Feature Spec: Cloud Drive Integration Model

1. Overview

Legionis currently provides a Drive-backed workspace where agents read and write files within a dedicated folder structure. This feature expands the integration model so users can browse their entire Google Drive from within Legionis, drag files into the chat console to give agents context, and manage files anywhere in their Drive without leaving the platform. The single restriction: agents create new deliverables exclusively in the Legionis workspace folders. This turns Legionis from a workspace-scoped tool into a full Drive companion that respects the user's ownership of their files while maintaining a clean boundary for agent output.

2. Product Decision

The agreed model has four pillars:

Full Drive browsing. Users can navigate their entire Google Drive freely within Legionis. They are not restricted to workspace folders. The file explorer becomes a complete Drive browser.

Drag and drop. Users can drag files from anywhere in their Drive into the chat console to give agents context or instructions. This is the primary mechanism for sharing non-workspace files with agents.

Full file management. Users can move, rename, create folders, delete (trash), and organize files anywhere in their Drive from within Legionis. The platform is a capable file manager, not just a viewer.

Agent write boundary. Agents create new deliverables exclusively in the Legionis workspace folders ({workspace}/deliverables/ and {workspace}/context/). This is the only restriction on the entire integration model.

The principle: "The Drive is theirs, Legionis is a guest."

This means: users have full sovereignty over their Drive. Legionis never restricts what they can see, touch, or organize. The platform only constrains where its own agents deposit work product, keeping the workspace clean and predictable.

US-001: Browse Full Drive

As a Legionis user I want to browse my entire Google Drive from within Legionis So that I can find and reference any file without switching to another tab

Acceptance Criteria:

Given I am in the file explorer, when I toggle to Drive view, then I see my full Google Drive folder tree starting from root
Given I am in Drive view, when I expand a folder, then its contents load and display (files and subfolders)
Given I navigate deep into my Drive, then breadcrumbs show my current location and allow quick navigation back

US-002: Drag File into Chat

As a user preparing instructions for an agent I want to drag a file from the file explorer into the chat input area So that the agent receives that file's content as context for my request

Acceptance Criteria:

Given I drag a file over the chat input area, then a visual drop zone indicator appears (highlighted border)
Given I drop a supported file (.md, .txt, .pdf, .docx, .csv, .json, .html), then it appears as a removable chip below the chat input
Given I drop a Google Doc/Sheet/Slides file, then it is auto-exported to a text format and attached as a chip
Given I send a message with attached files, then the agent receives the file contents prepended to my message

US-003: Manage Files Across Drive

As a user organizing my work I want to move, rename, and organize files anywhere in my Drive from within Legionis So that I can keep my Drive tidy without leaving the platform

Acceptance Criteria:

Given I right-click a file in Drive view, then I see context menu options: Rename, Move, Delete (Trash), Download, Open in Google Drive
Given I select Rename and enter a new name, then the file is renamed in Google Drive
Given I drag a file to a different folder in Drive view, then the file is moved to that folder
Given I select Delete, then the file moves to Google Drive trash (not permanently deleted)

US-004: Agent Deliverable Goes to Workspace

As a user who asked an agent to create a document I want the output to land in my Legionis workspace folder So that agent-generated work is organized and predictable

Acceptance Criteria:

Given I ask an agent to create a PRD, when the agent saves the file, then it is saved to {workspace}/deliverables/
Given I ask an agent to "save this to my Marketing folder", then the agent saves to workspace and suggests: "I've saved this to your workspace deliverables folder. You can move it to your Marketing folder from the file explorer."
Given an agent attempts to write outside the workspace, then the write operation is rejected by the tool boundary

US-005: Reference Non-Workspace File

As a user giving an agent background material I want to attach a file from outside my workspace to the conversation So that the agent can use existing documents as context without me copying them into the workspace

Acceptance Criteria:

Given I click the attachment button (paperclip icon) in the chat input, then a Drive file picker opens showing my full Drive
Given I select a file from the picker, then it appears as an attached chip in the chat input
Given I send the message, then the agent can read the attached file's content and reference it in its response

US-006: Quick Return to Workspace

As a user who browsed deep into my Drive I want to return to the Legionis workspace view with one click So that I can quickly switch between Drive browsing and workspace focus

Acceptance Criteria:

Given I am in Drive view, when I click the "Workspace" toggle/button, then the explorer immediately shows the workspace tree (current behavior)
Given I am in Drive view, then the Legionis workspace folder is visually distinguished with an accent color and pin icon
Given I click the pinned workspace folder in Drive view, then it expands to show the workspace contents inline

US-007: Attach Multiple Files

As a user preparing a complex request I want to attach multiple files from different Drive locations to a single message So that the agent has all the context it needs in one go

Acceptance Criteria:

Given I have already attached one file, when I drag or pick another file, then both appear as chips below the chat input
Given I have multiple files attached, when I click the X on a chip, then that file is removed from the attachments
Given I send a message with 3 attached files, then the agent receives all three file contents as context

US-008: Create Folder in Drive

As a user organizing my Drive I want to create new folders anywhere in my Drive from within Legionis So that I can set up folder structures without switching apps

Acceptance Criteria:

Given I right-click a folder in Drive view, when I select "New Folder", then a new folder is created inside it
Given I create a new folder, then the explorer refreshes to show it immediately

4.1 File Explorer (Updated)

The file explorer component (file-tree.tsx) gains two modes controlled by a toggle at the top of the panel.

Mode Toggle:

A segmented control at the top of the file explorer: [Workspace] [Drive]
Default mode: Workspace (current behavior, unchanged)
Switching to Drive loads the user's full Google Drive tree from root
The active mode is visually indicated with the primary accent color

Workspace View (default):

Identical to today's behavior. Shows the Legionis workspace tree starting from /
The "Drive" button in the toggle serves as the entry point to full browsing

Drive View:

Shows the user's entire Google Drive starting from root
Folder hierarchy is lazy-loaded (children fetched on expand, same pattern as workspace view)
The Legionis workspace folder is visually distinguished:

- Teal accent color on the folder icon and name - Small pin icon beside the folder name - Always sorted to the top of whatever parent it's in (regardless of alphabetical order)

Breadcrumb trail appears above the tree when navigating: My Drive / Projects / Q1 Reports

- Each breadcrumb segment is clickable for quick navigation up the tree

Shared drives and "Shared with me" appear as top-level entries alongside "My Drive"

State Persistence:

The last-used mode (Workspace vs. Drive) persists across page navigations within a session
Expanded folder state is preserved when switching between modes

4.2 Drag and Drop to Chat

Drag Initiation:

Any file in the file explorer (either mode) can be dragged
Drag handle is the entire file row (consistent with native file manager behavior)
During drag, the cursor shows a file icon with the filename

Drop Zone:

The entire chat input area (the message composer component) is a valid drop target
When a file is dragged over the chat input, the input area shows:

- A subtle dashed border in the accent color (teal) - A brief label: "Drop to attach" that fades in - Background dims slightly to indicate the active drop zone

When the drag leaves the drop zone, the visual indicator fades out

Attached File Chips:

After a successful drop, the file appears as a chip/pill below the chat input and above the send button
Chip format: [icon] filename.ext [x]

- Icon matches file type (document icon for .md/.txt, PDF icon for .pdf, spreadsheet icon for .csv, etc.) - The x button removes the attachment

Multiple chips stack horizontally with wrapping
Maximum attachments per message: 10 files
If a user tries to attach more than 10, show a toast: "Maximum 10 files per message"

Supported File Types:

Type	Extension(s)	Handling
Markdown	.md	Read as-is
Plain text	.txt	Read as-is
PDF	.pdf	Extract text via pdf-parse or server-side extraction
Word	.docx	Extract text via mammoth or server-side extraction
CSV	.csv	Read as-is (agents handle tabular text well)
JSON	.json	Read as-is
HTML	.html	Strip tags, extract text content
Google Doc	application/vnd.google-apps.document	Export as text/plain via Drive API
Google Sheet	application/vnd.google-apps.spreadsheet	Export as text/csv via Drive API
Google Slides	application/vnd.google-apps.presentation	Export as text/plain via Drive API

Unsupported files:

Binary files (.png, .jpg, .zip, .exe, etc.) show a toast: "This file type can't be shared with agents yet"
Files larger than 500KB (after text extraction) are truncated with a notice prepended to the content: [Truncated: showing first 500KB of {filename}]

Agent Context Injection:

When the user sends a message with attachments, the agent receives the message in this format:

[Attached: filename1.md]

[/Attached]
[Attached: filename2.pdf]

[/Attached]

4.3 File Management Actions

Context Menu (Right-Click):

In Drive view, right-clicking any file or folder surfaces a context menu with these actions:

Action	Applies To	Behavior
Rename	Files and folders	Inline rename field appears. Press Enter to confirm, Escape to cancel.
Move to...	Files and folders	Opens a folder picker modal showing the Drive tree. Select destination, confirm.
New Folder	Folders only	Creates a new subfolder. Inline name input appears inside the folder.
Move to Trash	Files and folders	Moves to Google Drive trash. Confirmation dialog: "Move {name} to trash?"
Download	Files only	Triggers browser download. Google Workspace files export to their default format (Doc to .docx, Sheet to .xlsx).
Open in Google Drive	Files and folders	Opens a new browser tab with the file's `webViewLink`
Copy link	Files and folders	Copies the Google Drive sharing link to clipboard

Drag-to-Move within Explorer:

In Drive view, users can drag files/folders to other folders to move them
A blue insertion indicator shows the target folder during drag
Drop triggers a Drive API files.update to change the parent

Workspace Folder Protection:

The Legionis workspace folder and its contents are manageable (rename workspace subfolders, etc.)
A warning appears if a user tries to trash the workspace root: "This is your Legionis workspace. Trashing it will disconnect your agent context. Continue?"

4.4 Chat Input Enhancement

The chat message composer gains three new interaction points:

Attachment Button:

A paperclip icon (from lucide-react) positioned to the left of the send button
Clicking it opens a Drive file picker modal (same component as "Move to..." but filtered to files)
Selected file is added as an attached chip
Button shows a badge count when files are attached: [paperclip][2]

Drag-and-Drop Zone:

The entire chat input area (textarea + button bar) is a drop target
Visual feedback as described in Section 4.2

Command Palette Integration:

Cmd+K (or Ctrl+K) opens the command palette
Typing "attach" or "file" surfaces: "Attach file from Drive"
Selecting this action opens the same Drive file picker modal

Keyboard Shortcut:

Cmd+Shift+A (or Ctrl+Shift+A) opens the Drive file picker directly

5. Agent Runtime Implications

5.1 Read Scope

Agent read access follows an explicit-consent model:

Source	Access Level	Mechanism
Workspace files	Always readable	Existing `readFile` tool (workspace-scoped)
User-attached files	Readable for the current conversation	New `readAttachedFile` tool
Other Drive files	Never proactively accessible	Agents cannot browse or search the user's Drive

Agents never proactively browse the user's Drive. They only access files the user explicitly provides through drag-and-drop or the attachment picker. This is the trust model: the user decides what context the agent receives.

5.2 Write Boundary (THE RULE)

This is the single hard constraint in the entire integration model:

Agents can only write to the Legionis workspace.

Operation	Scope	Enforcement
Create new files	`{workspace}/deliverables/`	`writeFile` tool validates path prefix
Save context entries	`{workspace}/context/*`	`writeFile` tool validates path prefix
Edit existing workspace files	`{workspace}/**`	`editFile` tool validates path prefix
Write anywhere else in Drive	Blocked	Tool rejects with explanation message

When a user asks an agent to save outside the workspace:

The agent should:

Save the deliverable to {workspace}/deliverables/{filename}

Respond: "I've saved this to your workspace deliverables folder. You can move it to any Drive location from the file explorer."

This keeps agent behavior predictable while giving the user full control over final file placement.

5.3 New Agent Tools

readAttachedFile

readAttachedFile({
  fileId: string  // Google Drive file ID of the attached file
}): Promise

Reads the content of a file the user attached to the current conversation
Only works for file IDs that were explicitly attached in the current message or conversation
Returns extracted text content (with conversion for PDF, DOCX, Google Workspace files)
Returns an error if the file ID was not attached by the user (prevents agent from using arbitrary file IDs)

Existing tools remain workspace-scoped:

readFile(path) resolves paths relative to workspace root (unchanged)
writeFile(path, content) writes within workspace only (unchanged, boundary enforced)
editFile(path, oldText, newText) edits within workspace only (unchanged)
listDirectory(path) lists workspace directories (unchanged)
globFiles(pattern) searches workspace files (unchanged)
grepContent(pattern) searches workspace file contents (unchanged)

5.4 Attachment Lifecycle

Attachments are scoped to the conversation turn in which they are sent:

User attaches files and sends a message

Server-side: file content is extracted and included in the agent's context window

The agent can reference this content in its response

Attachment metadata (file ID, name, size) is stored in the conversation turn record

In subsequent turns, the agent retains awareness of previously attached files (via conversation history) but does not re-fetch them unless the user attaches them again

6.1 OAuth Scope Change

The current OAuth configuration in src/lib/drive/auth.ts uses the drive.file scope:

const SCOPES = ["https://www.googleapis.com/auth/drive.file"];

The drive.file scope only grants access to files created by the application or explicitly opened by the user through the Google Picker. For full Drive browsing and file management, the scope needs to change.

Options:

Scope	Access	Trade-off
`drive.file` (current)	Only app-created files	Insufficient for browsing
`drive.readonly`	Full read access, no write outside app files	Insufficient for file management
`drive`	Full read/write access	Required for the full feature set

Recommendation: Use https://www.googleapis.com/auth/drive (full access). This is necessary for: browsing all folders, reading user-selected files, moving/renaming files anywhere, and creating folders outside the workspace.

Migration path for existing users: Users who already connected their Drive with drive.file will need to re-authorize. On first use of the Drive browser feature, detect the insufficient scope and prompt: "To browse your full Drive, we need to update your permissions. [Reconnect Google Drive]". This triggers a new OAuth flow with the broader scope.

6.2 File Content Extraction

For non-plaintext files, a server-side extraction layer is needed:

Format	Extraction Method	Package
PDF	pdf-parse	`pdf-parse`
DOCX	mammoth	`mammoth`
Google Doc	Drive API export (`text/plain`)	Built-in
Google Sheet	Drive API export (`text/csv`)	Built-in
Google Slides	Drive API export (`text/plain`)	Built-in
HTML	cheerio text extraction	`cheerio`

This extraction runs server-side in the API route before passing content to the agent runtime.

6.3 File Size and Chunking

Large files need handling before they reach the agent context window:

Soft limit: 500KB of extracted text per file
Hard limit: 2MB raw file size (skip extraction, return error)
Truncation: Files exceeding the soft limit are truncated with a header: [Truncated: showing first ~500KB of {N}KB file]
Multiple attachments: Total attachment content capped at 2MB of extracted text across all files in a single message

6.4 API Routes (New)

Route	Method	Purpose
`/api/drive/browse`	GET	List contents of any Drive folder (by folder ID or "root")
`/api/drive/files/[id]/content`	GET	Read file content by Drive file ID (for attachments)
`/api/drive/files/[id]/move`	PATCH	Move a file to a new parent folder
`/api/drive/files/[id]/rename`	PATCH	Rename a file
`/api/drive/files/[id]/trash`	POST	Move a file to trash
`/api/drive/files/[id]/download`	GET	Download file content (triggers browser download)
`/api/drive/folders`	POST	Create a new folder (already exists, may need update for arbitrary parents)
`/api/drive/files/[id]/export`	GET	Export Google Workspace file to text format

Existing routes (/api/drive/files, /api/drive/files/content) remain for workspace-scoped operations.

6.5 Caching and Performance

Folder listings: Cache Drive folder contents client-side for 60 seconds (stale-while-revalidate pattern via TanStack Query)
File metadata: Cache file names, types, and IDs in memory during the session
Invalidation: Any file management action (move, rename, delete, create) invalidates the cache for the affected parent folders
Pagination: Drive API returns max 100 files per page. Implement cursor-based pagination for folders with many items (load more on scroll)

7. Privacy and Trust

This feature expands Legionis's access to the user's Drive. The trust contract must be explicit and verifiable.

What Legionis does:

Displays the user's Drive folder structure when they open Drive view
Reads file content only when the user explicitly attaches a file to a conversation
Executes file management operations only when the user explicitly triggers them (right-click actions, drag-to-move)
Saves agent deliverables only to the Legionis workspace folder

What Legionis does not do:

No background scanning or indexing of the user's Drive
No crawling of folder trees beyond what the user has expanded in the UI
No caching of file contents beyond the current session
No server-side storage of any Drive file content (content flows through to the AI provider via BYOT)
No sharing of Drive metadata with third parties

BYOT reinforcement:

File content passed to agents goes through the user's own API key
Legionis's server-side role is limited to: reading the file via Drive API, passing the text to the AI provider endpoint, and streaming the response back
The content transits through Legionis infrastructure but is not stored, logged, or retained

Onboarding disclosure: When the user first connects Google Drive (or re-authorizes for the broader scope), the consent screen includes:

"Legionis can browse your Google Drive to help you find and organize files. We only read file contents when you explicitly share them with your agents. Your files stay in your Drive. Agent work products are saved to your Legionis workspace folder."

Audit trail:

Every file management action (move, rename, trash, create folder) is logged in the conversation where it occurred
Attachment events are logged in the conversation turn metadata

8. Success Criteria

Criterion	Measurement	Target
Drive browsing works	User can navigate full Drive tree, expand folders, see all files	100% of Drive-connected users
Drag-and-drop adoption	Percentage of conversations that include at least one attachment	>30% within 60 days of launch
Attachment accuracy	Agent correctly references and uses attached file content	>95% of attached files are usable
Write boundary holds	Zero agent writes outside workspace folder	100% enforcement
File management works	Move, rename, trash, create folder operations succeed	>99% success rate
No trust violations	No user reports of unexpected file access or modification	Zero incidents
Scope migration smooth	Existing users successfully re-authorize within one session	>90% re-auth on first prompt
Performance acceptable	Folder listing loads in under 2 seconds for folders with up to 100 items	P95 < 2s

9. Out of Scope (v1)

The following are explicitly deferred to future iterations:

Multi-cloud support: OneDrive, Dropbox, iCloud. Google Drive only for v1. Cloud abstraction layer is in the architecture but not yet implemented.
File version history: Viewing previous versions of a file within Legionis. Users can use Google Drive's native version history via "Open in Google Drive."
Collaborative editing: Real-time multi-user editing of files. Out of scope for the entire MVP.
Drive search: Full-text search across the user's Drive from within Legionis. Users can search within the workspace (existing grep tool) or use Drive's native search. Typesense integration (planned for Week 8) covers workspace search.
File preview in explorer: Previewing non-markdown files (PDF, images) inline in the file explorer panel. Markdown preview already exists in file-preview.tsx.
Selective sync/favorites: Pinning frequently-used Drive folders for quick access (beyond the workspace pin).
Batch operations: Selecting multiple files for bulk move/rename/delete.
Offline access: Caching Drive files for offline use.

Appendix A: Current Implementation Reference

Files that will be modified:

File	Change
`src/lib/drive/auth.ts`	Update SCOPES from `drive.file` to `drive`
`src/components/explorer/file-tree.tsx`	Add mode toggle, Drive view, breadcrumbs, context menu, drag source
`src/components/chat/` (new components)	Drop zone, attachment chips, file picker modal
`src/app/api/drive/` (new routes)	Browse, move, rename, trash, export, download endpoints
`src/tools/read-file.ts`	No change (remains workspace-scoped)
`src/tools/` (new tool)	`read-attached-file.ts` for conversation-scoped file reading
`src/lib/drive/drive-workspace.ts`	No change to workspace boundary

Files that remain unchanged:

src/lib/drive/client.ts (Drive client factory, already handles arbitrary operations)
src/lib/drive/path-resolver.ts (workspace path resolution, still needed for workspace tools)
src/lib/drive/workspace-init.ts (workspace folder creation, still needed for onboarding)
src/tools/write-file.ts (workspace-scoped write, boundary already enforced)
src/tools/edit-file.ts (workspace-scoped edit, boundary already enforced)

New dependencies:

pdf-parse (PDF text extraction)
mammoth (DOCX text extraction)
cheerio (HTML text extraction)

Appendix B: Drive API Scope Comparison

Scope	List folders	Read any file	Write to workspace	Move/rename any file	Create folders anywhere
`drive.file` (current)	App-created only	App-created only	Yes	App-created only	App-created only
`drive.readonly`	All	All	No	No	No
`drive` (recommended)	All	All	Yes	Yes	Yes

The drive scope is the only option that supports the full feature set. The trust contract (Section 7) and audit trail mitigate the broader access.

Feature Spec: Cloud Drive Integration Model

1. Overview

2. Product Decision

3. User Stories

US-001: Browse Full Drive

US-002: Drag File into Chat

US-003: Manage Files Across Drive

US-004: Agent Deliverable Goes to Workspace

US-005: Reference Non-Workspace File

US-006: Quick Return to Workspace

US-007: Attach Multiple Files

US-008: Create Folder in Drive

4. UX Specification

4.1 File Explorer (Updated)

4.2 Drag and Drop to Chat

4.3 File Management Actions

4.4 Chat Input Enhancement

5. Agent Runtime Implications

5.1 Read Scope

5.2 Write Boundary (THE RULE)

5.3 New Agent Tools

5.4 Attachment Lifecycle

6. Technical Notes

6.1 OAuth Scope Change

6.2 File Content Extraction

6.3 File Size and Chunking

6.4 API Routes (New)

6.5 Caching and Performance

7. Privacy and Trust

8. Success Criteria

9. Out of Scope (v1)

Appendix A: Current Implementation Reference

Appendix B: Drive API Scope Comparison