chore: prune crawler/rag standalone-service references and fix fallout

.claude/skills/docker/SKILL.md

@@ -28,8 +28,8 @@ never exposes; prod configs come from `tale deploy`). Overlay with `-f`:
   (`-f compose.yml -f compose.dev.yml up --build`).
 - `compose.test.yml` — container-e2e: shifts ports off the host to avoid CI collisions.
 - `compose.test.mock.yml` — DB-only port mock (`db` on `15432`).
-- `compose.bifrost.dev.yml` — applied **only** when Convex + Vite run on the host (`scripts/dev.ts`),
-  never by the fully-dockerized dev command; publishes Bifrost on loopback (`127.0.0.1:8080`).
+- `compose.llm-gateway.dev.yml` — applied **only** when Convex + Vite run on the host (`scripts/dev.ts`),
+  never by the fully-dockerized dev command; publishes the LLM gateway on loopback (`127.0.0.1:8080`).
 - `compose.docs.yml` / `compose.web.yml` (+ their `*.test.yml`) — standalone docs / marketing sites.
 
 Root `package.json` scripts: `docker:build` (turbo), `docker:up`, `docker:down`, `docker:logs`.

.commitlintrc.json

@@ -8,7 +8,6 @@
         "cli",
         "controller",
         "convex",
-        "crawler",
         "db",
         "deps",
         "design",
@@ -17,7 +16,6 @@
         "plop",
         "pii",
         "proxy",
-        "rag",
         "sandbox",
         "storybook",
         "ui",

.env.example

@@ -139,10 +139,10 @@ TALE_AUDIT_SIGNING_KEY=4f8c2a9e7b1d6035e4a8c2f9d7b3061a5e8c4f2a9d7b30615e4c8a2f9
 # METRICS_BEARER_TOKEN=
 
 # ============================================================================
-# OPTIONAL: Sandbox LLM Gateway (Bifrost) management auth
+# OPTIONAL: Sandbox LLM Gateway management auth
 # ============================================================================
-# Bifrost is the only path from an in-sandbox coding agent (Claude Code /
-# OpenCode) to an LLM. The platform provisions it + mints per-session virtual
+# The LLM gateway is the only path from an in-sandbox coding agent (Claude Code
+# / OpenCode) to an LLM. The platform provisions it + mints per-session virtual
 # keys over the management API; inference is gated so the sandbox can only call
 # the model with a minted key (client.enforce_auth_on_inference, pushed
 # automatically — no env needed for that part).
@@ -153,14 +153,18 @@ TALE_AUDIT_SIGNING_KEY=4f8c2a9e7b1d6035e4a8c2f9d7b3061a5e8c4f2a9d7b30615e4c8a2f9
 # plane is open on the internal network (acceptable only for a single-tenant
 # local box). The username defaults to `admin`.
 #
-#   BIFROST_ADMIN_USERNAME=admin
-#   BIFROST_ADMIN_PASSWORD=change-me-to-a-strong-secret
+# LLM_GATEWAY_ADMIN_PASSWORD is auto-generated by `tale init`; set it here only
+# to pin your own value.
 #
-# BIFROST_URL overrides where the platform reaches the management API; default
-# http://bifrost:8080 works in-compose. The host bun-dev path sets it to the
-# loopback publish (see compose.bifrost-dev.yml + services/platform/.env.local).
-# BIFROST_ADMIN_USERNAME=admin
-# BIFROST_ADMIN_PASSWORD=
+#   LLM_GATEWAY_ADMIN_USERNAME=admin
+#   LLM_GATEWAY_ADMIN_PASSWORD=change-me-to-a-strong-secret
+#
+# LLM_GATEWAY_URL overrides where the platform reaches the management API;
+# default http://llm-gateway:8080 works in-compose. The host bun-dev path sets
+# it to the loopback publish (see compose.llm-gateway.dev.yml +
+# services/platform/.env.local).
+# LLM_GATEWAY_ADMIN_USERNAME=admin
+# LLM_GATEWAY_ADMIN_PASSWORD=
 
 # ============================================================================
 # Provider Secrets Encryption (SOPS + age)

.env.test

@@ -23,16 +23,15 @@ OPENAI_FAST_MODEL=test-model
 OPENAI_CODING_MODEL=test-model
 OPENAI_EMBEDDING_MODEL=test-model
 OPENAI_VISION_MODEL=test-model
-EMBEDDING_DIMENSIONS=1536
-CRAWLER_EMBEDDING_DIMENSIONS=1536
 
 # Database - DB_ vars are used by the db entrypoint wrapper to set POSTGRES_*.
 # DB_NAME is intentionally NOT set here: the db Dockerfile defaults it to `tale`
-# for the postgres server, while rag/crawler entrypoints fall through to their
-# own default (`tale_knowledge`) — the database where init-scripts/03 installs
-# the `vector` and `pg_search` extensions. Setting DB_NAME globally via env_file
-# would leak `tale` into rag/crawler and race with ParadeDB's bootstrap loading
-# `vector` into `tale`, which fails on slower runners (e.g. ubuntu-latest).
+# for the platform postgres server, while the knowledge-db role falls through to
+# its own default (`tale_knowledge`) — the database where init-scripts/03
+# installs the `vector` and `pg_search` extensions. Setting DB_NAME globally via
+# env_file would leak `tale` into the knowledge DB and race with ParadeDB's
+# bootstrap loading `vector` into `tale`, which fails on slower runners
+# (e.g. ubuntu-latest).
 DB_PASSWORD=test_password_e2e
 DB_USER=tale
 

.github/CONTRIBUTING.md

@@ -17,7 +17,7 @@ bun run dev            # boot Convex + Vite (wait for the READY banner)
 You do **not** need Docker for source development; `bun run dev` runs Convex
 directly. The `web` and `docs` sites need neither Docker nor Convex — run just
 one with `bun run --filter @tale/web dev` (or `@tale/docs`). The full guide,
-including port conflicts, hybrid Convex mode, and the Python services, is
+including port conflicts and hybrid Convex mode, is
 [Contributor setup](../docs/en/develop/contributor-setup.md).
 
 ## Before you open a PR

.github/workflows/build.yml

@@ -95,6 +95,8 @@ jobs:
               - 'services/convex/**'
             controller:
               - 'services/controller/**'
+            llm-gateway:
+              - 'services/llm-gateway/**'
             web:
               - 'services/web/**'
               - 'packages/ui/**'
@@ -123,6 +125,7 @@ jobs:
               - 'services/convex/**'
               - 'services/platform/**'
               - 'services/proxy/**'
+              - 'services/llm-gateway/**'
               - 'services/sandbox/**'
               - 'services/sandbox-egress/**'
               - 'services/sandbox-runtime/**'
@@ -139,7 +142,7 @@ jobs:
           # trio that `build` actually pushes to GHCR. Web and docs use their
           # own compose stacks and are reachable via security.yml's
           # filesystem scan.
-          SCANNABLE=$(echo "${SERVICES}" | jq -c '[.[] | select(. == "db" or . == "convex" or . == "controller" or . == "platform" or . == "proxy" or . == "sandbox" or . == "sandbox-egress" or . == "sandbox-runtime")]')
+          SCANNABLE=$(echo "${SERVICES}" | jq -c '[.[] | select(. == "db" or . == "convex" or . == "controller" or . == "platform" or . == "proxy" or . == "llm-gateway" or . == "sandbox" or . == "sandbox-egress" or . == "sandbox-runtime")]')
           echo "scannable=${SCANNABLE}" >> "$GITHUB_OUTPUT"
           echo "Services to scan: ${SCANNABLE}"
 
@@ -196,6 +199,7 @@ jobs:
             controller,
             platform,
             proxy,
+            llm-gateway,
             sandbox,
             sandbox-egress,
             sandbox-runtime,
@@ -341,7 +345,7 @@ jobs:
           # locally so smoke tests with PULL_POLICY=never find it.
           TAG="${{ needs.changes.outputs.image_tag }}"
           REGISTRY_PATH="${{ env.REGISTRY }}/${{ github.repository }}"
-          for svc in db convex controller platform proxy sandbox sandbox-egress sandbox-runtime; do
+          for svc in db convex controller platform proxy llm-gateway sandbox sandbox-egress sandbox-runtime; do
             IMAGE="${REGISTRY_PATH}/tale-${svc}:${TAG}"
             echo "Pulling ${IMAGE}..."
             docker pull "${IMAGE}"
@@ -352,17 +356,6 @@ jobs:
           docker tag "ghcr.io/tale-project/tale/tale-sandbox-runtime:latest" \
             "tale-sandbox-runtime:latest"
 
-      # bifrost is an external Docker Hub image (not built by us, not on GHCR).
-      # Its compose `pull_policy: ${PULL_POLICY:-missing}` collapses to `never`
-      # under the smoke stack's PULL_POLICY=never, so compose won't fetch it and
-      # `up` aborts with "No such image". Pre-pull the pinned tag (resolved from
-      # compose.yml's default) so it's present locally before the stack starts.
-      - name: Pull bifrost image (third-party)
-        run: |
-          BIFROST_VERSION="$(grep -oP 'maximhq/bifrost:\$\{BIFROST_VERSION:-\K[^}]+' compose.yml)"
-          echo "Pulling maximhq/bifrost:${BIFROST_VERSION}..."
-          docker pull "maximhq/bifrost:${BIFROST_VERSION}"
-
       - name: Setup Bun
         uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2
         with:
@@ -573,7 +566,7 @@ jobs:
           # locally so PULL_POLICY=never validation finds it.
           TAG="${{ needs.changes.outputs.image_tag }}"
           REGISTRY_PATH="${{ env.REGISTRY }}/${{ github.repository }}"
-          for svc in db convex controller platform proxy sandbox sandbox-egress sandbox-runtime; do
+          for svc in db convex controller platform proxy llm-gateway sandbox sandbox-egress sandbox-runtime; do
             IMAGE="${REGISTRY_PATH}/tale-${svc}:${TAG}"
             echo "Pulling ${IMAGE}..."
             docker pull "${IMAGE}"

.github/workflows/cleanup-pr-images.yml

@@ -35,6 +35,7 @@ jobs:
             controller,
             platform,
             proxy,
+            llm-gateway,
             sandbox,
             sandbox-egress,
             sandbox-runtime,

README.de.md

@@ -140,7 +140,7 @@ Für lokale Entwicklung (ohne Docker):
 ### Voraussetzungen
 
 - **Bun**: 1.3.x oder höher ([Installationsanleitung](https://bun.sh/docs/installation))
-- **Python**: 3.12.x (für die Python-Dienste rag und crawler)
+- **Python**: 3.12.x (für die mitgelieferten Python-Skill-Skripte, z. B. den PPTX-Skill)
 - **uv**: Python-Paketmanager ([Installationsanleitung](https://github.com/astral-sh/uv))
 
 ### Entwicklungs-Befehle
@@ -225,7 +225,7 @@ Doku-Seite und Plattform-UI laufen in drei Basis-Sprachen (`en`, `de`, `fr`) plu
 <details>
 <summary><strong>Für Developer</strong></summary>
 
-- **[API-Referenz](docs/de/develop/api-reference.md)** — REST-API für RAG, Crawler und Platform
+- **[API-Referenz](docs/de/develop/api-reference.md)** — REST-API für Agenten, Chat, Wissen und Workflows
 - **[Webhooks](docs/de/develop/webhooks.md)** — Workflow- und Agent-Webhooks mit Signaturprüfung
 - **[Develop-Übersicht](docs/de/develop/overview.md)** — die Entwickler-Oberfläche von Anfang bis Ende
 
@@ -241,7 +241,7 @@ Doku-Seite und Plattform-UI laufen in drei Basis-Sprachen (`en`, `de`, `fr`) plu
 
 ## Mitwirken
 
-Neu im Repo? [Contributor-Setup](docs/de/develop/contributor-setup.md) ist die zentrale Quelle der Wahrheit, um den Quellcode lokal zum Laufen zu bringen — Voraussetzungen, `bun install`, der `bun run setup:check`-Pre-flight, `bun run dev` und die Python-Dienste. Lies [`AGENTS.md`](AGENTS.md) vor deinem ersten PR — das ist der einzige Vertrag für Code-Stil, Security, Tests, i18n und Dokumentation über alle Workspaces hinweg. Der [`docs`](.agents/docs/AGENTS.md)-Skill deckt die Doku-Seite ab; der [`translation`](.agents/translation/AGENTS.md)-Skill die sprachübergreifenden Übersetzungsregeln. Lass `bun run check` (Format, Lint, Typecheck, Tests) durchlaufen, bevor du einen PR öffnest; das [Pull-Request-Template](.github/pull_request_template.md) listet den Rest der Pre-Merge-Checkliste.
+Neu im Repo? [Contributor-Setup](docs/de/develop/contributor-setup.md) ist die zentrale Quelle der Wahrheit, um den Quellcode lokal zum Laufen zu bringen — Voraussetzungen, `bun install`, der `bun run setup:check`-Pre-flight und `bun run dev`. Lies [`AGENTS.md`](AGENTS.md) vor deinem ersten PR — das ist der einzige Vertrag für Code-Stil, Security, Tests, i18n und Dokumentation über alle Workspaces hinweg. Der [`docs`](.agents/docs/AGENTS.md)-Skill deckt die Doku-Seite ab; der [`translation`](.agents/translation/AGENTS.md)-Skill die sprachübergreifenden Übersetzungsregeln. Lass `bun run check` (Format, Lint, Typecheck, Tests) durchlaufen, bevor du einen PR öffnest; das [Pull-Request-Template](.github/pull_request_template.md) listet den Rest der Pre-Merge-Checkliste.
 
 ---
 

README.fr.md

@@ -140,7 +140,7 @@ Pour le développement local (hors Docker) :
 ### Prérequis
 
 - **Bun** : 1.3.x ou supérieur ([instructions d'installation](https://bun.sh/docs/installation))
-- **Python** : 3.12.x (requis pour les services Python : rag, crawler)
+- **Python** : 3.12.x (pour les scripts Python des skills fournis, p. ex. le skill PPTX)
 - **uv** : gestionnaire de paquets Python ([instructions d'installation](https://github.com/astral-sh/uv))
 
 ### Commandes de développement
@@ -225,7 +225,7 @@ Le site de doc et l'UI de la plateforme tournent en trois langues de base (`en`,
 <details>
 <summary><strong>Pour les développeurs</strong></summary>
 
-- **[Référence API](docs/fr/develop/api-reference.md)** — API REST pour RAG, Crawler et Platform
+- **[Référence API](docs/fr/develop/api-reference.md)** — API REST pour les agents, le chat, les connaissances et les workflows
 - **[Webhooks](docs/fr/develop/webhooks.md)** — webhooks de workflows et d'agents avec vérification de signature
 - **[Aperçu développeur](docs/fr/develop/overview.md)** — la surface développeur de bout en bout
 
@@ -241,7 +241,7 @@ Le site de doc et l'UI de la plateforme tournent en trois langues de base (`en`,
 
 ## Contribuer
 
-Nouveau dans le dépôt ? [Configuration contributeur](docs/fr/develop/contributor-setup.md) est la source unique de vérité pour faire tourner le code source en local — prérequis, `bun install`, le pré-vol `bun run setup:check`, `bun run dev` et les services Python. Lis [`AGENTS.md`](AGENTS.md) avant ton premier PR — c'est le contrat unique pour le style de code, la sécurité, les tests, l'i18n et la documentation à travers tous les workspaces. Le skill [`docs`](.agents/docs/AGENTS.md) couvre le site de doc ; le skill [`translation`](.agents/translation/AGENTS.md) les règles de traduction inter-langues. Lance `bun run check` (format, lint, typecheck, tests) avant d'ouvrir un PR ; le [pull request template](.github/pull_request_template.md) liste le reste de la checklist pre-merge.
+Nouveau dans le dépôt ? [Configuration contributeur](docs/fr/develop/contributor-setup.md) est la source unique de vérité pour faire tourner le code source en local — prérequis, `bun install`, le pré-vol `bun run setup:check` et `bun run dev`. Lis [`AGENTS.md`](AGENTS.md) avant ton premier PR — c'est le contrat unique pour le style de code, la sécurité, les tests, l'i18n et la documentation à travers tous les workspaces. Le skill [`docs`](.agents/docs/AGENTS.md) couvre le site de doc ; le skill [`translation`](.agents/translation/AGENTS.md) les règles de traduction inter-langues. Lance `bun run check` (format, lint, typecheck, tests) avant d'ouvrir un PR ; le [pull request template](.github/pull_request_template.md) liste le reste de la checklist pre-merge.
 
 ---
 

README.md

@@ -140,7 +140,7 @@ For local development (non-Docker):
 ### Prerequisites
 
 - **Bun**: 1.3.x or higher ([installation instructions](https://bun.sh/docs/installation))
-- **Python**: 3.12.x (required for Python services: rag, crawler)
+- **Python**: 3.12.x (for the bundled Python skill scripts, e.g. the PPTX skill)
 - **uv**: Python package manager ([installation instructions](https://github.com/astral-sh/uv))
 
 ### Development commands
@@ -225,7 +225,7 @@ The docs site and platform UI both ship three base locales (`en`, `de`, `fr`) pl
 <details>
 <summary><strong>For developers</strong></summary>
 
-- **[API reference](docs/en/develop/api-reference.md)** — REST API for RAG, Crawler, and Platform
+- **[API reference](docs/en/develop/api-reference.md)** — REST API for agents, chat, knowledge, and workflows
 - **[Webhooks](docs/en/develop/webhooks.md)** — workflow and agent webhooks with signature verification
 - **[Develop overview](docs/en/develop/overview.md)** — the developer surface end to end
 
@@ -241,7 +241,7 @@ The docs site and platform UI both ship three base locales (`en`, `de`, `fr`) pl
 
 ## Contributing
 
-New to the repo? [Contributor setup](docs/en/develop/contributor-setup.md) is the single source of truth for getting the source running locally — prerequisites, `bun install`, the `bun run setup:check` pre-flight, `bun run dev`, and the Python services. Read [`AGENTS.md`](AGENTS.md) before your first PR — it is the single contract for code style, security, testing, i18n, and documentation across every workspace. The [`docs`](.agents/docs/AGENTS.md) skill covers the documentation site; the [`translation`](.agents/translation/AGENTS.md) skill covers cross-locale translation rules. Run `bun run check` (format, lint, typecheck, tests) before opening a PR; the [pull request template](.github/pull_request_template.md) lists the rest of the pre-merge checklist.
+New to the repo? [Contributor setup](docs/en/develop/contributor-setup.md) is the single source of truth for getting the source running locally — prerequisites, `bun install`, the `bun run setup:check` pre-flight, and `bun run dev`. Read [`AGENTS.md`](AGENTS.md) before your first PR — it is the single contract for code style, security, testing, i18n, and documentation across every workspace. The [`docs`](.agents/docs/AGENTS.md) skill covers the documentation site; the [`translation`](.agents/translation/AGENTS.md) skill covers cross-locale translation rules. Run `bun run check` (format, lint, typecheck, tests) before opening a PR; the [pull request template](.github/pull_request_template.md) lists the rest of the pre-merge checklist.
 
 ---
 

builtin-configs/agents/chat/claude-code.json

@@ -10,38 +10,39 @@
   "i18n": {
     "de": {
       "conversationStarters": [
-        "Klone das Repo und behebe das in Issue #42 beschriebene Problem",
-        "Schreibe ein kleines CLI-Tool in Python und teste es",
-        "Refaktoriere dieses Modul und lass die Tests laufen",
-        "Erstelle einen Branch und öffne einen Pull Request mit deiner Änderung"
+        "Klone ein GitHub-Repository und behebe den Fehler in Issue #42",
+        "Schreibe ein kleines Python-CLI-Tool, führe es aus und zeig mir die Ausgabe",
+        "Refaktoriere dieses Modul und lass die Tests laufen, um zu beweisen, dass es noch funktioniert",
+        "Debugge diesen fehlschlagenden Test und erkläre die Ursache"
       ],
       "description": "Anthropics Coding-Agent Claude Code, ausgeführt in einer isolierten Sandbox — du chattest direkt mit ihm, während er Dateien bearbeitet, Befehle ausführt und über mehrere Runden weiterarbeitet.",
       "displayName": "Claude Code"
     },
     "en": {
       "conversationStarters": [
-        "Clone the repo and fix the bug described in issue #42",
-        "Write a small Python CLI tool and test it",
-        "Refactor this module and run the tests",
-        "Create a branch and open a pull request with your change"
+        "Clone a GitHub repo and fix the bug in issue #42",
+        "Write a small Python CLI tool, run it, and show me the output",
+        "Refactor this module and run the tests to prove it still works",
+        "Debug this failing test and explain the root cause"
       ],
       "description": "Anthropic's Claude Code coding agent, running in an isolated sandbox — chat with it directly as it edits files, runs commands, and continues across turns.",
       "displayName": "Claude Code"
     },
     "fr": {
       "conversationStarters": [
-        "Clone le dépôt et corrige le bug décrit dans l'issue #42",
-        "Écris un petit outil CLI en Python et teste-le",
-        "Refactorise ce module et lance les tests",
-        "Crée une branche et ouvre une pull request avec ta modification"
+        "Clone un dépôt GitHub et corrige le bug de l'issue #42",
+        "Écris un petit outil CLI en Python, exécute-le et montre-moi la sortie",
+        "Refactorise ce module et lance les tests pour prouver qu'il fonctionne toujours",
+        "Débogue ce test en échec et explique-en la cause racine"
       ],
       "description": "L'agent de code Claude Code d'Anthropic, exécuté dans un bac à sable isolé — discutez directement avec lui pendant qu'il modifie des fichiers, lance des commandes et poursuit le travail sur plusieurs tours.",
       "displayName": "Claude Code"
     }
   },
-  "integrationBindings": ["github", "tavily"],
+  "integrationBindings": [],
+  "nativeWebTools": true,
   "primaryBehavior": "external-agent",
-  "supportedModels": ["ccgateway:claude-opus-4-8"],
+  "supportedModels": ["openrouter:anthropic/claude-opus-4.8"],
   "timeoutMs": 1800000,
   "visibleInChat": true
 }