0 24 24"
+          stroke="currentColor"
+          strokeWidth={1.5}
+        >
+          <path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z" />
+        </svg>
+      )}
+    </button>
+  );
+}
--- a/apps/web/src/components/layout/topbar.tsx
+++ b/apps/web/src/components/layout/topbar.tsx
@@ -1,37 +1,87 @@
 'use client';

 import { useRouter } from 'next/navigation';
-import { useSession, signOut } from '@/lib/auth-client';
+import { signOut, useSession } from '@/lib/auth-client';
+import { ThemeToggle } from './theme-toggle';
+import { useSidebar } from './sidebar-context';
+
+function MenuIcon(): React.JSX.Element {
+  return (
+    <svg
+      width="16"
+      height="16"
+      viewBox="0 0 16 16"
+      fill="none"
+      stroke="currentColor"
+      strokeWidth="1.5"
+    >
+      <path d="M2 4h12M2 8h12M2 12h12" />
+    </svg>
+  );
+}

 export function Topbar(): React.ReactElement {
  const { data: session } = useSession();
  const router = useRouter();
+  const { isMobile, mobileOpen, setMobileOpen, toggleCollapsed } = useSidebar();

  async function handleSignOut(): Promise<void> {
    await signOut();
    router.replace('/login');
  }

-  return (
-    <header className="sticky top-0 z-20 flex h-14 items-center justify-between border-b border-surface-border bg-surface-card/80 px-6 backdrop-blur-sm">
-      <div />
+  function handleSidebarToggle(): void {
+    if (isMobile) {
+      setMobileOpen(!mobileOpen);
+      return;
+    }

-      <div className="flex items-center gap-4">
+    toggleCollapsed();
+  }
+
+  return (
+    <header
+      className="app-header justify-between border-b px-4 md:px-6"
+      style={{
+        height: 'var(--topbar-h)',
+        background: 'color-mix(in srgb, var(--surface) 88%, transparent)',
+        borderBottomColor: 'var(--border)',
+      }}
+    >
+      <div className="flex items-center gap-3">
+        <button
+          type="button"
+          onClick={handleSidebarToggle}
+          className="btn-ghost rounded-lg border p-2"
+          style={{ borderColor: 'var(--border)', color: 'var(--text-2)' }}
+          aria-label="Toggle sidebar"
+        >
+          <MenuIcon />
+        </button>
+        <div className="hidden sm:block">
+          <div className="text-sm font-medium text-[var(--text)]">Workspace</div>
+          <div className="text-xs text-[var(--muted)]">Unified agent operations</div>
+        </div>
+      </div>
+
+      <div className="flex items-center gap-3">
+        <ThemeToggle />
        {session?.user ? (
          <>
-            <span className="text-sm text-text-secondary">
+            <span className="hidden text-sm text-[var(--text-2)] sm:block">
              {session.user.name ?? session.user.email}
            </span>
            <button
              type="button"
              onClick={handleSignOut}
-              className="rounded-md px-3 py-1.5 text-sm text-text-muted transition-colors hover:bg-surface-elevated hover:text-text-primary"
+              className="rounded-md px-3 py-1.5 text-sm transition-colors"
+              style={{ color: 'var(--muted)' }}
            >
              Sign out
            </button>
          </>
        ) : (
-          <span className="text-sm text-text-muted">Not signed in</span>
+          <span className="text-sm text-[var(--muted)]">Not signed in</span>
        )}
      </div>
    </header>
--- a/apps/web/src/components/settings/sso-provider-section.spec.tsx
+++ b/apps/web/src/components/settings/sso-provider-section.spec.tsx
@@ -0,0 +1,46 @@
+import React from 'react';
+import { describe, expect, it } from 'vitest';
+import { renderToStaticMarkup } from 'react-dom/server';
+import { SsoProviderSection } from './sso-provider-section.js';
+
+describe('SsoProviderSection', () => {
+  it('renders configured providers with callback, sync, and fallback details', () => {
+    const html = renderToStaticMarkup(
+      <SsoProviderSection
+        loading={false}
+        providers={[
+          {
+            id: 'workos',
+            name: 'WorkOS',
+            protocols: ['oidc'],
+            configured: true,
+            loginMode: 'oidc',
+            callbackPath: '/api/auth/oauth2/callback/workos',
+            teamSync: { enabled: true, claim: 'organization_id' },
+            samlFallback: { configured: false, loginUrl: null },
+            warnings: [],
+          },
+          {
+            id: 'keycloak',
+            name: 'Keycloak',
+            protocols: ['oidc', 'saml'],
+            configured: true,
+            loginMode: 'saml',
+            callbackPath: null,
+            teamSync: { enabled: true, claim: 'groups' },
+            samlFallback: {
+              configured: true,
+              loginUrl: 'https://sso.example.com/realms/mosaic/protocol/saml',
+            },
+            warnings: [],
+          },
+        ]}
+      />,
+    );
+
+    expect(html).toContain('WorkOS');
+    expect(html).toContain('/api/auth/oauth2/callback/workos');
+    expect(html).toContain('Team sync claim: organization_id');
+    expect(html).toContain('SAML fallback: https://sso.example.com/realms/mosaic/protocol/saml');
+  });
+});
--- a/apps/web/src/components/settings/sso-provider-section.tsx
+++ b/apps/web/src/components/settings/sso-provider-section.tsx
@@ -0,0 +1,67 @@
+import React from 'react';
+import type { SsoProviderDiscovery } from '@/lib/sso';
+
+interface SsoProviderSectionProps {
+  providers: SsoProviderDiscovery[];
+  loading: boolean;
+}
+
+export function SsoProviderSection({
+  providers,
+  loading,
+}: SsoProviderSectionProps): React.ReactElement {
+  if (loading) {
+    return <p className="text-sm text-text-muted">Loading SSO providers...</p>;
+  }
+
+  const configuredProviders = providers.filter((provider) => provider.configured);
+
+  if (providers.length === 0 || configuredProviders.length === 0) {
+    return (
+      <div className="rounded-lg border border-surface-border bg-surface-card p-4">
+        <p className="text-sm text-text-muted">
+          No SSO providers configured. Set WorkOS or Keycloak environment variables to enable SSO.
+        </p>
+      </div>
+    );
+  }
+
+  return (
+    <div className="space-y-4">
+      {configuredProviders.map((provider) => (
+        <div
+          key={provider.id}
+          className="rounded-lg border border-surface-border bg-surface-card p-4"
+        >
+          <div className="flex items-center justify-between gap-4">
+            <div>
+              <h3 className="text-sm font-medium text-text-primary">{provider.name}</h3>
+              <p className="text-xs text-text-muted">
+                {provider.protocols.join(' + ').toUpperCase()}
+                {provider.loginMode ? ` • primary ${provider.loginMode.toUpperCase()}` : ''}
+              </p>
+            </div>
+            <span className="rounded-full border border-accent/30 bg-accent/10 px-2 py-1 text-xs font-medium text-accent">
+              Enabled
+            </span>
+          </div>
+
+          <div className="mt-3 space-y-2 text-xs text-text-muted">
+            {provider.callbackPath && <p>Callback: {provider.callbackPath}</p>}
+            {provider.teamSync.enabled && provider.teamSync.claim && (
+              <p>Team sync claim: {provider.teamSync.claim}</p>
+            )}
+            {provider.samlFallback.configured && provider.samlFallback.loginUrl && (
+              <p>SAML fallback: {provider.samlFallback.loginUrl}</p>
+            )}
+            {provider.warnings.map((warning) => (
+              <p key={warning} className="text-warning">
+                {warning}
+              </p>
+            ))}
+          </div>
+        </div>
+      ))}
+    </div>
+  );
+}
--- a/apps/web/src/components/ui/mosaic-logo.tsx
+++ b/apps/web/src/components/ui/mosaic-logo.tsx
@@ -0,0 +1,89 @@
+'use client';
+
+import type { CSSProperties } from 'react';
+
+export interface MosaicLogoProps {
+  size?: number;
+  spinning?: boolean;
+  spinDuration?: number;
+  className?: string;
+}
+
+export function MosaicLogo({
+  size = 36,
+  spinning = false,
+  spinDuration = 20,
+  className = '',
+}: MosaicLogoProps): React.JSX.Element {
+  const scale = size / 36;
+  const squareSize = Math.round(14 * scale);
+  const circleSize = Math.round(11 * scale);
+  const borderRadius = Math.round(3 * scale);
+
+  const animationValue = spinning
+    ? `mosaicLogoSpin ${String(spinDuration)}s linear infinite`
+    : undefined;
+
+  const containerStyle: CSSProperties = {
+    width: size,
+    height: size,
+    position: 'relative',
+    flexShrink: 0,
+    animation: animationValue,
+    transformOrigin: 'center',
+  };
+
+  const baseSquareStyle: CSSProperties = {
+    position: 'absolute',
+    width: squareSize,
+    height: squareSize,
+    borderRadius,
+  };
+
+  const circleStyle: CSSProperties = {
+    position: 'absolute',
+    top: '50%',
+    left: '50%',
+    transform: 'translate(-50%, -50%)',
+    width: circleSize,
+    height: circleSize,
+    borderRadius: '50%',
+    background: 'var(--ms-pink-500)',
+  };
+
+  return (
+    <>
+      {spinning ? (
+        <style>{`
+          @keyframes mosaicLogoSpin {
+            from { transform: rotate(0deg); }
+            to { transform: rotate(360deg); }
+          }
+        `}</style>
+      ) : null}
+      <div style={containerStyle} className={className} role="img" aria-label="Mosaic logo">
+        <div style={{ ...baseSquareStyle, top: 0, left: 0, background: 'var(--ms-blue-500)' }} />
+        <div style={{ ...baseSquareStyle, top: 0, right: 0, background: 'var(--ms-purple-500)' }} />
+        <div
+          style={{
+            ...baseSquareStyle,
+            bottom: 0,
+            right: 0,
+            background: 'var(--ms-teal-500)',
+          }}
+        />
+        <div
+          style={{
+            ...baseSquareStyle,
+            bottom: 0,
+            left: 0,
+            background: 'var(--ms-amber-500)',
+          }}
+        />
+        <div style={circleStyle} />
+      </div>
+    </>
+  );
+}
+
+export default MosaicLogo;
--- a/apps/web/src/lib/auth-client.ts
+++ b/apps/web/src/lib/auth-client.ts
@@ -1,9 +1,9 @@
 import { createAuthClient } from 'better-auth/react';
-import { adminClient } from 'better-auth/client/plugins';
+import { adminClient, genericOAuthClient } from 'better-auth/client/plugins';

 export const authClient = createAuthClient({
  baseURL: process.env['NEXT_PUBLIC_GATEWAY_URL'] ?? 'http://localhost:4000',
-  plugins: [adminClient()],
+  plugins: [adminClient(), genericOAuthClient()],
 });

 export const { useSession, signIn, signUp, signOut } = authClient;
--- a/apps/web/src/lib/sso-providers.test.ts
+++ b/apps/web/src/lib/sso-providers.test.ts
@@ -0,0 +1,48 @@
+import { afterEach, describe, expect, it, vi } from 'vitest';
+import { getEnabledSsoProviders, getSsoProvider } from './sso-providers';
+
+describe('sso-providers', () => {
+  afterEach(() => {
+    vi.unstubAllEnvs();
+  });
+
+  it('returns the enabled providers in login button order', () => {
+    vi.stubEnv('NEXT_PUBLIC_WORKOS_ENABLED', 'true');
+    vi.stubEnv('NEXT_PUBLIC_KEYCLOAK_ENABLED', 'true');
+
+    expect(getEnabledSsoProviders()).toEqual([
+      {
+        id: 'workos',
+        buttonLabel: 'Continue with WorkOS',
+        description: 'Enterprise SSO via WorkOS',
+        enabled: true,
+        href: '/auth/provider/workos',
+      },
+      {
+        id: 'keycloak',
+        buttonLabel: 'Continue with Keycloak',
+        description: 'Enterprise SSO via Keycloak',
+        enabled: true,
+        href: '/auth/provider/keycloak',
+      },
+    ]);
+  });
+
+  it('marks disabled providers without exposing them in the enabled list', () => {
+    vi.stubEnv('NEXT_PUBLIC_WORKOS_ENABLED', 'true');
+    vi.stubEnv('NEXT_PUBLIC_KEYCLOAK_ENABLED', 'false');
+
+    expect(getEnabledSsoProviders().map((provider) => provider.id)).toEqual(['workos']);
+    expect(getSsoProvider('keycloak')).toEqual({
+      id: 'keycloak',
+      buttonLabel: 'Continue with Keycloak',
+      description: 'Enterprise SSO via Keycloak',
+      enabled: false,
+      href: '/auth/provider/keycloak',
+    });
+  });
+
+  it('returns null for unknown providers', () => {
+    expect(getSsoProvider('authentik')).toBeNull();
+  });
+});
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				`export const COMMANDS_REDIS = 'COMMANDS_REDIS';`