fix: address PR review comments for 0416-openclaw_cli_http_redesign

feat: move OpenClaw control plane to CLI and HTTP
feat(build): add arm64-only macOS release config (#728 )
2026-05-13 23:53:25 +00:00 · 2026-04-16 16:22:27 -07:00 · 2026-04-16 15:34:06 -07:00 · 2026-04-16 13:09:46 -07:00 · 2026-04-16 13:05:01 -07:00 · 2026-04-16 12:59:49 -07:00
87 changed files with 2972 additions and 4486 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -36,9 +36,6 @@ jobs:
          - suite: integration
            test_path: tests/server.integration.test.ts
            junit_path: test-results/integration.xml
-          - suite: sdk
-            test_path: tests/sdk
-            junit_path: test-results/sdk.xml

    steps:
      - name: Checkout code
@@ -139,3 +136,124 @@ jobs:
            echo "See the uploaded \`junit-${{ matrix.suite }}\` artifact for details." >> "$GITHUB_STEP_SUMMARY"
            exit 1
          fi
+
+  comment:
+    name: PR test summary
+    needs: test
+    if: >-
+      always()
+      && github.event_name == 'pull_request'
+      && github.event.pull_request.head.repo.full_name == github.repository
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      actions: read
+    steps:
+      - name: Download JUnit artifacts
+        uses: actions/download-artifact@v4
+        continue-on-error: true
+        with:
+          path: junit
+          pattern: junit-*
+
+      - name: Build comment body
+        run: |
+          python3 <<'PY'
+          import glob, os, xml.etree.ElementTree as ET
+
+          run_url = f"{os.environ['GITHUB_SERVER_URL']}/{os.environ['GITHUB_REPOSITORY']}/actions/runs/{os.environ['GITHUB_RUN_ID']}"
+          marker = "<!-- browseros-agent-tests-summary -->"
+
+          suites = []
+          failed_cases = []
+          total_tests = total_failed = total_skipped = 0
+
+          for xml_path in sorted(glob.glob("junit/junit-*/*.xml")):
+              suite_name = os.path.basename(os.path.dirname(xml_path)).removeprefix("junit-")
+              try:
+                  root = ET.parse(xml_path).getroot()
+              except ET.ParseError:
+                  suites.append({"name": suite_name, "passed": 0, "failed": 1, "skipped": 0, "total": 1})
+                  total_tests += 1
+                  total_failed += 1
+                  failed_cases.append((suite_name, "(could not parse junit XML)"))
+                  continue
+
+              testsuites = root.findall("testsuite") if root.tag == "testsuites" else [root]
+              s_tests = s_fail = s_err = s_skip = 0
+              for ts in testsuites:
+                  s_tests += int(ts.get("tests") or 0)
+                  s_fail += int(ts.get("failures") or 0)
+                  s_err += int(ts.get("errors") or 0)
+                  s_skip += int(ts.get("skipped") or 0)
+                  for tc in ts.iter("testcase"):
+                      if tc.find("failure") is not None or tc.find("error") is not None:
+                          cls = tc.get("classname") or ""
+                          name = tc.get("name") or "(unnamed)"
+                          label = f"{cls} > {name}" if cls else name
+                          failed_cases.append((suite_name, label))
+
+              s_failed = s_fail + s_err
+              s_passed = max(s_tests - s_failed - s_skip, 0)
+              suites.append({"name": suite_name, "passed": s_passed, "failed": s_failed, "skipped": s_skip, "total": s_tests})
+              total_tests += s_tests
+              total_failed += s_failed
+              total_skipped += s_skip
+
+          total_passed = max(total_tests - total_failed - total_skipped, 0)
+
+          if total_tests == 0:
+              header = "## :warning: No test results were produced"
+          elif total_failed == 0:
+              header = f"## :white_check_mark: Tests passed — {total_passed}/{total_tests}"
+          else:
+              header = f"## :x: Tests failed — {total_failed}/{total_tests} failed"
+
+          lines = [marker, header, ""]
+          if suites:
+              lines.append("| Suite | Passed | Failed | Skipped |")
+              lines.append("|-------|--------|--------|---------|")
+              for s in suites:
+                  icon = ":white_check_mark:" if s["failed"] == 0 and s["total"] > 0 else ":warning:" if s["total"] == 0 else ":x:"
+                  lines.append(f"| {icon} `{s['name']}` | {s['passed']}/{s['total']} | {s['failed']} | {s['skipped']} |")
+
+          if failed_cases:
+              lines += ["", "<details open>", "<summary><b>Failed tests</b></summary>", ""]
+              for suite_name, label in failed_cases[:50]:
+                  lines.append(f"- **{suite_name}** — `{label}`")
+              if len(failed_cases) > 50:
+                  lines.append(f"- …and {len(failed_cases) - 50} more")
+              lines += ["", "</details>"]
+
+          lines += ["", f"[View workflow run]({run_url})"]
+
+          with open("comment.md", "w") as f:
+              f.write("\n".join(lines) + "\n")
+          PY
+
+      - name: Upsert sticky PR comment
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const fs = require('fs');
+            const body = fs.readFileSync('comment.md', 'utf8');
+            const marker = '<!-- browseros-agent-tests-summary -->';
+            const { owner, repo } = context.repo;
+            const issue_number = context.payload.pull_request.number;
+
+            const triggerSha = context.payload.pull_request.head.sha;
+            const { data: pr } = await github.rest.pulls.get({ owner, repo, pull_number: issue_number });
+            if (pr.head.sha !== triggerSha) {
+              core.info(`PR head has moved (${pr.head.sha} vs ${triggerSha}) — skipping stale comment.`);
+              return;
+            }
+
+            const comments = await github.paginate(github.rest.issues.listComments, {
+              owner, repo, issue_number, per_page: 100,
+            });
+            const existing = comments.find(c => c.body && c.body.includes(marker));
+            if (existing) {
+              await github.rest.issues.updateComment({ owner, repo, comment_id: existing.id, body });
+            } else {
+              await github.rest.issues.createComment({ owner, repo, issue_number, body });
+            }
--- a/packages/browseros-agent/apps/agent/.env.example
+++ b/packages/browseros-agent/apps/agent/.env.example
@@ -15,6 +15,9 @@ VITE_PUBLIC_SENTRY_DSN=
 # BrowserOS API URL
 VITE_PUBLIC_BROWSEROS_API=https://api.browseros.com

+# Feature flags
+VITE_ALPHA_FEATURES=false
+
 # GraphQL Schema Path (optional — falls back to schema/schema.graphql)
 GRAPHQL_SCHEMA_PATH=

--- a/packages/browseros-agent/apps/agent/components/sidebar/SettingsSidebar.tsx
+++ b/packages/browseros-agent/apps/agent/components/sidebar/SettingsSidebar.tsx
@@ -80,9 +80,19 @@ const primarySettingsSections: NavSection[] = [
        icon: Palette,
        feature: Feature.CUSTOMIZATION_SUPPORT,
      },
-      { name: 'Tool Approvals', to: '/settings/approvals', icon: ShieldCheck },
+      {
+        name: 'Tool Approvals',
+        to: '/settings/approvals',
+        icon: ShieldCheck,
+        feature: Feature.ALPHA_FEATURES_SUPPORT,
+      },
      { name: 'BrowserOS as MCP', to: '/settings/mcp', icon: Server },
-      { name: 'ACL Rules', to: '/settings/acl', icon: ShieldAlert },
+      {
+        name: 'ACL Rules',
+        to: '/settings/acl',
+        icon: ShieldAlert,
+        feature: Feature.ALPHA_FEATURES_SUPPORT,
+      },
      {
        name: 'Usage & Billing',
        to: '/settings/usage',
--- a/packages/browseros-agent/apps/agent/components/sidebar/SidebarNavigation.tsx
+++ b/packages/browseros-agent/apps/agent/components/sidebar/SidebarNavigation.tsx
@@ -41,7 +41,12 @@ const primaryNavItems: NavItem[] = [
    feature: Feature.MANAGED_MCP_SUPPORT,
  },
  { name: 'Scheduled Tasks', to: '/scheduled', icon: CalendarClock },
-  { name: 'Agents', to: '/agents', icon: Cpu },
+  {
+    name: 'Agents',
+    to: '/agents',
+    icon: Cpu,
+    feature: Feature.ALPHA_FEATURES_SUPPORT,
+  },
  {
    name: 'Skills',
    to: '/home/skills',
@@ -60,7 +65,12 @@ const primaryNavItems: NavItem[] = [
    icon: Sparkles,
    feature: Feature.SOUL_SUPPORT,
  },
-  { name: 'Governance', to: '/admin', icon: Shield },
+  {
+    name: 'Governance',
+    to: '/admin',
+    icon: Shield,
+    feature: Feature.ALPHA_FEATURES_SUPPORT,
+  },
  { name: 'Settings', to: '/settings/ai', icon: Settings },
 ]

--- a/packages/browseros-agent/apps/agent/entrypoints/app/App.tsx
+++ b/packages/browseros-agent/apps/agent/entrypoints/app/App.tsx
@@ -1,5 +1,8 @@
 import type { FC } from 'react'
 import { HashRouter, Navigate, Route, Routes, useParams } from 'react-router'
+import { Feature } from '@/lib/browseros/capabilities'
+import { useCapabilities } from '@/lib/browseros/useCapabilities'
+import { NewTab } from '../newtab/index/NewTab'
 import { NewTabChat } from '../newtab/index/NewTabChat'
 import { NewTabLayout } from '../newtab/layout/NewTabLayout'
 import { Personalize } from '../newtab/personalize/Personalize'
@@ -65,6 +68,8 @@ const OptionsRedirect: FC = () => {

 export const App: FC = () => {
  const surveyParams = getSurveyParams()
+  const { supports } = useCapabilities()
+  const alphaEnabled = supports(Feature.ALPHA_FEATURES_SUPPORT)

  return (
    <HashRouter>
@@ -80,16 +85,25 @@ export const App: FC = () => {
        {/* Main app with sidebar */}
        <Route element={<SidebarLayout />}>
          {/* Home routes */}
-          <Route path="home" element={<NewTabLayout />}>
-            <Route element={<AgentCommandLayout />}>
-              <Route index element={<AgentCommandHome />} />
-              <Route
-                path="agents/:agentId"
-                element={<AgentCommandConversation />}
-              />
-            </Route>
-            <Route path="chat" element={<NewTabChat />} />
-            <Route path="personalize" element={<Personalize />} />
+          <Route
+            path="home"
+            element={<NewTabLayout useChatSessionOnHome={!alphaEnabled} />}
+          >
+            {alphaEnabled ? (
+              <>
+                <Route element={<AgentCommandLayout />}>
+                  <Route index element={<AgentCommandHome />} />
+                  <Route
+                    path="agents/:agentId"
+                    element={<AgentCommandConversation />}
+                  />
+                </Route>
+                <Route path="chat" element={<NewTabChat />} />
+                <Route path="personalize" element={<Personalize />} />
+              </>
+            ) : (
+              <Route index element={<NewTab />} />
+            )}
            <Route path="soul" element={<SoulPage />} />
            <Route path="skills" element={<SkillsPage />} />
            <Route path="memory" element={<MemoryPage />} />
@@ -98,8 +112,12 @@ export const App: FC = () => {
          {/* Primary nav routes */}
          <Route path="connect-apps" element={<ConnectMCP />} />
          <Route path="scheduled" element={<ScheduledTasksPage />} />
-          <Route path="agents" element={<AgentsPage />} />
-          <Route path="admin" element={<AdminDashboardPage />} />
+          {alphaEnabled ? (
+            <Route path="agents" element={<AgentsPage />} />
+          ) : null}
+          {alphaEnabled ? (
+            <Route path="admin" element={<AdminDashboardPage />} />
+          ) : null}
        </Route>

        {/* Settings with dedicated sidebar */}
@@ -113,8 +131,12 @@ export const App: FC = () => {
            <Route path="search" element={<SearchProviderPage />} />
            <Route path="survey" element={<SurveyPage {...surveyParams} />} />
            <Route path="usage" element={<UsagePage />} />
-            <Route path="acl" element={<AclSettingsPage />} />
-            <Route path="approvals" element={<ToolApprovalsPage />} />
+            {alphaEnabled ? (
+              <>
+                <Route path="acl" element={<AclSettingsPage />} />
+                <Route path="approvals" element={<ToolApprovalsPage />} />
+              </>
+            ) : null}
          </Route>
        </Route>

@@ -130,7 +152,12 @@ export const App: FC = () => {
        <Route path="/" element={<Navigate to="/home" replace />} />
        <Route
          path="/personalize"
-          element={<Navigate to="/home/personalize" replace />}
+          element={
+            <Navigate
+              to={alphaEnabled ? '/home/personalize' : '/home'}
+              replace
+            />
+          }
        />
        <Route
          path="/settings/connect-mcp"
@@ -144,12 +171,18 @@ export const App: FC = () => {
          path="/settings/skills"
          element={<Navigate to="/home/skills" replace />}
        />
-        <Route path="/audit" element={<Navigate to="/admin" replace />} />
+        <Route
+          path="/audit"
+          element={<Navigate to={alphaEnabled ? '/admin' : '/home'} replace />}
+        />
        <Route
          path="/observability"
-          element={<Navigate to="/admin" replace />}
+          element={<Navigate to={alphaEnabled ? '/admin' : '/home'} replace />}
+        />
+        <Route
+          path="/executions"
+          element={<Navigate to={alphaEnabled ? '/admin' : '/home'} replace />}
        />
-        <Route path="/executions" element={<Navigate to="/admin" replace />} />
        <Route path="/options/*" element={<OptionsRedirect />} />

        {/* Fallback to home */}
--- a/packages/browseros-agent/apps/agent/entrypoints/newtab/index/NewTab.tsx
+++ b/packages/browseros-agent/apps/agent/entrypoints/newtab/index/NewTab.tsx
@@ -102,6 +102,7 @@ export const NewTab = () => {
  })
  const { selectedFolder } = useWorkspace()
  const { supports } = useCapabilities()
+  const alphaEnabled = supports(Feature.ALPHA_FEATURES_SUPPORT)
  const { providers, selectedProvider, handleSelectProvider } =
    useChatSessionContext()
  const { servers: mcpServers } = useMcpServers()
@@ -168,6 +169,8 @@ export const NewTab = () => {
    selectedTabs,
  })
  const searchPlaceholder = `Ask BrowserOS or search ${providerConfig.name}...`
+  const supportsInlineChat =
+    alphaEnabled && supports(Feature.NEWTAB_CHAT_SUPPORT)

  const {
    isOpen,
@@ -357,7 +360,7 @@ export const NewTab = () => {
          tabs_count: selectedTabs.length,
        })
        const searchQuery = `${item.name}${item.description ? ` - ${item.description}` : ''}}`
-        if (supports(Feature.NEWTAB_CHAT_SUPPORT)) {
+        if (supportsInlineChat) {
          startInlineChat(searchQuery, 'agent', {
            name: item.name,
            description: item.description,
@@ -383,7 +386,7 @@ export const NewTab = () => {
          mode: item.mode,
          tabs_count: selectedTabs.length,
        })
-        if (supports(Feature.NEWTAB_CHAT_SUPPORT)) {
+        if (supportsInlineChat) {
          startInlineChat(item.message, item.mode)
        } else {
          const action = createBrowserOSAction({
--- a/packages/browseros-agent/apps/agent/entrypoints/newtab/layout/NewTabLayout.tsx
+++ b/packages/browseros-agent/apps/agent/entrypoints/newtab/layout/NewTabLayout.tsx
@@ -4,10 +4,19 @@ import { ChatSessionProvider } from '@/entrypoints/sidepanel/layout/ChatSessionC
 import { NewTabFocusGrid } from './NewTabFocusGrid'
 import { shouldHideFocusGrid, shouldUseChatSession } from './route-utils'

-export const NewTabLayout: FC = () => {
+interface NewTabLayoutProps {
+  useChatSessionOnHome?: boolean
+}
+
+export const NewTabLayout: FC<NewTabLayoutProps> = ({
+  useChatSessionOnHome = false,
+}) => {
  const location = useLocation()
  const hideGrid = shouldHideFocusGrid(location.pathname)
-  const useChatSession = shouldUseChatSession(location.pathname)
+  const useChatSession = shouldUseChatSession(
+    location.pathname,
+    useChatSessionOnHome,
+  )
  const content = (
    <>
      {!hideGrid && <NewTabFocusGrid />}
--- a/packages/browseros-agent/apps/agent/entrypoints/newtab/layout/route-utils.test.ts
+++ b/packages/browseros-agent/apps/agent/entrypoints/newtab/layout/route-utils.test.ts
@@ -13,6 +13,7 @@ describe('route-utils', () => {
    expect(isAgentConversationPath('/home')).toBe(false)
    expect(isAgentConversationPath('/home/agents/main')).toBe(true)
    expect(shouldUseChatSession('/home')).toBe(false)
+    expect(shouldUseChatSession('/home', true)).toBe(true)
    expect(shouldUseChatSession('/home/agents/main')).toBe(false)
    expect(shouldUseChatSession('/home/chat')).toBe(true)
  })
--- a/packages/browseros-agent/apps/agent/entrypoints/newtab/layout/route-utils.ts
+++ b/packages/browseros-agent/apps/agent/entrypoints/newtab/layout/route-utils.ts
@@ -19,6 +19,11 @@ export function shouldHideFocusGrid(pathname: string): boolean {
  )
 }

-export function shouldUseChatSession(pathname: string): boolean {
-  return pathname === '/home/chat'
+export function shouldUseChatSession(
+  pathname: string,
+  useChatSessionOnHome = false,
+): boolean {
+  return (
+    pathname === '/home/chat' || (useChatSessionOnHome && pathname === '/home')
+  )
 }
--- a/packages/browseros-agent/apps/agent/lib/browseros/capabilities.test.ts
+++ b/packages/browseros-agent/apps/agent/lib/browseros/capabilities.test.ts
@@ -0,0 +1,42 @@
+import { describe, expect, it } from 'bun:test'
+import { resolveStaticFeatureSupport } from './capabilities'
+
+describe('resolveStaticFeatureSupport', () => {
+  it('enables alpha-gated features automatically in development', () => {
+    expect(
+      resolveStaticFeatureSupport({
+        isDevelopment: true,
+        alphaFeaturesEnabled: false,
+        requiresAlphaFlag: true,
+      }),
+    ).toBe(true)
+  })
+
+  it('enables alpha-gated features only when explicitly opted in', () => {
+    expect(
+      resolveStaticFeatureSupport({
+        isDevelopment: false,
+        alphaFeaturesEnabled: true,
+        requiresAlphaFlag: true,
+      }),
+    ).toBe(true)
+  })
+
+  it('keeps non-alpha features enabled in development', () => {
+    expect(
+      resolveStaticFeatureSupport({
+        isDevelopment: true,
+        alphaFeaturesEnabled: false,
+      }),
+    ).toBe(true)
+  })
+
+  it('leaves non-alpha features unresolved in production', () => {
+    expect(
+      resolveStaticFeatureSupport({
+        isDevelopment: false,
+        alphaFeaturesEnabled: false,
+      }),
+    ).toBeNull()
+  })
+})
--- a/packages/browseros-agent/apps/agent/lib/browseros/capabilities.ts
+++ b/packages/browseros-agent/apps/agent/lib/browseros/capabilities.ts
@@ -1,3 +1,4 @@
+import { env } from '../env'
 import { BrowserOSAdapter } from './adapter'

 const SERVER_VERSION_PREF = 'browseros.server.version'
@@ -7,16 +8,20 @@ type FeatureConfig = {
  maxBrowserOSVersion?: string
  minServerVersion?: string
  maxServerVersion?: string
+  requiresAlphaFlag?: boolean
 }

 /**
- * Features gated by BrowserOS version.
+ * Features gated by BrowserOS version or explicit environment flags.
 * Add new features here with corresponding config in FEATURE_CONFIG.
 *
- * Note: In development mode, all features are enabled regardless of version.
+ * Note: In development mode, all features are enabled regardless of version
+ * or alpha flag.
 * @public
 */
 export enum Feature {
+  // Unfinished UI surfaces behind an explicit alpha opt-in
+  ALPHA_FEATURES_SUPPORT = 'ALPHA_FEATURES_SUPPORT',
  // support for OpenAI-compatible provider
  OPENAI_COMPATIBLE_SUPPORT = 'OPENAI_COMPATIBLE_SUPPORT',
  // Managed MCP servers integration
@@ -61,9 +66,11 @@ export enum Feature {
 * - maxServerVersion: feature enabled when server < this version (for deprecation)
 *
 * TypeScript enforces that every Feature has a config entry.
- * Note: In development mode, all features are enabled regardless of version.
+ * In development mode, all features are enabled regardless of version or
+ * alpha flag.
 */
 const FEATURE_CONFIG: { [K in Feature]: FeatureConfig } = {
+  [Feature.ALPHA_FEATURES_SUPPORT]: { requiresAlphaFlag: true },
  [Feature.OPENAI_COMPATIBLE_SUPPORT]: { minBrowserOSVersion: '0.33.0.1' },
  [Feature.MANAGED_MCP_SUPPORT]: { minBrowserOSVersion: '0.34.0.0' },
  [Feature.PERSONALIZATION_SUPPORT]: { minBrowserOSVersion: '0.36.1.0' },
@@ -121,6 +128,24 @@ function checkVersionConstraints(
  return true
 }

+export function resolveStaticFeatureSupport({
+  isDevelopment,
+  alphaFeaturesEnabled,
+  requiresAlphaFlag = false,
+}: {
+  isDevelopment: boolean
+  alphaFeaturesEnabled: boolean
+  requiresAlphaFlag?: boolean
+}): boolean | null {
+  if (isDevelopment) {
+    return true
+  }
+  if (requiresAlphaFlag) {
+    return alphaFeaturesEnabled
+  }
+  return null
+}
+
 type CapabilitiesState = {
  browserOSVersion: number[] | null
  serverVersion: number[] | null
@@ -128,6 +153,16 @@ type CapabilitiesState = {

 let initPromise: Promise<CapabilitiesState> | null = null

+function getStaticFeatureSupport(feature: Feature): boolean | null {
+  const config = FEATURE_CONFIG[feature]
+  if (!config) return false
+  return resolveStaticFeatureSupport({
+    isDevelopment: import.meta.env.DEV,
+    alphaFeaturesEnabled: env.VITE_ALPHA_FEATURES,
+    requiresAlphaFlag: config.requiresAlphaFlag,
+  })
+}
+
 async function doInitialize(): Promise<CapabilitiesState> {
  const adapter = BrowserOSAdapter.getInstance()
  const state: CapabilitiesState = {
@@ -205,12 +240,17 @@ function checkFeatureSupport(
 * @public
 */
 export const Capabilities = {
+  getStaticSupport(feature: Feature): boolean | null {
+    return getStaticFeatureSupport(feature)
+  },
+
  /**
   * Check if a feature is supported.
   * In development mode, all features are enabled.
   */
  async supports(feature: Feature): Promise<boolean> {
-    if (import.meta.env.DEV) return true
+    const staticSupport = getStaticFeatureSupport(feature)
+    if (staticSupport !== null) return staticSupport
    const state = await ensureInitialized()
    return checkFeatureSupport(state, feature)
  },
--- a/packages/browseros-agent/apps/agent/lib/browseros/useCapabilities.ts
+++ b/packages/browseros-agent/apps/agent/lib/browseros/useCapabilities.ts
@@ -14,6 +14,19 @@ interface UseCapabilitiesResult {
  serverVersion: string | null
 }

+function getInitialSupportedFeatures(): Map<Feature, boolean> {
+  return new Map(
+    Object.values(Feature)
+      .filter((value) => typeof value === 'string')
+      .flatMap((feature) => {
+        const supported = Capabilities.getStaticSupport(feature as Feature)
+        return supported === null
+          ? []
+          : ([[feature as Feature, supported]] as const)
+      }),
+  )
+}
+
 /**
 * React hook for version-gated feature checks.
 * Auto-initializes Capabilities and caches feature support results.
@@ -28,11 +41,11 @@ interface UseCapabilitiesResult {
 */
 export function useCapabilities(): UseCapabilitiesResult {
  const [isLoading, setIsLoading] = useState(true)
-  const [state, setState] = useState<CapabilitiesState>({
+  const [state, setState] = useState<CapabilitiesState>(() => ({
    browserOSVersion: null,
    serverVersion: null,
-    supportedFeatures: new Map(),
-  })
+    supportedFeatures: getInitialSupportedFeatures(),
+  }))

  useEffect(() => {
    let cancelled = false
@@ -72,10 +85,9 @@ export function useCapabilities(): UseCapabilitiesResult {

  const supports = useCallback(
    (feature: Feature): boolean => {
-      if (isLoading) return false
      return state.supportedFeatures.get(feature) ?? false
    },
-    [isLoading, state.supportedFeatures],
+    [state.supportedFeatures],
  )

  return {
--- a/packages/browseros-agent/apps/agent/lib/env.ts
+++ b/packages/browseros-agent/apps/agent/lib/env.ts
@@ -2,11 +2,15 @@ import { ZodError, z } from 'zod'

 const EnvSchema = z.object({
  VITE_BROWSEROS_SERVER_PORT: z.coerce.number().optional(),
+  VITE_ALPHA_FEATURES: z
+    .string()
+    .optional()
+    .transform((value) => value === 'true'),
  VITE_PUBLIC_POSTHOG_KEY: z.string().optional(),
  VITE_PUBLIC_POSTHOG_HOST: z.string().optional(),
  VITE_PUBLIC_SENTRY_DSN: z.string().optional(),
  VITE_PUBLIC_BROWSEROS_API: z.string().optional(),
-  PROD: z.boolean(),
+  PROD: z.boolean().optional().default(false),
 })

 try {
--- a/packages/browseros-agent/apps/server/package.json
+++ b/packages/browseros-agent/apps/server/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@browseros/server",
-  "version": "0.0.83",
+  "version": "0.0.87",
  "description": "BrowserOS server",
  "type": "module",
  "main": "./src/index.ts",
@@ -12,7 +12,7 @@
    "build": "bun ../../scripts/build/server.ts --target=all",
    "test:tools": "bun run test:cleanup && bun --env-file=.env.development test tests/tools",
    "test:integration": "bun run test:cleanup && bun --env-file=.env.development test tests/server.integration.test.ts",
-    "test:sdk": "bun run test:cleanup && bun --env-file=.env.development test tests/sdk",
+    "test:sdk": "echo 'SDK tests disabled: test environment does not provide the extract/verify LLM service'",
    "test:cleanup": "./tests/__helpers__/cleanup.sh",
    "typecheck": "tsc --noEmit",
    "devtools": "bunx @ai-sdk/devtools"
--- a/packages/browseros-agent/apps/server/src/agent/provider-factory.ts
+++ b/packages/browseros-agent/apps/server/src/agent/provider-factory.ts
@@ -9,6 +9,10 @@ import { LLM_PROVIDERS } from '@browseros/shared/schemas/llm'
 import { createOpenRouter } from '@openrouter/ai-sdk-provider'
 import type { LanguageModel } from 'ai'
 import { createBrowserOSFetch } from '../lib/browseros-fetch'
+import {
+  createMockBrowserOSLanguageModel,
+  shouldUseMockBrowserOSLLM,
+} from '../lib/clients/llm/mock-language-model'
 import { createCodexFetch } from '../lib/clients/oauth/codex-fetch'
 import { createCopilotFetch } from '../lib/clients/oauth/copilot-fetch'
 import { logger } from '../lib/logger'
@@ -219,6 +223,9 @@ const PROVIDER_FACTORIES: Record<string, ProviderFactory> = {
 export function createLanguageModel(
  config: ResolvedAgentConfig,
 ): LanguageModel {
+  if (shouldUseMockBrowserOSLLM(config)) {
+    return createMockBrowserOSLanguageModel()
+  }
  const provider = config.provider as string
  const factory = PROVIDER_FACTORIES[provider]
  if (!factory) throw new Error(`Unknown provider: ${provider}`)
--- a/packages/browseros-agent/apps/server/src/api/services/openclaw/openclaw-admin-client.ts
+++ b/packages/browseros-agent/apps/server/src/api/services/openclaw/openclaw-admin-client.ts
@@ -0,0 +1,126 @@
+/**
+ * @license
+ * Copyright 2025 BrowserOS
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+type LogFn = (line: string) => void
+
+interface ContainerExecutor {
+  execInContainer(command: string[], onLog?: LogFn): Promise<number>
+}
+
+interface RawAgentRecord {
+  id: string
+  name?: string
+  workspace: string
+  model?: string
+}
+
+export interface OpenClawAgentRecord {
+  agentId: string
+  name: string
+  workspace: string
+  model?: string
+}
+
+export class OpenClawAdminClient {
+  constructor(
+    private readonly executor: ContainerExecutor,
+    private readonly getToken: () => Promise<string>,
+  ) {}
+
+  async listAgents(): Promise<OpenClawAgentRecord[]> {
+    const records = await this.runJsonCommand<RawAgentRecord[]>([
+      'agents',
+      'list',
+      '--json',
+    ])
+    return records.map((record) => ({
+      agentId: record.id,
+      name: record.name ?? record.id,
+      workspace: record.workspace,
+      model: record.model,
+    }))
+  }
+
+  async createAgent(input: {
+    name: string
+    workspace: string
+    model?: string
+  }): Promise<OpenClawAgentRecord> {
+    const args = ['agents', 'add', input.name, '--workspace', input.workspace]
+
+    if (input.model) {
+      args.push('--model', input.model)
+    }
+
+    args.push('--non-interactive', '--json')
+    await this.runCommand(args)
+    const agents = await this.listAgents()
+    const agent = agents.find((entry) => entry.agentId === input.name)
+
+    if (!agent) {
+      throw new Error(`Created agent ${input.name} was not found in agent list`)
+    }
+
+    return agent
+  }
+
+  async deleteAgent(agentId: string): Promise<void> {
+    await this.runCommand(['agents', 'delete', agentId, '--force', '--json'])
+  }
+
+  async probe(): Promise<void> {
+    await this.listAgents()
+  }
+
+  private async runJsonCommand<T>(args: string[]): Promise<T> {
+    const output = await this.runCommand(args)
+    return parseJsonOutput<T>(output)
+  }
+
+  private async runCommand(args: string[]): Promise<string> {
+    const output: string[] = []
+    const token = await this.getToken()
+    const command = ['node', 'dist/index.js', ...args, '--token', token]
+    const exitCode = await this.executor.execInContainer(command, (line) =>
+      output.push(line),
+    )
+
+    if (exitCode !== 0) {
+      const detail = output.join('\n').trim()
+      throw new Error(
+        detail || `OpenClaw command failed (${args.slice(0, 2).join(' ')})`,
+      )
+    }
+
+    return output.join('\n').trim()
+  }
+}
+
+function parseJsonOutput<T>(output: string): T {
+  const direct = tryParseJson<T>(output)
+  if (direct !== null) return direct
+
+  const start = output.search(/[[{]/)
+  if (start >= 0) {
+    const sliced = tryParseJson<T>(output.slice(start))
+    if (sliced !== null) return sliced
+  }
+
+  throw new Error(
+    `Failed to parse OpenClaw JSON output: ${output.slice(0, 200)}`,
+  )
+}
+
+function tryParseJson<T>(value: string): T | null {
+  const trimmed = value.trim()
+  if (!trimmed) return null
+
+  try {
+    return JSON.parse(trimmed) as T
+  } catch {
+    return null
+  }
+}
--- a/packages/browseros-agent/apps/server/src/api/services/openclaw/openclaw-http-chat-client.ts
+++ b/packages/browseros-agent/apps/server/src/api/services/openclaw/openclaw-http-chat-client.ts
@@ -0,0 +1,245 @@
+/**
+ * @license
+ * Copyright 2025 BrowserOS
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+import { createParser, type EventSourceMessage } from 'eventsource-parser'
+import type { OpenClawStreamEvent } from './openclaw-types'
+
+export interface OpenClawChatRequest {
+  agentId: string
+  sessionKey: string
+  message: string
+  signal?: AbortSignal
+}
+
+export class OpenClawHttpChatClient {
+  constructor(
+    private readonly port: number,
+    private readonly getToken: () => Promise<string>,
+  ) {}
+
+  async streamChat(
+    input: OpenClawChatRequest,
+  ): Promise<ReadableStream<OpenClawStreamEvent>> {
+    const response = await this.fetchChat(input)
+    const body = response.body
+
+    if (!body) {
+      throw new Error('OpenClaw chat response had no body')
+    }
+
+    return createEventStream(body, input.signal)
+  }
+
+  private async fetchChat(input: OpenClawChatRequest): Promise<Response> {
+    const token = await this.getToken()
+    const response = await fetch(
+      `http://127.0.0.1:${this.port}/v1/chat/completions`,
+      {
+        method: 'POST',
+        headers: {
+          Authorization: `Bearer ${token}`,
+          'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({
+          model: resolveAgentModel(input.agentId),
+          stream: true,
+          messages: [{ role: 'user', content: input.message }],
+          user: `browseros:${input.agentId}:${input.sessionKey}`,
+        }),
+        signal: input.signal,
+      },
+    )
+
+    if (response.ok) {
+      return response
+    }
+
+    const detail = await response.text()
+    throw new Error(
+      detail || `OpenClaw chat failed with status ${response.status}`,
+    )
+  }
+}
+
+function resolveAgentModel(agentId: string): string {
+  return agentId === 'main' ? 'openclaw/default' : `openclaw/${agentId}`
+}
+
+function createEventStream(
+  body: ReadableStream<Uint8Array>,
+  signal?: AbortSignal,
+): ReadableStream<OpenClawStreamEvent> {
+  return new ReadableStream<OpenClawStreamEvent>({
+    start(controller) {
+      void pumpChatEvents(body, controller, signal)
+    },
+  })
+}
+
+async function pumpChatEvents(
+  body: ReadableStream<Uint8Array>,
+  controller: ReadableStreamDefaultController<OpenClawStreamEvent>,
+  signal?: AbortSignal,
+): Promise<void> {
+  const reader = body.getReader()
+  const decoder = new TextDecoder()
+  let text = ''
+  let done = false
+  const parser = createParser({
+    onEvent(message) {
+      if (done) return
+      const nextText = updateAccumulatedText(message, text)
+      done = handleMessage(message, controller, nextText, done)
+      if (!done) {
+        text = nextText
+      }
+    },
+  })
+
+  try {
+    while (true) {
+      if (signal?.aborted) {
+        await reader.cancel()
+        controller.close()
+        return
+      }
+
+      const { done: streamDone, value } = await reader.read()
+      if (streamDone) break
+      parser.feed(decoder.decode(value, { stream: true }))
+    }
+  } catch (error) {
+    if (!done) {
+      controller.enqueue({
+        type: 'error',
+        data: {
+          message: error instanceof Error ? error.message : String(error),
+        },
+      })
+      controller.close()
+    }
+  } finally {
+    if (!done) {
+      controller.close()
+    }
+    reader.releaseLock()
+  }
+}
+
+function handleMessage(
+  message: EventSourceMessage,
+  controller: ReadableStreamDefaultController<OpenClawStreamEvent>,
+  text: string,
+  done: boolean,
+): boolean {
+  if (message.data === '[DONE]') {
+    return finishStream(controller, text, done)
+  }
+
+  const chunk = parseChunk(message.data)
+  if (!chunk) {
+    controller.enqueue({
+      type: 'error',
+      data: { message: 'Failed to parse OpenClaw chat stream chunk' },
+    })
+    controller.close()
+    return true
+  }
+
+  for (const event of mapChunkToEvents(chunk)) {
+    controller.enqueue(event)
+  }
+
+  return hasFinishReason(chunk) ? finishStream(controller, text, done) : false
+}
+
+function updateAccumulatedText(
+  message: EventSourceMessage,
+  text: string,
+): string {
+  const chunk = parseChunk(message.data)
+  if (!chunk) return text
+
+  let next = text
+  for (const choice of readChoices(chunk)) {
+    const delta = readDeltaText(choice)
+    if (delta) {
+      next += delta
+    }
+  }
+  return next
+}
+
+function finishStream(
+  controller: ReadableStreamDefaultController<OpenClawStreamEvent>,
+  text: string,
+  done: boolean,
+): boolean {
+  if (!done) {
+    controller.enqueue({
+      type: 'done',
+      data: { text },
+    })
+    controller.close()
+  }
+
+  return true
+}
+
+function mapChunkToEvents(
+  chunk: Record<string, unknown>,
+): OpenClawStreamEvent[] {
+  const events: OpenClawStreamEvent[] = []
+
+  for (const choice of readChoices(chunk)) {
+    const delta = readDeltaText(choice)
+    if (delta) {
+      events.push({
+        type: 'text-delta',
+        data: { text: delta },
+      })
+    }
+  }
+
+  return events
+}
+
+function hasFinishReason(chunk: Record<string, unknown>): boolean {
+  return readChoices(chunk).some((choice) => !!readFinishReason(choice))
+}
+
+function readChoices(
+  chunk: Record<string, unknown>,
+): Array<Record<string, unknown>> {
+  const choices = chunk.choices
+  return Array.isArray(choices)
+    ? choices.filter(
+        (choice): choice is Record<string, unknown> =>
+          !!choice && typeof choice === 'object',
+      )
+    : []
+}
+
+function readDeltaText(choice: Record<string, unknown>): string {
+  const delta = choice.delta
+  if (!delta || typeof delta !== 'object') return ''
+
+  const content = (delta as Record<string, unknown>).content
+  return typeof content === 'string' ? content : ''
+}
+
+function readFinishReason(choice: Record<string, unknown>): string | null {
+  const reason = choice.finish_reason
+  return typeof reason === 'string' && reason ? reason : null
+}
+
+function parseChunk(data: string): Record<string, unknown> | null {
+  try {
+    return JSON.parse(data) as Record<string, unknown>
+  } catch {
+    return null
+  }
+}
--- a/packages/browseros-agent/apps/server/src/api/services/openclaw/openclaw-service.ts
+++ b/packages/browseros-agent/apps/server/src/api/services/openclaw/openclaw-service.ts
@@ -4,14 +4,17 @@
 * SPDX-License-Identifier: AGPL-3.0-or-later
 *
 * Main orchestrator for OpenClaw integration.
- * Container lifecycle via Podman, agent CRUD via Gateway WS RPC,
+ * Container lifecycle via Podman, agent CRUD via in-container CLI,
 * chat via HTTP /v1/chat/completions proxy.
 */

 import { existsSync } from 'node:fs'
 import { mkdir, readFile, writeFile } from 'node:fs/promises'
 import { join, resolve } from 'node:path'
-import { OPENCLAW_GATEWAY_PORT } from '@browseros/shared/constants/openclaw'
+import {
+  OPENCLAW_CONTAINER_HOME,
+  OPENCLAW_GATEWAY_PORT,
+} from '@browseros/shared/constants/openclaw'
 import { DEFAULT_PORTS } from '@browseros/shared/constants/ports'
 import type {
  BrowserOSAgentRoleId,
@@ -28,11 +31,9 @@ import {
  OpenClawProtectedAgentError,
 } from './errors'
 import {
-  ensureClientIdentity,
-  type GatewayAgentEntry,
-  GatewayClient,
-  type OpenClawStreamEvent,
-} from './gateway-client'
+  OpenClawAdminClient,
+  type OpenClawAgentRecord,
+} from './openclaw-admin-client'
 import {
  buildBootstrapConfig,
  buildEnvFile,
@@ -42,6 +43,8 @@ import {
  resolveProviderKeys,
  resolveProviderModel,
 } from './openclaw-config'
+import { OpenClawHttpChatClient } from './openclaw-http-chat-client'
+import type { OpenClawStreamEvent } from './openclaw-types'
 import { getPodmanRuntime } from './podman-runtime'
 import {
  buildRoleBootstrapFiles,
@@ -62,10 +65,12 @@ export type OpenClawControlPlaneStatus =
  | 'connecting'
  | 'connected'
  | 'reconnecting'
+  // Retained for extension compatibility while the UI still branches on it.
  | 'recovering'
  | 'failed'

 export type OpenClawGatewayRecoveryReason =
+  // Retained for extension compatibility while the UI still renders these reasons.
  | 'transient_disconnect'
  | 'signature_expired'
  | 'pairing_required'
@@ -92,7 +97,7 @@ export interface OpenClawStatusResponse {
  lastRecoveryReason: OpenClawGatewayRecoveryReason | null
 }

-export interface OpenClawAgentEntry extends GatewayAgentEntry {
+export interface OpenClawAgentEntry extends OpenClawAgentRecord {
  role?: BrowserOSAgentRoleSummary
 }

@@ -106,7 +111,8 @@ export interface SetupInput {

 export class OpenClawService {
  private runtime: ContainerRuntime
-  private gateway: GatewayClient | null = null
+  private adminClient: OpenClawAdminClient
+  private chatClient: OpenClawHttpChatClient
  private openclawDir: string
  private port = OPENCLAW_GATEWAY_PORT
  private token: string
@@ -115,13 +121,20 @@ export class OpenClawService {
  private controlPlaneStatus: OpenClawControlPlaneStatus = 'disconnected'
  private lastGatewayError: string | null = null
  private lastRecoveryReason: OpenClawGatewayRecoveryReason | null = null
-  private gatewayReconnectPromise: Promise<void> | null = null
  private stopLogTail: (() => void) | null = null

  constructor(browserosServerPort?: number) {
    this.openclawDir = getOpenClawDir()
    this.runtime = new ContainerRuntime(getPodmanRuntime(), this.openclawDir)
    this.token = crypto.randomUUID()
+    this.adminClient = new OpenClawAdminClient(
+      this.runtime,
+      async () => this.token,
+    )
+    this.chatClient = new OpenClawHttpChatClient(
+      this.port,
+      async () => this.token,
+    )
    this.browserosServerPort = browserosServerPort ?? DEFAULT_PORTS.server
  }

@@ -199,32 +212,26 @@ export class OpenClawService {
      throw new Error(this.lastError)
    }

-    // Generate client device identity for WS auth
-    logProgress('Generating client device identity...')
-    ensureClientIdentity(this.openclawDir)
+    this.controlPlaneStatus = 'connecting'
+    logProgress('Probing OpenClaw control plane...')
+    await this.runControlPlaneCall(() => this.adminClient.probe())

-    logProgress('Connecting to gateway...')
-    await this.connectGatewayResiliently(logProgress)
-
-    // Ensure main agent exists (gateway may auto-create it)
-    // biome-ignore lint/style/noNonNullAssertion: gateway is guaranteed connected after connectGateway()
-    const existingAgents = await this.gateway!.listAgents()
+    const existingAgents = await this.listAgents()
    logger.info('Fetched existing OpenClaw agents after setup', {
      count: existingAgents.length,
      names: existingAgents.map((agent) => agent.name),
    })
-    const hasMain = existingAgents.some((a) => a.agentId === 'main')
-    if (!hasMain) {
-      logProgress('Creating main agent...')
-      const model = resolveProviderModel(input)
-      // biome-ignore lint/style/noNonNullAssertion: gateway is connected
-      await this.gateway!.createAgent({
-        name: 'main',
-        workspace: GatewayClient.agentWorkspace('main'),
-        model,
-      })
+    if (existingAgents.some((agent) => agent.agentId === 'main')) {
+      logProgress('Main agent detected')
    } else {
-      logProgress('Main agent already exists')
+      logProgress('Creating main agent...')
+      await this.runControlPlaneCall(() =>
+        this.adminClient.createAgent({
+          name: 'main',
+          workspace: this.getContainerWorkspacePath('main'),
+          model: resolveProviderModel(input),
+        }),
+      )
    }

    this.lastError = null
@@ -253,15 +260,16 @@ export class OpenClawService {
      throw new Error(this.lastError)
    }

-    logProgress('Connecting to gateway...')
-    await this.connectGatewayResiliently(logProgress)
+    this.controlPlaneStatus = 'connecting'
+    logProgress('Probing OpenClaw control plane...')
+    await this.runControlPlaneCall(() => this.adminClient.probe())
    this.lastError = null
    logger.info('OpenClaw gateway started', { port: this.port })
  }

  async stop(): Promise<void> {
    logger.info('Stopping OpenClaw service', { port: this.port })
-    this.disconnectGateway()
+    this.controlPlaneStatus = 'disconnected'
    this.stopGatewayLogTail()
    await this.runtime.composeStop()
    logger.info('OpenClaw container stopped')
@@ -273,7 +281,7 @@ export class OpenClawService {
      port: this.port,
    })

-    this.disconnectGateway()
+    this.controlPlaneStatus = 'reconnecting'
    this.stopGatewayLogTail()
    logProgress('Loading gateway auth token...')
    await this.loadTokenFromEnv()
@@ -289,8 +297,8 @@ export class OpenClawService {
      throw new Error(this.lastError)
    }

-    logProgress('Connecting to gateway...')
-    await this.connectGatewayResiliently(logProgress)
+    logProgress('Probing OpenClaw control plane...')
+    await this.runControlPlaneCall(() => this.adminClient.probe())
    this.lastError = null
    logProgress('Gateway restarted successfully')
    logger.info('OpenClaw gateway restarted', { port: this.port })
@@ -311,15 +319,14 @@ export class OpenClawService {

    logProgress('Reloading gateway auth token...')
    await this.loadTokenFromEnv()
-    this.disconnectGateway()
-
+    this.controlPlaneStatus = 'reconnecting'
    logProgress('Reconnecting control plane...')
-    await this.ensureGatewayReady()
+    await this.runControlPlaneCall(() => this.adminClient.probe())
    logProgress('Control plane connected')
  }

  async shutdown(): Promise<void> {
-    this.disconnectGateway()
+    this.controlPlaneStatus = 'disconnected'
    this.stopGatewayLogTail()
    try {
      await this.runtime.composeStop()
@@ -370,12 +377,14 @@ export class OpenClawService {
      : false

    let agentCount = 0
-    if (ready && this.gateway?.isConnected) {
+    if (ready) {
      try {
-        const agents = await this.gateway.listAgents()
+        const agents = await this.runControlPlaneCall(() =>
+          this.adminClient.listAgents(),
+        )
        agentCount = agents.length
      } catch {
-        // WS may be momentarily unavailable
+        // latest control plane error is captured by runControlPlaneCall
      }
    }

@@ -386,17 +395,13 @@ export class OpenClawService {
      port: this.port,
      agentCount,
      error: this.lastError,
-      controlPlaneStatus: ready
-        ? this.gateway?.isConnected
-          ? 'connected'
-          : this.controlPlaneStatus
-        : 'disconnected',
+      controlPlaneStatus: ready ? this.controlPlaneStatus : 'disconnected',
      lastGatewayError: this.lastGatewayError,
      lastRecoveryReason: this.lastRecoveryReason,
    }
  }

-  // ── Agent Management (via WS RPC) ───────────────────────────────────
+  // ── Agent Management (via CLI) ──────────────────────────────────────

  async createAgent(input: {
    name: string
@@ -423,7 +428,7 @@ export class OpenClawService {
      hasModel: !!input.modelId,
      hasApiKey: !!input.apiKey,
    })
-    await this.ensureGatewayReady()
+    await this.assertGatewayReady()

    const configChanged = await this.mergeProviderConfigIfChanged(input)
    const keysChanged =
@@ -441,19 +446,15 @@ export class OpenClawService {
    }

    const model = resolveProviderModel(input)
-
-    const gateway = this.gateway
-    if (!gateway) {
-      throw new Error('Gateway WS not connected')
-    }
-
-    let agent: GatewayAgentEntry
+    let agent: OpenClawAgentRecord
    try {
-      agent = await gateway.createAgent({
-        name,
-        workspace: GatewayClient.agentWorkspace(name),
-        model,
-      })
+      agent = await this.runControlPlaneCall(() =>
+        this.adminClient.createAgent({
+          name,
+          workspace: this.getContainerWorkspacePath(name),
+          model,
+        }),
+      )
    } catch (error) {
      const message = error instanceof Error ? error.message : String(error)
      if (message.includes('already exists')) {
@@ -463,10 +464,13 @@ export class OpenClawService {
    }

    if (input.roleId || input.customRole) {
-      await this.writeRoleBootstrapFiles(
-        name,
-        input.roleId ? resolveRoleTemplate(input.roleId) : input.customRole!,
-      )
+      const role = input.roleId
+        ? resolveRoleTemplate(input.roleId)
+        : input.customRole
+      if (!role) {
+        throw new Error('Role bootstrap requested without a role definition')
+      }
+      await this.writeRoleBootstrapFiles(name, role)
    }

    const roleSummary = input.roleId
@@ -475,7 +479,7 @@ export class OpenClawService {
        ? toRoleSummary(input.customRole)
        : undefined

-    logger.info('Agent created via WS RPC', {
+    logger.info('Agent created via CLI', {
      agentId: agent.agentId,
      roleId: input.roleId,
      roleSource: roleSummary?.roleSource,
@@ -493,10 +497,11 @@ export class OpenClawService {
      throw new OpenClawProtectedAgentError('Cannot delete the main agent')
    }

-    await this.ensureGatewayReady()
+    await this.assertGatewayReady()
    try {
-      // biome-ignore lint/style/noNonNullAssertion: ensureGatewayReady() guarantees a connected client
-      await this.gateway!.deleteAgent(agentId)
+      await this.runControlPlaneCall(() =>
+        this.adminClient.deleteAgent(agentId),
+      )
    } catch (error) {
      const message = error instanceof Error ? error.message : String(error)
      if (message.includes('not found')) {
@@ -504,14 +509,15 @@ export class OpenClawService {
      }
      throw error
    }
-    logger.info('Agent removed via WS RPC', { agentId })
+    logger.info('Agent removed via CLI', { agentId })
  }

  async listAgents(): Promise<OpenClawAgentEntry[]> {
-    await this.ensureGatewayReady()
+    await this.assertGatewayReady()
    logger.debug('Listing OpenClaw agents')
-    // biome-ignore lint/style/noNonNullAssertion: ensureGatewayReady() guarantees a connected client
-    const agents = await this.gateway!.listAgents()
+    const agents = await this.runControlPlaneCall(() =>
+      this.adminClient.listAgents(),
+    )
    return Promise.all(
      agents.map(async (agent) => ({
        ...agent,
@@ -520,21 +526,26 @@ export class OpenClawService {
    )
  }

-  // ── Chat Stream (WS) ─────────────────────────────────────────────────
+  // ── Chat Stream (HTTP) ───────────────────────────────────────────────

  async chatStream(
    agentId: string,
    sessionKey: string,
    message: string,
  ): Promise<ReadableStream<OpenClawStreamEvent>> {
-    await this.ensureGatewayReady()
+    await this.assertGatewayReady()
    logger.info('Starting OpenClaw chat stream', {
      agentId,
      sessionKey,
      messageLength: message.length,
    })
-    // biome-ignore lint/style/noNonNullAssertion: ensureGatewayReady() guarantees a connected client
-    return this.gateway!.chatStream(agentId, sessionKey, message)
+    return this.runControlPlaneCall(() =>
+      this.chatClient.streamChat({
+        agentId,
+        sessionKey,
+        message,
+      }),
+    )
  }

  // ── Provider Keys ────────────────────────────────────────────────────
@@ -587,7 +598,7 @@ export class OpenClawService {
        }
      }

-      await this.connectGatewayResiliently()
+      await this.runControlPlaneCall(() => this.adminClient.probe())
      logger.info('OpenClaw gateway auto-started')
    } catch (err) {
      logger.warn('OpenClaw auto-start failed', {
@@ -596,260 +607,53 @@ export class OpenClawService {
    }
  }

-  private async connectGatewayResiliently(
-    onLog?: (msg: string) => void,
-  ): Promise<void> {
-    const logProgress = this.createProgressLogger(onLog)
-    const existingConnection =
-      !!this.gateway || this.controlPlaneStatus !== 'disconnected'
-    this.controlPlaneStatus = existingConnection ? 'reconnecting' : 'connecting'
-    this.lastGatewayError = null
-    this.lastRecoveryReason = null
+  // ── Internal ─────────────────────────────────────────────────────────

+  private async assertGatewayReady(): Promise<void> {
+    const portReady = await this.runtime.isReady(this.port)
+    logger.debug('Checking OpenClaw gateway readiness before use', {
+      port: this.port,
+      portReady,
+      controlPlaneStatus: this.controlPlaneStatus,
+    })
+    if (portReady) {
+      return
+    }
+
+    this.controlPlaneStatus = 'failed'
+    this.lastGatewayError = 'OpenClaw gateway is not ready'
+    this.lastRecoveryReason = 'container_not_ready'
+    throw new Error('OpenClaw gateway is not ready')
+  }
+
+  private async runControlPlaneCall<T>(fn: () => Promise<T>): Promise<T> {
    try {
-      logger.info('Connecting OpenClaw control plane', {
-        port: this.port,
-        status: this.controlPlaneStatus,
-      })
-      await this.connectGateway()
+      await this.ensureTokenLoaded()
+      const result = await fn()
      this.controlPlaneStatus = 'connected'
      this.lastGatewayError = null
      this.lastRecoveryReason = null
-      logger.info('OpenClaw gateway control plane connected', {
-        port: this.port,
-      })
-      return
+      return result
    } catch (error) {
-      const reason = this.classifyGatewayError(error)
      const message = error instanceof Error ? error.message : String(error)
+      const reason = this.classifyControlPlaneError(error)
+      this.controlPlaneStatus = 'failed'
      this.lastGatewayError = message
      this.lastRecoveryReason = reason
-      logger.warn('OpenClaw gateway connect failed', { reason, error: message })
-
-      if (!this.isRecoverableGatewayError(reason)) {
-        this.controlPlaneStatus = 'failed'
-        throw error
-      }
-
-      this.controlPlaneStatus = 'recovering'
-      logProgress(`Recovering gateway connection: ${reason}`)
-      await this.performGatewayRecovery(reason, logProgress)
-
-      try {
-        await this.connectGateway()
-        this.controlPlaneStatus = 'connected'
-        this.lastGatewayError = null
-        logger.info('OpenClaw gateway control plane recovered', {
-          reason,
-          port: this.port,
-        })
-      } catch (retryError) {
-        const retryMessage =
-          retryError instanceof Error ? retryError.message : String(retryError)
-        this.lastGatewayError = retryMessage
-        this.lastRecoveryReason = this.classifyGatewayError(retryError)
-        this.controlPlaneStatus = 'failed'
-        logger.error('OpenClaw gateway recovery failed', {
-          reason,
-          error: retryMessage,
-        })
-        throw retryError
-      }
+      throw error
    }
  }

-  // ── Internal ─────────────────────────────────────────────────────────
-
-  /**
-   * Approves the latest pending device pair request via the openclaw CLI
-   * running inside the container. This is needed because the gateway requires
-   * Ed25519 device identity and approval before granting operator scopes.
-   */
-  private async approvePendingDevice(
-    logProgress: (msg: string) => void,
-  ): Promise<void> {
-    logger.info('Approving pending OpenClaw device pairing')
-    // List pending devices to get the request ID
-    const output: string[] = []
-    const listCode = await this.runtime.execInContainer(
-      [
-        'node',
-        'dist/index.js',
-        'devices',
-        'list',
-        '--json',
-        '--token',
-        this.token,
-      ],
-      (line) => output.push(line),
-    )
-
-    if (listCode !== 0) {
-      throw new Error(`Failed to list pending devices (exit ${listCode})`)
-    }
-
-    const jsonStr = output.join('\n')
-    let data: {
-      pending?: Array<{ requestId: string; deviceId?: string }>
-    }
-    try {
-      data = JSON.parse(jsonStr)
-    } catch {
-      throw new Error(
-        `Failed to parse device list output: ${jsonStr.slice(0, 200)}`,
-      )
-    }
-
-    const pending = data.pending
-    if (!pending?.length) {
-      logger.warn('No pending device pair requests found')
-      throw new Error('No pending device pair requests to approve')
-    }
-
-    const clientDeviceId = await this.readClientDeviceId()
-    const pendingRequest =
-      pending.find((request) => request.deviceId === clientDeviceId) ??
-      pending[0]
-    const requestId = pendingRequest.requestId
-
-    if (clientDeviceId && pendingRequest.deviceId !== clientDeviceId) {
-      logger.warn('Pending device request did not match client identity', {
-        clientDeviceId,
-        approvedRequestId: requestId,
-      })
-    }
-
-    logProgress(`Approving device pair request ${requestId.slice(0, 8)}...`)
-
-    const code = await this.runtime.execInContainer([
-      'node',
-      'dist/index.js',
-      'devices',
-      'approve',
-      requestId,
-      '--token',
-      this.token,
-      '--json',
-    ])
-
-    if (code !== 0) {
-      logger.warn('Device approval command exited with code', { code })
-      throw new Error('Failed to approve client device pairing')
-    }
-
-    logProgress('Client device approved')
-  }
-
-  private async connectGateway(): Promise<void> {
-    this.disconnectGateway()
-    logger.info('Connecting OpenClaw gateway client', {
-      port: this.port,
-    })
-    const gateway = new GatewayClient(this.port, this.token, this.openclawDir)
-    await gateway.connect()
-    this.gateway = gateway
-  }
-
-  private disconnectGateway(): void {
-    if (this.gateway) {
-      this.gateway.disconnect()
-      this.gateway = null
-    }
-    this.controlPlaneStatus = 'disconnected'
-  }
-
-  private async ensureGatewayReady(): Promise<void> {
-    if (this.gateway?.isConnected) {
-      this.controlPlaneStatus = 'connected'
-      return
-    }
-
-    const portReady = await this.runtime.isReady(this.port)
-    logger.info('Checking OpenClaw gateway readiness before WS use', {
-      port: this.port,
-      portReady,
-      hasGatewayClient: !!this.gateway,
-      gatewayConnected: !!this.gateway?.isConnected,
-    })
-    if (!portReady) {
-      this.controlPlaneStatus = 'failed'
-      this.lastGatewayError = 'OpenClaw gateway is not ready'
-      this.lastRecoveryReason = 'container_not_ready'
-      throw new Error('OpenClaw gateway is not ready')
-    }
-
-    if (this.gatewayReconnectPromise) {
-      await this.gatewayReconnectPromise
-      return
-    }
-
-    this.gatewayReconnectPromise = this.connectGatewayResiliently()
-    try {
-      await this.gatewayReconnectPromise
-    } finally {
-      this.gatewayReconnectPromise = null
-    }
-  }
-
-  private classifyGatewayError(error: unknown): OpenClawGatewayRecoveryReason {
+  private classifyControlPlaneError(
+    error: unknown,
+  ): OpenClawGatewayRecoveryReason {
    const message = error instanceof Error ? error.message : String(error)
-    if (message.includes('signature expired')) return 'signature_expired'
-    if (message.includes('pairing required')) return 'pairing_required'
-    if (message.includes('Gateway WS not connected'))
-      return 'transient_disconnect'
+    if (message.includes('Unauthorized')) return 'token_mismatch'
    if (message.includes('token')) return 'token_mismatch'
    if (message.includes('not ready')) return 'container_not_ready'
    return 'unknown'
  }

-  private isRecoverableGatewayError(
-    reason: OpenClawGatewayRecoveryReason,
-  ): boolean {
-    return (
-      reason === 'transient_disconnect' ||
-      reason === 'signature_expired' ||
-      reason === 'pairing_required' ||
-      reason === 'token_mismatch'
-    )
-  }
-
-  private async performGatewayRecovery(
-    reason: OpenClawGatewayRecoveryReason,
-    logProgress: (msg: string) => void,
-  ): Promise<void> {
-    switch (reason) {
-      case 'signature_expired': {
-        logProgress('Restarting gateway to resync device signature clock...')
-        await this.runtime.composeRestart(logProgress)
-        const ready = await this.runtime.waitForReady(
-          this.port,
-          READY_TIMEOUT_MS,
-        )
-        if (!ready) {
-          throw new Error('Gateway not ready after clock resync restart')
-        }
-        return
-      }
-
-      case 'pairing_required':
-        logProgress('Approving pending device pairing...')
-        await this.approvePendingDevice(logProgress)
-        return
-
-      case 'token_mismatch':
-        logProgress('Reloading gateway auth token...')
-        await this.loadTokenFromEnv()
-        return
-
-      case 'transient_disconnect':
-        logProgress('Retrying gateway connection...')
-        return
-
-      default:
-        throw new Error(`Unrecoverable gateway error: ${reason}`)
-    }
-  }
-
  private async writeBootstrapConfig(
    config: Record<string, unknown>,
  ): Promise<void> {
@@ -884,7 +688,7 @@ export class OpenClawService {
    if (this.stopLogTail) return
    try {
      this.stopLogTail = this.runtime.tailGatewayLogs((line) => {
-        logger.debug(`[openclaw] ${line}`)
+        logger.debug(line)
      })
      logger.info('Streaming OpenClaw gateway logs into server log (dev mode)')
    } catch (err) {
@@ -911,6 +715,12 @@ export class OpenClawService {
    )
  }

+  private getContainerWorkspacePath(agentName: string): string {
+    return agentName === 'main'
+      ? `${OPENCLAW_CONTAINER_HOME}/workspace`
+      : `${OPENCLAW_CONTAINER_HOME}/workspace-${agentName}`
+  }
+
  private async writeRoleBootstrapFiles(
    agentName: string,
    role: ReturnType<typeof resolveRoleTemplate> | BrowserOSCustomRoleInput,
@@ -1013,6 +823,14 @@ export class OpenClawService {
    return addedNew || updatedExisting
  }

+  private async ensureTokenLoaded(): Promise<void> {
+    if (!existsSync(join(this.openclawDir, '.env'))) {
+      return
+    }
+
+    await this.loadTokenFromEnv()
+  }
+
  private async mergeProviderConfigIfChanged(input: {
    providerType?: string
    providerName?: string
@@ -1108,18 +926,6 @@ export class OpenClawService {
    }
  }

-  private async readClientDeviceId(): Promise<string | null> {
-    try {
-      const identityPath = join(this.openclawDir, 'client-identity.json')
-      const identity = JSON.parse(await readFile(identityPath, 'utf-8')) as {
-        deviceId?: string
-      }
-      return identity.deviceId ?? null
-    } catch {
-      return null
-    }
-  }
-
  private createProgressLogger(
    onLog?: (msg: string) => void,
  ): (msg: string) => void {
--- a/packages/browseros-agent/apps/server/src/api/services/openclaw/openclaw-types.ts
+++ b/packages/browseros-agent/apps/server/src/api/services/openclaw/openclaw-types.ts
@@ -0,0 +1,18 @@
+/**
+ * @license
+ * Copyright 2025 BrowserOS
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+export interface OpenClawStreamEvent {
+  type:
+    | 'text-delta'
+    | 'thinking'
+    | 'tool-start'
+    | 'tool-end'
+    | 'tool-output'
+    | 'lifecycle'
+    | 'done'
+    | 'error'
+  data: Record<string, unknown>
+}
--- a/packages/browseros-agent/apps/server/src/api/services/openclaw/podman-runtime.ts
+++ b/packages/browseros-agent/apps/server/src/api/services/openclaw/podman-runtime.ts
@@ -8,10 +8,33 @@
 * On Linux, machine operations are no-ops since Podman runs natively.
 */

+import { existsSync } from 'node:fs'
+import { join } from 'node:path'
+
 const isLinux = process.platform === 'linux'
+const PODMAN_BUNDLE_PATH = ['bin', 'third_party', 'podman'] as const

 export type LogFn = (msg: string) => void

+function getPodmanBinaryName(platform: NodeJS.Platform): string {
+  return platform === 'win32' ? 'podman.exe' : 'podman'
+}
+
+export function resolveBundledPodmanPath(
+  resourcesDir?: string,
+  platform: NodeJS.Platform = process.platform,
+): string | null {
+  if (!resourcesDir) return null
+
+  const bundledPath = join(
+    resourcesDir,
+    ...PODMAN_BUNDLE_PATH,
+    getPodmanBinaryName(platform),
+  )
+
+  return existsSync(bundledPath) ? bundledPath : null
+}
+
 export class PodmanRuntime {
  private podmanPath: string
  private machineReady = false
@@ -243,6 +266,19 @@ export class PodmanRuntime {

 let runtime: PodmanRuntime | null = null

+export function configurePodmanRuntime(config: {
+  resourcesDir?: string
+  podmanPath?: string
+}): PodmanRuntime {
+  const podmanPath =
+    config.podmanPath ??
+    resolveBundledPodmanPath(config.resourcesDir) ??
+    'podman'
+
+  runtime = new PodmanRuntime({ podmanPath })
+  return runtime
+}
+
 export function getPodmanRuntime(): PodmanRuntime {
  if (!runtime) runtime = new PodmanRuntime()
  return runtime
--- a/packages/browseros-agent/apps/server/src/lib/clients/llm/config.ts
+++ b/packages/browseros-agent/apps/server/src/lib/clients/llm/config.ts
@@ -11,6 +11,10 @@ import { INLINED_ENV } from '../../../env'
 import { logger } from '../../logger'
 import { fetchBrowserOSConfig, getLLMConfigFromProvider } from '../gateway'
 import { getOAuthTokenManager } from '../oauth'
+import {
+  resolveMockBrowserOSConfig,
+  shouldUseMockBrowserOSLLM,
+} from './mock-language-model'
 import type { ResolvedLLMConfig } from './types'

 export async function resolveLLMConfig(
@@ -49,6 +53,9 @@ export async function resolveLLMConfig(

  // BrowserOS gateway: fetch config from remote service
  if (config.provider === LLM_PROVIDERS.BROWSEROS) {
+    if (shouldUseMockBrowserOSLLM(config)) {
+      return resolveMockBrowserOSConfig(config, browserosId)
+    }
    return resolveBrowserOSConfig(config, browserosId)
  }

--- a/packages/browseros-agent/apps/server/src/lib/clients/llm/mock-language-model.ts
+++ b/packages/browseros-agent/apps/server/src/lib/clients/llm/mock-language-model.ts
@@ -0,0 +1,83 @@
+import type {
+  LanguageModelV3GenerateResult,
+  LanguageModelV3StreamPart,
+  LanguageModelV3Usage,
+} from '@ai-sdk/provider'
+import { LLM_PROVIDERS, type LLMConfig } from '@browseros/shared/schemas/llm'
+import { type LanguageModel, simulateReadableStream } from 'ai'
+import { MockLanguageModelV3 } from 'ai/test'
+import type { ResolvedLLMConfig } from './types'
+
+export const MOCK_BROWSEROS_MODEL_ID = 'browseros-test-mock'
+export const MOCK_BROWSEROS_RESPONSE_TEXT = 'Mock BrowserOS test response.'
+
+const MOCK_USAGE: LanguageModelV3Usage = {
+  inputTokens: {
+    total: 1,
+    noCache: 1,
+    cacheRead: undefined,
+    cacheWrite: undefined,
+  },
+  outputTokens: {
+    total: 4,
+    text: 4,
+    reasoning: undefined,
+  },
+}
+
+function createMockResult(): LanguageModelV3GenerateResult {
+  return {
+    content: [{ type: 'text', text: MOCK_BROWSEROS_RESPONSE_TEXT }],
+    finishReason: { unified: 'stop', raw: 'stop' },
+    usage: MOCK_USAGE,
+    warnings: [],
+  }
+}
+
+export function isMockBrowserOSLLMEnabled(): boolean {
+  return process.env.BROWSEROS_USE_MOCK_LLM === 'true'
+}
+
+export function shouldUseMockBrowserOSLLM(
+  config: Pick<LLMConfig, 'provider'>,
+): boolean {
+  return (
+    config.provider === LLM_PROVIDERS.BROWSEROS && isMockBrowserOSLLMEnabled()
+  )
+}
+
+export function resolveMockBrowserOSConfig(
+  config: LLMConfig,
+  browserosId?: string,
+): ResolvedLLMConfig {
+  return {
+    ...config,
+    model: config.model ?? MOCK_BROWSEROS_MODEL_ID,
+    browserosId,
+    upstreamProvider: LLM_PROVIDERS.OPENAI,
+  }
+}
+
+export function createMockBrowserOSLanguageModel(): LanguageModel {
+  const chunks: LanguageModelV3StreamPart[] = [
+    { type: 'text-start', id: 'text-1' },
+    {
+      type: 'text-delta',
+      id: 'text-1',
+      delta: MOCK_BROWSEROS_RESPONSE_TEXT,
+    },
+    { type: 'text-end', id: 'text-1' },
+    {
+      type: 'finish',
+      finishReason: { unified: 'stop', raw: 'stop' },
+      usage: MOCK_USAGE,
+    },
+  ]
+
+  return new MockLanguageModelV3({
+    doGenerate: async () => createMockResult(),
+    doStream: async () => ({
+      stream: simulateReadableStream({ chunks }),
+    }),
+  }) as LanguageModel
+}
--- a/packages/browseros-agent/apps/server/src/lib/clients/llm/provider.ts
+++ b/packages/browseros-agent/apps/server/src/lib/clients/llm/provider.ts
@@ -21,6 +21,10 @@ import { logger } from '../../logger'
 import { createOpenRouterCompatibleFetch } from '../../openrouter-fetch'
 import { createCodexFetch } from '../oauth/codex-fetch'
 import { createCopilotFetch } from '../oauth/copilot-fetch'
+import {
+  createMockBrowserOSLanguageModel,
+  shouldUseMockBrowserOSLLM,
+} from './mock-language-model'
 import type { ResolvedLLMConfig } from './types'

 type ProviderFactory = (config: ResolvedLLMConfig) => LanguageModel
@@ -195,6 +199,9 @@ const PROVIDER_FACTORIES: Record<string, ProviderFactory> = {
 }

 export function createLLMProvider(config: ResolvedLLMConfig): LanguageModel {
+  if (shouldUseMockBrowserOSLLM(config)) {
+    return createMockBrowserOSLanguageModel()
+  }
  const factory = PROVIDER_FACTORIES[config.provider]
  if (!factory) throw new Error(`Unknown provider: ${config.provider}`)
  return factory(config)
--- a/packages/browseros-agent/apps/server/src/main.ts
+++ b/packages/browseros-agent/apps/server/src/main.ts
@@ -14,6 +14,7 @@ import path from 'node:path'
 import { EXIT_CODES } from '@browseros/shared/constants/exit-codes'
 import { createHttpServer } from './api/server'
 import { getOpenClawService } from './api/services/openclaw/openclaw-service'
+import { configurePodmanRuntime } from './api/services/openclaw/podman-runtime'
 import { CdpBackend } from './browser/backends/cdp'
 import { Browser } from './browser/browser'
 import type { ServerConfig } from './config'
@@ -55,6 +56,9 @@ export class Application {
      resourcesDir: path.resolve(this.config.resourcesDir),
    })

+    configurePodmanRuntime({
+      resourcesDir: path.resolve(this.config.resourcesDir),
+    })
    await this.initCoreServices()

    if (!this.config.cdpPort) {
--- a/packages/browseros-agent/apps/server/src/tools/acl/acl-embeddings.ts
+++ b/packages/browseros-agent/apps/server/src/tools/acl/acl-embeddings.ts
@@ -5,19 +5,64 @@ interface SemanticScore {
  backend: string
 }

-type FeatureExtractionPipeline = (
-  texts: string[],
-  options: { pooling: string; normalize: boolean },
-) => Promise<{ tolist: () => number[][] }>
+interface EmbeddingOutput {
+  tolist: () => number[][]
+  dispose?: () => void
+}
+
+interface FeatureExtractionPipeline {
+  (
+    texts: string[],
+    options: { pooling: string; normalize: boolean },
+  ): Promise<EmbeddingOutput>
+  dispose?: () => Promise<void>
+}

 let pipelineInstance: FeatureExtractionPipeline | null = null
 const LOAD_RETRY_MS = 60_000
 let lastLoadFailedAt = 0
+let cleanupListener: (() => void) | null = null

 function getModelName(): string {
  return process.env.ACL_EMBEDDING_MODEL ?? 'Xenova/bge-small-en-v1.5'
 }

+function isSemanticDisabled(): boolean {
+  return process.env.ACL_EMBEDDING_DISABLE === 'true'
+}
+
+export async function disposeSemanticPipeline(): Promise<void> {
+  const current = pipelineInstance
+  pipelineInstance = null
+  if (cleanupListener) {
+    process.removeListener('beforeExit', cleanupListener)
+    cleanupListener = null
+  }
+  if (!current?.dispose) {
+    return
+  }
+
+  try {
+    await current.dispose()
+  } catch (error) {
+    logger.warn('ACL embedding model disposal failed', {
+      error: error instanceof Error ? error.message : String(error),
+    })
+  }
+}
+
+function registerPipelineCleanup(): void {
+  if (cleanupListener) {
+    return
+  }
+  cleanupListener = () => {
+    // beforeExit cannot await async cleanup, so explicit disposal is still
+    // required anywhere teardown must be deterministic.
+    void disposeSemanticPipeline()
+  }
+  process.once('beforeExit', cleanupListener)
+}
+
 async function ensurePipeline(): Promise<FeatureExtractionPipeline | null> {
  if (pipelineInstance) return pipelineInstance
  if (lastLoadFailedAt > 0 && Date.now() - lastLoadFailedAt < LOAD_RETRY_MS) {
@@ -30,6 +75,7 @@ async function ensurePipeline(): Promise<FeatureExtractionPipeline | null> {
      dtype: 'fp32',
    })
    pipelineInstance = extractor as unknown as FeatureExtractionPipeline
+    registerPipelineCleanup()
    lastLoadFailedAt = 0
    logger.info('ACL embedding model loaded', { model: getModelName() })
    return pipelineInstance
@@ -64,6 +110,7 @@ export async function computeSemanticSimilarity(
  right: string,
 ): Promise<SemanticScore> {
  if (!left || !right) return { score: 0, backend: 'none' }
+  if (isSemanticDisabled()) return { score: 0, backend: 'disabled' }

  const extractor = await ensurePipeline()
  if (!extractor) return { score: 0, backend: 'error' }
@@ -74,6 +121,7 @@ export async function computeSemanticSimilarity(
      normalize: true,
    })
    const embeddings = output.tolist()
+    output.dispose?.()
    const score = cosineSimilarity(embeddings[0], embeddings[1])
    return {
      score: Math.max(0, Math.min(score, 1)),
--- a/packages/browseros-agent/apps/server/tests/helpers/acl-fixture-runner.ts
+++ b/packages/browseros-agent/apps/server/tests/helpers/acl-fixture-runner.ts
@@ -0,0 +1,37 @@
+import { resolve } from 'node:path'
+
+async function main(): Promise<void> {
+  const fixtureName = process.argv[2]
+  if (!fixtureName) {
+    throw new Error('Fixture name is required')
+  }
+
+  process.env.LOG_LEVEL = 'silent'
+  delete process.env.ACL_EMBEDDING_DISABLE
+
+  const [{ scoreFixture }, { disposeSemanticPipeline }] = await Promise.all([
+    import('../../src/tools/acl/acl-scorer'),
+    import('../../src/tools/acl/acl-embeddings'),
+  ])
+
+  const fixturePath = resolve(
+    import.meta.dir,
+    `../__fixtures__/acl/${fixtureName}.json`,
+  )
+  const fixture = await Bun.file(fixturePath).json()
+  const decision = await scoreFixture(
+    fixture.tool_name,
+    fixture.page_url,
+    fixture.element,
+    fixture.rules,
+  )
+  await disposeSemanticPipeline()
+  process.stdout.write(JSON.stringify(decision))
+}
+
+main().catch((error) => {
+  console.error(
+    error instanceof Error ? (error.stack ?? error.message) : String(error),
+  )
+  process.exitCode = 1
+})
--- a/packages/browseros-agent/apps/server/tests/helpers/browser.ts
+++ b/packages/browseros-agent/apps/server/tests/helpers/browser.ts
@@ -6,9 +6,11 @@
 * Use setup.ts:ensureBrowserOS() for the full test environment.
 */
 import type { ChildProcess } from 'node:child_process'
-import { spawn } from 'node:child_process'
+import { spawn, spawnSync } from 'node:child_process'
 import { rmSync } from 'node:fs'

+const TEST_USER_DATA_PREFIX = 'browseros-test-'
+
 export interface BrowserConfig {
  cdpPort: number
  serverPort: number
@@ -58,6 +60,16 @@ export function getBrowserState(): BrowserState | null {
  return browserState
 }

+function killOrphanedTestBrowsers(): void {
+  // Matches only BrowserOS processes launched with a test user-data-dir
+  // (e.g., /var/folders/.../browseros-test-XXXX). Never matches a dev
+  // BrowserOS run from ~/Library/Application Support/BrowserOS.
+  const result = spawnSync('pkill', ['-9', '-f', TEST_USER_DATA_PREFIX])
+  if (result.status === 0) {
+    console.log('Killed orphaned test browsers from a previous run')
+  }
+}
+
 export async function spawnBrowser(
  config: BrowserConfig,
 ): Promise<BrowserState> {
@@ -73,6 +85,8 @@ export async function spawnBrowser(
    await killBrowser()
  }

+  killOrphanedTestBrowsers()
+
  console.log(`Starting BrowserOS on CDP port ${config.cdpPort}...`)
  const browserProcess = spawn(
    config.binaryPath,
--- a/packages/browseros-agent/apps/server/tests/helpers/cleanup.sh
+++ b/packages/browseros-agent/apps/server/tests/helpers/cleanup.sh
@@ -20,6 +20,14 @@ for port in $CDP_PORT $SERVER_PORT $EXTENSION_PORT; do
  fi
 done

+# Kill orphaned test browser processes (matches only BrowserOS launched with
+# a test user-data-dir — never the user's dev BrowserOS)
+orphan_pids=$(pgrep -f 'browseros-test-' 2>/dev/null || true)
+if [ -n "$orphan_pids" ]; then
+  echo "  Killing orphaned test browser processes: $(echo "$orphan_pids" | tr '\n' ' ')"
+  echo "$orphan_pids" | xargs kill -9 2>/dev/null || true
+fi
+
 # Clean up orphaned temp directories (created by browser.ts)
 # Uses $TMPDIR which matches Node's os.tmpdir()
 TEMP_DIR="${TMPDIR:-/tmp}"
--- a/packages/browseros-agent/apps/server/tests/helpers/server.ts
+++ b/packages/browseros-agent/apps/server/tests/helpers/server.ts
@@ -79,7 +79,11 @@ export async function spawnServer(config: ServerConfig): Promise<ServerState> {
    ],
    {
      stdio: ['ignore', 'pipe', 'pipe'],
-      env: { ...globalThis.process.env, NODE_ENV: 'test' },
+      env: {
+        ...globalThis.process.env,
+        NODE_ENV: 'test',
+        BROWSEROS_USE_MOCK_LLM: 'true',
+      },
    },
  )

--- a/packages/browseros-agent/apps/server/tests/api/routes/openclaw.test.ts
+++ b/packages/browseros-agent/apps/server/tests/api/routes/openclaw.test.ts
@@ -0,0 +1,66 @@
+/**
+ * @license
+ * Copyright 2025 BrowserOS
+ */
+
+import { afterEach, describe, expect, it, mock } from 'bun:test'
+
+describe('createOpenClawRoutes', () => {
+  afterEach(() => {
+    mock.restore()
+  })
+
+  it('preserves BrowserOS SSE framing and session headers for chat', async () => {
+    const actualOpenClawService = await import(
+      '../../../src/api/services/openclaw/openclaw-service'
+    )
+    const chatStream = mock(
+      async () =>
+        new ReadableStream({
+          start(controller) {
+            controller.enqueue({
+              type: 'text-delta',
+              data: { text: 'Hello' },
+            })
+            controller.enqueue({
+              type: 'done',
+              data: { text: 'Hello' },
+            })
+            controller.close()
+          },
+        }),
+    )
+
+    mock.module('../../../src/api/services/openclaw/openclaw-service', () => ({
+      ...actualOpenClawService,
+      getOpenClawService: () =>
+        ({
+          chatStream,
+        }) as never,
+    }))
+
+    const { createOpenClawRoutes } = await import(
+      '../../../src/api/routes/openclaw'
+    )
+    const route = createOpenClawRoutes()
+
+    const response = await route.request('/agents/research/chat', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        message: 'hi',
+        sessionKey: 'session-123',
+      }),
+    })
+
+    expect(response.status).toBe(200)
+    expect(response.headers.get('Content-Type')).toContain('text/event-stream')
+    expect(response.headers.get('X-Session-Key')).toBe('session-123')
+    expect(chatStream).toHaveBeenCalledWith('research', 'session-123', 'hi')
+    expect(await response.text()).toBe(
+      'data: {"type":"text-delta","data":{"text":"Hello"}}\n\n' +
+        'data: {"type":"done","data":{"text":"Hello"}}\n\n' +
+        'data: [DONE]\n\n',
+    )
+  })
+})
--- a/packages/browseros-agent/apps/server/tests/api/services/openclaw/openclaw-admin-client.test.ts
+++ b/packages/browseros-agent/apps/server/tests/api/services/openclaw/openclaw-admin-client.test.ts
@@ -0,0 +1,127 @@
+/**
+ * @license
+ * Copyright 2025 BrowserOS
+ */
+
+import { describe, expect, it, mock } from 'bun:test'
+import { OPENCLAW_CONTAINER_HOME } from '@browseros/shared/constants/openclaw'
+import { OpenClawAdminClient } from '../../../../src/api/services/openclaw/openclaw-admin-client'
+
+describe('OpenClawAdminClient', () => {
+  it('lists agents from JSON CLI output', async () => {
+    const execInContainer = mock(
+      async (_command: string[], onLog?: (line: string) => void) => {
+        onLog?.(
+          JSON.stringify([
+            {
+              id: 'main',
+              workspace: `${OPENCLAW_CONTAINER_HOME}/workspace`,
+              model: 'openrouter/anthropic/claude-haiku-4-5',
+            },
+          ]),
+        )
+        return 0
+      },
+    )
+    const client = new OpenClawAdminClient(
+      { execInContainer },
+      async () => 'gateway-token',
+    )
+
+    const agents = await client.listAgents()
+
+    expect(execInContainer).toHaveBeenCalledTimes(1)
+    expect(execInContainer.mock.calls[0]?.[0]).toEqual([
+      'node',
+      'dist/index.js',
+      'agents',
+      'list',
+      '--json',
+      '--token',
+      'gateway-token',
+    ])
+    expect(agents).toEqual([
+      {
+        agentId: 'main',
+        name: 'main',
+        workspace: `${OPENCLAW_CONTAINER_HOME}/workspace`,
+        model: 'openrouter/anthropic/claude-haiku-4-5',
+      },
+    ])
+  })
+
+  it('creates an agent non-interactively and reads it back from the agent list', async () => {
+    let callIndex = 0
+    const execInContainer = mock(
+      async (command: string[], onLog?: (line: string) => void) => {
+        callIndex += 1
+        if (callIndex === 1) {
+          expect(command).toEqual([
+            'node',
+            'dist/index.js',
+            'agents',
+            'add',
+            'research',
+            '--workspace',
+            `${OPENCLAW_CONTAINER_HOME}/workspace-research`,
+            '--model',
+            'openai/gpt-5.4-mini',
+            '--non-interactive',
+            '--json',
+            '--token',
+            'gateway-token',
+          ])
+          return 0
+        }
+
+        onLog?.(
+          JSON.stringify([
+            {
+              id: 'main',
+              workspace: `${OPENCLAW_CONTAINER_HOME}/workspace`,
+            },
+            {
+              id: 'research',
+              workspace: `${OPENCLAW_CONTAINER_HOME}/workspace-research`,
+              model: 'openai/gpt-5.4-mini',
+            },
+          ]),
+        )
+        return 0
+      },
+    )
+    const client = new OpenClawAdminClient(
+      { execInContainer },
+      async () => 'gateway-token',
+    )
+
+    const agent = await client.createAgent({
+      name: 'research',
+      workspace: `${OPENCLAW_CONTAINER_HOME}/workspace-research`,
+      model: 'openai/gpt-5.4-mini',
+    })
+
+    expect(execInContainer).toHaveBeenCalledTimes(2)
+    expect(agent).toEqual({
+      agentId: 'research',
+      name: 'research',
+      workspace: `${OPENCLAW_CONTAINER_HOME}/workspace-research`,
+      model: 'openai/gpt-5.4-mini',
+    })
+  })
+
+  it('includes CLI stderr or stdout in thrown errors', async () => {
+    const execInContainer = mock(
+      async (_command: string[], onLog?: (line: string) => void) => {
+        onLog?.('agent already exists')
+        return 1
+      },
+    )
+    const client = new OpenClawAdminClient(
+      { execInContainer },
+      async () => 'gateway-token',
+    )
+
+    await expect(client.listAgents()).rejects.toThrow('agent already exists')
+  })
+})
--- a/packages/browseros-agent/apps/server/tests/api/services/openclaw/openclaw-http-chat-client.test.ts
+++ b/packages/browseros-agent/apps/server/tests/api/services/openclaw/openclaw-http-chat-client.test.ts
@@ -0,0 +1,196 @@
+/**
+ * @license
+ * Copyright 2025 BrowserOS
+ */
+
+import { afterEach, describe, expect, it, mock } from 'bun:test'
+import { OpenClawHttpChatClient } from '../../../../src/api/services/openclaw/openclaw-http-chat-client'
+
+describe('OpenClawHttpChatClient', () => {
+  const originalFetch = globalThis.fetch
+
+  afterEach(() => {
+    globalThis.fetch = originalFetch
+  })
+
+  it('maps chat completion deltas into BrowserOS stream events', async () => {
+    const fetchMock = mock((_url: string | URL, _init?: RequestInit) =>
+      Promise.resolve(
+        new Response(
+          new ReadableStream({
+            start(controller) {
+              const encoder = new TextEncoder()
+              controller.enqueue(
+                encoder.encode(
+                  'data: {"choices":[{"delta":{"content":"Hello"}}]}\n\n',
+                ),
+              )
+              controller.enqueue(
+                encoder.encode(
+                  'data: {"choices":[{"delta":{"content":" world"}}]}\n\n',
+                ),
+              )
+              controller.enqueue(
+                encoder.encode(
+                  'data: {"choices":[{"delta":{},"finish_reason":"stop"}]}\n\n',
+                ),
+              )
+              controller.enqueue(encoder.encode('data: [DONE]\n\n'))
+              controller.close()
+            },
+          }),
+          {
+            status: 200,
+            headers: { 'Content-Type': 'text/event-stream' },
+          },
+        ),
+      ),
+    )
+    globalThis.fetch = fetchMock as typeof globalThis.fetch
+    const client = new OpenClawHttpChatClient(
+      18789,
+      async () => 'gateway-token',
+    )
+
+    const stream = await client.streamChat({
+      agentId: 'research',
+      sessionKey: 'session-123',
+      message: 'hi',
+    })
+
+    const events = await readEvents(stream)
+    const call = fetchMock.mock.calls[0]
+
+    expect(call?.[0]).toBe('http://127.0.0.1:18789/v1/chat/completions')
+    expect(call?.[1]).toMatchObject({
+      method: 'POST',
+      headers: {
+        Authorization: 'Bearer gateway-token',
+        'Content-Type': 'application/json',
+      },
+    })
+    expect(JSON.parse(String(call?.[1]?.body))).toEqual({
+      model: 'openclaw/research',
+      stream: true,
+      messages: [{ role: 'user', content: 'hi' }],
+      user: 'browseros:research:session-123',
+    })
+    expect(events).toEqual([
+      { type: 'text-delta', data: { text: 'Hello' } },
+      { type: 'text-delta', data: { text: ' world' } },
+      { type: 'done', data: { text: 'Hello world' } },
+    ])
+  })
+
+  it('uses openclaw/default for the main agent', async () => {
+    const fetchMock = mock(() =>
+      Promise.resolve(
+        new Response(
+          new ReadableStream({
+            start(controller) {
+              controller.close()
+            },
+          }),
+          {
+            status: 200,
+            headers: { 'Content-Type': 'text/event-stream' },
+          },
+        ),
+      ),
+    )
+    globalThis.fetch = fetchMock as typeof globalThis.fetch
+    const client = new OpenClawHttpChatClient(
+      18789,
+      async () => 'gateway-token',
+    )
+
+    await client.streamChat({
+      agentId: 'main',
+      sessionKey: 'session-123',
+      message: 'hi',
+    })
+
+    const body = JSON.parse(String(fetchMock.mock.calls[0]?.[1]?.body)) as {
+      model: string
+    }
+    expect(body.model).toBe('openclaw/default')
+  })
+
+  it('throws on non-success HTTP responses', async () => {
+    globalThis.fetch = mock(() =>
+      Promise.resolve(new Response('Unauthorized', { status: 401 })),
+    ) as typeof globalThis.fetch
+    const client = new OpenClawHttpChatClient(
+      18789,
+      async () => 'gateway-token',
+    )
+
+    await expect(
+      client.streamChat({
+        agentId: 'research',
+        sessionKey: 'session-123',
+        message: 'hi',
+      }),
+    ).rejects.toThrow('Unauthorized')
+  })
+
+  it('stops processing batched SSE events after a malformed chunk closes the stream', async () => {
+    const fetchMock = mock(() =>
+      Promise.resolve(
+        new Response(
+          new ReadableStream({
+            start(controller) {
+              const encoder = new TextEncoder()
+              controller.enqueue(
+                encoder.encode(
+                  'data: {"choices":[{"delta":{"content":"Hello"}}]}\n\n' +
+                    'data: not-json\n\n' +
+                    'data: {"choices":[{"delta":{"content":" world"}}]}\n\n',
+                ),
+              )
+              controller.close()
+            },
+          }),
+          {
+            status: 200,
+            headers: { 'Content-Type': 'text/event-stream' },
+          },
+        ),
+      ),
+    )
+    globalThis.fetch = fetchMock as typeof globalThis.fetch
+    const client = new OpenClawHttpChatClient(
+      18789,
+      async () => 'gateway-token',
+    )
+
+    const stream = await client.streamChat({
+      agentId: 'research',
+      sessionKey: 'session-123',
+      message: 'hi',
+    })
+
+    await expect(readEvents(stream)).resolves.toEqual([
+      { type: 'text-delta', data: { text: 'Hello' } },
+      {
+        type: 'error',
+        data: { message: 'Failed to parse OpenClaw chat stream chunk' },
+      },
+    ])
+  })
+})
+
+async function readEvents(
+  stream: ReadableStream<{ type: string; data: Record<string, unknown> }>,
+): Promise<Array<{ type: string; data: Record<string, unknown> }>> {
+  const reader = stream.getReader()
+  const events: Array<{ type: string; data: Record<string, unknown> }> = []
+
+  while (true) {
+    const { done, value } = await reader.read()
+    if (done) break
+    events.push(value)
+  }
+
+  return events
+}
--- a/packages/browseros-agent/apps/server/tests/api/services/openclaw/openclaw-service.test.ts
+++ b/packages/browseros-agent/apps/server/tests/api/services/openclaw/openclaw-service.test.ts
@@ -0,0 +1,188 @@
+/**
+ * @license
+ * Copyright 2025 BrowserOS
+ */
+
+import { afterEach, describe, expect, it, mock } from 'bun:test'
+import { mkdtemp, readFile, rm, writeFile } from 'node:fs/promises'
+import { tmpdir } from 'node:os'
+import { join } from 'node:path'
+import { OPENCLAW_CONTAINER_HOME } from '@browseros/shared/constants/openclaw'
+import { OpenClawService } from '../../../../src/api/services/openclaw/openclaw-service'
+
+type MutableOpenClawService = OpenClawService & {
+  openclawDir: string
+  token: string
+  runtime: {
+    ensureReady?: () => Promise<void>
+    isPodmanAvailable?: () => Promise<boolean>
+    getMachineStatus?: () => Promise<{ initialized: boolean; running: boolean }>
+    isReady: () => Promise<boolean>
+    copyComposeFile?: (_source: string) => Promise<void>
+    writeEnvFile?: (_content: string) => Promise<void>
+    composePull?: () => Promise<void>
+    composeUp?: () => Promise<void>
+    waitForReady?: () => Promise<boolean>
+  }
+  adminClient: {
+    probe?: ReturnType<typeof mock>
+    createAgent?: ReturnType<typeof mock>
+    listAgents?: ReturnType<typeof mock>
+  }
+}
+
+describe('OpenClawService', () => {
+  let tempDir: string | null = null
+
+  afterEach(async () => {
+    mock.restore()
+    if (tempDir) {
+      await rm(tempDir, { recursive: true, force: true })
+      tempDir = null
+    }
+  })
+
+  it('creates agents through the admin client and writes role bootstrap files', async () => {
+    tempDir = await mkdtemp(join(tmpdir(), 'openclaw-service-'))
+    const createAgent = mock(async () => ({
+      agentId: 'ops',
+      name: 'ops',
+      workspace: `${OPENCLAW_CONTAINER_HOME}/workspace-ops`,
+      model: 'openclaw/default',
+    }))
+    const service = new OpenClawService() as MutableOpenClawService
+
+    service.openclawDir = tempDir
+    service.runtime = {
+      isReady: async () => true,
+    }
+    service.adminClient = {
+      createAgent,
+    }
+
+    const agent = await service.createAgent({
+      name: 'ops',
+      roleId: 'chief-of-staff',
+    })
+
+    expect(createAgent).toHaveBeenCalledWith({
+      name: 'ops',
+      workspace: `${OPENCLAW_CONTAINER_HOME}/workspace-ops`,
+      model: undefined,
+    })
+    expect(agent.role).toEqual({
+      roleSource: 'builtin',
+      roleId: 'chief-of-staff',
+      roleName: 'Chief of Staff',
+      shortDescription:
+        'Executive coordination, follow-ups, scheduling, and briefing support.',
+    })
+
+    const roleMetadata = JSON.parse(
+      await readFile(
+        join(tempDir, 'workspace-ops', '.browseros-role.json'),
+        'utf-8',
+      ),
+    ) as {
+      roleId: string
+      agentName: string
+    }
+    expect(roleMetadata).toMatchObject({
+      roleId: 'chief-of-staff',
+      agentName: 'ops',
+    })
+  })
+
+  it('maps successful admin probes into connected status', async () => {
+    const service = new OpenClawService() as MutableOpenClawService
+
+    service.runtime = {
+      isPodmanAvailable: async () => true,
+      getMachineStatus: async () => ({ initialized: true, running: true }),
+      isReady: async () => true,
+    }
+    service.adminClient = {
+      listAgents: mock(async () => [
+        {
+          agentId: 'main',
+          name: 'main',
+          workspace: `${OPENCLAW_CONTAINER_HOME}/workspace`,
+        },
+        {
+          agentId: 'ops',
+          name: 'ops',
+          workspace: `${OPENCLAW_CONTAINER_HOME}/workspace-ops`,
+        },
+      ]),
+    }
+
+    const status = await service.getStatus()
+
+    expect(status).toEqual({
+      status: 'running',
+      podmanAvailable: true,
+      machineReady: true,
+      port: 18789,
+      agentCount: 2,
+      error: null,
+      controlPlaneStatus: 'connected',
+      lastGatewayError: null,
+      lastRecoveryReason: null,
+    })
+  })
+
+  it('creates the main agent during setup when the gateway starts without one', async () => {
+    tempDir = await mkdtemp(join(tmpdir(), 'openclaw-service-'))
+    const createAgent = mock(async () => ({
+      agentId: 'main',
+      name: 'main',
+      workspace: `${OPENCLAW_CONTAINER_HOME}/workspace`,
+    }))
+    const service = new OpenClawService() as MutableOpenClawService
+
+    service.openclawDir = tempDir
+    service.runtime = {
+      isPodmanAvailable: async () => true,
+      ensureReady: async () => {},
+      isReady: async () => true,
+      copyComposeFile: async () => {},
+      writeEnvFile: async () => {},
+      composePull: async () => {},
+      composeUp: async () => {},
+      waitForReady: async () => true,
+    }
+    service.adminClient = {
+      probe: mock(async () => {}),
+      listAgents: mock(async () => []),
+      createAgent,
+    }
+
+    await service.setup({})
+
+    expect(createAgent).toHaveBeenCalledWith({
+      name: 'main',
+      workspace: `${OPENCLAW_CONTAINER_HOME}/workspace`,
+      model: undefined,
+    })
+  })
+
+  it('loads the persisted gateway token before control plane calls', async () => {
+    tempDir = await mkdtemp(join(tmpdir(), 'openclaw-service-'))
+    await writeFile(join(tempDir, '.env'), 'OPENCLAW_GATEWAY_TOKEN=env-token\n')
+    const service = new OpenClawService() as MutableOpenClawService
+
+    service.openclawDir = tempDir
+    service.token = 'random-token'
+    service.runtime = {
+      isReady: async () => true,
+    }
+    service.adminClient = {
+      listAgents: mock(async () => {
+        expect(service.token).toBe('env-token')
+        return []
+      }),
+    }
+
+    await service.listAgents()
+  })
+})
--- a/packages/browseros-agent/apps/server/tests/api/services/openclaw/podman-runtime.test.ts
+++ b/packages/browseros-agent/apps/server/tests/api/services/openclaw/podman-runtime.test.ts
@@ -0,0 +1,83 @@
+/**
+ * @license
+ * Copyright 2025 BrowserOS
+ */
+
+import { afterEach, beforeEach, describe, expect, it } from 'bun:test'
+import fs from 'node:fs'
+import os from 'node:os'
+import path from 'node:path'
+
+import {
+  configurePodmanRuntime,
+  getPodmanRuntime,
+  resolveBundledPodmanPath,
+} from '../../../../src/api/services/openclaw/podman-runtime'
+
+describe('podman runtime', () => {
+  let tempDir: string
+
+  beforeEach(() => {
+    tempDir = fs.mkdtempSync(path.join(os.tmpdir(), 'browseros-podman-test-'))
+  })
+
+  afterEach(() => {
+    fs.rmSync(tempDir, { recursive: true, force: true })
+    configurePodmanRuntime({ podmanPath: 'podman' })
+  })
+
+  it('returns the bundled podman path when the executable exists', () => {
+    const bundledPath = path.join(
+      tempDir,
+      'bin',
+      'third_party',
+      'podman',
+      'podman',
+    )
+    fs.mkdirSync(path.dirname(bundledPath), { recursive: true })
+    fs.writeFileSync(bundledPath, 'podman')
+
+    expect(resolveBundledPodmanPath(tempDir, 'darwin')).toBe(bundledPath)
+  })
+
+  it('uses the windows executable name for bundled podman', () => {
+    const bundledPath = path.join(
+      tempDir,
+      'bin',
+      'third_party',
+      'podman',
+      'podman.exe',
+    )
+    fs.mkdirSync(path.dirname(bundledPath), { recursive: true })
+    fs.writeFileSync(bundledPath, 'podman')
+
+    expect(resolveBundledPodmanPath(tempDir, 'win32')).toBe(bundledPath)
+  })
+
+  it('returns null when no bundled podman executable exists', () => {
+    expect(resolveBundledPodmanPath(tempDir, 'darwin')).toBeNull()
+  })
+
+  it('configures the runtime to prefer the bundled podman path', () => {
+    const bundledPath = path.join(
+      tempDir,
+      'bin',
+      'third_party',
+      'podman',
+      'podman',
+    )
+    fs.mkdirSync(path.dirname(bundledPath), { recursive: true })
+    fs.writeFileSync(bundledPath, 'podman')
+
+    const runtime = configurePodmanRuntime({ resourcesDir: tempDir })
+
+    expect(runtime.getPodmanPath()).toBe(bundledPath)
+    expect(getPodmanRuntime().getPodmanPath()).toBe(bundledPath)
+  })
+
+  it('falls back to PATH podman when no bundled executable is present', () => {
+    const runtime = configurePodmanRuntime({ resourcesDir: tempDir })
+
+    expect(runtime.getPodmanPath()).toBe('podman')
+  })
+})
--- a/packages/browseros-agent/apps/server/tests/sdk/agent-sdk.test.ts
+++ b/packages/browseros-agent/apps/server/tests/sdk/agent-sdk.test.ts
@@ -257,24 +257,5 @@ describe('Agent SDK Integration', () => {

      assert.ok(result.data, 'Should return extracted data')
    }, 60000)
-
-    it('passes windowId through verify()', async () => {
-      const testWindowId = runtimeWindowId
-      const agent = createAgent({ windowId: testWindowId })
-
-      const plainAgent = createAgent()
-      await plainAgent.nav('data:text/html,<h1>Verify Test</h1>')
-
-      const result = await agent.verify('the page has some content')
-
-      console.log('\n=== verify() with windowId ===')
-      console.log('windowId:', testWindowId)
-      console.log('result:', JSON.stringify(result, null, 2))
-
-      assert.ok(
-        typeof result.success === 'boolean',
-        'Should return success boolean',
-      )
-    }, 60000)
  })
 })
--- a/packages/browseros-agent/apps/server/tests/server.integration.test.ts
+++ b/packages/browseros-agent/apps/server/tests/server.integration.test.ts
@@ -12,6 +12,7 @@ import { URL } from 'node:url'
 import { Client } from '@modelcontextprotocol/sdk/client/index.js'
 import { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js'

+import { MOCK_BROWSEROS_RESPONSE_TEXT } from '../src/lib/clients/llm/mock-language-model'
 import {
  cleanupBrowserOS,
  ensureBrowserOS,
@@ -155,7 +156,7 @@ describe('HTTP Server Integration Tests', () => {

  describe('Chat endpoint', () => {
    it(
-      'streams a chat response with BrowserOS provider',
+      'streams a mocked chat response for BrowserOS provider requests in test mode',
      async () => {
        const conversationId = crypto.randomUUID()

@@ -206,6 +207,10 @@ describe('HTTP Server Integration Tests', () => {
          fullResponse.includes('data:'),
          'Should contain SSE data events',
        )
+        assert.ok(
+          fullResponse.includes(MOCK_BROWSEROS_RESPONSE_TEXT),
+          'Should include the mocked BrowserOS chat response',
+        )

        const deleteResponse = await fetch(
          `${getBaseUrl()}/chat/${conversationId}`,
--- a/packages/browseros-agent/apps/server/tests/tools/acl-scorer.test.ts
+++ b/packages/browseros-agent/apps/server/tests/tools/acl-scorer.test.ts
@@ -1,13 +1,16 @@
 import { describe, it, setDefaultTimeout } from 'bun:test'
-
-setDefaultTimeout(30_000)
-
 import assert from 'node:assert'
+import { spawnSync } from 'node:child_process'
 import { resolve } from 'node:path'
 import type { AclRule, ElementProperties } from '@browseros/shared/types/acl'
 import { editDistanceRatio } from '../../src/tools/acl/acl-edit-distance'
 import { scoreFixture } from '../../src/tools/acl/acl-scorer'

+const TEST_TIMEOUT_MS = 30_000
+
+setDefaultTimeout(TEST_TIMEOUT_MS)
+process.env.ACL_EMBEDDING_DISABLE = 'true'
+
 // --- Edit distance tests ---

 describe('editDistanceRatio', () => {
@@ -191,19 +194,38 @@ describe('scoreFixture', () => {

 // --- Fixture tests ---

-async function loadFixture(name: string) {
-  const path = resolve(import.meta.dir, `../__fixtures__/acl/${name}.json`)
-  return Bun.file(path).json()
-}
+function runSemanticFixture(name: string) {
+  const runnerPath = resolve(
+    import.meta.dir,
+    '../__helpers__/acl-fixture-runner.ts',
+  )
+  const result = spawnSync(
+    'bun',
+    ['--env-file=.env.development', runnerPath, name],
+    {
+      cwd: process.cwd(),
+      encoding: 'utf8',
+      timeout: TEST_TIMEOUT_MS,
+      env: {
+        ...process.env,
+        ACL_EMBEDDING_DISABLE: 'false',
+        LOG_LEVEL: 'silent',
+      },
+    },
+  )
+  const failureMessage =
+    result.error?.message ||
+    result.stderr ||
+    result.stdout ||
+    'semantic fixture subprocess failed'

-async function runFixture(name: string) {
-  const f = await loadFixture(name)
-  return scoreFixture(f.tool_name, f.page_url, f.element, f.rules)
+  assert.strictEqual(result.status, 0, failureMessage)
+  return JSON.parse(result.stdout)
 }

 describe('fixture: submit-button (exact match)', () => {
  it('blocks checkout submit button', async () => {
-    const decision = await runFixture('submit-button')
+    const decision = runSemanticFixture('submit-button')

    assert.strictEqual(decision.blocked, true)
    assert.strictEqual(decision.matchedRuleId, 'checkout-submit')
@@ -215,7 +237,7 @@ describe('fixture: submit-button (exact match)', () => {
  })

  it('uses the embedding model for scoring', async () => {
-    const decision = await runFixture('submit-button')
+    const decision = runSemanticFixture('submit-button')
    const top = decision.candidates[0]

    assert.ok(
@@ -228,7 +250,7 @@ describe('fixture: submit-button (exact match)', () => {

 describe('fixture: semantic-payment (semantic match)', () => {
  it('blocks "Proceed to Checkout" against payment prevention rule', async () => {
-    const decision = await runFixture('semantic-payment')
+    const decision = runSemanticFixture('semantic-payment')

    assert.strictEqual(decision.blocked, true)
    assert.strictEqual(decision.matchedRuleId, 'block-payments')
@@ -239,7 +261,7 @@ describe('fixture: semantic-payment (semantic match)', () => {
  })

  it('has a meaningful semantic score', async () => {
-    const decision = await runFixture('semantic-payment')
+    const decision = runSemanticFixture('semantic-payment')
    const top = decision.candidates[0]

    if (top.semanticBackend === 'transformers.js') {
@@ -253,7 +275,7 @@ describe('fixture: semantic-payment (semantic match)', () => {

 describe('fixture: semantic-delete (semantic match)', () => {
  it('blocks "Remove my account permanently" against deletion rule', async () => {
-    const decision = await runFixture('semantic-delete')
+    const decision = runSemanticFixture('semantic-delete')

    assert.strictEqual(decision.blocked, true)
    assert.strictEqual(decision.matchedRuleId, 'block-delete')
@@ -266,7 +288,7 @@ describe('fixture: semantic-delete (semantic match)', () => {

 describe('fixture: semantic-send-email (semantic match)', () => {
  it('blocks send button on mail compose page', async () => {
-    const decision = await runFixture('semantic-send-email')
+    const decision = runSemanticFixture('semantic-send-email')

    assert.strictEqual(decision.blocked, true)
    assert.strictEqual(decision.matchedRuleId, 'block-outbound-email')
@@ -279,7 +301,7 @@ describe('fixture: semantic-send-email (semantic match)', () => {

 describe('fixture: semantic-safe (no false positive)', () => {
  it('allows "View Report" against payment and deletion rules', async () => {
-    const decision = await runFixture('semantic-safe')
+    const decision = runSemanticFixture('semantic-safe')

    assert.strictEqual(decision.blocked, false)
    assert.ok(
--- a/packages/browseros-agent/bun.lock
+++ b/packages/browseros-agent/bun.lock
@@ -156,7 +156,7 @@
    },
    "apps/server": {
      "name": "@browseros/server",
-      "version": "0.0.83",
+      "version": "0.0.87",
      "bin": {
        "browseros-server": "./src/index.ts",
      },
--- a/packages/browseros-agent/package.json
+++ b/packages/browseros-agent/package.json
@@ -27,10 +27,10 @@
    "build:agent": "bun run codegen:agent && bun run --filter @browseros/agent build",
    "build:agent-sdk": "bun run --filter @browseros-ai/agent-sdk build",
    "codegen:agent": "bun run --filter @browseros/agent codegen",
-    "test": "FORCE_COLOR=1 bun run --filter @browseros/server --elide-lines=0 test:tools",
+    "test": "bun run test:tools && bun run test:integration",
    "test:tools": "bun run --filter @browseros/server test:tools",
    "test:integration": "bun run --filter @browseros/server test:integration",
-    "test:sdk": "bun run --filter @browseros/server test:sdk",
+    "test:sdk": "echo 'SDK tests disabled: test environment does not provide the extract/verify LLM service'",
    "typecheck": "bun run --filter '*' typecheck",
    "lint": "bunx biome check",
    "lint:fix": "bunx biome check --write --unsafe",
--- a/packages/browseros-agent/packages/agent-sdk/src/agent.ts
+++ b/packages/browseros-agent/packages/agent-sdk/src/agent.ts
@@ -45,9 +45,9 @@ export class Agent implements AsyncDisposable, AgentContext {
  readonly baseUrl: string
  readonly llmConfig?: LLMConfig
  readonly signal?: AbortSignal
-  readonly browserContext?: BrowserContext
  readonly stateful: boolean

+  private _browserContext?: BrowserContext
  private progressCallback?: (event: UIMessageStreamEvent) => void
  private _sessionId: string | null = null
  private _disposed = false
@@ -57,7 +57,7 @@ export class Agent implements AsyncDisposable, AgentContext {
    this.llmConfig = options.llm
    this.progressCallback = options.onProgress
    this.signal = options.signal
-    this.browserContext = options.browserContext
+    this._browserContext = options.browserContext
    this.stateful = options.stateful ?? true

    if (this.stateful) {
@@ -65,6 +65,10 @@ export class Agent implements AsyncDisposable, AgentContext {
    }
  }

+  get browserContext(): BrowserContext | undefined {
+    return this._browserContext
+  }
+
  get sessionId(): string | null {
    return this._sessionId
  }
@@ -102,6 +106,21 @@ export class Agent implements AsyncDisposable, AgentContext {
    this.progressCallback?.(event)
  }

+  updateNavigationContext(
+    result: { tabId: number; windowId?: number },
+    url: string,
+  ): void {
+    const nextWindowId = result.windowId ?? this._browserContext?.windowId
+    this._browserContext = {
+      ...this._browserContext,
+      ...(nextWindowId !== undefined ? { windowId: nextWindowId } : {}),
+      activeTab: {
+        id: result.tabId,
+        url,
+      },
+    }
+  }
+
  /**
   * Navigate to a URL and wait for the page to load.
   *
--- a/packages/browseros-agent/packages/agent-sdk/src/context.ts
+++ b/packages/browseros-agent/packages/agent-sdk/src/context.ts
@@ -15,4 +15,11 @@ export interface AgentContext {

  emit(event: UIMessageStreamEvent): void
  throwIfAborted(): void
+  updateNavigationContext(
+    result: {
+      tabId: number
+      windowId?: number
+    },
+    url: string,
+  ): void
 }
--- a/packages/browseros-agent/packages/agent-sdk/src/methods/act.ts
+++ b/packages/browseros-agent/packages/agent-sdk/src/methods/act.ts
@@ -15,14 +15,13 @@ async function executeAct(
  ctx.throwIfAborted()

  const url = `${ctx.baseUrl}/sdk/act`
-
-  const browserContextForAct = ctx.browserContext
-    ? {
-        windowId: ctx.browserContext.windowId,
-        enabledMcpServers: ctx.browserContext.enabledMcpServers,
-        customMcpServers: ctx.browserContext.customMcpServers,
-      }
-    : undefined
+  const browserContext =
+    options?.windowId === undefined
+      ? ctx.browserContext
+      : {
+          ...(ctx.browserContext ?? {}),
+          windowId: options.windowId,
+        }

  let response: Response
  try {
@@ -33,7 +32,7 @@ async function executeAct(
        instruction,
        context: options?.context,
        maxSteps: options?.maxSteps,
-        browserContext: browserContextForAct,
+        browserContext,
        llm: ctx.llmConfig,
        sessionId: ctx.sessionId,
      }),
--- a/packages/browseros-agent/packages/agent-sdk/src/methods/extract.ts
+++ b/packages/browseros-agent/packages/agent-sdk/src/methods/extract.ts
@@ -27,6 +27,7 @@ export async function extract<T>(
      schema: jsonSchema,
      context: options.context,
      windowId: ctx.browserContext?.windowId,
+      tabId: ctx.browserContext?.activeTab?.id,
    },
    ExtractionError,
  )
--- a/packages/browseros-agent/packages/agent-sdk/src/methods/nav.ts
+++ b/packages/browseros-agent/packages/agent-sdk/src/methods/nav.ts
@@ -25,6 +25,13 @@ export async function nav(
    NavigationError,
  )

+  if (result.success && result.tabId !== undefined) {
+    ctx.updateNavigationContext(
+      { tabId: result.tabId, windowId: result.windowId },
+      url,
+    )
+  }
+
  ctx.emit({
    type: 'text-delta',
    id: 'nav',
--- a/packages/browseros-agent/packages/agent-sdk/src/methods/verify.ts
+++ b/packages/browseros-agent/packages/agent-sdk/src/methods/verify.ts
@@ -23,6 +23,7 @@ export async function verify(
      expectation,
      context: options?.context,
      windowId: ctx.browserContext?.windowId,
+      tabId: ctx.browserContext?.activeTab?.id,
      llm: ctx.llmConfig,
    },
    VerificationError,
@@ -54,6 +55,7 @@ export async function verifyInternal(
    {
      expectation,
      windowId: ctx.browserContext?.windowId,
+      tabId: ctx.browserContext?.activeTab?.id,
      llm: ctx.llmConfig,
    },
    VerificationError,
--- a/packages/browseros-agent/packages/agent-sdk/src/types.ts
+++ b/packages/browseros-agent/packages/agent-sdk/src/types.ts
@@ -113,6 +113,10 @@ export interface ProgressEvent {
 export interface NavResult {
  /** Whether navigation succeeded */
  success: boolean
+  /** The tab that was navigated */
+  tabId?: number
+  /** The window containing the navigated tab */
+  windowId?: number
 }

 /**
--- a/packages/browseros-agent/packages/agent-sdk/tests/unit/agent.test.ts
+++ b/packages/browseros-agent/packages/agent-sdk/tests/unit/agent.test.ts
@@ -332,6 +332,94 @@ describe('Agent', () => {

      expect(agent.sessionId).not.toBe(originalSessionId)
    })
+
+    it('uses the active tab established by nav() for subsequent act() calls', async () => {
+      let callCount = 0
+      globalThis.fetch = mock((url: string, init?: RequestInit) => {
+        callCount++
+
+        if (callCount === 1) {
+          return Promise.resolve({
+            ok: true,
+            status: 200,
+            json: () =>
+              Promise.resolve({
+                success: true,
+                tabId: 123,
+                windowId: 456,
+              }),
+          } as Response)
+        }
+
+        const sseData = [{ type: 'start-step' }, { type: 'finish-step' }]
+          .map((event) => `data: ${JSON.stringify(event)}\n\n`)
+          .join('')
+        const encoded = new TextEncoder().encode(sseData)
+
+        expect(url).toBe('http://localhost:9222/sdk/act')
+        const body = JSON.parse(init?.body as string)
+        expect(body.browserContext).toEqual({
+          windowId: 456,
+          activeTab: {
+            id: 123,
+            url: 'https://example.com',
+          },
+        })
+
+        return Promise.resolve({
+          ok: true,
+          status: 200,
+          body: {
+            getReader: () => {
+              let read = false
+              return {
+                read: async () => {
+                  if (read) return { done: true, value: undefined }
+                  read = true
+                  return { done: false, value: encoded }
+                },
+                releaseLock: () => {},
+              }
+            },
+          },
+        } as unknown as Response)
+      })
+
+      const agent = new Agent({ url: TEST_URL })
+      await agent.nav('https://example.com')
+      await agent.act('click the button')
+    })
+
+    it('allows act() to override windowId while preserving active tab context', async () => {
+      const fetchMock = mockSSEFetch([
+        { type: 'start-step' },
+        { type: 'finish-step' },
+      ])
+      globalThis.fetch = fetchMock
+
+      const agent = new Agent({
+        url: TEST_URL,
+        browserContext: {
+          windowId: 456,
+          activeTab: {
+            id: 123,
+            url: 'https://example.com',
+          },
+        },
+      })
+
+      await agent.act('click the button', { windowId: 789 })
+
+      const call = fetchMock.mock.calls[0]
+      const body = JSON.parse(call[1].body)
+      expect(body.browserContext).toEqual({
+        windowId: 789,
+        activeTab: {
+          id: 123,
+          url: 'https://example.com',
+        },
+      })
+    })
  })

  describe('act() with verify option', () => {
@@ -615,6 +703,28 @@ describe('Agent', () => {
      expect(body.llm).toEqual(llmConfig)
    })

+    it('includes browser context windowId and active tab id', async () => {
+      const fetchMock = mockFetch({ success: true, reason: 'Verified' })
+      globalThis.fetch = fetchMock
+
+      const agent = new Agent({
+        url: TEST_URL,
+        browserContext: {
+          windowId: 456,
+          activeTab: {
+            id: 123,
+            url: 'https://example.com',
+          },
+        },
+      })
+      await agent.verify('the page has some content')
+
+      const call = fetchMock.mock.calls[0]
+      const body = JSON.parse(call[1].body)
+      expect(body.windowId).toBe(456)
+      expect(body.tabId).toBe(123)
+    })
+
    it('returns VerifyResult on success', async () => {
      globalThis.fetch = mockFetch({
        success: true,
--- a/packages/browseros-agent/scripts/build/config/server-prod-resources.json
+++ b/packages/browseros-agent/scripts/build/config/server-prod-resources.json
@@ -54,6 +54,136 @@
      "os": ["windows"],
      "arch": ["x64"]
    },
+    {
+      "name": "Podman CLI - macOS ARM64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/podman-darwin-arm64"
+      },
+      "destination": "resources/bin/third_party/podman/podman",
+      "os": ["macos"],
+      "arch": ["arm64"],
+      "executable": true
+    },
+    {
+      "name": "Podman gvproxy - macOS ARM64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/gvproxy-darwin-arm64"
+      },
+      "destination": "resources/bin/third_party/podman/gvproxy",
+      "os": ["macos"],
+      "arch": ["arm64"],
+      "executable": true
+    },
+    {
+      "name": "Podman vfkit - macOS ARM64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/vfkit-darwin-arm64"
+      },
+      "destination": "resources/bin/third_party/podman/vfkit",
+      "os": ["macos"],
+      "arch": ["arm64"],
+      "executable": true
+    },
+    {
+      "name": "Podman krunkit - macOS ARM64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/krunkit-darwin-arm64"
+      },
+      "destination": "resources/bin/third_party/podman/krunkit",
+      "os": ["macos"],
+      "arch": ["arm64"],
+      "executable": true
+    },
+    {
+      "name": "Podman mac helper - macOS ARM64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/podman-mac-helper-darwin-arm64"
+      },
+      "destination": "resources/bin/third_party/podman/podman-mac-helper",
+      "os": ["macos"],
+      "arch": ["arm64"],
+      "executable": true
+    },
+    {
+      "name": "Podman CLI - macOS x64",
+      "notes": "krunkit is intentionally omitted on macOS x64 because the official amd64 Podman installer ships an arm64-only krunkit helper",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/podman-darwin-x64"
+      },
+      "destination": "resources/bin/third_party/podman/podman",
+      "os": ["macos"],
+      "arch": ["x64"],
+      "executable": true
+    },
+    {
+      "name": "Podman gvproxy - macOS x64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/gvproxy-darwin-x64"
+      },
+      "destination": "resources/bin/third_party/podman/gvproxy",
+      "os": ["macos"],
+      "arch": ["x64"],
+      "executable": true
+    },
+    {
+      "name": "Podman vfkit - macOS x64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/vfkit-darwin-x64"
+      },
+      "destination": "resources/bin/third_party/podman/vfkit",
+      "os": ["macos"],
+      "arch": ["x64"],
+      "executable": true
+    },
+    {
+      "name": "Podman mac helper - macOS x64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/podman-mac-helper-darwin-x64"
+      },
+      "destination": "resources/bin/third_party/podman/podman-mac-helper",
+      "os": ["macos"],
+      "arch": ["x64"],
+      "executable": true
+    },
+    {
+      "name": "Podman CLI - Windows x64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/podman-windows-x64.exe"
+      },
+      "destination": "resources/bin/third_party/podman/podman.exe",
+      "os": ["windows"],
+      "arch": ["x64"]
+    },
+    {
+      "name": "Podman gvproxy - Windows x64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/gvproxy-windows-x64.exe"
+      },
+      "destination": "resources/bin/third_party/podman/gvproxy.exe",
+      "os": ["windows"],
+      "arch": ["x64"]
+    },
+    {
+      "name": "Podman win-sshproxy - Windows x64",
+      "source": {
+        "type": "r2",
+        "key": "third_party/podman/win-sshproxy-windows-x64.exe"
+      },
+      "destination": "resources/bin/third_party/podman/win-sshproxy.exe",
+      "os": ["windows"],
+      "arch": ["x64"]
+    },
    {
      "name": "ripgrep - macOS ARM64",
      "source": {
--- a/packages/browseros/build/common/server_binaries.py
+++ b/packages/browseros/build/common/server_binaries.py
@@ -0,0 +1,58 @@
+#!/usr/bin/env python3
+"""Shared sign metadata for BrowserOS Server binaries.
+
+Consumed by both the Chromium-build signing path (build/modules/sign/) and the
+OTA release path (build/modules/ota/). Adding a new third-party binary here
+means both paths pick it up automatically.
+"""
+
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Dict, List, Optional
+
+
+@dataclass(frozen=True)
+class SignSpec:
+    """Per-binary codesign metadata.
+
+    ``entitlements`` is the filename of the plist under
+    ``resources/entitlements/``; ``None`` means no extra entitlements.
+    """
+
+    identifier_suffix: str
+    options: str
+    entitlements: Optional[str] = None
+
+
+MACOS_SERVER_BINARIES: Dict[str, SignSpec] = {
+    "browseros_server": SignSpec(
+        "browseros_server", "runtime", "browseros-executable-entitlements.plist"
+    ),
+    "bun": SignSpec("bun", "runtime", "browseros-executable-entitlements.plist"),
+    "rg": SignSpec("rg", "runtime"),
+    "podman": SignSpec("podman", "runtime"),
+    "gvproxy": SignSpec("gvproxy", "runtime"),
+    "vfkit": SignSpec("vfkit", "runtime", "podman-vfkit-entitlements.plist"),
+    "krunkit": SignSpec("krunkit", "runtime", "podman-krunkit-entitlements.plist"),
+    "podman-mac-helper": SignSpec("podman_mac_helper", "runtime"),
+}
+
+
+WINDOWS_SERVER_BINARIES: List[str] = [
+    "browseros_server.exe",
+    "third_party/bun.exe",
+    "third_party/rg.exe",
+    "third_party/podman/podman.exe",
+    "third_party/podman/gvproxy.exe",
+    "third_party/podman/win-sshproxy.exe",
+]
+
+
+def macos_sign_spec_for(binary_path: Path) -> Optional[SignSpec]:
+    """Look up sign metadata by file stem (e.g., ``podman-mac-helper``)."""
+    return MACOS_SERVER_BINARIES.get(binary_path.stem)
+
+
+def expected_windows_binary_paths(server_bin_dir: Path) -> List[Path]:
+    """Resolve the Windows relative-path list against a ``resources/bin`` dir."""
+    return [server_bin_dir / rel for rel in WINDOWS_SERVER_BINARIES]
--- a/packages/browseros/build/common/server_binaries_test.py
+++ b/packages/browseros/build/common/server_binaries_test.py
@@ -0,0 +1,63 @@
+#!/usr/bin/env python3
+"""Tests for the shared server-binary sign table."""
+
+import unittest
+from pathlib import Path
+
+from .server_binaries import (
+    MACOS_SERVER_BINARIES,
+    WINDOWS_SERVER_BINARIES,
+    expected_windows_binary_paths,
+    macos_sign_spec_for,
+)
+
+ENTITLEMENTS_DIR = Path(__file__).resolve().parents[2] / "resources" / "entitlements"
+
+
+class MacosServerBinariesTest(unittest.TestCase):
+    def test_every_entry_has_identifier_and_options(self):
+        for stem, spec in MACOS_SERVER_BINARIES.items():
+            self.assertTrue(spec.identifier_suffix, f"{stem} missing identifier_suffix")
+            self.assertTrue(spec.options, f"{stem} missing options")
+
+    def test_every_entitlements_plist_exists_on_disk(self):
+        for stem, spec in MACOS_SERVER_BINARIES.items():
+            if spec.entitlements is None:
+                continue
+            plist = ENTITLEMENTS_DIR / spec.entitlements
+            self.assertTrue(plist.exists(), f"{stem}: entitlements {plist} missing")
+
+    def test_macos_sign_spec_for_resolves_by_stem(self):
+        spec = macos_sign_spec_for(Path("/x/podman-mac-helper"))
+        assert spec is not None
+        self.assertEqual(spec.identifier_suffix, "podman_mac_helper")
+        self.assertIsNone(macos_sign_spec_for(Path("/x/not_a_known_binary")))
+
+    def test_matches_podman_bundle_layout(self):
+        required = {"podman", "gvproxy", "vfkit", "krunkit", "podman-mac-helper"}
+        self.assertTrue(required.issubset(MACOS_SERVER_BINARIES.keys()))
+
+
+class WindowsServerBinariesTest(unittest.TestCase):
+    def test_no_duplicates(self):
+        self.assertEqual(
+            len(WINDOWS_SERVER_BINARIES), len(set(WINDOWS_SERVER_BINARIES))
+        )
+
+    def test_paths_within_expected_layout(self):
+        for rel in WINDOWS_SERVER_BINARIES:
+            self.assertTrue(
+                rel == "browseros_server.exe" or rel.startswith("third_party/"),
+                f"{rel} outside expected layout",
+            )
+
+    def test_expected_windows_binary_paths_joins_root(self):
+        root = Path("/tmp/fake/resources/bin")
+        resolved = expected_windows_binary_paths(root)
+        self.assertEqual(len(resolved), len(WINDOWS_SERVER_BINARIES))
+        for rel, abs_path in zip(WINDOWS_SERVER_BINARIES, resolved):
+            self.assertEqual(abs_path, root / rel)
+
+
+if __name__ == "__main__":
+    unittest.main()
--- a/packages/browseros/build/config/BROWSEROS_BUILD_OFFSET
+++ b/packages/browseros/build/config/BROWSEROS_BUILD_OFFSET
@@ -1 +1 @@
-141
+144
--- a/packages/browseros/build/config/appcast/appcast-server.alpha.xml
+++ b/packages/browseros/build/config/appcast/appcast-server.alpha.xml
@@ -7,52 +7,16 @@
    <language>en</language>

    <item>
-      <sparkle:version>0.0.74</sparkle:version>
-      <pubDate>Thu, 12 Mar 2026 21:20:48 +0000</pubDate>
+      <sparkle:version>0.0.86</sparkle:version>
+      <pubDate>Thu, 16 Apr 2026 18:58:59 +0000</pubDate>

      <!-- macOS arm64 -->
      <enclosure
-        url="https://cdn.browseros.com/server/browseros_server_0.0.74_darwin_arm64.zip"
+        url="https://cdn.browseros.com/server/browseros_server_0.0.86_darwin_arm64.zip"
        sparkle:os="macos"
        sparkle:arch="arm64"
-        sparkle:edSignature="aPuQG3dtQj5v857CNSZ+Ahz3bxUOM7+tSEskW0mIbJV6969a3j1kAqOQ20D1FcxlEyYqquFOaeHpoGaDi6LsDg=="
-        length="22191352"
-        type="application/zip"/>
-
-      <!-- macOS x86_64 -->
-      <enclosure
-        url="https://cdn.browseros.com/server/browseros_server_0.0.74_darwin_x64.zip"
-        sparkle:os="macos"
-        sparkle:arch="x86_64"
-        sparkle:edSignature="X+FCQFH2HpBG43UiJjE0FkheyfOAUW2dhtmKn9HKRrJkqMGsaw+bhjdze1lP02oz71b8Q9AkC2NYwSUN0m0FAQ=="
-        length="24641802"
-        type="application/zip"/>
-
-      <!-- Linux arm64 -->
-      <enclosure
-        url="https://cdn.browseros.com/server/browseros_server_0.0.74_linux_arm64.zip"
-        sparkle:os="linux"
-        sparkle:arch="arm64"
-        sparkle:edSignature="1tnET+iFDYEc9kdwV9U3mo4rExX0JBnlJOrcEQOGBwR/478NxbOsPx3AI/H7216HlylayNj7bYLVJY/FJqY2Dg=="
-        length="37751728"
-        type="application/zip"/>
-
-      <!-- Linux x86_64 -->
-      <enclosure
-        url="https://cdn.browseros.com/server/browseros_server_0.0.74_linux_x64.zip"
-        sparkle:os="linux"
-        sparkle:arch="x86_64"
-        sparkle:edSignature="/OUrTZmgYWIWWWu71XAzN0B6hgs2WD9MOiZsXMvsv22TZwlEP1RdQsEO84JgFMb9if37MZX47utA2UWpSfFtAg=="
-        length="39041390"
-        type="application/zip"/>
-
-      <!-- Windows x86_64 -->
-      <enclosure
-        url="https://cdn.browseros.com/server/browseros_server_0.0.74_windows_x64.zip"
-        sparkle:os="windows"
-        sparkle:arch="x86_64"
-        sparkle:edSignature="qd7XYvoa59QA1bSUkaXbtBCti8DQGh3mWWfPG1qtgk5InLXJ07Y0ve/Y6ZAn8fyz6XGLEgMVhUa6eblmVuUODw=="
-        length="40986233"
+        sparkle:edSignature="kkM3dFanJr9TQgRPV7NOs7GwYpVfLHH+Db6oUWLHTWQFODBy8wx46fD6sioQdsB4k+9Ra9QCBm0WRSvKDkljDQ=="
+        length="101284695"
        type="application/zip"/>
    </item>

--- a/packages/browseros/build/config/release.macos.arm64.yaml
+++ b/packages/browseros/build/config/release.macos.arm64.yaml
@@ -0,0 +1,55 @@
+# BrowserOS macOS Release Build Configuration (arm64 only)
+#
+# Single-architecture arm64 release build. Skips the universal_build
+# pipeline (no x64, no lipo merge) — follows the standard per-arch flow
+# like release.windows.yaml / release.linux.yaml.
+#
+# Environment Variables:
+#   Use !env tag to reference environment variables:
+#     Example: chromium_src: !env CHROMIUM_SRC
+
+build:
+  type: release
+  architecture: arm64
+
+gn_flags:
+  file: build/config/gn/flags.macos.release.gn
+
+# Explicit module execution order
+modules:
+  # Phase 1: Setup
+  - clean
+  - git_setup
+  - sparkle_setup
+
+  # Phase 2: Patches & Resources
+  - download_resources
+  - resources
+  - bundled_extensions
+  - chromium_replace
+  - string_replaces
+  - series_patches
+  - patches
+
+  # Phase 3: Build
+  - configure
+  - compile
+
+  # Phase 4: Sign & Package
+  - sign_macos
+  - package_macos
+
+  # Phase 5: Upload
+  - upload
+
+# Required environment variables
+# Note: CHROMIUM_SRC can be provided via --chromium-src CLI flag, YAML config, or env var
+required_envs:
+  - MACOS_CERTIFICATE_NAME
+  - PROD_MACOS_NOTARIZATION_APPLE_ID
+  - PROD_MACOS_NOTARIZATION_TEAM_ID
+  - PROD_MACOS_NOTARIZATION_PWD
+
+# Notification settings
+notifications:
+  slack: true
--- a/packages/browseros/build/modules/ota/init.py
+++ b/packages/browseros/build/modules/ota/init.py
@@ -9,12 +9,16 @@ from .common import (
    SignedArtifact,
    SERVER_PLATFORMS,
    APPCAST_TEMPLATE,
-    find_server_binary,
+    find_server_resources_dir,
+    create_server_bundle_zip,
 )
 from .sign_binary import (
    sign_macos_binary,
    notarize_macos_binary,
+    notarize_macos_zip,
    sign_windows_binary,
+    sign_server_bundle_macos,
+    sign_server_bundle_windows,
 )
 from .server import ServerOTAModule

@@ -30,10 +34,14 @@ __all__ = [
    "parse_existing_appcast",
    "ExistingAppcast",
    "SignedArtifact",
-    "find_server_binary",
+    "find_server_resources_dir",
+    "create_server_bundle_zip",
    "sign_macos_binary",
    "notarize_macos_binary",
+    "notarize_macos_zip",
    "sign_windows_binary",
+    "sign_server_bundle_macos",
+    "sign_server_bundle_windows",
    "SERVER_PLATFORMS",
    "APPCAST_TEMPLATE",
 ]
--- a/packages/browseros/build/modules/ota/bundle_test.py
+++ b/packages/browseros/build/modules/ota/bundle_test.py
@@ -0,0 +1,93 @@
+#!/usr/bin/env python3
+"""Tests for OTA bundle-zip creation."""
+
+import stat
+import sys
+import tempfile
+import unittest
+import zipfile
+from pathlib import Path
+
+from .common import create_server_bundle_zip, find_server_resources_dir
+
+
+def _write_exec(path: Path, content: bytes) -> None:
+    path.parent.mkdir(parents=True, exist_ok=True)
+    path.write_bytes(content)
+    path.chmod(path.stat().st_mode | 0o755)
+
+
+class CreateServerBundleZipTest(unittest.TestCase):
+    def test_bundles_full_resources_tree(self):
+        with tempfile.TemporaryDirectory() as tmp:
+            staging = Path(tmp) / "darwin-arm64"
+            resources = staging / "resources"
+            _write_exec(resources / "bin" / "browseros_server", b"server")
+            _write_exec(resources / "bin" / "third_party" / "bun", b"bun")
+            _write_exec(resources / "bin" / "third_party" / "rg", b"rg")
+            _write_exec(resources / "bin" / "third_party" / "podman" / "podman", b"pd")
+            _write_exec(
+                resources / "bin" / "third_party" / "podman" / "gvproxy", b"gv"
+            )
+
+            zip_path = Path(tmp) / "bundle.zip"
+            self.assertTrue(create_server_bundle_zip(resources, zip_path))
+
+            with zipfile.ZipFile(zip_path) as zf:
+                names = set(zf.namelist())
+
+            self.assertEqual(
+                names,
+                {
+                    "resources/bin/browseros_server",
+                    "resources/bin/third_party/bun",
+                    "resources/bin/third_party/rg",
+                    "resources/bin/third_party/podman/podman",
+                    "resources/bin/third_party/podman/gvproxy",
+                },
+            )
+
+    @unittest.skipIf(sys.platform == "win32", "file mode check is meaningless on Windows")
+    def test_preserves_executable_bits(self):
+        with tempfile.TemporaryDirectory() as tmp:
+            resources = Path(tmp) / "darwin-arm64" / "resources"
+            _write_exec(resources / "bin" / "browseros_server", b"server")
+
+            zip_path = Path(tmp) / "bundle.zip"
+            self.assertTrue(create_server_bundle_zip(resources, zip_path))
+
+            with zipfile.ZipFile(zip_path) as zf:
+                info = zf.getinfo("resources/bin/browseros_server")
+
+            mode = (info.external_attr >> 16) & 0o777
+            self.assertTrue(mode & stat.S_IXUSR)
+
+    def test_missing_resources_dir_fails(self):
+        with tempfile.TemporaryDirectory() as tmp:
+            missing = Path(tmp) / "does-not-exist"
+            zip_path = Path(tmp) / "bundle.zip"
+            self.assertFalse(create_server_bundle_zip(missing, zip_path))
+
+
+class FindServerResourcesDirTest(unittest.TestCase):
+    def test_returns_resources_dir_when_present(self):
+        with tempfile.TemporaryDirectory() as tmp:
+            root = Path(tmp)
+            (root / "darwin-arm64" / "resources" / "bin").mkdir(parents=True)
+            found = find_server_resources_dir(
+                root, {"name": "darwin_arm64", "target": "darwin-arm64"}
+            )
+            self.assertEqual(found, root / "darwin-arm64" / "resources")
+
+    def test_returns_none_when_absent(self):
+        with tempfile.TemporaryDirectory() as tmp:
+            root = Path(tmp)
+            self.assertIsNone(
+                find_server_resources_dir(
+                    root, {"name": "darwin_arm64", "target": "darwin-arm64"}
+                )
+            )
+
+
+if __name__ == "__main__":
+    unittest.main()
--- a/packages/browseros/build/modules/ota/common.py
+++ b/packages/browseros/build/modules/ota/common.py
@@ -1,9 +1,7 @@
 #!/usr/bin/env python3
 """Common utilities for OTA update modules"""

-import os
 import re
-import shutil
 import zipfile
 import xml.etree.ElementTree as ET
 from datetime import datetime, timezone
@@ -13,8 +11,9 @@ from dataclasses import dataclass

 from ...common.utils import log_error, log_info, log_success

-# Re-export sparkle_sign_file from common module
-from ...common.sparkle import sparkle_sign_file
+# Re-exported so callers (and ota/__init__.py) can get sparkle_sign_file
+# from ota.common alongside the other OTA helpers.
+from ...common.sparkle import sparkle_sign_file as sparkle_sign_file

 # Sparkle XML namespace
 SPARKLE_NS = "http://www.andymatuschak.org/xml-namespaces/sparkle"
@@ -76,33 +75,15 @@ class ExistingAppcast:
    artifacts: Dict[str, SignedArtifact]


-def find_server_binary(binaries_dir: Path, platform: dict) -> Optional[Path]:
-    """Find server binary in either flat or artifact-extracted directory structure.
+def find_server_resources_dir(binaries_dir: Path, platform: dict) -> Optional[Path]:
+    """Return the extracted ``resources/`` dir for a platform, or ``None``.

-    Supports two layouts:
-      Flat:     {binaries_dir}/{binary_name}        (e.g., browseros-server-darwin-arm64)
-      Artifact: {binaries_dir}/{target}/resources/bin/browseros_server[.exe]
-
-    Args:
-        binaries_dir: Root directory containing server binaries
-        platform: Platform dict from SERVER_PLATFORMS
-
-    Returns:
-        Path to binary if found, None otherwise
+    ``binaries_dir`` is the temp root created by ``_download_artifacts``; each
+    platform lives at ``<binaries_dir>/<target>/resources/``.
    """
-    # Flat structure (used with --binaries pointing to mono build output)
-    flat_path = binaries_dir / platform["binary"]
-    if flat_path.exists():
-        return flat_path
-
-    # Artifact-extracted structure (used after download_resources)
    target = platform.get("target", platform["name"].replace("_", "-"))
-    bin_name = "browseros_server.exe" if platform["os"] == "windows" else "browseros_server"
-    artifact_path = binaries_dir / target / "resources" / "bin" / bin_name
-    if artifact_path.exists():
-        return artifact_path
-
-    return None
+    resources = binaries_dir / target / "resources"
+    return resources if resources.is_dir() else None


 def parse_existing_appcast(appcast_path: Path) -> Optional[ExistingAppcast]:
@@ -254,46 +235,31 @@ def generate_server_appcast(
    )


-def create_server_zip(
-    binary_path: Path,
-    output_zip: Path,
-    is_windows: bool = False,
-) -> bool:
-    """Create zip with proper structure: resources/bin/browseros_server
+def create_server_bundle_zip(resources_dir: Path, output_zip: Path) -> bool:
+    """Zip an extracted ``resources/`` tree into a Sparkle payload.

-    Args:
-        binary_path: Path to the binary to package
-        output_zip: Path for output zip file
-        is_windows: Whether this is Windows binary (affects target name)
-
-    Returns:
-        True on success, False on failure
+    Produces entries like ``resources/bin/browseros_server``,
+    ``resources/bin/third_party/podman/podman`` — mirroring what the agent
+    build staged and what the Chromium build bakes into the installed app.
+    File modes are preserved by ``ZipFile.write`` so executable bits survive.
    """
-    staging_dir = output_zip.parent / f"staging_{output_zip.stem}"
+    if not resources_dir.is_dir():
+        log_error(f"Resources dir not found: {resources_dir}")
+        return False
+
+    bundle_root = resources_dir.parent
    try:
-        staging_dir.mkdir(parents=True, exist_ok=True)
-        bin_dir = staging_dir / "resources" / "bin"
-        bin_dir.mkdir(parents=True, exist_ok=True)
-
-        target_name = "browseros_server.exe" if is_windows else "browseros_server"
-        shutil.copy2(binary_path, bin_dir / target_name)
-
-        with zipfile.ZipFile(output_zip, 'w', zipfile.ZIP_DEFLATED) as zf:
-            for root, _, files in os.walk(staging_dir):
-                for file in files:
-                    file_path = Path(root) / file
-                    arcname = file_path.relative_to(staging_dir)
-                    zf.write(file_path, arcname)
-
+        with zipfile.ZipFile(output_zip, "w", zipfile.ZIP_DEFLATED) as zf:
+            for path in sorted(resources_dir.rglob("*")):
+                if not path.is_file():
+                    continue
+                arcname = path.relative_to(bundle_root).as_posix()
+                zf.write(path, arcname)
        log_success(f"Created {output_zip.name}")
        return True
-
    except Exception as e:
-        log_error(f"Failed to create zip: {e}")
+        log_error(f"Failed to create bundle zip: {e}")
        return False
-    finally:
-        if staging_dir.exists():
-            shutil.rmtree(staging_dir)


 def get_appcast_path(channel: str = "alpha") -> Path:
--- a/packages/browseros/build/modules/ota/server.py
+++ b/packages/browseros/build/modules/ota/server.py
@@ -10,7 +10,6 @@ from ...common.module import CommandModule, ValidationError
 from ...common.context import Context
 from ...common.utils import (
    log_info,
-    log_error,
    log_success,
    log_warning,
    IS_MACOS,
@@ -23,15 +22,14 @@ from .common import (
    sparkle_sign_file,
    generate_server_appcast,
    parse_existing_appcast,
-    create_server_zip,
+    create_server_bundle_zip,
    get_appcast_path,
-    find_server_binary,
+    find_server_resources_dir,
 )
 from .sign_binary import (
-    sign_macos_binary,
-    notarize_macos_binary,
-    sign_windows_binary,
-    get_entitlements_path,
+    notarize_macos_zip,
+    sign_server_bundle_macos,
+    sign_server_bundle_windows,
 )
 from ..storage import get_r2_client, upload_file_to_r2, download_file_from_r2
 from ..storage.download import extract_artifact_zip
@@ -89,11 +87,8 @@ class ServerOTAModule(CommandModule):
            return [p for p in SERVER_PLATFORMS if p["name"] in requested]
        return SERVER_PLATFORMS

-    def _download_artifacts(self, ctx: Context) -> Path:
-        """Download server artifact zips from R2 latest/ and extract them."""
-        download_dir = Path(tempfile.mkdtemp(prefix="ota_artifacts_"))
-        self._download_dir = download_dir
-
+    def _download_artifacts(self, ctx: Context, download_dir: Path) -> None:
+        """Download and extract server artifact zips from R2 into ``download_dir``."""
        r2_client = get_r2_client(ctx.env)
        if not r2_client:
            raise RuntimeError("Failed to create R2 client")
@@ -117,69 +112,85 @@ class ServerOTAModule(CommandModule):
            zip_path.unlink()

        log_success(f"Downloaded {len(platforms)} artifact(s)")
-        return download_dir

    def execute(self, context: Context) -> None:
        ctx = context
        log_info(f"\n🚀 BrowserOS Server OTA v{self.version} ({self.channel})")
        log_info("=" * 70)

-        # Download artifacts from R2
-        binaries_dir = self._download_artifacts(ctx)
+        with tempfile.TemporaryDirectory(prefix="ota_artifacts_") as dl, \
+             tempfile.TemporaryDirectory(prefix="ota_staging_") as st:
+            binaries_dir = Path(dl)
+            temp_dir = Path(st)
+            log_info(f"Temp directory: {temp_dir}")

-        platforms = self._get_platforms()
-        temp_dir = Path(tempfile.mkdtemp())
-        log_info(f"Temp directory: {temp_dir}")
+            self._download_artifacts(ctx, binaries_dir)
+            signed_artifacts = self._build_platform_artifacts(
+                ctx, binaries_dir, temp_dir
+            )
+            self._finalize_release(ctx, signed_artifacts)

+    def _build_platform_artifacts(
+        self, ctx: Context, binaries_dir: Path, temp_dir: Path
+    ) -> List[SignedArtifact]:
+        """Sign + zip + Sparkle-sign each platform; fail fast on any error.
+
+        Any per-platform failure raises ``RuntimeError`` so a broken
+        credential or unregistered binary cannot silently omit a platform
+        from a published release.
+        """
        signed_artifacts: List[SignedArtifact] = []

-        for platform in platforms:
+        for platform in self._get_platforms():
            log_info(f"\n📦 Processing {platform['name']}...")

-            source_binary = find_server_binary(binaries_dir, platform)
-            if not source_binary:
-                log_warning(f"Binary not found for {platform['name']}, skipping")
-                continue
+            source_resources = find_server_resources_dir(binaries_dir, platform)
+            if not source_resources:
+                raise RuntimeError(
+                    f"Resources dir not found for {platform['name']}"
+                )

-            # Copy binary to temp to preserve original
-            temp_binary = temp_dir / platform["binary"]
-            shutil.copy2(source_binary, temp_binary)
+            staging_resources = temp_dir / platform["name"] / "resources"
+            shutil.copytree(source_resources, staging_resources)

-            if not self._sign_binary(temp_binary, platform, ctx):
-                log_warning(f"Skipping {platform['name']} due to signing failure")
-                continue
+            if not self._sign_bundle(staging_resources, platform, ctx):
+                raise RuntimeError(f"Signing failed for {platform['name']}")

            zip_name = f"browseros_server_{self.version}_{platform['name']}.zip"
            zip_path = temp_dir / zip_name
-            is_windows = platform["os"] == "windows"

-            if not create_server_zip(temp_binary, zip_path, is_windows):
-                log_error(f"Failed to create zip for {platform['name']}")
-                continue
+            if not create_server_bundle_zip(staging_resources, zip_path):
+                raise RuntimeError(f"Failed to create bundle for {platform['name']}")
+
+            if platform["os"] == "macos" and IS_MACOS():
+                if not notarize_macos_zip(zip_path, ctx.env):
+                    raise RuntimeError(
+                        f"Notarization failed for {platform['name']}"
+                    )

            log_info(f"Signing {zip_name} with Sparkle...")
            signature, length = sparkle_sign_file(zip_path, ctx.env)
-
            if not signature:
-                log_error(f"Failed to sign zip for {platform['name']}")
-                continue
+                raise RuntimeError(f"Sparkle signing failed for {platform['name']}")

            log_success(f"  {platform['name']}: {length} bytes")
-
-            artifact = SignedArtifact(
+            signed_artifacts.append(SignedArtifact(
                platform=platform["name"],
                zip_path=zip_path,
                signature=signature,
                length=length,
                os=platform["os"],
                arch=platform["arch"],
-            )
-            signed_artifacts.append(artifact)
+            ))

        if not signed_artifacts:
-            log_error("No artifacts were processed successfully")
-            raise RuntimeError("OTA failed - no artifacts")
+            raise RuntimeError("OTA failed - no artifacts processed")
+        return signed_artifacts

+    def _finalize_release(
+        self, ctx: Context, signed_artifacts: List[SignedArtifact]
+    ) -> None:
+        """Write the appcast, upload every signed zip to R2, and surface URLs."""
        log_info("\n📝 Generating appcast...")
        appcast_path = get_appcast_path(self.channel)
        existing_appcast = parse_existing_appcast(appcast_path)
@@ -219,27 +230,27 @@ class ServerOTAModule(CommandModule):
        log_info(f"\nAppcast saved to: {appcast_path}")
        log_info("\n📋 Next step: Run 'browseros ota server release-appcast' to make the release live")

-    def _sign_binary(self, binary_path: Path, platform: dict, ctx: Context) -> bool:
-        """Sign binary based on platform"""
+    def _sign_bundle(
+        self, staging_resources: Path, platform: dict, ctx: Context
+    ) -> bool:
+        """Codesign every binary in the staged resources tree for a platform.
+
+        macOS notarization happens separately, on the outer Sparkle zip.
+        """
        os_type = platform["os"]

        if os_type == "macos":
            if not IS_MACOS():
-                log_warning(f"macOS signing requires macOS - skipping {platform['name']}")
+                log_warning(
+                    f"macOS signing requires macOS - leaving {platform['name']} unsigned"
+                )
                return True
+            return sign_server_bundle_macos(
+                staging_resources, ctx.env, ctx.get_entitlements_dir()
+            )

-            entitlements = get_entitlements_path(ctx.root_dir)
-            if not sign_macos_binary(binary_path, ctx.env, entitlements):
-                return False
-
-            log_info("Notarizing...")
-            return notarize_macos_binary(binary_path, ctx.env)
-
-        elif os_type == "windows":
-            return sign_windows_binary(binary_path, ctx.env)
-
-        elif os_type == "linux":
-            log_info(f"No code signing for Linux binaries")
-            return True
+        if os_type == "windows":
+            return sign_server_bundle_windows(staging_resources, ctx.env)

+        log_info("No code signing for Linux binaries")
        return True
--- a/packages/browseros/build/modules/ota/sign_binary.py
+++ b/packages/browseros/build/modules/ota/sign_binary.py
@@ -1,12 +1,18 @@
 #!/usr/bin/env python3
 """Platform-specific binary signing for OTA binaries"""

+import os
+import shutil
 import subprocess
 import tempfile
 from pathlib import Path
-from typing import Optional
+from typing import List, Optional

 from ...common.env import EnvConfig
+from ...common.server_binaries import (
+    expected_windows_binary_paths,
+    macos_sign_spec_for,
+)
 from ...common.utils import (
    log_info,
    log_error,
@@ -21,16 +27,17 @@ def sign_macos_binary(
    binary_path: Path,
    env: Optional[EnvConfig] = None,
    entitlements_path: Optional[Path] = None,
+    *,
+    identifier: Optional[str] = None,
+    options: str = "runtime",
 ) -> bool:
-    """Sign a macOS binary with codesign
+    """Sign a macOS binary with codesign.

-    Args:
-        binary_path: Path to binary to sign
-        env: Environment config with certificate name
-        entitlements_path: Optional path to entitlements plist
-
-    Returns:
-        True on success, False on failure
+    ``identifier`` defaults to ``com.browseros.<stem>`` to preserve the
+    previous single-binary signature shape. Callers that have a shared sign
+    table (see ``common/server_binaries.py``) should pass identifier and
+    options derived from that table so OTA-signed and Chromium-build-signed
+    binaries share the same code identifier.
    """
    if not IS_MACOS():
        log_error("macOS signing requires macOS")
@@ -46,13 +53,14 @@ def sign_macos_binary(

    log_info(f"Signing {binary_path.name}...")

+    resolved_identifier = identifier or f"com.browseros.{binary_path.stem}"
    cmd = [
        "codesign",
        "--sign", certificate_name,
        "--force",
        "--timestamp",
-        "--identifier", f"com.browseros.{binary_path.stem}",
-        "--options", "runtime",
+        "--identifier", resolved_identifier,
+        "--options", options,
    ]

    if entitlements_path and entitlements_path.exists():
@@ -91,48 +99,91 @@ def verify_macos_signature(binary_path: Path) -> bool:
        return False


+def _resolve_notarization_credentials(
+    env: Optional[EnvConfig],
+) -> Optional[EnvConfig]:
+    if env is None:
+        env = EnvConfig()
+
+    missing: List[str] = []
+    if not env.macos_notarization_apple_id:
+        missing.append("PROD_MACOS_NOTARIZATION_APPLE_ID")
+    if not env.macos_notarization_team_id:
+        missing.append("PROD_MACOS_NOTARIZATION_TEAM_ID")
+    if not env.macos_notarization_password:
+        missing.append("PROD_MACOS_NOTARIZATION_PWD")
+    if missing:
+        log_error("Missing notarization credentials:")
+        for name in missing:
+            log_error(f"  {name} not set")
+        return None
+    return env
+
+
+def _submit_notarization(submission_path: Path, env: EnvConfig) -> bool:
+    assert env.macos_notarization_apple_id is not None
+    assert env.macos_notarization_team_id is not None
+    assert env.macos_notarization_password is not None
+
+    subprocess.run(
+        [
+            "xcrun", "notarytool", "store-credentials", "notarytool-profile",
+            "--apple-id", env.macos_notarization_apple_id,
+            "--team-id", env.macos_notarization_team_id,
+            "--password", env.macos_notarization_password,
+        ],
+        capture_output=True,
+        text=True,
+        check=False,
+    )
+
+    log_info("Submitting for notarization (this may take a while)...")
+    result = subprocess.run(
+        [
+            "xcrun", "notarytool", "submit", str(submission_path),
+            "--keychain-profile", "notarytool-profile",
+            "--wait",
+        ],
+        capture_output=True,
+        text=True,
+        check=False,
+    )
+
+    if result.returncode != 0:
+        log_error(f"Notarization failed: {result.stderr}")
+        log_error(result.stdout)
+        return False
+
+    if "status: Accepted" not in result.stdout:
+        log_error("Notarization was not accepted")
+        log_error(result.stdout)
+        return False
+    return True
+
+
 def notarize_macos_binary(
    binary_path: Path,
    env: Optional[EnvConfig] = None,
 ) -> bool:
-    """Notarize a macOS binary with Apple
+    """Notarize a single macOS binary with Apple.

-    The binary must be zipped for notarization submission.
-
-    Args:
-        binary_path: Path to binary to notarize (will be zipped internally)
-        env: Environment config with notarization credentials
-
-    Returns:
-        True on success, False on failure
+    The binary is first wrapped in a zip via ``ditto --keepParent`` because
+    ``notarytool`` does not accept bare executables. For an already-zipped
+    Sparkle bundle, call :func:`notarize_macos_zip` instead — double-wrapping
+    nests zips and notarytool does not descend into nested archives.
    """
    if not IS_MACOS():
        log_error("macOS notarization requires macOS")
        return False

+    env = _resolve_notarization_credentials(env)
    if env is None:
-        env = EnvConfig()
-
-    apple_id = env.macos_notarization_apple_id
-    team_id = env.macos_notarization_team_id
-    password = env.macos_notarization_password
-
-    if not all([apple_id, team_id, password]):
-        log_error("Missing notarization credentials:")
-        if not apple_id:
-            log_error("  PROD_MACOS_NOTARIZATION_APPLE_ID not set")
-        if not team_id:
-            log_error("  PROD_MACOS_NOTARIZATION_TEAM_ID not set")
-        if not password:
-            log_error("  PROD_MACOS_NOTARIZATION_PWD not set")
        return False

    log_info(f"Notarizing {binary_path.name}...")
-
-    notarize_zip = None
+    notarize_zip: Optional[Path] = None
    try:
        fd, tmp_path = tempfile.mkstemp(suffix=".zip")
-        import os
        os.close(fd)
        notarize_zip = Path(tmp_path)

@@ -146,41 +197,7 @@ def notarize_macos_binary(
            log_error(f"Failed to create zip: {result.stderr}")
            return False

-        assert apple_id is not None
-        assert team_id is not None
-        assert password is not None
-        subprocess.run(
-            [
-                "xcrun", "notarytool", "store-credentials", "notarytool-profile",
-                "--apple-id", apple_id,
-                "--team-id", team_id,
-                "--password", password,
-            ],
-            capture_output=True,
-            text=True,
-            check=False,
-        )
-
-        log_info("Submitting for notarization (this may take a while)...")
-        result = subprocess.run(
-            [
-                "xcrun", "notarytool", "submit", str(notarize_zip),
-                "--keychain-profile", "notarytool-profile",
-                "--wait",
-            ],
-            capture_output=True,
-            text=True,
-            check=False,
-        )
-
-        if result.returncode != 0:
-            log_error(f"Notarization failed: {result.stderr}")
-            log_error(result.stdout)
-            return False
-
-        if "status: Accepted" not in result.stdout:
-            log_error("Notarization was not accepted")
-            log_error(result.stdout)
+        if not _submit_notarization(notarize_zip, env):
            return False

        log_success(f"Notarized {binary_path.name}")
@@ -194,6 +211,33 @@ def notarize_macos_binary(
            notarize_zip.unlink()


+def notarize_macos_zip(zip_path: Path, env: Optional[EnvConfig] = None) -> bool:
+    """Notarize a pre-built Sparkle bundle zip by submitting it directly.
+
+    ``notarytool`` accepts ``.zip`` submissions and recursively scans the
+    Mach-O binaries inside. No extra wrapping — passing this zip through
+    ``ditto --keepParent`` would nest zips and Apple's service would not
+    descend into the inner archive.
+    """
+    if not IS_MACOS():
+        log_error("macOS notarization requires macOS")
+        return False
+
+    env = _resolve_notarization_credentials(env)
+    if env is None:
+        return False
+
+    log_info(f"Notarizing {zip_path.name}...")
+    try:
+        if not _submit_notarization(zip_path, env):
+            return False
+        log_success(f"Notarized {zip_path.name}")
+        return True
+    except Exception as e:
+        log_error(f"Notarization failed: {e}")
+        return False
+
+
 def sign_windows_binary(
    binary_path: Path,
    env: Optional[EnvConfig] = None,
@@ -264,7 +308,6 @@ def sign_windows_binary(

        signed_file = temp_output_dir / binary_path.name
        if signed_file.exists():
-            import shutil
            shutil.move(str(signed_file), str(binary_path))

        try:
@@ -294,15 +337,81 @@ def sign_windows_binary(
        return False


-def get_entitlements_path(root_dir: Path) -> Optional[Path]:
-    """Get path to server binary entitlements file"""
-    candidates = [
-        root_dir / "resources" / "entitlements" / "browseros-executable-entitlements.plist",
-        root_dir / "packages" / "browseros" / "resources" / "entitlements" / "browseros-executable-entitlements.plist",
+def sign_server_bundle_macos(
+    resources_dir: Path,
+    env: EnvConfig,
+    entitlements_root: Path,
+) -> bool:
+    """Codesign every known binary under ``resources_dir/bin/**``.
+
+    Unknown executables are a hard error: every regular file under
+    ``resources/bin/`` must have an entry in ``MACOS_SERVER_BINARIES``.
+    This prevents silently shipping an unsigned binary when a new
+    third-party dep is added to the agent build without being registered
+    in the shared sign table. The unknown-file check runs before any
+    codesign call so a bad release fails in seconds rather than after
+    several minutes of signing.
+    """
+    bin_dir = resources_dir / "bin"
+    if not bin_dir.is_dir():
+        log_error(f"bin dir not found: {bin_dir}")
+        return False
+
+    # Only Mach-O-style executables need signing; any future data/config file
+    # shipped under resources/bin/ (plists, shell completion, etc.) is not a
+    # codesign target and must not trigger the unknown-binary guard.
+    executables = [
+        p
+        for p in sorted(bin_dir.rglob("*"))
+        if p.is_file() and not p.is_symlink() and os.access(p, os.X_OK)
    ]
+    unknowns = [p for p in executables if macos_sign_spec_for(p) is None]
+    if unknowns:
+        log_error(
+            "Unknown executables found under resources/bin/ not registered in "
+            "MACOS_SERVER_BINARIES (see build/common/server_binaries.py):"
+        )
+        for path in unknowns:
+            log_error(f"  - {path.relative_to(resources_dir)}")
+        return False

-    for candidate in candidates:
-        if candidate.exists():
-            return candidate
+    for path in executables:
+        spec = macos_sign_spec_for(path)
+        assert spec is not None  # unknowns filtered above

-    return None
+        entitlements_path: Optional[Path] = None
+        if spec.entitlements:
+            entitlements_path = entitlements_root / spec.entitlements
+            if not entitlements_path.exists():
+                log_error(
+                    f"Missing entitlements for {path.name}: {entitlements_path}"
+                )
+                return False
+
+        if not sign_macos_binary(
+            path,
+            env,
+            entitlements_path,
+            identifier=f"com.browseros.{spec.identifier_suffix}",
+            options=spec.options,
+        ):
+            return False
+
+    return True
+
+
+def sign_server_bundle_windows(resources_dir: Path, env: EnvConfig) -> bool:
+    """Sign each Windows binary enumerated in ``WINDOWS_SERVER_BINARIES``.
+
+    A missing expected binary is a hard error: publishing an incomplete
+    Windows bundle would ship a broken OTA update without a pipeline signal.
+    Symmetric with the macOS bundle's unknown-file guard.
+    """
+    bin_dir = resources_dir / "bin"
+    for path in expected_windows_binary_paths(bin_dir):
+        if not path.exists():
+            log_error(f"Windows binary missing (cannot sign): {path}")
+            return False
+        if not sign_windows_binary(path, env):
+            return False
+    return True
--- a/packages/browseros/build/modules/sign/macos.py
+++ b/packages/browseros/build/modules/sign/macos.py
@@ -10,6 +10,7 @@ from typing import Optional, List, Dict, Tuple
 from ...common.module import CommandModule, ValidationError
 from ...common.context import Context
 from ...common.env import EnvConfig
+from ...common.server_binaries import macos_sign_spec_for
 from ...common.utils import (
    run_command as utils_run_command,
    log_info,
@@ -20,32 +21,19 @@ from ...common.utils import (
    join_paths,
 )

-# Central list of BrowserOS Server binaries we need to sign explicitly.
-# Each entry controls identifiers, signing options, and entitlement files so
-# adding a new binary is a one-line update here rather than scattered changes.
-BROWSEROS_SERVER_BINARIES: Dict[str, Dict[str, str]] = {
-    "browseros_server": {
-        "identifier_suffix": "browseros_server",
-        "options": "runtime",
-        "entitlements": "browseros-executable-entitlements.plist",
-    },
-    "codex": {
-        "identifier_suffix": "codex",
-        "options": "runtime",
-        "entitlements": "browseros-executable-entitlements.plist",
-    },
-    "bun": {
-        "identifier_suffix": "bun",
-        "options": "runtime",
-        "entitlements": "browseros-executable-entitlements.plist",
-    },
-}
-

 def get_browseros_server_binary_info(component_path: Path) -> Optional[Dict[str, str]]:
    """Return metadata for known BrowserOS Server binaries, if applicable."""
-    name = component_path.stem.lower()
-    return BROWSEROS_SERVER_BINARIES.get(name)
+    spec = macos_sign_spec_for(component_path)
+    if spec is None:
+        return None
+    info: Dict[str, str] = {
+        "identifier_suffix": spec.identifier_suffix,
+        "options": spec.options,
+    }
+    if spec.entitlements:
+        info["entitlements"] = spec.entitlements
+    return info


 def run_command(
--- a/packages/browseros/build/modules/sign/windows.py
+++ b/packages/browseros/build/modules/sign/windows.py
@@ -7,6 +7,7 @@ from typing import List, Optional
 from ...common.module import CommandModule, ValidationError
 from ...common.context import Context
 from ...common.env import EnvConfig
+from ...common.server_binaries import expected_windows_binary_paths
 from ...common.utils import (
    log_info,
    log_error,
@@ -16,12 +17,6 @@ from ...common.utils import (
    IS_WINDOWS,
 )

-BROWSEROS_SERVER_BINARIES: List[str] = [
-    "browseros_server.exe",
-    "codex.exe",
-    "bun.exe",
-]
-

 class WindowsSignModule(CommandModule):
    produces = ["signed_installer"]
@@ -102,7 +97,7 @@ class WindowsSignModule(CommandModule):
 def get_browseros_server_binary_paths(build_output_dir: Path) -> List[Path]:
    """Return absolute paths to BrowserOS Server binaries for signing."""
    server_dir = build_output_dir / "BrowserOSServer" / "default" / "resources" / "bin"
-    return [server_dir / binary for binary in BROWSEROS_SERVER_BINARIES]
+    return expected_windows_binary_paths(server_dir)


 def build_mini_installer(ctx: Context) -> bool:
--- a/packages/browseros/build/modules/storage/download_test.py
+++ b/packages/browseros/build/modules/storage/download_test.py
@@ -22,6 +22,8 @@ class ExtractArtifactZipTest(unittest.TestCase):
            "resources/bin/browseros_server": b"server-binary",
            "resources/bin/third_party/bun": b"bun-binary",
            "resources/bin/third_party/rg": b"rg-binary",
+            "resources/bin/third_party/podman/podman": b"podman-binary",
+            "resources/bin/third_party/podman/gvproxy": b"gvproxy-binary",
        }

        with tempfile.TemporaryDirectory() as temp_dir:
--- a/packages/browseros/chromium_patches/chrome/browser/browseros/bundled_extensions/BUILD.gn
+++ b/packages/browseros/chromium_patches/chrome/browser/browseros/bundled_extensions/BUILD.gn
@@ -1,6 +1,6 @@
 diff --git a/chrome/browser/browseros/bundled_extensions/BUILD.gn b/chrome/browser/browseros/bundled_extensions/BUILD.gn
 new file mode 100644
-index 0000000000000..baac689c55368
+index 0000000000000..0d4aee6f8bad1
 --- /dev/null
 +++ b/chrome/browser/browseros/bundled_extensions/BUILD.gn
@@ -0,0 +1,32 @@
@@ -19,7 +19,7 @@ index 0000000000000..baac689c55368
 +
 +_bundled_extensions_sources = [
 +  "bundled_extensions.json",
-+  "bflpfmnmnokmjhmgnolecpppdbdophmk.crx",  # Agent V2
+  "bflpfmnmnokmjhmgnolecpppdbdophmk.crx",  # Agent
 +  "adlpneommgkgeanpaekgoaolcpncohkf.crx",  # Bug Reporter
 +  "nlnihljpboknmfagkikhkdblbedophja.crx",  # Controller
 +]
--- a/packages/browseros/chromium_patches/chrome/browser/browseros/core/browseros_constants.h
+++ b/packages/browseros/chromium_patches/chrome/browser/browseros/core/browseros_constants.h
@@ -1,6 +1,6 @@
 diff --git a/chrome/browser/browseros/core/browseros_constants.h b/chrome/browser/browseros/core/browseros_constants.h
 new file mode 100644
-index 0000000000000..e554c96adc5ad
+index 0000000000000..fdeee36f8cc70
 --- /dev/null
 +++ b/chrome/browser/browseros/core/browseros_constants.h
@@ -0,0 +1,227 @@
@@ -26,16 +26,16 @@ index 0000000000000..e554c96adc5ad
 +  return base::CommandLine::ForCurrentProcess()->HasSwitch(kDisableUrlOverrides);
 +}
 +
-+// Agent V2 Extension ID
-+inline constexpr char kAgentV2ExtensionId[] =
-+    "bflpfmnmnokmjhmgnolecpppdbdophmk";
-+
 +// BrowserOS extension config URLs
 +inline constexpr char kBrowserOSConfigUrl[] =
 +    "https://cdn.browseros.com/extensions/extensions.json";
 +inline constexpr char kBrowserOSAlphaConfigUrl[] =
 +    "https://cdn.browseros.com/extensions/extensions.alpha.json";
 +
+// Agent Extension ID
+inline constexpr char kAgentExtensionId[] =
+    "bflpfmnmnokmjhmgnolecpppdbdophmk";
+
 +// Bug Reporter Extension ID
 +inline constexpr char kBugReporterExtensionId[] =
 +    "adlpneommgkgeanpaekgoaolcpncohkf";
@@ -68,9 +68,9 @@ index 0000000000000..e554c96adc5ad
 +};
 +
 +inline constexpr BrowserOSURLRoute kBrowserOSURLRoutes[] = {
-+    {"/settings", kAgentV2ExtensionId, "app.html", "/settings"},
-+    {"/mcp", kAgentV2ExtensionId, "app.html", "/mcp"},
-+    {"/onboarding", kAgentV2ExtensionId, "app.html", "/onboarding"},
+    {"/settings", kAgentExtensionId, "app.html", "/settings"},
+    {"/mcp", kAgentExtensionId, "app.html", "/mcp"},
+    {"/onboarding", kAgentExtensionId, "app.html", "/onboarding"},
 +};
 +
 +inline constexpr size_t kBrowserOSURLRoutesCount =
@@ -171,7 +171,7 @@ index 0000000000000..e554c96adc5ad
 +};
 +
 +inline constexpr BrowserOSExtensionInfo kBrowserOSExtensions[] = {
-+    {kAgentV2ExtensionId, false, false},
+    {kAgentExtensionId, false, false},
 +    {kBugReporterExtensionId, true, false},
 +    {kControllerExtensionId, false, false},
 +    // ublock origin gets installed from chrome web store
@@ -208,9 +208,9 @@ index 0000000000000..e554c96adc5ad
 +}
 +
 +// Returns true if this extension uses the contextual (tab-specific) side panel
-+// toggle behavior. Currently only Agent V2 uses this.
+// toggle behavior. Currently only the Agent extension uses this.
 +inline bool UsesContextualSidePanelToggle(const std::string& extension_id) {
-+  return extension_id == kAgentV2ExtensionId;
+  return extension_id == kAgentExtensionId;
 +}
 +
 +// Get all BrowserOS extension IDs
--- a/packages/browseros/chromium_patches/chrome/browser/browseros/server/browseros_server_manager.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/browseros/server/browseros_server_manager.cc
@@ -1,9 +1,9 @@
 diff --git a/chrome/browser/browseros/server/browseros_server_manager.cc b/chrome/browser/browseros/server/browseros_server_manager.cc
 new file mode 100644
-index 0000000000000..9cd8a510e86ec
+index 0000000000000..069d1b79d6ae2
 --- /dev/null
 +++ b/chrome/browser/browseros/server/browseros_server_manager.cc
-@@ -0,0 +1,1076 @@
+@@ -0,0 +1,1120 @@
 +// Copyright 2024 The Chromium Authors
 +// Use of this source code is governed by a BSD-style license that can be
 +// found in the LICENSE file.
@@ -318,6 +318,10 @@ index 0000000000000..9cd8a510e86ec
 +      base::BindRepeating(
 +          &BrowserOSServerManager::OnRestartServerRequestedChanged,
 +          base::Unretained(this)));
+  pref_change_registrar_->Add(
+      browseros_server::kProxyPort,
+      base::BindRepeating(&BrowserOSServerManager::OnProxyPortChanged,
+                          base::Unretained(this)));
 +}
 +
 +void BrowserOSServerManager::ResolvePortsForStartup() {
@@ -991,6 +995,46 @@ index 0000000000000..9cd8a510e86ec
 +  }
 +}
 +
+void BrowserOSServerManager::OnProxyPortChanged() {
+  if (!is_running_ || !local_state_) {
+    return;
+  }
+  if (base::CommandLine::ForCurrentProcess()->HasSwitch(
+          browseros::kProxyPort)) {
+    LOG(INFO) << "browseros: Ignoring proxy_port pref change "
+              << "(CLI --browseros-proxy-port overrides)";
+    return;
+  }
+
+  int new_port = local_state_->GetInteger(browseros_server::kProxyPort);
+  if (new_port <= 0) {
+    new_port = browseros_server::kDefaultProxyPort;
+  }
+  if (new_port == ports_.proxy) {
+    return;
+  }
+  if (!net::IsPortValid(new_port)) {
+    LOG(WARNING) << "browseros: Invalid proxy port " << new_port
+                 << " (must be 1-65535), ignoring pref change";
+    return;
+  }
+  if (new_port == ports_.cdp || new_port == ports_.server ||
+      new_port == ports_.extension) {
+    LOG(WARNING) << "browseros: Proxy port " << new_port
+                 << " collides with another bound port, ignoring pref change";
+    return;
+  }
+
+  LOG(INFO) << "browseros: proxy_port preference changed from " << ports_.proxy
+            << " to " << new_port
+            << ", rebinding proxy and restarting server";
+  ports_.proxy = new_port;
+  SavePortsToPrefs();
+  StopProxy();
+  StartProxy();
+  RestartBrowserOSProcess();
+}
+
 +void BrowserOSServerManager::OnRestartServerRequestedChanged() {
 +  if (!local_state_) {
 +    return;
--- a/packages/browseros/chromium_patches/chrome/browser/browseros/server/browseros_server_manager.h
+++ b/packages/browseros/chromium_patches/chrome/browser/browseros/server/browseros_server_manager.h
@@ -1,9 +1,9 @@
 diff --git a/chrome/browser/browseros/server/browseros_server_manager.h b/chrome/browser/browseros/server/browseros_server_manager.h
 new file mode 100644
-index 0000000000000..241343e436f94
+index 0000000000000..62e098b92b358
 --- /dev/null
 +++ b/chrome/browser/browseros/server/browseros_server_manager.h
-@@ -0,0 +1,158 @@
+@@ -0,0 +1,159 @@
 +// Copyright 2024 The Chromium Authors
 +// Use of this source code is governed by a BSD-style license that can be
 +// found in the LICENSE file.
@@ -126,6 +126,7 @@ index 0000000000000..241343e436f94
 +  void OnProcessExited(int exit_code);
 +  void CheckServerHealth();
 +  void OnAllowRemoteInMCPChanged();
+  void OnProxyPortChanged();
 +  void OnRestartServerRequestedChanged();
 +  void CheckProcessStatus();
 +
--- a/packages/browseros/chromium_patches/chrome/browser/browseros/server/process_controller_impl.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/browseros/server/process_controller_impl.cc
@@ -1,9 +1,9 @@
 diff --git a/chrome/browser/browseros/server/process_controller_impl.cc b/chrome/browser/browseros/server/process_controller_impl.cc
 new file mode 100644
-index 0000000000000..a398856f672fd
+index 0000000000000..d1bb340ae3d86
 --- /dev/null
 +++ b/chrome/browser/browseros/server/process_controller_impl.cc
-@@ -0,0 +1,210 @@
+@@ -0,0 +1,211 @@
 +// Copyright 2024 The Chromium Authors
 +// Use of this source code is governed by a BSD-style license that can be
 +// found in the LICENSE file.
@@ -47,6 +47,7 @@ index 0000000000000..a398856f672fd
 +  ports_dict.Set("cdp", config.ports.cdp);
 +  ports_dict.Set("server", config.ports.server);
 +  ports_dict.Set("extension", config.ports.extension);
+  ports_dict.Set("proxy", config.ports.proxy);
 +  root.Set("ports", std::move(ports_dict));
 +
 +  // directories
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/BUILD.gn
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/BUILD.gn
@@ -1,8 +1,8 @@
 diff --git a/chrome/browser/extensions/BUILD.gn b/chrome/browser/extensions/BUILD.gn
-index 5d5af07b158c0..f32c7889de5be 100644
+index 64e7c1122ba87..47ab667fec018 100644
 --- a/chrome/browser/extensions/BUILD.gn
 +++ b/chrome/browser/extensions/BUILD.gn
-@@ -357,6 +357,12 @@ source_set("extensions") {
+@@ -354,6 +354,12 @@ source_set("extensions") {
     "external_install_manager.h",
     "external_install_manager_factory.cc",
     "external_install_manager_factory.h",
@@ -15,7 +15,7 @@ index 5d5af07b158c0..f32c7889de5be 100644
     "external_policy_loader.cc",
     "external_policy_loader.h",
     "external_pref_loader.cc",
-@@ -690,6 +696,18 @@ source_set("extensions") {
+@@ -700,6 +706,14 @@ source_set("extensions") {
       "api/automation_internal/chrome_automation_internal_api_delegate.h",
       "api/bookmark_manager_private/bookmark_manager_private_api.cc",
       "api/bookmark_manager_private/bookmark_manager_private_api.h",
@@ -27,14 +27,10 @@ index 5d5af07b158c0..f32c7889de5be 100644
 +      "api/browser_os/browser_os_api_utils.h",
 +      "api/browser_os/browser_os_change_detector.cc",
 +      "api/browser_os/browser_os_change_detector.h",
-+      "api/browser_os/browser_os_content_processor.cc",
-+      "api/browser_os/browser_os_content_processor.h",
-+      "api/browser_os/browser_os_snapshot_processor.cc",
-+      "api/browser_os/browser_os_snapshot_processor.h",
       "api/chrome_device_permissions_prompt.h",
       "api/enterprise_reporting_private/conversion_utils.cc",
       "api/enterprise_reporting_private/conversion_utils.h",
-@@ -997,6 +1015,8 @@ source_set("extensions") {
+@@ -1005,6 +1019,8 @@ source_set("extensions") {
       "//components/language/core/common",
       "//components/language/core/language_model",
       "//components/live_caption:constants",
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api.cc
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api.h
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api.h
@@ -1,9 +1,9 @@
 diff --git a/chrome/browser/extensions/api/browser_os/browser_os_api.h b/chrome/browser/extensions/api/browser_os/browser_os_api.h
 new file mode 100644
-index 0000000000000..53ece24723da0
+index 0000000000000..a297a9a2a43fa
 --- /dev/null
 +++ b/chrome/browser/extensions/api/browser_os/browser_os_api.h
-@@ -0,0 +1,371 @@
+@@ -0,0 +1,169 @@
 +// Copyright 2024 The Chromium Authors
 +// Use of this source code is governed by a BSD-style license that can be
 +// found in the LICENSE file.
@@ -11,117 +11,16 @@ index 0000000000000..53ece24723da0
 +#ifndef CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_API_H_
 +#define CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_API_H_
 +
-+#include <cstdint>
-+
-+#include "base/memory/weak_ptr.h"
 +#include "base/values.h"
 +#include "chrome/browser/extensions/api/browser_os/browser_os_api_utils.h"
-+#include "chrome/browser/extensions/api/browser_os/browser_os_content_processor.h"
-+#include "chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.h"
-+#include "components/viz/common/frame_sinks/copy_output_result.h"
-+#include "content/public/browser/render_widget_host_view.h"
 +#include "extensions/browser/extension_function.h"
-+#include "third_party/skia/include/core/SkBitmap.h"
 +#include "ui/shell_dialogs/select_file_dialog.h"
 +
-+namespace content {
-+class WebContents;
-+}
-+
-+namespace ui {
-+struct AXTreeUpdate;
-+}
-+
-+namespace extensions {
-+namespace api {
-+
-+
-+class BrowserOSGetAccessibilityTreeFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.getAccessibilityTree",
-+                             BROWSER_OS_GETACCESSIBILITYTREE)
-+
-+  BrowserOSGetAccessibilityTreeFunction() = default;
-+
-+ protected:
-+  ~BrowserOSGetAccessibilityTreeFunction() override = default;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+
-+ private:
-+  void OnAccessibilityTreeReceived(ui::AXTreeUpdate& tree_update);
-+};
-+
-+class BrowserOSGetInteractiveSnapshotFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.getInteractiveSnapshot",
-+                             BROWSER_OS_GETINTERACTIVESNAPSHOT)
-+
-+  BrowserOSGetInteractiveSnapshotFunction();
-+
-+ protected:
-+  ~BrowserOSGetInteractiveSnapshotFunction() override;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+
-+ private:
-+  void OnAccessibilityTreeReceived(ui::AXTreeUpdate& tree_update);
-+  void OnSnapshotProcessed(SnapshotProcessingResult result);
-+  
-+  // Counter for snapshot IDs
-+  static uint32_t next_snapshot_id_;
-+  
-+  // Tab ID for storing mappings
-+  int tab_id_ = -1;
-+  
-+  // Web contents for processing and drawing
-+  base::WeakPtr<content::WebContents> web_contents_;
-+};
-+
-+class BrowserOSClickFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.click", BROWSER_OS_CLICK)
-+
-+  BrowserOSClickFunction() = default;
-+
-+ protected:
-+  ~BrowserOSClickFunction() override = default;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+};
-+
-+class BrowserOSInputTextFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.inputText", BROWSER_OS_INPUTTEXT)
-+
-+  BrowserOSInputTextFunction() = default;
-+
-+ protected:
-+  ~BrowserOSInputTextFunction() override = default;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+};
-+
-+class BrowserOSClearFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.clear", BROWSER_OS_CLEAR)
-+
-+  BrowserOSClearFunction() = default;
-+
-+ protected:
-+  ~BrowserOSClearFunction() override = default;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+};
+namespace extensions::api {
 +
 +class BrowserOSGetPageLoadStatusFunction : public ExtensionFunction {
 + public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.getPageLoadStatus", 
+  DECLARE_EXTENSION_FUNCTION("browserOS.getPageLoadStatus",
 +                             BROWSER_OS_GETPAGELOADSTATUS)
 +
 +  BrowserOSGetPageLoadStatusFunction() = default;
@@ -129,104 +28,9 @@ index 0000000000000..53ece24723da0
 + protected:
 +  ~BrowserOSGetPageLoadStatusFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +};
 +
-+class BrowserOSScrollUpFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.scrollUp", BROWSER_OS_SCROLLUP)
-+
-+  BrowserOSScrollUpFunction() = default;
-+
-+ protected:
-+  ~BrowserOSScrollUpFunction() override = default;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+};
-+
-+class BrowserOSScrollDownFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.scrollDown", BROWSER_OS_SCROLLDOWN)
-+
-+  BrowserOSScrollDownFunction() = default;
-+
-+ protected:
-+  ~BrowserOSScrollDownFunction() override = default;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+};
-+
-+class BrowserOSScrollToNodeFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.scrollToNode", BROWSER_OS_SCROLLTONODE)
-+
-+  BrowserOSScrollToNodeFunction() = default;
-+
-+ protected:
-+  ~BrowserOSScrollToNodeFunction() override = default;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+};
-+
-+class BrowserOSSendKeysFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.sendKeys", BROWSER_OS_SENDKEYS)
-+
-+  BrowserOSSendKeysFunction() = default;
-+
-+ protected:
-+  ~BrowserOSSendKeysFunction() override = default;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+};
-+
-+class BrowserOSCaptureScreenshotFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.captureScreenshot", BROWSER_OS_CAPTURESCREENSHOT)
-+
-+  BrowserOSCaptureScreenshotFunction();
-+
-+ protected:
-+  ~BrowserOSCaptureScreenshotFunction() override;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+  
-+ private:
-+  void DrawHighlightsAndCapture();
-+  void CaptureScreenshotNow();
-+  void OnScreenshotCaptured(const content::CopyFromSurfaceResult& result);
-+  
-+  // Store web contents and tab id for highlight operations
-+  base::WeakPtr<content::WebContents> web_contents_;
-+  int tab_id_ = -1;
-+  gfx::Size target_size_;
-+  bool show_highlights_ = false;
-+  bool use_exact_dimensions_ = false;
-+};
-+
-+class BrowserOSGetSnapshotFunction : public ExtensionFunction {
-+ public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.getSnapshot", BROWSER_OS_GETSNAPSHOT)
-+
-+  BrowserOSGetSnapshotFunction() = default;
-+
-+ protected:
-+  ~BrowserOSGetSnapshotFunction() override = default;
-+
-+  // ExtensionFunction:
-+  ResponseAction Run() override;
-+
-+ private:
-+  void OnAccessibilityTreeReceived(ui::AXTreeUpdate& tree_update);
-+};
-+
-+// Settings API functions
 +class BrowserOSGetPrefFunction : public ExtensionFunction {
 + public:
 +  DECLARE_EXTENSION_FUNCTION("browserOS.getPref", BROWSER_OS_GETPREF)
@@ -236,7 +40,6 @@ index 0000000000000..53ece24723da0
 + protected:
 +  ~BrowserOSGetPrefFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +};
 +
@@ -249,7 +52,6 @@ index 0000000000000..53ece24723da0
 + protected:
 +  ~BrowserOSSetPrefFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +};
 +
@@ -262,7 +64,6 @@ index 0000000000000..53ece24723da0
 + protected:
 +  ~BrowserOSGetAllPrefsFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +};
 +
@@ -275,75 +76,74 @@ index 0000000000000..53ece24723da0
 + protected:
 +  ~BrowserOSLogMetricFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +};
 +
 +class BrowserOSGetVersionNumberFunction : public ExtensionFunction {
 + public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.getVersionNumber", BROWSER_OS_GETVERSIONNUMBER)
+  DECLARE_EXTENSION_FUNCTION("browserOS.getVersionNumber",
+                             BROWSER_OS_GETVERSIONNUMBER)
 +
 +  BrowserOSGetVersionNumberFunction() = default;
 +
 + protected:
 +  ~BrowserOSGetVersionNumberFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +};
 +
 +class BrowserOSGetBrowserosVersionNumberFunction : public ExtensionFunction {
 + public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.getBrowserosVersionNumber", BROWSER_OS_GETBROWSEROSVERSIONNUMBER)
+  DECLARE_EXTENSION_FUNCTION("browserOS.getBrowserosVersionNumber",
+                             BROWSER_OS_GETBROWSEROSVERSIONNUMBER)
 +
 +  BrowserOSGetBrowserosVersionNumberFunction() = default;
 +
 + protected:
 +  ~BrowserOSGetBrowserosVersionNumberFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +};
 +
 +class BrowserOSExecuteJavaScriptFunction : public ExtensionFunction {
 + public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.executeJavaScript", BROWSER_OS_EXECUTEJAVASCRIPT)
+  DECLARE_EXTENSION_FUNCTION("browserOS.executeJavaScript",
+                             BROWSER_OS_EXECUTEJAVASCRIPT)
 +
 +  BrowserOSExecuteJavaScriptFunction() = default;
 +
 + protected:
 +  ~BrowserOSExecuteJavaScriptFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
-+  
+
 + private:
 +  void OnJavaScriptExecuted(base::Value result);
 +};
 +
 +class BrowserOSClickCoordinatesFunction : public ExtensionFunction {
 + public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.clickCoordinates", BROWSER_OS_CLICKCOORDINATES)
+  DECLARE_EXTENSION_FUNCTION("browserOS.clickCoordinates",
+                             BROWSER_OS_CLICKCOORDINATES)
 +
 +  BrowserOSClickCoordinatesFunction() = default;
 +
 + protected:
 +  ~BrowserOSClickCoordinatesFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +};
 +
 +class BrowserOSTypeAtCoordinatesFunction : public ExtensionFunction {
 + public:
-+  DECLARE_EXTENSION_FUNCTION("browserOS.typeAtCoordinates", BROWSER_OS_TYPEATCOORDINATES)
+  DECLARE_EXTENSION_FUNCTION("browserOS.typeAtCoordinates",
+                             BROWSER_OS_TYPEATCOORDINATES)
 +
 +  BrowserOSTypeAtCoordinatesFunction() = default;
 +
 + protected:
 +  ~BrowserOSTypeAtCoordinatesFunction() override = default;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +};
 +
@@ -364,14 +164,12 @@ index 0000000000000..53ece24723da0
 + protected:
 +  ~BrowserOSChoosePathFunction() override;
 +
-+  // ExtensionFunction:
 +  ResponseAction Run() override;
 +
 + private:
 +  scoped_refptr<ui::SelectFileDialog> select_file_dialog_;
 +};
 +
-+}  // namespace api
-+}  // namespace extensions
+}  // namespace extensions::api
 +
 +#endif  // CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_API_H_
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api_helpers.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api_helpers.cc
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api_helpers.h
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api_helpers.h
@@ -1,9 +1,9 @@
 diff --git a/chrome/browser/extensions/api/browser_os/browser_os_api_helpers.h b/chrome/browser/extensions/api/browser_os/browser_os_api_helpers.h
 new file mode 100644
-index 0000000000000..2000fa3235290
+index 0000000000000..24948f72ec077
 --- /dev/null
 +++ b/chrome/browser/extensions/api/browser_os/browser_os_api_helpers.h
-@@ -0,0 +1,137 @@
+@@ -0,0 +1,49 @@
 +// Copyright 2024 The Chromium Authors
 +// Use of this source code is governed by a BSD-style license that can be
 +// found in the LICENSE file.
@@ -12,20 +12,15 @@ index 0000000000000..2000fa3235290
 +#define CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_API_HELPERS_H_
 +
 +#include <string>
-+#include <unordered_map>
 +
-+#include "base/functional/callback.h"
 +#include "ui/gfx/geometry/point_f.h"
 +
 +namespace content {
-+class WebContents;
 +class RenderWidgetHost;
+class WebContents;
 +}  // namespace content
 +
-+namespace extensions {
-+namespace api {
-+
-+struct NodeInfo;
+namespace extensions::api {
 +
 +// Returns the multiplicative factor that converts CSS pixels (frame
 +// coordinates) to widget DIPs for input events. This matches DevTools'
@@ -35,109 +30,26 @@ index 0000000000000..2000fa3235290
 +float CssToWidgetScale(content::WebContents* web_contents,
 +                       content::RenderWidgetHost* rwh);
 +
-+// Returns the center point of a node's bounds.
-+// Bounds are already in CSS pixels from SnapshotProcessor.
-+gfx::PointF GetNodeCenterPoint(content::WebContents* web_contents,
-+                               const NodeInfo& node_info);
+// Dispatches a synthetic left-click (mouse down + up) at |point|, which is
+// interpreted as CSS pixels relative to the viewport.
+void PointClick(content::WebContents* web_contents, const gfx::PointF& point);
 +
-+// Helper to create and dispatch mouse events for clicking
-+void PointClick(content::WebContents* web_contents, 
-+                  const gfx::PointF& point);
+// Commits |text| to the currently-focused element via the renderer's IME
+// pipeline. Caller must ensure focus is established first.
+void NativeType(content::WebContents* web_contents, const std::string& text);
 +
-+// Helper to perform HTML-based click using JS (uses ID, class, or tag)
-+void HtmlClick(content::WebContents* web_contents,
-+                      const NodeInfo& node_info);
-+
-+// Helper to perform HTML-based focus using JS (uses ID, class, or tag)
-+void HtmlFocus(content::WebContents* web_contents,
-+                      const NodeInfo& node_info);
-+
-+// Helper to perform accessibility action: DoDefault (click)
-+// Returns true if action was sent successfully
-+bool AccessibilityDoDefault(content::WebContents* web_contents,
-+                            const NodeInfo& node_info);
-+
-+// Helper to perform accessibility action: Focus
-+// Returns true if action was sent successfully
-+bool AccessibilityFocus(content::WebContents* web_contents,
-+                       const NodeInfo& node_info);
-+
-+// Helper to perform accessibility action: ScrollToMakeVisible
-+// center_in_viewport: if true, centers element in viewport; otherwise uses closest edge
-+// Returns true if action was sent successfully
-+bool AccessibilityScrollToMakeVisible(content::WebContents* web_contents,
-+                                      const NodeInfo& node_info,
-+                                      bool center_in_viewport = true);
-+
-+// Helper to perform accessibility action: SetValue
-+// Sets the value of an input field or editable element
-+// Returns true if action was sent successfully
-+bool AccessibilitySetValue(content::WebContents* web_contents,
-+                           const NodeInfo& node_info,
-+                           const std::string& text);
-+
-+// Helper to perform scroll actions using mouse wheel events
-+void Scroll(content::WebContents* web_contents,
-+                   int delta_x,
-+                   int delta_y,
-+                   bool precise = false);
-+
-+// Helper to send special key events
-+void KeyPress(content::WebContents* web_contents,
-+                    const std::string& key);
-+
-+// Helper to type text into a focused element using native IME
-+void NativeType(content::WebContents* web_contents,
-+                const std::string& text);
-+
-+// Helper to set text value using JavaScript
-+void JavaScriptType(content::WebContents* web_contents,
-+                    const NodeInfo& node_info,
-+                    const std::string& text);
-+
-+// Helper to perform a click with change detection and retrying
-+// Returns true if the click caused a change in the page
-+bool ClickWithDetection(content::WebContents* web_contents,
-+                        const NodeInfo& node_info);
-+
-+// Helper to perform typing with change detection
-+// Returns true if the typing caused a change in the page
-+bool TypeWithDetection(content::WebContents* web_contents,
-+                      const NodeInfo& node_info,
-+                      const std::string& text);
-+
-+// Helper to clear an input field with change detection
-+// Returns true if the clear caused a change in the page
-+bool ClearWithDetection(content::WebContents* web_contents,
-+                       const NodeInfo& node_info);
-+
-+// Helper to send a key press with change detection
-+// Returns true if the key press caused a change in the page
-+bool KeyPressWithDetection(content::WebContents* web_contents,
-+                          const std::string& key);
-+
-+// Helper to show highlights for clickable, typeable, and selectable elements that are in viewport
-+// Only highlights elements that are actually visible and interactable
-+void ShowHighlights(content::WebContents* web_contents,
-+                                 const std::unordered_map<uint32_t, NodeInfo>& node_mappings,
-+                                 bool show_labels = true);
-+
-+// Helper to remove all bounding box highlights from the page
-+void RemoveHighlights(content::WebContents* web_contents);
-+
-+// Helper to click at specific coordinates with change detection
-+// Returns true if the click caused a detectable change in the page
+// Clicks at |point| and reports whether the page exhibited any observable
+// change within a short window (DOM mutation, navigation, focus shift, etc.).
 +bool ClickCoordinatesWithDetection(content::WebContents* web_contents,
 +                                   const gfx::PointF& point);
 +
-+// Helper to type text after clicking at coordinates to focus element
-+// First clicks at the coordinates to focus an element, then types the text
-+// Returns true if the operation succeeded
+// Clicks at |point| to focus, then types |text|. Falls back to JavaScript
+// assignment if native IME typing yields no observable change. Returns true
+// on detected success or JS fallback completion.
 +bool TypeAtCoordinatesWithDetection(content::WebContents* web_contents,
 +                                    const gfx::PointF& point,
 +                                    const std::string& text);
 +
-+}  // namespace api
-+}  // namespace extensions
+}  // namespace extensions::api
 +
 +#endif  // CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_API_HELPERS_H_
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api_utils.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api_utils.cc
@@ -1,46 +1,23 @@
 diff --git a/chrome/browser/extensions/api/browser_os/browser_os_api_utils.cc b/chrome/browser/extensions/api/browser_os/browser_os_api_utils.cc
 new file mode 100644
-index 0000000000000..0c3a060fc70de
+index 0000000000000..715703aca2e4d
 --- /dev/null
 +++ b/chrome/browser/extensions/api/browser_os/browser_os_api_utils.cc
-@@ -0,0 +1,167 @@
+@@ -0,0 +1,58 @@
 +// Copyright 2024 The Chromium Authors
 +// Use of this source code is governed by a BSD-style license that can be
 +// found in the LICENSE file.
 +
 +#include "chrome/browser/extensions/api/browser_os/browser_os_api_utils.h"
 +
-+#include "base/hash/hash.h"
-+#include "base/no_destructor.h"
-+#include "base/strings/string_number_conversions.h"
-+#include "base/strings/utf_string_conversions.h"
 +#include "chrome/browser/extensions/extension_tab_util.h"
 +#include "chrome/browser/extensions/window_controller.h"
 +#include "chrome/browser/ui/browser.h"
 +#include "chrome/browser/ui/browser_finder.h"
 +#include "chrome/browser/ui/tabs/tab_strip_model.h"
 +#include "content/public/browser/web_contents.h"
-+#include "ui/accessibility/ax_role_properties.h"
 +
-+namespace extensions {
-+namespace api {
-+
-+// NodeInfo implementation
-+NodeInfo::NodeInfo() : ax_node_id(0), ax_tree_id(), node_type(browser_os::InteractiveNodeType::kOther), in_viewport(false) {}
-+NodeInfo::~NodeInfo() = default;
-+NodeInfo::NodeInfo(const NodeInfo&) = default;
-+NodeInfo& NodeInfo::operator=(const NodeInfo&) = default;
-+NodeInfo::NodeInfo(NodeInfo&&) = default;
-+NodeInfo& NodeInfo::operator=(NodeInfo&&) = default;
-+
-+// Global node ID mappings storage
-+// Use NoDestructor to avoid exit-time destructor
-+std::unordered_map<int, std::unordered_map<uint32_t, NodeInfo>>& 
-+GetNodeIdMappings() {
-+  static base::NoDestructor<std::unordered_map<int, std::unordered_map<uint32_t, NodeInfo>>> 
-+      g_node_id_mappings;
-+  return *g_node_id_mappings;
-+}
+namespace extensions::api {
 +
 +std::optional<TabInfo> GetTabFromOptionalId(
 +    std::optional<int> tab_id_param,
@@ -49,9 +26,8 @@ index 0000000000000..0c3a060fc70de
 +    std::string* error_message) {
 +  content::WebContents* web_contents = nullptr;
 +  int tab_id = -1;
-+  
+
 +  if (tab_id_param) {
-+    // Get specific tab by ID
 +    WindowController* controller = nullptr;
 +    int tab_index = -1;
 +    if (!ExtensionTabUtil::GetTabById(*tab_id_param, browser_context,
@@ -65,7 +41,6 @@ index 0000000000000..0c3a060fc70de
 +    }
 +    tab_id = *tab_id_param;
 +  } else {
-+    // Get active tab
 +    Browser* browser = chrome::FindLastActive();
 +    if (!browser) {
 +      if (error_message) {
@@ -73,7 +48,6 @@ index 0000000000000..0c3a060fc70de
 +      }
 +      return std::nullopt;
 +    }
-+
 +    web_contents = browser->tab_strip_model()->GetActiveWebContents();
 +    if (!web_contents) {
 +      if (error_message) {
@@ -87,87 +61,4 @@ index 0000000000000..0c3a060fc70de
 +  return TabInfo(web_contents, tab_id);
 +}
 +
-+// Helper to determine if a node is interactive (clickable/typeable/selectable)
-+browser_os::InteractiveNodeType GetInteractiveNodeType(
-+    const ui::AXNodeData& node_data) {
-+  
-+  // Skip invisible or ignored nodes early
-+  if (node_data.IsInvisibleOrIgnored()) {
-+    return browser_os::InteractiveNodeType::kOther;
-+  }
-+
-+  // Use built-in IsTextField() and related methods for typeable elements
-+  if (node_data.IsTextField() || 
-+      node_data.IsPasswordField() || 
-+      node_data.IsAtomicTextField() ||
-+      node_data.IsNonAtomicTextField() ||
-+      node_data.IsSpinnerTextField()) {
-+    return browser_os::InteractiveNodeType::kTypeable;
-+  }
-+
-+  // Use built-in IsSelectable() for selectable elements
-+  if (node_data.IsSelectable()) {
-+    return browser_os::InteractiveNodeType::kSelectable;
-+  }
-+  
-+  // Use built-in IsClickable() method
-+  if (node_data.IsClickable()) {
-+    return browser_os::InteractiveNodeType::kClickable;
-+  }
-+  
-+  // Additional check for combobox and list options which might not be caught by IsSelectable
-+  using Role = ax::mojom::Role;
-+  if (node_data.role == Role::kComboBoxSelect ||
-+      node_data.role == Role::kComboBoxMenuButton ||
-+      node_data.role == Role::kComboBoxGrouping ||
-+      node_data.role == Role::kListBox ||
-+      node_data.role == Role::kListBoxOption ||
-+      node_data.role == Role::kMenuListOption ||
-+      node_data.role == Role::kMenuItem ||
-+      node_data.role == Role::kMenuItemCheckBox ||
-+      node_data.role == Role::kMenuItemRadio) {
-+    return browser_os::InteractiveNodeType::kSelectable;
-+  }
-+  
-+  return browser_os::InteractiveNodeType::kOther;
-+}
-+
-+// Helper to get the HTML tag name from AX role
-+std::string GetTagFromRole(ax::mojom::Role role) {
-+  switch (role) {
-+    case ax::mojom::Role::kButton:
-+      return "button";
-+    case ax::mojom::Role::kLink:
-+      return "a";
-+    case ax::mojom::Role::kTextField:
-+    case ax::mojom::Role::kSearchBox:
-+      return "input";
-+    case ax::mojom::Role::kTextFieldWithComboBox:
-+      return "input";
-+    case ax::mojom::Role::kComboBoxSelect:
-+      return "select";
-+    case ax::mojom::Role::kCheckBox:
-+      return "input";
-+    case ax::mojom::Role::kRadioButton:
-+      return "input";
-+    case ax::mojom::Role::kImage:
-+      return "img";
-+    case ax::mojom::Role::kHeading:
-+      return "h1";  // Could be h1-h6
-+    case ax::mojom::Role::kParagraph:
-+      return "p";
-+    case ax::mojom::Role::kListItem:
-+      return "li";
-+    case ax::mojom::Role::kList:
-+      return "ul";
-+    case ax::mojom::Role::kForm:
-+      return "form";
-+    case ax::mojom::Role::kTable:
-+      return "table";
-+    default:
-+      return "div";
-+  }
-+}
-+
-+}  // namespace api
-+}  // namespace extensions
+}  // namespace extensions::api
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api_utils.h
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_api_utils.h
@@ -1,9 +1,9 @@
 diff --git a/chrome/browser/extensions/api/browser_os/browser_os_api_utils.h b/chrome/browser/extensions/api/browser_os/browser_os_api_utils.h
 new file mode 100644
-index 0000000000000..f4fdcb73186cd
+index 0000000000000..f5dd08378e67f
 --- /dev/null
 +++ b/chrome/browser/extensions/api/browser_os/browser_os_api_utils.h
-@@ -0,0 +1,80 @@
+@@ -0,0 +1,38 @@
 +// Copyright 2024 The Chromium Authors
 +// Use of this source code is governed by a BSD-style license that can be
 +// found in the LICENSE file.
@@ -13,75 +13,32 @@ index 0000000000000..f4fdcb73186cd
 +
 +#include <optional>
 +#include <string>
-+#include <unordered_map>
 +
 +#include "base/memory/raw_ptr.h"
-+#include "base/values.h"
-+#include "chrome/common/extensions/api/browser_os.h"
-+#include "ui/accessibility/ax_node_data.h"
-+#include "ui/accessibility/ax_tree_id.h"
-+#include "ui/gfx/geometry/rect_f.h"
 +
 +namespace content {
 +class BrowserContext;
-+class RenderWidgetHost;
 +class WebContents;
 +}  // namespace content
 +
-+namespace extensions {
-+
-+class WindowController;
-+
-+namespace api {
+namespace extensions::api {
 +
 +// Result structure for tab retrieval
 +struct TabInfo {
 +  raw_ptr<content::WebContents> web_contents;
 +  int tab_id;
-+  
-+  TabInfo(content::WebContents* wc, int id) 
-+      : web_contents(wc), tab_id(id) {}
+
+  TabInfo(content::WebContents* wc, int id) : web_contents(wc), tab_id(id) {}
 +};
 +
-+// Stores mapping information for a node
-+struct NodeInfo {
-+  NodeInfo();
-+  ~NodeInfo();
-+  NodeInfo(const NodeInfo&);
-+  NodeInfo& operator=(const NodeInfo&);
-+  NodeInfo(NodeInfo&&);
-+  NodeInfo& operator=(NodeInfo&&);
-+
-+  int32_t ax_node_id;
-+  ui::AXTreeID ax_tree_id;  // Tree ID for change detection
-+  gfx::RectF bounds;  // Absolute bounds in CSS pixels
-+  std::unordered_map<std::string, std::string> attributes;  // All computed attributes
-+  browser_os::InteractiveNodeType node_type;  // Cached node type to avoid recomputation
-+  bool in_viewport;  // Whether the node is currently visible in viewport
-+};
-+
-+// Global node ID mappings storage
-+std::unordered_map<int, std::unordered_map<uint32_t, NodeInfo>>& 
-+GetNodeIdMappings();
-+
-+// Helper to get WebContents and tab ID from optional tab_id parameter
-+// Returns nullptr if tab is not found, with error message set
+// Helper to get WebContents and tab ID from optional tab_id parameter.
+// Returns nullopt if tab is not found, with error message set.
 +std::optional<TabInfo> GetTabFromOptionalId(
 +    std::optional<int> tab_id_param,
 +    content::BrowserContext* browser_context,
 +    bool include_incognito_information,
 +    std::string* error_message);
 +
-+// Helper to determine if a node is interactive (clickable/typable)
-+browser_os::InteractiveNodeType GetInteractiveNodeType(
-+    const ui::AXNodeData& node_data);
-+
-+// Helper to get the HTML tag name from AX role
-+std::string GetTagFromRole(ax::mojom::Role role);
-+
-+
-+}  // namespace api
-+}  // namespace extensions
+}  // namespace extensions::api
 +
 +#endif  // CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_API_UTILS_H_
-\ No newline at end of file
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_content_processor.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_content_processor.cc
@@ -1,253 +0,0 @@
-diff --git a/chrome/browser/extensions/api/browser_os/browser_os_content_processor.cc b/chrome/browser/extensions/api/browser_os/browser_os_content_processor.cc
-new file mode 100644
-index 0000000000000..4166f1a38737c
--- /dev/null
-+++ b/chrome/browser/extensions/api/browser_os/browser_os_content_processor.cc
-@@ -0,0 +1,247 @@
-+// Copyright 2024 The Chromium Authors
-+// Use of this source code is governed by a BSD-style license that can be
-+// found in the LICENSE file.
-+
-+#include "chrome/browser/extensions/api/browser_os/browser_os_content_processor.h"
-+
-+#include <algorithm>
-+
-+#include "base/logging.h"
-+#include "base/strings/string_util.h"
-+#include "ui/accessibility/ax_enum_util.h"
-+#include "ui/accessibility/ax_enums.mojom.h"
-+#include "ui/accessibility/ax_node_data.h"
-+#include "ui/accessibility/ax_role_properties.h"
-+#include "ui/gfx/geometry/rect.h"
-+#include "ui/gfx/geometry/rect_conversions.h"
-+
-+namespace extensions {
-+namespace api {
-+
-+namespace {
-+
-+// Clean whitespace from text
-+std::string CleanText(const std::string& text) {
-+  std::string cleaned = std::string(base::TrimWhitespaceASCII(text, base::TRIM_ALL));
-+
-+  // Replace multiple spaces with single space
-+  std::string result;
-+  bool prev_space = false;
-+  for (char c : cleaned) {
-+    if (std::isspace(c)) {
-+      if (!prev_space) {
-+        result += ' ';
-+        prev_space = true;
-+      }
-+    } else {
-+      result += c;
-+      prev_space = false;
-+    }
-+  }
-+
-+  return result;
-+}
-+
-+}  // namespace
-+
-+// static
-+std::vector<browser_os::ContentItem> ContentProcessor::ExtractPageContent(
-+    const ui::AXTreeUpdate& tree_update) {
-+
-+  std::vector<browser_os::ContentItem> items;
-+
-+  if (tree_update.nodes.empty()) {
-+    LOG(INFO) << "browseros: ExtractPageContent - tree is empty";
-+    return items;
-+  }
-+
-+  LOG(INFO) << "browseros: ExtractPageContent - processing " << tree_update.nodes.size() << " nodes";
-+
-+  // Build node map for O(1) lookup
-+  std::unordered_map<int32_t, ui::AXNodeData> node_map;
-+  for (const auto& node : tree_update.nodes) {
-+    node_map[node.id] = node;
-+  }
-+
-+  // Start DFS from root
-+  TraverseDFS(tree_update.root_id, node_map, items);
-+
-+  LOG(INFO) << "browseros: ExtractPageContent - extracted " << items.size() << " items";
-+
-+  return items;
-+}
-+
-+// static
-+void ContentProcessor::TraverseDFS(
-+    int32_t node_id,
-+    const std::unordered_map<int32_t, ui::AXNodeData>& node_map,
-+    std::vector<browser_os::ContentItem>& items) {
-+
-+  auto it = node_map.find(node_id);
-+  if (it == node_map.end()) {
-+    return;
-+  }
-+
-+  const ui::AXNodeData& node = it->second;
-+
-+  // Skip extracting from ignored nodes, but still recurse to children
-+  if (node.IsIgnored()) {
-+    for (int32_t child_id : node.child_ids) {
-+      TraverseDFS(child_id, node_map, items);
-+    }
-+    return;
-+  }
-+
-+  // Extract content at semantic boundaries
-+  // Don't recurse into these - their children are just formatting
-+
-+  if (ui::IsHeading(node.role)) {
-+    items.push_back(ExtractHeading(node));
-+    return;
-+  }
-+
-+  if (ui::IsLink(node.role)) {
-+    items.push_back(ExtractLink(node));
-+    return;
-+  }
-+
-+  if (ui::IsImage(node.role)) {
-+    items.push_back(ExtractImage(node));
-+    return;
-+  }
-+
-+  if (node.role == ax::mojom::Role::kVideo) {
-+    items.push_back(ExtractVideo(node));
-+    return;
-+  }
-+
-+  if (ui::IsText(node.role)) {
-+    // Extract text content
-+    auto item = ExtractText(node);
-+    if (item.text.has_value() && !item.text->empty()) {
-+      items.push_back(std::move(item));
-+    }
-+    return;
-+  }
-+
-+  // For container nodes (divs, sections, etc.), recurse to children
-+  for (int32_t child_id : node.child_ids) {
-+    TraverseDFS(child_id, node_map, items);
-+  }
-+}
-+
-+// static
-+browser_os::ContentItem ContentProcessor::ExtractHeading(
-+    const ui::AXNodeData& node) {
-+  browser_os::ContentItem item;
-+  item.type = browser_os::ContentItemType::kHeading;
-+
-+  std::string name = GetAccessibleName(node);
-+  if (!name.empty()) {
-+    item.text = CleanText(name);
-+  }
-+
-+  // Get heading level from hierarchical level attribute
-+  if (node.HasIntAttribute(ax::mojom::IntAttribute::kHierarchicalLevel)) {
-+    int level = node.GetIntAttribute(ax::mojom::IntAttribute::kHierarchicalLevel);
-+    item.level = std::clamp(level, 1, 6);
-+  } else {
-+    // Default to level 2 if not specified
-+    item.level = 2;
-+  }
-+
-+  return item;
-+}
-+
-+// static
-+browser_os::ContentItem ContentProcessor::ExtractText(
-+    const ui::AXNodeData& node) {
-+  browser_os::ContentItem item;
-+  item.type = browser_os::ContentItemType::kText;
-+
-+  std::string name = GetAccessibleName(node);
-+  if (!name.empty()) {
-+    item.text = CleanText(name);
-+  }
-+
-+  return item;
-+}
-+
-+// static
-+browser_os::ContentItem ContentProcessor::ExtractLink(
-+    const ui::AXNodeData& node) {
-+  browser_os::ContentItem item;
-+  item.type = browser_os::ContentItemType::kLink;
-+
-+  std::string name = GetAccessibleName(node);
-+  if (!name.empty()) {
-+    item.text = CleanText(name);
-+  }
-+
-+  // Get URL from url attribute
-+  if (node.HasStringAttribute(ax::mojom::StringAttribute::kUrl)) {
-+    item.url = node.GetStringAttribute(ax::mojom::StringAttribute::kUrl);
-+  }
-+
-+  return item;
-+}
-+
-+// static
-+browser_os::ContentItem ContentProcessor::ExtractImage(
-+    const ui::AXNodeData& node) {
-+  browser_os::ContentItem item;
-+  item.type = browser_os::ContentItemType::kImage;
-+
-+  // Get alt text from name
-+  std::string name = GetAccessibleName(node);
-+  if (!name.empty()) {
-+    item.alt = CleanText(name);
-+  }
-+
-+  // Get image URL
-+  if (node.HasStringAttribute(ax::mojom::StringAttribute::kUrl)) {
-+    item.url = node.GetStringAttribute(ax::mojom::StringAttribute::kUrl);
-+  } else if (node.HasStringAttribute(ax::mojom::StringAttribute::kImageDataUrl)) {
-+    item.url = node.GetStringAttribute(ax::mojom::StringAttribute::kImageDataUrl);
-+  }
-+
-+  return item;
-+}
-+
-+// static
-+browser_os::ContentItem ContentProcessor::ExtractVideo(
-+    const ui::AXNodeData& node) {
-+  browser_os::ContentItem item;
-+  item.type = browser_os::ContentItemType::kVideo;
-+
-+  // Get video title from name
-+  std::string name = GetAccessibleName(node);
-+  if (!name.empty()) {
-+    item.alt = CleanText(name);
-+  }
-+
-+  // Get video URL
-+  if (node.HasStringAttribute(ax::mojom::StringAttribute::kUrl)) {
-+    item.url = node.GetStringAttribute(ax::mojom::StringAttribute::kUrl);
-+  }
-+
-+  return item;
-+}
-+
-+// static
-+std::string ContentProcessor::GetAccessibleName(const ui::AXNodeData& node) {
-+  // Try name attribute first
-+  if (node.HasStringAttribute(ax::mojom::StringAttribute::kName)) {
-+    return node.GetStringAttribute(ax::mojom::StringAttribute::kName);
-+  }
-+
-+  // Fall back to value attribute
-+  if (node.HasStringAttribute(ax::mojom::StringAttribute::kValue)) {
-+    return node.GetStringAttribute(ax::mojom::StringAttribute::kValue);
-+  }
-+
-+  return "";
-+}
-+
-+}  // namespace api
-+}  // namespace extensions
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_content_processor.h
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_content_processor.h
@@ -1,63 +0,0 @@
-diff --git a/chrome/browser/extensions/api/browser_os/browser_os_content_processor.h b/chrome/browser/extensions/api/browser_os/browser_os_content_processor.h
-new file mode 100644
-index 0000000000000..472c7b114fe97
--- /dev/null
-+++ b/chrome/browser/extensions/api/browser_os/browser_os_content_processor.h
-@@ -0,0 +1,57 @@
-+// Copyright 2024 The Chromium Authors
-+// Use of this source code is governed by a BSD-style license that can be
-+// found in the LICENSE file.
-+
-+#ifndef CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_CONTENT_PROCESSOR_H_
-+#define CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_CONTENT_PROCESSOR_H_
-+
-+#include <string>
-+#include <unordered_map>
-+#include <vector>
-+
-+#include "chrome/common/extensions/api/browser_os.h"
-+#include "ui/accessibility/ax_tree_update.h"
-+#include "ui/gfx/geometry/size.h"
-+
-+namespace ui {
-+struct AXNodeData;
-+}  // namespace ui
-+
-+namespace extensions {
-+namespace api {
-+
-+// Extracts page content (headings, text, links, images, videos) from
-+// accessibility tree in document order using depth-first traversal.
-+class ContentProcessor {
-+ public:
-+  ContentProcessor() = delete;
-+  ContentProcessor(const ContentProcessor&) = delete;
-+  ContentProcessor& operator=(const ContentProcessor&) = delete;
-+
-+  // Extracts page content in document order.
-+  // Returns content items preserving the order they appear in the document.
-+  static std::vector<browser_os::ContentItem> ExtractPageContent(
-+      const ui::AXTreeUpdate& tree_update);
-+
-+ private:
-+  // DFS traversal to extract content in document order
-+  static void TraverseDFS(
-+      int32_t node_id,
-+      const std::unordered_map<int32_t, ui::AXNodeData>& node_map,
-+      std::vector<browser_os::ContentItem>& items);
-+
-+  // Content extraction helpers
-+  static browser_os::ContentItem ExtractHeading(const ui::AXNodeData& node);
-+  static browser_os::ContentItem ExtractText(const ui::AXNodeData& node);
-+  static browser_os::ContentItem ExtractLink(const ui::AXNodeData& node);
-+  static browser_os::ContentItem ExtractImage(const ui::AXNodeData& node);
-+  static browser_os::ContentItem ExtractVideo(const ui::AXNodeData& node);
-+
-+  // Get accessible name from node
-+  static std::string GetAccessibleName(const ui::AXNodeData& node);
-+};
-+
-+}  // namespace api
-+}  // namespace extensions
-+
-+#endif  // CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_CONTENT_PROCESSOR_H_
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.cc
@@ -1,654 +0,0 @@
-diff --git a/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.cc b/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.cc
-new file mode 100644
-index 0000000000000..885942336dcd6
--- /dev/null
-+++ b/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.cc
-@@ -0,0 +1,648 @@
-+// Copyright 2024 The Chromium Authors
-+// Use of this source code is governed by a BSD-style license that can be
-+// found in the LICENSE file.
-+
-+#include "chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.h"
-+
-+#include <algorithm>
-+#include <atomic>
-+#include <cctype>
-+#include <functional>
-+#include <future>
-+#include <memory>
-+#include <queue>
-+#include <sstream>
-+#include <unordered_set>
-+#include <utility>
-+
-+#include "base/functional/bind.h"
-+#include "base/logging.h"
-+#include "base/memory/raw_ptr.h"
-+#include "base/memory/ref_counted.h"
-+#include "base/strings/string_util.h"
-+#include "base/task/thread_pool.h"
-+#include "base/time/time.h"
-+#include "chrome/browser/extensions/api/browser_os/browser_os_api_utils.h"
-+#include "content/public/browser/browser_thread.h"
-+#include "content/public/browser/render_widget_host_view.h"
-+#include "content/browser/renderer_host/render_widget_host_view_base.h"
-+#include "content/public/browser/web_contents.h"
-+#include "ui/accessibility/ax_clipping_behavior.h"
-+#include "ui/accessibility/ax_coordinate_system.h"
-+#include "ui/accessibility/ax_enum_util.h"
-+#include "ui/accessibility/ax_node.h"
-+#include "ui/accessibility/ax_node_data.h"
-+#include "ui/accessibility/ax_tree.h"
-+#include "ui/accessibility/ax_tree_id.h"
-+#include "ui/accessibility/ax_tree_update.h"
-+#include "ui/gfx/geometry/rect.h"
-+#include "ui/gfx/geometry/rect_conversions.h"
-+#include "ui/gfx/geometry/rect_f.h"
-+#include "ui/gfx/geometry/transform.h"
-+
-+namespace extensions {
-+namespace api {
-+
-+// Static method to compute bounds for a node using AXTree and convert to CSS pixels
-+// This implements the same logic as BrowserAccessibility::GetBoundsRect
-+gfx::RectF SnapshotProcessor::GetNodeBounds(
-+    ui::AXTree* tree,
-+    const ui::AXNode* node,
-+    const ui::AXCoordinateSystem coordinate_system,
-+    const ui::AXClippingBehavior clipping_behavior,
-+    float device_scale_factor,
-+    bool* out_offscreen) {
-+  if (!tree || !node) {
-+    return gfx::RectF();
-+  }
-+  
-+  // Start with empty bounds (same as GetBoundsRect does)
-+  gfx::RectF bounds;
-+  
-+  // Apply RelativeToTreeBounds to get absolute bounds
-+  const bool clip_bounds = clipping_behavior == ui::AXClippingBehavior::kClipped;
-+  bool offscreen = false;
-+  bounds = tree->RelativeToTreeBounds(node, bounds, &offscreen, clip_bounds);
-+  
-+  // Return offscreen status to caller
-+  if (out_offscreen) {
-+    *out_offscreen = offscreen;
-+  }
-+  
-+  // Convert physical pixels to CSS pixels
-+  if (device_scale_factor > 0.0f && device_scale_factor != 1.0f) {
-+    bounds.set_x(bounds.x() / device_scale_factor);
-+    bounds.set_y(bounds.y() / device_scale_factor);
-+    bounds.set_width(bounds.width() / device_scale_factor);
-+    bounds.set_height(bounds.height() / device_scale_factor);
-+  }
-+  
-+  // Return bounds in CSS pixels
-+  return bounds;
-+}
-+
-+
-+// ProcessedNode implementation
-+SnapshotProcessor::ProcessedNode::ProcessedNode()
-+    : node_data(nullptr), node_id(0) {}
-+
-+SnapshotProcessor::ProcessedNode::ProcessedNode(const ProcessedNode&) = default;
-+SnapshotProcessor::ProcessedNode::ProcessedNode(ProcessedNode&&) = default;
-+SnapshotProcessor::ProcessedNode& 
-+SnapshotProcessor::ProcessedNode::operator=(const ProcessedNode&) = default;
-+SnapshotProcessor::ProcessedNode& 
-+SnapshotProcessor::ProcessedNode::operator=(ProcessedNode&&) = default;
-+SnapshotProcessor::ProcessedNode::~ProcessedNode() = default;
-+
-+
-+namespace {
-+
-+// Helper to sanitize strings to ensure valid UTF-8 by keeping only printable ASCII
-+std::string SanitizeStringForOutput(const std::string& input) {
-+  std::string output;
-+  output.reserve(input.size());
-+  
-+  for (char c : input) {
-+    // Only include printable ASCII and whitespace
-+    if ((c >= 32 && c <= 126) || c == '\t' || c == '\n') {
-+      output.push_back(c);
-+    } else {
-+      output.push_back(' ');  // Replace non-printable with space
-+    }
-+  }
-+  
-+  return output;
-+}
-+
-+// Helper to determine if a node should be skipped for the interactive snapshot
-+bool ShouldSkipNode(const ui::AXNodeData& node_data) {
-+  // Skip invisible or ignored nodes
-+  if (node_data.IsInvisibleOrIgnored()) {
-+    return true;
-+  }
-+  
-+  // Get the interactive type and skip if it's not interactive
-+  browser_os::InteractiveNodeType node_type = GetInteractiveNodeType(node_data);
-+  if (node_type == browser_os::InteractiveNodeType::kOther) {
-+    return true;
-+  }
-+  
-+  return false;
-+}
-+
-+}  // namespace
-+
-+// Internal structure for managing async processing
-+struct SnapshotProcessor::ProcessingContext 
-+    : public base::RefCountedThreadSafe<ProcessingContext> {
-+  browser_os::InteractiveSnapshot snapshot;
-+  std::unordered_map<int32_t, ui::AXNodeData> node_map;
-+  std::unordered_map<int32_t, int32_t> parent_map;  // child_id -> parent_id  
-+  std::unordered_map<int32_t, std::vector<int32_t>> children_map;  // parent_id -> child_ids
-+  std::unique_ptr<ui::AXTree> ax_tree;  // AXTree for computing accurate bounds
-+  int tab_id;
-+  ui::AXTreeID tree_id;  // Tree ID for change detection
-+  float device_scale_factor = 1.0f;  // For converting physical to CSS pixels
-+  gfx::Size viewport_size;  // For visibility checks
-+  base::TimeTicks start_time;
-+  size_t total_nodes;
-+  size_t processed_batches;
-+  size_t total_batches;
-+  base::OnceCallback<void(SnapshotProcessingResult)> callback;
-+  
-+ private:
-+  friend class base::RefCountedThreadSafe<ProcessingContext>;
-+  ~ProcessingContext() = default;
-+};
-+
-+// Helper to collect text from a node's subtree
-+std::string CollectTextFromNode(
-+    int32_t node_id,
-+    const std::unordered_map<int32_t, ui::AXNodeData>& node_map,
-+    int max_chars = 200) {
-+  
-+  auto node_it = node_map.find(node_id);
-+  if (node_it == node_map.end()) {
-+    return "";
-+  }
-+  
-+  std::vector<std::string> text_parts;
-+  
-+  // BFS to collect text from this node and its children
-+  std::queue<int32_t> queue;
-+  queue.push(node_id);
-+  int chars_collected = 0;
-+  
-+  while (!queue.empty() && chars_collected < max_chars) {
-+    int32_t current_id = queue.front();
-+    queue.pop();
-+    
-+    auto current_it = node_map.find(current_id);
-+    if (current_it == node_map.end()) continue;
-+    
-+    const ui::AXNodeData& current = current_it->second;
-+    
-+    // Collect text from this node
-+    if (current.HasStringAttribute(ax::mojom::StringAttribute::kName)) {
-+      std::string text = current.GetStringAttribute(ax::mojom::StringAttribute::kName);
-+      text = std::string(base::TrimWhitespaceASCII(text, base::TRIM_ALL));
-+      if (!text.empty()) {
-+        std::string clean_text = SanitizeStringForOutput(text);
-+        if (!clean_text.empty()) {
-+          text_parts.push_back(clean_text);
-+          chars_collected += clean_text.length();
-+        }
-+      }
-+    }
-+    
-+    // Add children to queue
-+    for (int32_t child_id : current.child_ids) {
-+      queue.push(child_id);
-+    }
-+  }
-+  
-+  std::string result = base::JoinString(text_parts, " ");
-+  if (result.length() > static_cast<size_t>(max_chars)) {
-+    result = result.substr(0, max_chars - 3) + "...";
-+  }
-+  return result;
-+}
-+
-+// Helper to build path using offset_container_id and return depth
-+std::pair<std::string, int> BuildPathAndDepth(
-+    int32_t node_id,
-+    const std::unordered_map<int32_t, ui::AXNodeData>& node_map) {
-+  
-+  std::vector<std::string> path_parts;
-+  int32_t current_id = node_id;
-+  int depth = 0;
-+  const int max_depth = 10;
-+  
-+  while (current_id >= 0 && depth < max_depth) {
-+    auto node_it = node_map.find(current_id);
-+    if (node_it == node_map.end()) break;
-+    
-+    const ui::AXNodeData& node = node_it->second;
-+    
-+    // Just append the role
-+    path_parts.push_back(ui::ToString(node.role));
-+    
-+    // Move to offset container
-+    current_id = node.relative_bounds.offset_container_id;
-+    depth++;
-+  }
-+  
-+  // Reverse to get top-down path
-+  std::reverse(path_parts.begin(), path_parts.end());
-+  return std::make_pair(base::JoinString(path_parts, " > "), depth);
-+}
-+
-+// Helper to populate all attributes for a node
-+void PopulateNodeAttributes(
-+    const ui::AXNodeData& node_data,
-+    std::unordered_map<std::string, std::string>& attributes) {
-+  
-+  // Add role as string
-+  attributes["role"] = ui::ToString(node_data.role);
-+  
-+  // Add value attribute for inputs
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kValue)) {
-+    std::string value = node_data.GetStringAttribute(ax::mojom::StringAttribute::kValue);
-+    attributes["value"] = SanitizeStringForOutput(value);
-+  }
-+  
-+  // Add HTML tag if available
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kHtmlTag)) {
-+    attributes["html-tag"] = node_data.GetStringAttribute(ax::mojom::StringAttribute::kHtmlTag);
-+  }
-+  
-+  // Add role description
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kRoleDescription)) {
-+    std::string role_desc = node_data.GetStringAttribute(ax::mojom::StringAttribute::kRoleDescription);
-+    attributes["role-description"] = SanitizeStringForOutput(role_desc);
-+  }
-+  
-+  // Add input type
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kInputType)) {
-+    std::string input_type = node_data.GetStringAttribute(ax::mojom::StringAttribute::kInputType);
-+    attributes["input-type"] = SanitizeStringForOutput(input_type);
-+  }
-+  
-+  // Add tooltip
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kTooltip)) {
-+    std::string tooltip = node_data.GetStringAttribute(ax::mojom::StringAttribute::kTooltip);
-+    attributes["tooltip"] = SanitizeStringForOutput(tooltip);
-+  }
-+  
-+  // Add placeholder for input fields
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kPlaceholder)) {
-+    std::string placeholder = node_data.GetStringAttribute(ax::mojom::StringAttribute::kPlaceholder);
-+    attributes["placeholder"] = SanitizeStringForOutput(placeholder);
-+  }
-+  
-+  // Add description for more context
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kDescription)) {
-+    std::string description = node_data.GetStringAttribute(ax::mojom::StringAttribute::kDescription);
-+    attributes["description"] = SanitizeStringForOutput(description);
-+  }
-+  
-+  // Add URL for links
-+  // if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kUrl)) {
-+  //   std::string url = node_data.GetStringAttribute(ax::mojom::StringAttribute::kUrl);
-+  //   attributes["url"] = SanitizeStringForOutput(url);
-+  // }
-+  
-+  // Add checked state description
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kCheckedStateDescription)) {
-+    std::string checked_desc = node_data.GetStringAttribute(ax::mojom::StringAttribute::kCheckedStateDescription);
-+    attributes["checked-state"] = SanitizeStringForOutput(checked_desc);
-+  }
-+  
-+  // Add autocomplete hint
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kAutoComplete)) {
-+    std::string autocomplete = node_data.GetStringAttribute(ax::mojom::StringAttribute::kAutoComplete);
-+    attributes["autocomplete"] = SanitizeStringForOutput(autocomplete);
-+  }
-+  
-+  // Add HTML ID for form associations
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kHtmlId)) {
-+    std::string html_id = node_data.GetStringAttribute(ax::mojom::StringAttribute::kHtmlId);
-+    attributes["id"] = SanitizeStringForOutput(html_id);
-+  }
-+  
-+  // Add HTML class names
-+  if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kClassName)) {
-+    std::string class_name = node_data.GetStringAttribute(ax::mojom::StringAttribute::kClassName);
-+    attributes["class"] = SanitizeStringForOutput(class_name);
-+  }
-+}
-+
-+// Process a batch of nodes
-+std::vector<SnapshotProcessor::ProcessedNode> SnapshotProcessor::ProcessNodeBatch(
-+    const std::vector<ui::AXNodeData>& nodes_to_process,
-+    const std::unordered_map<int32_t, ui::AXNodeData>& node_map,
-+    ui::AXTree* ax_tree,
-+    uint32_t start_node_id,
-+    float device_scale_factor) {
-+  std::vector<ProcessedNode> results;
-+  results.reserve(nodes_to_process.size());
-+  
-+  uint32_t current_node_id = start_node_id;
-+  
-+  for (const auto& node_data : nodes_to_process) {
-+    // Skip invisible, ignored, or non-interactive elements
-+    if (ShouldSkipNode(node_data)) {
-+      continue;
-+    }
-+    
-+    // Double-check invisibility (already done in ShouldSkipNode, but being explicit)
-+    if (node_data.IsInvisibleOrIgnored()) {
-+      continue;
-+    }
-+    
-+    // Get the interactive node type
-+    browser_os::InteractiveNodeType node_type = GetInteractiveNodeType(node_data);
-+    
-+    ProcessedNode data;
-+    data.node_data = &node_data;
-+    data.node_id = current_node_id++;
-+    data.node_type = node_type;
-+    
-+    // Get accessible name
-+    if (node_data.HasStringAttribute(ax::mojom::StringAttribute::kName)) {
-+      std::string name = node_data.GetStringAttribute(ax::mojom::StringAttribute::kName);
-+      data.name = SanitizeStringForOutput(name);
-+    }
-+
-+    // Compute bounds using AXTree
-+    bool is_offscreen = false;
-+    if (ax_tree) {
-+      ui::AXNode* ax_node = ax_tree->GetFromId(node_data.id);
-+      if (ax_node) {
-+        // GetNodeBounds now returns CSS pixels directly
-+        data.absolute_bounds = GetNodeBounds(
-+            ax_tree, 
-+            ax_node,
-+            ui::AXCoordinateSystem::kFrame,
-+            // Use clipped bounds so the center lies within the visible area of
-+            // scrolled/clip containers. This matches how clicks should target
-+            // on-screen rects.
-+            ui::AXClippingBehavior::kClipped,
-+            device_scale_factor,  // Pass DSF for CSS pixel conversion
-+            &is_offscreen);
-+        
-+        VLOG(3) << "[browseros] Node " << node_data.id 
-+                << " CSS bounds: " << data.absolute_bounds.ToString()
-+                << " offscreen: " << is_offscreen;
-+      } else {
-+        // Node not found in AXTree, skip bounds computation
-+        VLOG(3) << "[browseros] Node " << node_data.id 
-+                << " not found in AXTree, skipping bounds";
-+      }
-+    } else {
-+      // No AXTree available
-+      LOG(WARNING) << "[browseros] No AXTree available for bounds computation";
-+    }
-+    
-+    // Populate all attributes using helper function
-+    PopulateNodeAttributes(node_data, data.attributes);
-+    
-+    // Add context from parent node
-+    int32_t parent_id = node_data.relative_bounds.offset_container_id;
-+    if (parent_id >= 0) {
-+      std::string context = CollectTextFromNode(parent_id, node_map, 200);
-+      if (!context.empty()) {
-+        data.attributes["context"] = context;
-+      }
-+    }
-+    
-+    // Add path and depth using offset_container_id chain
-+    auto [path, depth] = BuildPathAndDepth(node_data.id, node_map);
-+    if (!path.empty()) {
-+      data.attributes["path"] = path;
-+    }
-+    data.attributes["depth"] = std::to_string(depth);
-+    
-+    // Set viewport status based on offscreen flag
-+    // Note: offscreen=false means the node IS in viewport (at least partially visible)
-+    // offscreen=true means the node is NOT in viewport (completely hidden)
-+    data.attributes["in_viewport"] = is_offscreen ? "false" : "true";
-+    
-+    results.push_back(std::move(data));
-+  }
-+  
-+  return results;
-+}
-+
-+// Helper to handle batch processing results
-+void SnapshotProcessor::OnBatchProcessed(
-+    scoped_refptr<ProcessingContext> context,
-+    std::vector<ProcessedNode> batch_results) {
-+  // Process batch results
-+  for (const auto& node_data : batch_results) {
-+    // Store mapping from our nodeId to AX node ID, bounds, and attributes
-+    NodeInfo info;
-+    info.ax_node_id = node_data.node_data->id;
-+    info.ax_tree_id = context->tree_id;  // Store tree ID for change detection
-+    info.bounds = node_data.absolute_bounds;
-+    info.attributes = node_data.attributes;  // Store all computed attributes
-+    info.node_type = node_data.node_type;  // Store node type for efficient filtering
-+    // Extract in_viewport from attributes (stored as "true"/"false" string)
-+    auto viewport_it = node_data.attributes.find("in_viewport");
-+    info.in_viewport = (viewport_it != node_data.attributes.end() && viewport_it->second == "true");
-+    GetNodeIdMappings()[context->tab_id][node_data.node_id] = info;
-+    
-+    // Log the mapping for debugging
-+    VLOG(2) << "Node ID Mapping: Interactive nodeId=" << node_data.node_id 
-+            << " -> AX node ID=" << info.ax_node_id 
-+            << " (name: " << node_data.name << ")";
-+    
-+    // Create interactive node
-+    browser_os::InteractiveNode interactive_node;
-+    interactive_node.node_id = node_data.node_id;
-+    interactive_node.type = node_data.node_type;
-+    interactive_node.name = node_data.name;
-+    
-+    // Set the bounding rectangle
-+    browser_os::Rect rect;
-+    rect.x = node_data.absolute_bounds.x();
-+    rect.y = node_data.absolute_bounds.y();
-+    rect.width = node_data.absolute_bounds.width();
-+    rect.height = node_data.absolute_bounds.height();
-+    interactive_node.rect = std::move(rect);
-+    
-+    // Create attributes dictionary by iterating over all key-value pairs
-+    if (!node_data.attributes.empty()) {
-+      browser_os::InteractiveNode::Attributes attributes;
-+      
-+      // Iterate over all attributes and add them to the dictionary
-+      for (const auto& [key, value] : node_data.attributes) {
-+        attributes.additional_properties.Set(key, value);
-+      }
-+      
-+      interactive_node.attributes = std::move(attributes);
-+    }
-+    
-+    context->snapshot.elements.push_back(std::move(interactive_node));
-+  }
-+  
-+  context->processed_batches++;
-+  
-+  // Check if all batches are complete
-+  if (context->processed_batches == context->total_batches) {
-+    // Sort elements by node_id to maintain consistent ordering
-+    std::sort(context->snapshot.elements.begin(), 
-+              context->snapshot.elements.end(),
-+              [](const browser_os::InteractiveNode& a, 
-+                 const browser_os::InteractiveNode& b) {
-+                return a.node_id < b.node_id;
-+              });
-+
-+    // Leave hierarchical_structure empty for now as requested
-+    context->snapshot.hierarchical_structure = "";
-+
-+    base::TimeDelta processing_time = base::TimeTicks::Now() - context->start_time;
-+    LOG(INFO) << "[PERF] Interactive snapshot processed in " 
-+              << processing_time.InMilliseconds() << " ms"
-+              << " (nodes: " << context->snapshot.elements.size() << ")";
-+
-+    // Set processing time in the snapshot
-+    context->snapshot.processing_time_ms = processing_time.InMilliseconds();
-+
-+    SnapshotProcessingResult result;
-+    result.snapshot = std::move(context->snapshot);
-+    result.nodes_processed = context->total_nodes;
-+    result.processing_time_ms = processing_time.InMilliseconds();
-+    
-+    // Run callback (context will be deleted when last ref is released)
-+    std::move(context->callback).Run(std::move(result));
-+  }
-+}
-+
-+// Main processing function
-+// Helper function to extract viewport info from WebContents
-+// Returns viewport size and device scale factor
-+static std::pair<gfx::Size, float> ExtractViewportInfo(
-+    content::WebContents* web_contents) {
-+  gfx::Size viewport_size;
-+  float device_scale_factor = 1.0f;
-+  
-+  if (web_contents) {
-+    if (auto* rwhv = web_contents->GetRenderWidgetHostView()) {
-+      viewport_size = rwhv->GetVisibleViewportSize();
-+      
-+      // Get device scale factor for CSS pixel conversion
-+      if (auto* rwhv_base = 
-+          static_cast<content::RenderWidgetHostViewBase*>(rwhv)) {
-+        device_scale_factor = rwhv_base->GetDeviceScaleFactor();
-+      }
-+    }
-+  }
-+  
-+  LOG(INFO) << "[browseros] Viewport: " << viewport_size.ToString() 
-+            << ", DSF: " << device_scale_factor;
-+  
-+  return {viewport_size, device_scale_factor};
-+}
-+
-+void SnapshotProcessor::ProcessAccessibilityTree(
-+    const ui::AXTreeUpdate& tree_update,
-+    int tab_id,
-+    uint32_t snapshot_id,
-+    content::WebContents* web_contents,
-+    base::OnceCallback<void(SnapshotProcessingResult)> callback) {
-+  base::TimeTicks start_time = base::TimeTicks::Now();
-+  
-+  // Extract viewport info from WebContents on UI thread
-+  auto [viewport_size, device_scale_factor] = ExtractViewportInfo(web_contents);
-+  
-+  // Build node ID map, parent map and children map for efficient lookup
-+  std::unordered_map<int32_t, ui::AXNodeData> node_map;
-+  std::unordered_map<int32_t, int32_t> parent_map;
-+  std::unordered_map<int32_t, std::vector<int32_t>> children_map;
-+  
-+  for (const auto& node : tree_update.nodes) {
-+    node_map[node.id] = node;
-+    // Build parent and children relationships
-+    for (int32_t child_id : node.child_ids) {
-+      parent_map[child_id] = node.id;
-+      children_map[node.id].push_back(child_id);
-+    }
-+  }
-+  
-+  // Clear previous mappings for this tab
-+  GetNodeIdMappings()[tab_id].clear();
-+
-+  // Create an AXTree from the tree update for accurate bounds computation
-+  std::unique_ptr<ui::AXTree> ax_tree = std::make_unique<ui::AXTree>(tree_update);
-+  
-+  if (!ax_tree) {
-+    LOG(ERROR) << "[browseros] Failed to create AXTree from update";
-+    SnapshotProcessingResult result;
-+    result.nodes_processed = 0;
-+    result.processing_time_ms = 0;
-+    std::move(callback).Run(std::move(result));
-+    return;
-+  }
-+  
-+  LOG(INFO) << "[browseros] Created AXTree with " << tree_update.nodes.size() 
-+            << " nodes for bounds computation";
-+  
-+  // Prepare processing context using RefCounted
-+  auto context = base::MakeRefCounted<ProcessingContext>();
-+  context->snapshot.snapshot_id = snapshot_id;
-+  context->snapshot.timestamp = base::Time::Now().InMillisecondsFSinceUnixEpoch();
-+  context->tab_id = tab_id;
-+  context->node_map = std::move(node_map);
-+  context->parent_map = std::move(parent_map); 
-+  context->children_map = std::move(children_map);
-+  context->ax_tree = std::move(ax_tree);  // Store AXTree for bounds computation
-+  context->device_scale_factor = device_scale_factor;  // For CSS pixel conversion
-+  context->viewport_size = viewport_size;  // For visibility checks
-+  context->start_time = start_time;
-+  
-+  // Store the tree ID for change detection
-+  if (tree_update.has_tree_data) {
-+    context->tree_id = tree_update.tree_data.tree_id;
-+  }
-+  
-+  // Viewport size is passed in but not currently used for viewport bounds calculation
-+  // TODO: Implement proper viewport detection if needed
-+  context->callback = std::move(callback);
-+  context->processed_batches = 0;
-+  
-+  // Collect all nodes to process and filter
-+  std::vector<ui::AXNodeData> nodes_to_process;
-+  for (const auto& node : tree_update.nodes) {
-+    // Skip invisible, ignored, or non-interactive nodes
-+    if (ShouldSkipNode(node)) {
-+      continue;
-+    }
-+    nodes_to_process.push_back(node);
-+  }
-+  
-+  context->total_nodes = nodes_to_process.size();
-+  
-+  // Handle empty case
-+  if (nodes_to_process.empty()) {
-+    base::TimeDelta processing_time = base::TimeTicks::Now() - start_time;
-+    context->snapshot.processing_time_ms = processing_time.InMilliseconds();
-+    
-+    SnapshotProcessingResult result;
-+    result.snapshot = std::move(context->snapshot);
-+    result.nodes_processed = 0;
-+    result.processing_time_ms = processing_time.InMilliseconds();
-+    std::move(context->callback).Run(std::move(result));
-+    return;
-+  }
-+  
-+  // Process nodes in batches using ThreadPool
-+  const size_t batch_size = 100;  // Process 100 nodes per batch
-+  size_t num_batches = (nodes_to_process.size() + batch_size - 1) / batch_size;
-+  context->total_batches = num_batches;
-+  
-+  for (size_t i = 0; i < nodes_to_process.size(); i += batch_size) {
-+    size_t end = std::min(i + batch_size, nodes_to_process.size());
-+    std::vector<ui::AXNodeData> batch(
-+        std::make_move_iterator(nodes_to_process.begin() + i),
-+        std::make_move_iterator(nodes_to_process.begin() + end));
-+    uint32_t start_node_id = i + 1;  // Node IDs start at 1
-+    
-+    // Post task to ThreadPool and handle result on UI thread
-+    base::ThreadPool::PostTaskAndReplyWithResult(
-+        FROM_HERE,
-+        {base::TaskPriority::USER_VISIBLE},
-+        base::BindOnce(&SnapshotProcessor::ProcessNodeBatch, 
-+                       std::move(batch), 
-+                       context->node_map,
-+                       context->ax_tree.get(),  // Pass AXTree pointer for bounds computation
-+                       start_node_id,
-+                       context->device_scale_factor),  // Pass DSF for CSS pixel conversion
-+        base::BindOnce(&SnapshotProcessor::OnBatchProcessed,
-+                       context));
-+  }
-+}
-+
-+
-+}  // namespace api
-+}  // namespace extensions
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.h
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.h
@@ -1,118 +0,0 @@
-diff --git a/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.h b/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.h
-new file mode 100644
-index 0000000000000..5c85cd73b26f3
--- /dev/null
-+++ b/chrome/browser/extensions/api/browser_os/browser_os_snapshot_processor.h
-@@ -0,0 +1,111 @@
-+// Copyright 2024 The Chromium Authors
-+// Use of this source code is governed by a BSD-style license that can be
-+// found in the LICENSE file.
-+
-+#ifndef CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_SNAPSHOT_PROCESSOR_H_
-+#define CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_SNAPSHOT_PROCESSOR_H_
-+
-+#include <cstdint>
-+#include <string>
-+#include <unordered_map>
-+#include <vector>
-+
-+#include "base/functional/callback.h"
-+#include "base/memory/raw_ptr.h"
-+#include "chrome/common/extensions/api/browser_os.h"
-+#include "ui/gfx/geometry/rect_f.h"
-+
-+namespace content {
-+class WebContents;
-+}  // namespace content
-+
-+namespace ui {
-+class AXNode;
-+class AXTree;
-+struct AXNodeData;
-+struct AXTreeUpdate;
-+enum class AXCoordinateSystem;
-+enum class AXClippingBehavior;
-+}  // namespace ui
-+
-+namespace extensions {
-+namespace api {
-+
-+// Result of snapshot processing
-+struct SnapshotProcessingResult {
-+  browser_os::InteractiveSnapshot snapshot;
-+  int nodes_processed = 0;
-+  int64_t processing_time_ms = 0;
-+};
-+
-+// Processes accessibility trees into interactive snapshots with parallel processing
-+class SnapshotProcessor {
-+ public:
-+  // Structure to hold data for a processed node
-+  struct ProcessedNode {
-+    ProcessedNode();
-+    ProcessedNode(const ProcessedNode&);
-+    ProcessedNode(ProcessedNode&&);
-+    ProcessedNode& operator=(const ProcessedNode&);
-+    ProcessedNode& operator=(ProcessedNode&&);
-+    ~ProcessedNode();
-+    
-+    raw_ptr<const ui::AXNodeData> node_data;
-+    uint32_t node_id;
-+    browser_os::InteractiveNodeType node_type;
-+    std::string name;
-+    gfx::RectF absolute_bounds;
-+    // All attributes stored as key-value pairs
-+    std::unordered_map<std::string, std::string> attributes;
-+  };
-+
-+  SnapshotProcessor() = default;
-+  ~SnapshotProcessor() = default;
-+
-+  // Main processing function - handles all threading internally
-+  // This function processes the accessibility tree into an interactive snapshot
-+  // using parallel processing on the thread pool. Extracts viewport info from
-+  // web_contents on UI thread before processing.
-+  static void ProcessAccessibilityTree(
-+      const ui::AXTreeUpdate& tree_update,
-+      int tab_id,
-+      uint32_t snapshot_id,
-+      content::WebContents* web_contents,
-+      base::OnceCallback<void(SnapshotProcessingResult)> callback);
-+
-+  // Process a batch of nodes (exposed for testing)
-+  // The ax_tree is used to compute accurate bounds for each node
-+  // device_scale_factor is used to convert physical pixels to CSS pixels
-+  static std::vector<ProcessedNode> ProcessNodeBatch(
-+      const std::vector<ui::AXNodeData>& nodes_to_process,
-+      const std::unordered_map<int32_t, ui::AXNodeData>& node_map,
-+      ui::AXTree* ax_tree,
-+      uint32_t start_node_id,
-+      float device_scale_factor = 1.0f);
-+
-+ private:
-+  // Internal processing context
-+  struct ProcessingContext;
-+  
-+  // Compute absolute bounds for a node using AXTree and convert to CSS pixels
-+  // This implements the same logic as BrowserAccessibility::GetBoundsRect
-+  // Returns bounds in CSS pixels by applying device_scale_factor
-+  static gfx::RectF GetNodeBounds(ui::AXTree* tree, 
-+                                   const ui::AXNode* node,
-+                                   const ui::AXCoordinateSystem coordinate_system,
-+                                   const ui::AXClippingBehavior clipping_behavior,
-+                                   float device_scale_factor = 1.0f,
-+                                   bool* out_offscreen = nullptr);
-+  
-+  // Batch processing callback
-+  static void OnBatchProcessed(scoped_refptr<ProcessingContext> context,
-+                               std::vector<ProcessedNode> batch_results);
-+
-+  SnapshotProcessor(const SnapshotProcessor&) = delete;
-+  SnapshotProcessor& operator=(const SnapshotProcessor&) = delete;
-+};
-+
-+}  // namespace api
-+}  // namespace extensions
-+
-+#endif  // CHROME_BROWSER_EXTENSIONS_API_BROWSER_OS_BROWSER_OS_SNAPSHOT_PROCESSOR_H_
-\ No newline at end of file
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/chrome_extensions_browser_api_provider.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/chrome_extensions_browser_api_provider.cc
@@ -1,5 +1,5 @@
 diff --git a/chrome/browser/extensions/chrome_extensions_browser_api_provider.cc b/chrome/browser/extensions/chrome_extensions_browser_api_provider.cc
-index a251aaaa53378..25b5989cedf15 100644
+index a251aaaa53378..93c5a121684a4 100644
 --- a/chrome/browser/extensions/chrome_extensions_browser_api_provider.cc
 +++ b/chrome/browser/extensions/chrome_extensions_browser_api_provider.cc
@@ -4,6 +4,7 @@
@@ -10,16 +10,11 @@ index a251aaaa53378..25b5989cedf15 100644
 #include "chrome/browser/extensions/api/generated_api_registration.h"
 #include "extensions/browser/extension_function_registry.h"
 #include "extensions/buildflags/buildflags.h"
-@@ -19,6 +20,14 @@ ChromeExtensionsBrowserAPIProvider::~ChromeExtensionsBrowserAPIProvider() =
+@@ -19,6 +20,9 @@ ChromeExtensionsBrowserAPIProvider::~ChromeExtensionsBrowserAPIProvider() =
 
 void ChromeExtensionsBrowserAPIProvider::RegisterExtensionFunctions(
     ExtensionFunctionRegistry* registry) {
 +  // BrowserOS API
-+  registry->RegisterFunction<api::BrowserOSGetAccessibilityTreeFunction>();
-+  registry->RegisterFunction<api::BrowserOSGetInteractiveSnapshotFunction>();
-+  registry->RegisterFunction<api::BrowserOSClickFunction>();
-+  registry->RegisterFunction<api::BrowserOSInputTextFunction>();
-+  registry->RegisterFunction<api::BrowserOSClearFunction>();
 +  registry->RegisterFunction<api::BrowserOSExecuteJavaScriptFunction>();
 +
   // Generated APIs from Chrome.
--- a/packages/browseros/chromium_patches/chrome/browser/extensions/extension_management.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/extensions/extension_management.cc
@@ -1,16 +1,33 @@
 diff --git a/chrome/browser/extensions/extension_management.cc b/chrome/browser/extensions/extension_management.cc
-index fd38c92b7493b..08d05ceb30782 100644
+index bb0e7b5cba7e0..f3d6a10d2605e 100644
 --- a/chrome/browser/extensions/extension_management.cc
 +++ b/chrome/browser/extensions/extension_management.cc
-@@ -24,6 +24,7 @@
+@@ -25,6 +25,8 @@
 #include "base/values.h"
 #include "base/version.h"
 #include "build/chromeos_buildflags.h"
+#include "chrome/browser/browser_features.h"
 +#include "chrome/browser/browseros/core/browseros_constants.h"
 #include "chrome/browser/enterprise/util/managed_browser_utils.h"
 #include "chrome/browser/extensions/cws_info_service.h"
 #include "chrome/browser/extensions/extension_management_constants.h"
-@@ -664,6 +665,14 @@ ExtensionIdSet ExtensionManagement::GetForcePinnedList() const {
+@@ -277,6 +279,15 @@ bool ExtensionManagement::IsUpdateUrlOverridden(const ExtensionId& id) {
+ }
+ 
+ GURL ExtensionManagement::GetEffectiveUpdateURL(const Extension& extension) {
+  // BrowserOS: route bundled extensions to the alpha update manifest when on
+  // the alpha channel. Must live here (not in the extension's manifest.json
+  // update_url) so a mid-session channel flip takes effect on the next update
+  // check, without uninstalling the extension.
+  if (browseros::IsBrowserOSExtension(extension.id()) &&
+      base::FeatureList::IsEnabled(features::kBrowserOsAlphaFeatures)) {
+    return GURL(browseros::kBrowserOSAlphaUpdateUrl);
+  }
+
+   if (IsUpdateUrlOverridden(extension.id())) {
+     DCHECK(!extension.was_installed_by_default())
+         << "Update URL should not be overridden for default-installed "
+@@ -669,6 +680,14 @@ ExtensionIdSet ExtensionManagement::GetForcePinnedList() const {
       force_pinned_list.insert(entry.first);
     }
   }
--- a/packages/browseros/chromium_patches/chrome/browser/ui/browser_actions.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/ui/browser_actions.cc
@@ -1,5 +1,5 @@
 diff --git a/chrome/browser/ui/browser_actions.cc b/chrome/browser/ui/browser_actions.cc
-index 96ccc8d0a6acc..9c446a5e041a9 100644
+index 19d0181ac8285..5bc3edd1fff8e 100644
 --- a/chrome/browser/ui/browser_actions.cc
 +++ b/chrome/browser/ui/browser_actions.cc
@@ -14,6 +14,7 @@
@@ -24,7 +24,7 @@ index 96ccc8d0a6acc..9c446a5e041a9 100644
 #include "chrome/browser/ui/autofill/address_bubbles_icon_controller.h"
 #include "chrome/browser/ui/autofill/autofill_bubble_base.h"
 #include "chrome/browser/ui/autofill/payments/filled_card_information_bubble_controller_impl.h"
-@@ -272,6 +280,110 @@ void BrowserActions::InitializeBrowserActions() {
+@@ -273,6 +281,110 @@ void BrowserActions::InitializeBrowserActions() {
             .Build());
   }
 
@@ -79,7 +79,7 @@ index 96ccc8d0a6acc..9c446a5e041a9 100644
 +                const extensions::Extension* extension =
 +                    extensions::ExtensionRegistry::Get(profile)
 +                        ->enabled_extensions()
-+                        .GetByID(browseros::kAgentV2ExtensionId);
+                        .GetByID(browseros::kAgentExtensionId);
 +                if (!extension) {
 +                  LOG(WARNING) << "browseros: Agent extension not found";
 +                  infobars::ContentInfoBarManager* infobar_manager =
--- a/packages/browseros/chromium_patches/chrome/browser/ui/browser_command_controller.cc
+++ b/packages/browseros/chromium_patches/chrome/browser/ui/browser_command_controller.cc
@@ -1,9 +1,9 @@
 diff --git a/chrome/browser/ui/browser_command_controller.cc b/chrome/browser/ui/browser_command_controller.cc
-index deb531f8832e3..91cf6b70413ff 100644
+index 977849483f5b8..06699914cd23c 100644
 --- a/chrome/browser/ui/browser_command_controller.cc
 +++ b/chrome/browser/ui/browser_command_controller.cc
-@@ -70,6 +70,8 @@
- #include "chrome/browser/ui/ui_features.h"
+@@ -76,6 +76,8 @@
+ #include "chrome/browser/ui/views/frame/browser_view.h"
 #include "chrome/browser/ui/views/side_panel/side_panel_entry_id.h"
 #include "chrome/browser/ui/views/side_panel/side_panel_ui.h"
 +#include "chrome/browser/ui/views/side_panel/third_party_llm/third_party_llm_panel_coordinator.h"
@@ -11,7 +11,7 @@ index deb531f8832e3..91cf6b70413ff 100644
 #include "chrome/browser/ui/web_applications/app_browser_controller.h"
 #include "chrome/browser/ui/web_applications/web_app_dialog_utils.h"
 #include "chrome/browser/ui/web_applications/web_app_launch_utils.h"
-@@ -104,7 +106,13 @@
+@@ -110,7 +112,13 @@
 #include "content/public/browser/web_contents_observer.h"
 #include "content/public/common/profiling.h"
 #include "content/public/common/url_constants.h"
@@ -24,8 +24,8 @@ index deb531f8832e3..91cf6b70413ff 100644
 +#include "extensions/browser/extension_registry.h"
 #include "extensions/common/extension_urls.h"
 #include "printing/buildflags/buildflags.h"
- #include "ui/actions/actions.h"
-@@ -988,6 +996,71 @@ bool BrowserCommandController::ExecuteCommandWithDisposition(
+ #include "ui/accessibility/accessibility_features.h"
+@@ -1050,6 +1058,71 @@ bool BrowserCommandController::ExecuteCommandWithDisposition(
       browser_->GetFeatures().side_panel_ui()->Show(
           SidePanelEntryId::kBookmarks, SidePanelOpenTrigger::kAppMenu);
       break;
@@ -67,7 +67,7 @@ index deb531f8832e3..91cf6b70413ff 100644
 +      const extensions::Extension* extension =
 +          extensions::ExtensionRegistry::Get(profile)
 +              ->enabled_extensions()
-+              .GetByID(browseros::kAgentV2ExtensionId);
+              .GetByID(browseros::kAgentExtensionId);
 +      if (!extension) {
 +        infobars::ContentInfoBarManager* infobar_manager =
 +            infobars::ContentInfoBarManager::FromWebContents(active_contents);
@@ -97,7 +97,7 @@ index deb531f8832e3..91cf6b70413ff 100644
     case IDC_SHOW_APP_MENU:
       base::RecordAction(base::UserMetricsAction("Accel_Show_App_Menu"));
       ShowAppMenu(browser_);
-@@ -1648,6 +1721,13 @@ void BrowserCommandController::InitCommandState() {
+@@ -1741,6 +1814,13 @@ void BrowserCommandController::InitCommandState() {
   }
 
   command_updater_.UpdateCommandEnabled(IDC_SHOW_BOOKMARK_SIDE_PANEL, true);
--- a/packages/browseros/chromium_patches/chrome/common/extensions/api/browser_os.idl
+++ b/packages/browseros/chromium_patches/chrome/common/extensions/api/browser_os.idl
@@ -1,9 +1,9 @@
 diff --git a/chrome/common/extensions/api/browser_os.idl b/chrome/common/extensions/api/browser_os.idl
 new file mode 100644
-index 0000000000000..da7102fd5b5e3
+index 0000000000000..c6044b5071033
 --- /dev/null
 +++ b/chrome/common/extensions/api/browser_os.idl
-@@ -0,0 +1,389 @@
+@@ -0,0 +1,176 @@
 +// Copyright 2024 The Chromium Authors
 +// Use of this source code is governed by a BSD-style license that can be
 +// found in the LICENSE file.
@@ -43,97 +43,6 @@ index 0000000000000..da7102fd5b5e3
 +    DOMString name;
 +  };
 +
-+  dictionary AccessibilityTree {
-+    // The ID of the root node
-+    long rootId;
-+
-+    // Map of node IDs to complete accessibility node data
-+    // Each node contains: id, role, states, actions, all attribute maps,
-+    // childIds, and other ui::AXNodeData fields
-+    object nodes;
-+
-+    // Tree-level metadata (optional)
-+    // Contains: title, url, doctype, mimetype, loaded, loadingProgress,
-+    // focusId, and selection information
-+    object? treeData;
-+  };
-+
-+  // Page content extraction types
-+  enum ContentItemType {
-+    heading,
-+    text,
-+    link,
-+    image,
-+    video
-+  };
-+
-+  // A content item extracted from the page in document order
-+  dictionary ContentItem {
-+    ContentItemType type;
-+    // Text content (for heading, text, link - the accessible name)
-+    DOMString? text;
-+    // URL (for link, image, video - the href or src)
-+    DOMString? url;
-+    // Heading level (for heading only, 1-6)
-+    long? level;
-+    // Alternative text (for image, video - alt attribute or title)
-+    DOMString? alt;
-+  };
-+
-+  // Page content in document order
-+  dictionary PageContent {
-+    // Content items in the order they appear in the document
-+    ContentItem[] items;
-+    // Timestamp when extraction was performed
-+    double timestamp;
-+    // Time taken to process (milliseconds)
-+    long processingTimeMs;
-+  };
-+
-+  // Interactive element types
-+  enum InteractiveNodeType {
-+    clickable,
-+    typeable,
-+    selectable,
-+    other
-+  };
-+
-+  // Rectangle bounds
-+  dictionary Rect {
-+    double x;
-+    double y;
-+    double width;
-+    double height;
-+  };
-+
-+  // Interactive node in the snapshot
-+  dictionary InteractiveNode {
-+    long nodeId;
-+    InteractiveNodeType type;
-+    DOMString? name;
-+    // Bounding rectangle of the node
-+    Rect? rect;
-+    // Flexible attributes dictionary for extensibility
-+    // Can include: tag, axValue, htmlTag, role, context, path, and any future attributes
-+    object? attributes;
-+  };
-+
-+  // Snapshot of interactive elements
-+  dictionary InteractiveSnapshot {
-+    long snapshotId;
-+    double timestamp;
-+    InteractiveNode[] elements;
-+    // Hierarchical text representation with context
-+    DOMString? hierarchicalStructure;
-+    // Performance metrics
-+    long processingTimeMs;
-+  };
-+
-+  // Options for getInteractiveSnapshot
-+  dictionary InteractiveSnapshotOptions {
-+    boolean? viewportOnly;
-+  };
-+
 +  // Page load status information
 +  dictionary PageLoadStatus {
 +    boolean isResourcesLoading;
@@ -146,14 +55,8 @@ index 0000000000000..da7102fd5b5e3
 +    boolean success;
 +  };
 +
-+  callback GetAccessibilityTreeCallback = void(AccessibilityTree tree);
-+  callback GetInteractiveSnapshotCallback = void(InteractiveSnapshot snapshot);
 +  callback InteractionCallback = void(InteractionResponse response);
 +  callback GetPageLoadStatusCallback = void(PageLoadStatus status);
-+  callback ScrollCallback = void();
-+  callback ScrollToNodeCallback = void(boolean scrolled);
-+  callback CaptureScreenshotCallback = void(DOMString dataUrl);
-+  callback GetSnapshotCallback = void(PageContent content);
 +
 +  // Settings-related types
 +  dictionary PrefObject {
@@ -166,13 +69,13 @@ index 0000000000000..da7102fd5b5e3
 +  callback GetPrefCallback = void(PrefObject pref);
 +  callback SetPrefCallback = void(boolean success);
 +  callback GetAllPrefsCallback = void(PrefObject[] prefs);
-+  
+
 +  // Callback for metrics logging
 +  callback VoidCallback = void();
-+  
+
 +  // Callback for getting version number
 +  callback GetVersionNumberCallback = void(DOMString version);
-+  
+
 +  // Callback for executeJavaScript
 +  callback ExecuteJavaScriptCallback = void(any result);
 +
@@ -181,52 +84,6 @@ index 0000000000000..da7102fd5b5e3
 +  callback ChoosePathCallback = void(optional SelectedPath result);
 +
 +  interface Functions {
-+    // Gets the full accessibility tree for a tab
-+    // |tabId|: The tab to get the accessibility tree for. Defaults to active tab.
-+    // |callback|: Called with the accessibility tree data.
-+    static void getAccessibilityTree(
-+        optional long tabId,
-+        GetAccessibilityTreeCallback callback);
-+
-+    // Gets a snapshot of interactive elements on the page
-+    // |tabId|: The tab to get the snapshot for. Defaults to active tab.
-+    // |options|: Options for the snapshot.
-+    // |callback|: Called with the interactive snapshot data.
-+    static void getInteractiveSnapshot(
-+        optional long tabId,
-+        optional InteractiveSnapshotOptions options,
-+        GetInteractiveSnapshotCallback callback);
-+
-+
-+    // Clicks on an element by its nodeId from the interactive snapshot
-+    // |tabId|: The tab containing the element. Defaults to active tab.
-+    // |nodeId|: The nodeId from the interactive snapshot.
-+    // |callback|: Called when the click is complete.
-+    static void click(
-+        optional long tabId,
-+        long nodeId,
-+        InteractionCallback callback);
-+
-+    // Inputs text into an element by its nodeId
-+    // |tabId|: The tab containing the element. Defaults to active tab.
-+    // |nodeId|: The nodeId from the interactive snapshot.
-+    // |text|: The text to input.
-+    // |callback|: Called when the input is complete.
-+    static void inputText(
-+        optional long tabId,
-+        long nodeId,
-+        DOMString text,
-+        InteractionCallback callback);
-+
-+    // Clears the content of an input element by its nodeId
-+    // |tabId|: The tab containing the element. Defaults to active tab.
-+    // |nodeId|: The nodeId from the interactive snapshot.
-+    // |callback|: Called when the clear is complete.
-+    static void clear(
-+        optional long tabId,
-+        long nodeId,
-+        InteractionCallback callback);
-+
 +    // Gets the page load status for a tab
 +    // |tabId|: The tab to check. Defaults to active tab.
 +    // |callback|: Called with the page load status.
@@ -234,51 +91,6 @@ index 0000000000000..da7102fd5b5e3
 +        optional long tabId,
 +        GetPageLoadStatusCallback callback);
 +
-+    // Scrolls the page up by approximately one viewport height
-+    // |tabId|: The tab to scroll. Defaults to active tab.
-+    // |callback|: Called when the scroll is complete.
-+    static void scrollUp(
-+        optional long tabId,
-+        ScrollCallback callback);
-+
-+    // Scrolls the page down by approximately one viewport height
-+    // |tabId|: The tab to scroll. Defaults to active tab.
-+    // |callback|: Called when the scroll is complete.
-+    static void scrollDown(
-+        optional long tabId,
-+        ScrollCallback callback);
-+
-+    // Scrolls the page to bring the specified node into view
-+    // |tabId|: The tab to scroll. Defaults to active tab.
-+    // |nodeId|: The node ID from getInteractiveSnapshot to scroll to.
-+    // |callback|: Called with whether scrolling was needed (false if already in view).
-+    static void scrollToNode(
-+        optional long tabId,
-+        long nodeId,
-+        ScrollToNodeCallback callback);
-+
-+    // Sends special key events to the active element in a tab
-+    // |tabId|: The tab to send keys to. Defaults to active tab.
-+    // |key|: The special key to send. Supported keys:
-+    //   - "Enter": Submit forms, activate buttons, insert line break
-+    //   - "Delete": Delete character after cursor
-+    //   - "Backspace": Delete character before cursor
-+    //   - "Tab": Move focus to next element
-+    //   - "Escape": Cancel operations, close dialogs
-+    //   - "ArrowUp": Move cursor/selection up
-+    //   - "ArrowDown": Move cursor/selection down
-+    //   - "ArrowLeft": Move cursor/selection left
-+    //   - "ArrowRight": Move cursor/selection right
-+    //   - "Home": Move to beginning of line/document
-+    //   - "End": Move to end of line/document
-+    //   - "PageUp": Scroll up one page
-+    //   - "PageDown": Scroll down one page
-+    // |callback|: Called when the key has been sent.
-+    static void sendKeys(
-+        optional long tabId,
-+        DOMString key,
-+        InteractionCallback callback);
-+    
 +    // Clicks at specific coordinates on the page
 +    // |tabId|: The tab to click in. Defaults to active tab.
 +    // |x|: X coordinate in CSS pixels from viewport origin.
@@ -289,7 +101,7 @@ index 0000000000000..da7102fd5b5e3
 +        double x,
 +        double y,
 +        InteractionCallback callback);
-+    
+
 +    // Types text after clicking at coordinates to focus element
 +    // |tabId|: The tab to type in. Defaults to active tab.
 +    // |x|: X coordinate to click for focus.
@@ -302,30 +114,6 @@ index 0000000000000..da7102fd5b5e3
 +        double y,
 +        DOMString text,
 +        InteractionCallback callback);
-+        
-+    // Captures a screenshot of the tab as a thumbnail
-+    // |tabId|: The tab to capture. Defaults to active tab.
-+    // |thumbnailSize|: Optional max dimension for the thumbnail. If not provided, uses viewport size.
-+    //                  The actual size will be the minimum of this value and the viewport dimensions.
-+    //                  Ignored if width and height are specified.
-+    // |showHighlights|: If true, shows bounding boxes around clickable, typeable, and selectable elements that are in viewport.
-+    // |width|: Optional exact width for screenshot. When used with height, overrides thumbnailSize.
-+    // |height|: Optional exact height for screenshot. When used with width, overrides thumbnailSize.
-+    // |callback|: Called with the screenshot as a data URL.
-+    static void captureScreenshot(
-+        optional long tabId,
-+        optional long thumbnailSize,
-+        optional boolean showHighlights,
-+        optional long width,
-+        optional long height,
-+        CaptureScreenshotCallback callback);
-+
-+    // Gets a simple text snapshot of the page
-+    // |tabId|: The tab to extract content from. Defaults to active tab.
-+    // |callback|: Called with the page snapshot.
-+    static void getSnapshot(
-+        optional long tabId,
-+        GetSnapshotCallback callback);
 +
 +    // Settings API functions - compatible with chrome.settingsPrivate
 +    // Gets a specific preference value
@@ -350,7 +138,7 @@ index 0000000000000..da7102fd5b5e3
 +    // |callback|: Called with array of preference objects.
 +    static void getAllPrefs(
 +        GetAllPrefsCallback callback);
-+    
+
 +    // Logs a metric event with optional properties
 +    // |eventName|: The name of the event to log (e.g., "extension.action").
 +    // |properties|: Optional JSON object with additional properties.
@@ -359,7 +147,7 @@ index 0000000000000..da7102fd5b5e3
 +        DOMString eventName,
 +        optional object properties,
 +        optional VoidCallback callback);
-+    
+
 +    // Gets the browser version number
 +    // |callback|: Called with the version string.
 +    static void getVersionNumber(
@@ -369,7 +157,7 @@ index 0000000000000..da7102fd5b5e3
 +    // |callback|: Called with the version string.
 +    static void getBrowserosVersionNumber(
 +        GetVersionNumberCallback callback);
-+    
+
 +    // Executes JavaScript code in the specified tab
 +    // |tabId|: The tab to execute JavaScript in. Defaults to active tab.
 +    // |code|: The JavaScript code to execute.
@@ -392,4 +180,3 @@ index 0000000000000..da7102fd5b5e3
 +        ChoosePathCallback callback);
 +  };
 +};
-+
--- a/packages/browseros/chromium_patches/extensions/browser/extension_function_histogram_value.h
+++ b/packages/browseros/chromium_patches/extensions/browser/extension_function_histogram_value.h
@@ -1,5 +1,5 @@
 diff --git a/extensions/browser/extension_function_histogram_value.h b/extensions/browser/extension_function_histogram_value.h
-index 2a2f2e26757cc..61daa201a826a 100644
+index 2a2f2e26757cc..427ff821a61f6 100644
 --- a/extensions/browser/extension_function_histogram_value.h
 +++ b/extensions/browser/extension_function_histogram_value.h
@@ -2021,6 +2021,32 @@ enum HistogramValue {
@@ -7,19 +7,19 @@ index 2a2f2e26757cc..61daa201a826a 100644
   AUTOFILLPRIVATE_GETREQUIREDATTRIBUTETYPESFORENTITYTYPENAME = 1959,
   PDFVIEWERPRIVATE_GLICSUMMARIZE = 1960,
 +  // BrowserOS: extension function histogram values
-+  BROWSER_OS_GETACCESSIBILITYTREE = 1961,
-+  BROWSER_OS_GETINTERACTIVESNAPSHOT = 1962,
-+  BROWSER_OS_CLICK = 1963,
-+  BROWSER_OS_INPUTTEXT = 1964,
-+  BROWSER_OS_CLEAR = 1965,
+  DELETED_BROWSER_OS_GETACCESSIBILITYTREE = 1961,
+  DELETED_BROWSER_OS_GETINTERACTIVESNAPSHOT = 1962,
+  DELETED_BROWSER_OS_CLICK = 1963,
+  DELETED_BROWSER_OS_INPUTTEXT = 1964,
+  DELETED_BROWSER_OS_CLEAR = 1965,
 +  BROWSER_OS_GETPAGELOADSTATUS = 1966,
-+  BROWSER_OS_SCROLLUP = 1967,
-+  BROWSER_OS_SCROLLDOWN = 1968,
-+  BROWSER_OS_SCROLLTONODE = 1969,
-+  BROWSER_OS_SENDKEYS = 1970,
+  DELETED_BROWSER_OS_SCROLLUP = 1967,
+  DELETED_BROWSER_OS_SCROLLDOWN = 1968,
+  DELETED_BROWSER_OS_SCROLLTONODE = 1969,
+  DELETED_BROWSER_OS_SENDKEYS = 1970,
 +  BROWSER_OS_GETPAGESTRUCTURE = 1971,
-+  BROWSER_OS_CAPTURESCREENSHOT = 1972,
-+  BROWSER_OS_GETSNAPSHOT = 1973,
+  DELETED_BROWSER_OS_CAPTURESCREENSHOT = 1972,
+  DELETED_BROWSER_OS_GETSNAPSHOT = 1973,
 +  BROWSER_OS_GETPREF = 1974,
 +  BROWSER_OS_SETPREF = 1975,
 +  BROWSER_OS_GETALLPREFS = 1976,
--- a/packages/browseros/chromium_patches/tools/metrics/histograms/metadata/extensions/enums.xml
+++ b/packages/browseros/chromium_patches/tools/metrics/histograms/metadata/extensions/enums.xml
@@ -1,24 +1,24 @@
 diff --git a/tools/metrics/histograms/metadata/extensions/enums.xml b/tools/metrics/histograms/metadata/extensions/enums.xml
-index aa7937ea189d3..341f957a8b134 100644
+index aa7937ea189d3..be2f9f0ec1559 100644
 --- a/tools/metrics/histograms/metadata/extensions/enums.xml
 +++ b/tools/metrics/histograms/metadata/extensions/enums.xml
@@ -2877,6 +2877,31 @@ Called by update_extension_histograms.py.-->
   <int value="1959"
       label="AUTOFILLPRIVATE_GETREQUIREDATTRIBUTETYPESFORENTITYTYPENAME"/>
   <int value="1960" label="PDFVIEWERPRIVATE_GLICSUMMARIZE"/>
-+  <int value="1961" label="BROWSER_OS_GETACCESSIBILITYTREE"/>
-+  <int value="1962" label="BROWSER_OS_GETINTERACTIVESNAPSHOT"/>
-+  <int value="1963" label="BROWSER_OS_CLICK"/>
-+  <int value="1964" label="BROWSER_OS_INPUTTEXT"/>
-+  <int value="1965" label="BROWSER_OS_CLEAR"/>
+  <int value="1961" label="DELETED_BROWSER_OS_GETACCESSIBILITYTREE"/>
+  <int value="1962" label="DELETED_BROWSER_OS_GETINTERACTIVESNAPSHOT"/>
+  <int value="1963" label="DELETED_BROWSER_OS_CLICK"/>
+  <int value="1964" label="DELETED_BROWSER_OS_INPUTTEXT"/>
+  <int value="1965" label="DELETED_BROWSER_OS_CLEAR"/>
 +  <int value="1966" label="BROWSER_OS_GETPAGELOADSTATUS"/>
-+  <int value="1967" label="BROWSER_OS_SCROLLUP"/>
-+  <int value="1968" label="BROWSER_OS_SCROLLDOWN"/>
-+  <int value="1969" label="BROWSER_OS_SCROLLTONODE"/>
-+  <int value="1970" label="BROWSER_OS_SENDKEYS"/>
+  <int value="1967" label="DELETED_BROWSER_OS_SCROLLUP"/>
+  <int value="1968" label="DELETED_BROWSER_OS_SCROLLDOWN"/>
+  <int value="1969" label="DELETED_BROWSER_OS_SCROLLTONODE"/>
+  <int value="1970" label="DELETED_BROWSER_OS_SENDKEYS"/>
 +  <int value="1971" label="BROWSER_OS_GETPAGESTRUCTURE"/>
-+  <int value="1972" label="BROWSER_OS_CAPTURESCREENSHOT"/>
-+  <int value="1973" label="BROWSER_OS_GETSNAPSHOT"/>
+  <int value="1972" label="DELETED_BROWSER_OS_CAPTURESCREENSHOT"/>
+  <int value="1973" label="DELETED_BROWSER_OS_GETSNAPSHOT"/>
 +  <int value="1974" label="BROWSER_OS_GETPREF"/>
 +  <int value="1975" label="BROWSER_OS_SETPREF"/>
 +  <int value="1976" label="BROWSER_OS_GETALLPREFS"/>
--- a/packages/browseros/resources/BROWSEROS_VERSION
+++ b/packages/browseros/resources/BROWSEROS_VERSION
@@ -1,4 +1,4 @@
 BROWSEROS_MAJOR=0
-BROWSEROS_MINOR=44
+BROWSEROS_MINOR=45
 BROWSEROS_BUILD=0
-BROWSEROS_PATCH=1
+BROWSEROS_PATCH=2
--- a/packages/browseros/resources/entitlements/podman-krunkit-entitlements.plist
+++ b/packages/browseros/resources/entitlements/podman-krunkit-entitlements.plist
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+  <key>com.apple.security.hypervisor</key>
+  <true/>
+  <key>com.apple.security.cs.disable-library-validation</key>
+  <true/>
+</dict>
+</plist>
--- a/packages/browseros/resources/entitlements/podman-vfkit-entitlements.plist
+++ b/packages/browseros/resources/entitlements/podman-vfkit-entitlements.plist
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+  <key>com.apple.security.network.client</key>
+  <true/>
+  <key>com.apple.security.network.server</key>
+  <true/>
+  <key>com.apple.security.virtualization</key>
+  <true/>
+</dict>
+</plist>
Author	SHA1	Message	Date
Nikhil Sonti	ae3e79bb43	fix: address PR review comments for 0416-openclaw_cli_http_redesign	2026-04-16 16:22:27 -07:00
Nikhil Sonti	d2fb785367	feat: move OpenClaw control plane to CLI and HTTP	2026-04-16 15:34:06 -07:00
Nikhil	ebd3200cfe	feat(build): add arm64-only macOS release config (#728 ) Introduces release.macos.arm64.yaml for single-architecture arm64 macOS release builds. Mirrors the windows/linux single-arch pattern (configure -> compile -> sign_macos -> package_macos -> upload), skipping the universal_build module to avoid the x64 cross-compile and lipo merge. Reuses the sparkle_setup step and the same notarization env vars as the universal macOS config.	2026-04-16 13:09:46 -07:00
Nikhil	4172daa130	chore: bump PATCH and OFFSET (#727 )	2026-04-16 13:05:01 -07:00
Nikhil	c1b1e53a86	feat(ota): bundle full server resources tree in Sparkle payload (#726 ) * feat(ota): bundle full server resources tree (server + third_party bins) The OTA Sparkle payload now ships the complete resources/ tree the agent build produced, not just browseros_server. Every third-party binary (bun, ripgrep, podman, gvproxy, vfkit, krunkit, podman-mac-helper, win-sshproxy) flows to OTA-updated installs so podman integration works for users on the OTA channel, matching fresh Chromium-build installs. Extract the per-binary sign table into build/common/server_binaries.py so the Chromium-build sign path (modules/sign/) and OTA sign path (modules/ota/) share a single source of truth. Adding a new third-party dep is now a one-file edit that both paths pick up automatically; unknown executables under resources/bin/ are a hard error at release time. * fix(ota): address review comments on bundle signing flow - Avoid double-zipping during notarization: add notarize_macos_zip for pre-built Sparkle bundles so notarytool submits the zip directly instead of re-wrapping it through ditto --keepParent (Apple's service does not descend into nested archives). Keep notarize_macos_binary for single-binary callers. Share credential setup + submit logic via internal helpers. - Fail fast on unknown executables in sign_server_bundle_macos: collect the unknown-files list before any codesign call so a missing shared- table entry aborts in seconds, not after a full signing round. - Drop dead get_entitlements_path helper (no callers remain after the bundle refactor). * fix(ota): address PR review comments (greptile + claude) - sign_server_bundle_macos filters to executables only (p.is_file() + not p.is_symlink() + os.access X_OK) before applying the unknown-file guard. Non-Mach-O files (configs, dylibs, etc.) under resources/bin/ no longer cause misleading 'unknown executable' hard failures. - sign_server_bundle_windows now hard-errors on a missing expected binary instead of silently skipping it. Symmetric with the macOS guard — an incomplete bundle must not publish. - ServerOTAModule.execute() uses tempfile.TemporaryDirectory context managers for both the download and staging roots so they are cleaned up on every path, including failures. - Per-platform sign/notarize/Sparkle-sign failures now raise RuntimeError instead of silently skipping the platform — a release pipeline can no longer omit a target while reporting success. - Move import os and import shutil to the top of ota/sign_binary.py. - Drop unused log_error import from ota/server.py. * chore: bump server	2026-04-16 12:59:49 -07:00
Nikhil	d653883e99	fix(ci): add PR comment with test summary (#724 ) * fix(ci): add PR comment with test summary and block on failure Add a `comment` job to the test workflow that parses JUnit XML artifacts and posts a sticky PR comment showing pass/fail counts per suite, with failed test names listed in a collapsible section and a link to the run. Guards against fork PRs (read-only token) and stale overlapping runs (skips comment if PR head has moved past our SHA). * fix(ci): use payload SHA for staleness check, handle missing artifacts - Replace context.sha (merge commit SHA) with context.payload.pull_request.head.sha so the staleness guard compares the correct values and the comment actually gets posted - Add continue-on-error to download-artifact so cancelled runs gracefully fall through to the "no test results" message * fix(ci): show warning icon for zero-test suites instead of failure	2026-04-15 21:35:58 -07:00
Nikhil	f521ebc8dc	chore: bump server version, offset and patch for release (#721 )	2026-04-15 18:17:09 -07:00
Nikhil	f2a41fdc08	feat: bundle Podman runtime for BrowserOS server (#719 ) * feat: bundle podman runtime for browseros server * fix: address podman bundle review comments	2026-04-15 18:13:16 -07:00
Nikhil	b9dc875203	test: mock browseros llm in chat integration (#720 )	2026-04-15 18:07:15 -07:00
Nikhil	20067d90c7	fix: stabilize root test suite and SDK browser context (#717 ) * fix: isolate ACL semantic tests from Bun teardown crash * fix: time out ACL semantic fixture subprocess * fix: run full root test suite and repair sdk browser context * fix: address PR review comments for 0415-fix_all_tests_and_issues * test: temporarily skip sdk suite * test: clarify sdk suite disable message	2026-04-15 17:28:01 -07:00
Nikhil	67f18bc868	fix(clean-up): removed old chrome.browseros.* APIs that are not used anymore (#718 )	2026-04-15 17:16:30 -07:00
Nikhil	2f86020b30	feat: gate agent alpha UI behind capabilities (#716 ) * feat: gate agent alpha UI behind capabilities * fix: provide chat session for non-alpha home * fix: gate agents page behind alpha * fix: enable alpha capabilities in development	2026-04-15 16:06:22 -07:00
Nikhil	dc26ff2554	chore: bump server, offset & patch for release (#715 )	2026-04-15 14:43:22 -07:00
Nikhil	718902a4c7	test(server): reap orphaned test browsers before spawn (#714 ) Pre-kill BrowserOS processes whose --user-data-dir path contains the browseros-test- prefix before each spawnBrowser, and in the test:cleanup hook. This prevents a crashed prior test run from leaving a headless BrowserOS attached to a stale port, without touching the developer's regular BrowserOS.app instance (its user-data-dir is ~/Library/Application Support/BrowserOS, which does not match).	2026-04-15 14:20:21 -07:00
Nikhil	357821de6f	feat: support changing proxy port via pref (#712 )	2026-04-15 14:15:20 -07:00
Nikhil	d34bc64a67	feat: extension alpha support + refactor (#713 ) * feat: support override alpha extension * chore: rename the constexpr for agent	2026-04-15 14:14:48 -07:00