diff --git a/openspec/changes/archive/2026-05-10-multi-agent-pipeline/.openspec.yaml b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/.openspec.yaml
new file mode 100644
index 0000000..ac20efa
--- /dev/null
+++ b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/.openspec.yaml
@@ -0,0 +1,2 @@
+schema: spec-driven
+created: 2026-05-10
diff --git a/openspec/changes/archive/2026-05-10-multi-agent-pipeline/design.md b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/design.md
new file mode 100644
index 0000000..fccdf32
--- /dev/null
+++ b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/design.md
@@ -0,0 +1,116 @@
+## Context
+
+当前项目已有稳定的 Agent 架构：
+
+- **Web Worker** (`agent.worker.ts`) — 独立线程跑 LLM 调用，不阻塞 UI
+- **ReAct 循环** — 最多 5 步：LLM 决定是否调工具 → 主线程执行 → 结果注入 → 继续
+- **工具 Round-trip** — Worker `postMessage` 请求主线程执行 `readMindmap` / `generateMindmapOps`
+- **两种模式** — ENHANCE（对话生成了新内容，自动更新脑图）、MEDIATE（用户对 Agent 说话，更新脑图 + 流式回答）
+- **`useMindmapAgent` hook** — 统一入口，外部只调 `initialize / enhanceMessage / mediateMessage`
+
+以上架构通过 30+ 轮迭代验证，稳定有效。问题出在工程实现层面：335 行单文件、零数据校验、prompt 内联。
+
+## Goals / Non-Goals
+
+**Goals:**
+- 提取 `BaseAgent` 抽象类，使 Agent 逻辑可单独测试
+- 从 `agent.worker.ts` 提取 `ReActRunner`，解耦消息路由和推理循环
+- System prompt 从 hook 移到独立文件
+- `applyOperations()` 前加 Zod 校验
+- 保持所有现有接口和行为不变
+
+**Non-Goals:**
+- 不改 ReAct 循环为多 Agent Pipeline（过度设计）
+- 不拆包、不加 monorepo
+- 不换 LLM 框架（继续用 Vercel AI SDK）
+- 不引入新外部依赖
+- 不改变 postMessage 协议
+- 不改变 `useMindmapAgent` 对外的三个方法签名
+
+## Decisions
+
+### Decision 1: 保持 ReAct 循环，提取到类
+
+**选择**：`ReActRunner` 类封装循环逻辑，`agent.worker.ts` 只做消息路由。
+
+```typescript
+class ReActRunner {
+  constructor(private agent: BaseAgent, private tools: ToolSet) {}
+
+  async run(userPrompt: string, options?: ReActOptions): Promise<string> {
+    const messages = [{ role: 'user', content: userPrompt }]
+    for (let step = 0; step < options?.maxSteps ?? 5; step++) {
+      const result = await this.agent.callLLM({ messages, tools: this.tools })
+      // ... 处理 toolCalls / toolResults
+      if (result.toolResults.length === 0) return result.text ?? ''
+    }
+  }
+}
+```
+
+**不拆分 Planner/Writer/Reflector**：当前的 ReAct 循环只有 2-3 步，拆成 3 个独立 Agent 会增加 2 次额外 LLM 调用，且 Planner 看不到 Writer 的执行结果。一张专门化的 system prompt 在单次上下文里做完"计划→执行→回答"更高效。
+
+### Decision 2: Zod 校验放在 applyOperations 前
+
+**选择**：在 `agent-tools.ts` 的 `generateMindmapOps` 处理器中，`applyOperations()` 调用前加 `safeParse`。
+
+```typescript
+const OperationsArraySchema = z.array(z.object({
+  type: z.enum(['add_child', 'update', 'delete_leaf', 'add_root']),
+  parentId: z.string().optional(),
+  nodeId: z.string().optional(),
+  label: z.string().optional(),
+  summary: z.string().optional(),
+  // ... 等
+})).max(10)
+
+export async function generateMindmapOps(input: { operations: unknown }) {
+  const parsed = OperationsArraySchema.safeParse(input.operations)
+  if (!parsed.success) {
+    return { error: `操作校验失败: ${parsed.error.message}`, success: false }
+  }
+  const newTree = applyOperations(tree, parsed.data)
+  // ...
+}
+```
+
+LLM 输出不可信，这是数据完整性的最后一道防线。
+
+### Decision 3: BaseAgent 是薄封装
+
+**选择**：`BaseAgent` 只封装 `callLLM()` 和 `callTool()` 两个方法，不定义 `process()` 抽象方法。
+
+当前只有一个 Agent，不需要复杂的多 Agent 继承体系。BaseAgent 提供：
+- `this.ctx` — 统一的 AgentContext（model, endpoint, logger）
+- `this.callLLM()` — 封装 generateText 调用
+- `this.callTool()` — 封装工具 round-trip
+
+未来如果需要加第二个 Agent，直接继承即可。
+
+## File Structure
+
+```
+改动前                               改动后
+
+src/                                 src/
+├── workers/                          ├── workers/
+│   └── agent.worker.ts (335行)        │   └── agent.worker.ts (~120行)  ← 只做消息路由
+├── hooks/                             ├── hooks/
+│   └── useMindmapAgent.ts (324行)      │   └── useMindmapAgent.ts (~280行) ← 移除内联 prompt
+├── lib/                               ├── lib/
+│   ├── agent/                         │   ├── agent/
+│   │   ├── types.ts                   │   │   ├── types.ts
+│   │   └── agent-tools.ts             │   │   ├── agent-tools.ts (+ Zod)
+│   └── llm-client.ts                  │   │   ├── system-prompt.ts  ← 新增
+│                                       │   │   ├── base-agent.ts    ← 新增
+│                                       │   │   └── schema.ts        ← 新增
+│                                       │   └── llm-client.ts
+```
+
+## Risks / Trade-offs
+
+| Risk | Mitigation |
+|------|-----------|
+| 提取 ReActRunner 引入 bug | 保留原有逻辑 100%，只做提取不改变行为；全部回归测试 |
+| Zod 校验误拒绝合法操作 | 用 `safeParse` 不抛异常；校验失败返回 descriptive error，不影响系统 |
+| 新增文件增加复杂度 | 3 个新文件，每个 50-150 行，工程化的必要成本 |
diff --git a/openspec/changes/archive/2026-05-10-multi-agent-pipeline/proposal.md b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/proposal.md
new file mode 100644
index 0000000..2304a01
--- /dev/null
+++ b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/proposal.md
@@ -0,0 +1,34 @@
+## Why
+
+当前 Agent 系统的骨架是对的（Web Worker + ReAct 循环 + 工具系统），但存在三个工程问题：
+
+1. **代码耦合**：`agent.worker.ts` 335 行，消息路由、ReAct 循环、工具注册、状态报告全部胶合在一个文件中，无法单独测试任何一部分
+2. **缺少数据校验**：LLM 输出的 operations 直接 `applyOperations()`，没有 Zod schema 验证。格式错误（缺字段、类型不对、ID 用 "1"）会直接污染脑图数据
+3. **System prompt 硬编码**：176-198 行的 prompt 字符串嵌在 `useMindmapAgent.ts` hook 中，无法测试、无法切换、无法复用
+
+不改变架构（不改 ReAct 循环、不改 Worker、不改两种模式），只做工程解耦 + 数据安全。
+
+## What Changes
+
+- 新增 `BaseAgent` 类，封装 LLM 调用和工具交互
+- 从 `agent.worker.ts` 提取 `ReActRunner` 类，解耦消息路由和 ReAct 循环
+- System prompt 从 `useMindmapAgent.ts` 移到独立文件 `src/lib/agent/system-prompt.ts`
+- `applyOperations()` 前加 **Zod schema 校验**，拒绝坏数据
+- `AgentStatus` 状态类型不变，ENHANCE_MESSAGE / MEDIATE_MESSAGE 两种模式不变
+- 不改 Worker、不改 useMindmapAgent 接口、不改 agent-tools.ts 工具处理器
+
+## Capabilities
+
+### New Capabilities
+- `agent-core`: BaseAgent 基类 + ReActRunner 循环提取，Agent 核心逻辑可测试化
+- `agent-schema`: Zod schema 校验层，在 operations 应用前做结构验证
+
+### Modified Capabilities
+- 无
+
+## Impact
+
+- **新增文件**：`src/lib/agent/system-prompt.ts`、`src/lib/agent/base-agent.ts`、`src/lib/agent/schema.ts`
+- **修改文件**：`src/workers/agent.worker.ts`（提取 ReAct 循环到类）、`src/hooks/useMindmapAgent.ts`（移除内联 prompt）、`src/lib/agent/agent-tools.ts`（加 Zod 校验）
+- **无外部依赖变更**
+- **删除文件**：无
diff --git a/openspec/changes/archive/2026-05-10-multi-agent-pipeline/specs/agent-core/spec.md b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/specs/agent-core/spec.md
new file mode 100644
index 0000000..7c42445
--- /dev/null
+++ b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/specs/agent-core/spec.md
@@ -0,0 +1,101 @@
+## ADDED Requirements
+
+### Requirement: BaseAgent provides unified LLM calling
+
+The system SHALL provide a `BaseAgent` class that encapsulates LLM invocation and tool interaction for all agent implementations.
+
+```typescript
+abstract class BaseAgent {
+  protected ctx: AgentContext
+  abstract get name(): string
+  protected async callLLM(params: CallLLMParams): Promise<LLMResponse>
+  protected async callTool(name: string, args: unknown): Promise<unknown>
+}
+
+interface AgentContext {
+  model: string
+  systemPrompt: string
+  providerConfig: { apiEndpoint: string; apiKey: string }
+  onToolCall: (name: string, args: unknown) => Promise<unknown>
+  onStatusReport: (status: AgentStatus, message?: string) => void
+}
+```
+
+#### Scenario: Agent calls LLM with system prompt
+- **WHEN** an agent invokes `this.callLLM({ messages, tools })`
+- **THEN** the system SHALL send the messages + system prompt to the LLM
+- **THEN** the response SHALL include text content and any tool calls
+
+#### Scenario: Agent calls a tool
+- **WHEN** an agent invokes `this.callTool('readMindmap', {})`
+- **THEN** the system SHALL forward the call to the main thread via `onToolCall`
+- **THEN** the result SHALL be returned to the agent
+
+### Requirement: ReActRunner encapsulates reasoning loop
+
+The system SHALL provide a `ReActRunner` class that orchestrates the tool-use reasoning loop independently of message routing.
+
+```typescript
+class ReActRunner {
+  constructor(agent: BaseAgent, tools: ToolDefinition[])
+  async run(userPrompt: string, options?: { maxSteps?: number }): Promise<string>
+}
+```
+
+The ReActRunner SHALL:
+- Accept a max of 5 steps per run
+- Process tool calls and inject tool results back into the conversation
+- Return the final text response when no more tool calls are needed
+- Report status updates (thinking, reading_mindmap, generating_mindmap) at appropriate steps
+
+#### Scenario: ReActRunner completes with tool calls
+- **WHEN** the LLM calls `readMindmap` then `generateMindmapOps`
+- **THEN** the ReActRunner SHALL execute both tools in sequence
+- **THEN** the ReActRunner SHALL return the final LLM text response
+
+#### Scenario: ReActRunner handles invalid tool call
+- **WHEN** the LLM produces a tool call with invalid JSON parameters
+- **THEN** the ReActRunner SHALL inject an error message into the conversation
+- **THEN** the ReActRunner SHALL continue the loop (up to maxSteps)
+
+### Requirement: System prompt lives in a separate module
+
+The system prompt for the mindmap agent SHALL be defined in `src/lib/agent/system-prompt.ts` as an exported function.
+
+```typescript
+export function buildMindmapAgentPrompt(): string
+```
+
+The prompt SHALL include:
+- Tool descriptions (readMindmap, generateMindmapOps)
+- Workflow guidance (read → think → execute → respond)
+- Operational rules (editedByUser protection, ID naming rules, 10 ops max, summary ≤ 50 chars)
+
+#### Scenario: Prompt is imported by Worker and hook
+- **WHEN** `agent.worker.ts` initializes the agent
+- **THEN** it SHALL call `buildMindmapAgentPrompt()` to get the system prompt
+- **THEN** `useMindmapAgent.ts` SHALL NOT contain inline prompt strings
+
+### Requirement: Worker file only handles message routing
+
+The `src/workers/agent.worker.ts` SHALL be reduced to message routing and orchestration only:
+
+```
+onmessage → switch(msg.type)
+  INIT       → create BaseAgent + ReActRunner
+  ENHANCE    → build user prompt → ReActRunner.run()
+  MEDIATE    → build user prompt → ReActRunner.run()
+```
+
+The file SHALL NOT contain:
+- ReAct loop logic (moved to ReActRunner)
+- System prompt text (moved to system-prompt.ts)
+- Tool definitions (already in agent.worker.ts as AI SDK tool objects, kept here)
+
+#### Scenario: Worker routes ENHANCE_MESSAGE
+- **WHEN** Worker receives ENHANCE_MESSAGE
+- **THEN** it SHALL construct a user prompt from messages → call `runner.run(prompt)` → post AGENT_COMPLETE
+
+#### Scenario: Worker routes MEDIATE_MESSAGE
+- **WHEN** Worker receives MEDIATE_MESSAGE
+- **THEN** it SHALL construct a user prompt → call `runner.run(prompt)` → post STREAM_TOKEN / STREAM_DONE
diff --git a/openspec/changes/archive/2026-05-10-multi-agent-pipeline/specs/agent-schema/spec.md b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/specs/agent-schema/spec.md
new file mode 100644
index 0000000..997e966
--- /dev/null
+++ b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/specs/agent-schema/spec.md
@@ -0,0 +1,63 @@
+## ADDED Requirements
+
+### Requirement: Operations are validated before application
+
+The system SHALL validate all mindmap operations using Zod schema BEFORE calling `applyOperations()`.
+
+```typescript
+import { z } from 'zod'
+
+export const MindmapOperationSchema = z.object({
+  type: z.enum(['add_child', 'update', 'delete_leaf', 'add_root']),
+  parentId: z.string().optional(),
+  nodeId: z.string().optional(),
+  id: z.string().optional(),
+  label: z.string().optional(),
+  summary: z.string().optional(),
+  patch: z.object({
+    label: z.string().optional(),
+    summary: z.string().optional(),
+  }).optional(),
+})
+
+export const OperationsArraySchema = z
+  .array(MindmapOperationSchema)
+  .max(10, '每次最多 10 个操作')
+```
+
+The validation SHALL be performed in the `generateMindmapOps` tool handler in `agent-tools.ts`.
+
+#### Scenario: Valid operations pass validation
+- **WHEN** `generateMindmapOps` receives `{ operations: [{ type: 'add_child', parentId: 'n1a2b3c', label: 'TypeScript' }] }`
+- **THEN** `OperationsArraySchema.safeParse()` SHALL return `success: true`
+- **THEN** the operations SHALL be applied to the mindmap
+
+#### Scenario: Invalid type is rejected
+- **WHEN** `generateMindmapOps` receives `{ operations: [{ type: 'invalid_type' }] }`
+- **THEN** `safeParse()` SHALL return `success: false`
+- **THEN** the tool SHALL return `{ error: '操作校验失败: ...', success: false }`
+- **THEN** the mindmap SHALL NOT be modified
+
+#### Scenario: Missing required label on add_child is rejected
+- **WHEN** `generateMindmapOps` receives `{ operations: [{ type: 'add_child', parentId: 'n1a2b3c' }] }` (no label)
+- **THEN** validation SHALL succeed (label is optional in schema, the apply engine handles default)
+- **THEN** the node SHALL be created with default label
+
+#### Scenario: Numeric IDs are rejected
+- **WHEN** `generateMindmapOps` receives `{ operations: [{ type: 'add_child', id: '1', label: 'X' }] }`
+- **THEN** validation SHALL succeed (Zod doesn't check semantics — the apply engine rejects id='1')
+- **THEN** the operation SHALL be applied with the ID as-is (id validation is a future enhancement)
+
+#### Scenario: Operations exceed maximum
+- **WHEN** `generateMindmapOps` receives 15 operations in one call
+- **THEN** `OperationsArraySchema.safeParse()` SHALL return `success: false`
+- **THEN** the error message SHALL indicate the operations count exceeded 10
+
+### Requirement: Validation errors are surfaced to the Agent
+
+When Zod validation fails, the error SHALL be returned to the Worker so the ReAct loop can retry with corrected input.
+
+#### Scenario: Agent retries after validation error
+- **WHEN** the ReActRunner receives a validation error from `generateMindmapOps`
+- **THEN** the error SHALL be injected into the LLM conversation as a tool result
+- **THEN** the LLM SHALL have the opportunity to correct its output in the next ReAct step
diff --git a/openspec/changes/archive/2026-05-10-multi-agent-pipeline/tasks.md b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/tasks.md
new file mode 100644
index 0000000..d120a4d
--- /dev/null
+++ b/openspec/changes/archive/2026-05-10-multi-agent-pipeline/tasks.md
@@ -0,0 +1,43 @@
+## 1. System Prompt Extraction
+
+- [x] 1.1 Create `src/lib/agent/system-prompt.ts` — export `buildMindmapAgentPrompt()` function
+- [x] 1.2 Copy the inline prompt from `useMindmapAgent.ts` (lines 176-198) into the new function
+- [x] 1.3 Update `useMindmapAgent.ts` to import from system-prompt.ts instead of inline string
+- [x] 1.4 Verify agent behavior is identical after extraction
+
+## 2. Zod Schema Validation
+
+- [x] 2.1 Create `src/lib/agent/schema.ts` — define `MindmapOperationSchema` and `OperationsArraySchema`
+- [x] 2.2 Add `safeParse` call in `agent-tools.ts` `generateMindmapOps` handler before `applyOperations()`
+- [x] 2.3 Return descriptive error on validation failure (with field path and message)
+- [x] 2.4 Write unit tests for valid operations passing and invalid operations being rejected
+- [x] 2.5 Write unit test for operations exceeding max count (10)
+
+## 3. BaseAgent Class
+
+- [x] 3.1 Create `src/lib/agent/base-agent.ts` — abstract BaseAgent with `callLLM()` and `callTool()`
+- [x] 3.2 Define `AgentContext` interface (model, providerConfig, systemPrompt, onToolCall, onStatusReport)
+- [x] 3.3 Write unit tests for BaseAgent (callLLM mock, callTool dispatch)
+
+## 4. ReActRunner Extraction
+
+- [x] 4.1 Create `src/lib/agent/ReActRunner.ts` — class that encapsulates the ReAct loop
+- [x] 4.2 Extract the loop logic from `agent.worker.ts` lines 92-175 into ReActRunner
+- [x] 4.3 Keep the same behavior: 5 max steps, tool result injection, invalid call retry
+- [x] 4.4 Update `agent.worker.ts` to instantiate ReActRunner and call `.run()` from message handlers
+- [x] 4.5 Verify ENHANCE_MESSAGE mode works identically
+- [x] 4.6 Verify MEDIATE_MESSAGE mode works identically (streaming still functional)
+
+## 5. Worker File Cleanup
+
+- [x] 5.1 Verify `agent.worker.ts` is reduced to message routing only (< ~150 lines)
+- [x] 5.2 Confirm all postMessage protocols (AGENT_STATUS, AGENT_COMPLETE, STREAM_TOKEN, etc.) unchanged
+- [x] 5.3 Confirm tool definitions (AI SDK `tool()` objects) remain in worker (they are worker-specific)
+
+## 6. Regression Testing
+
+- [x] 6.1 Run existing test suite — verify no regressions
+- [x] 6.2 Test ENHANCE_MESSAGE: AI responds → agent auto-updates mindmap
+- [x] 6.3 Test MEDIATE_MESSAGE: user sends agent message → mindmap updates + answer streams
+- [x] 6.4 Test Zod validation path: inject bad operations → verify rejection
+- [x] 6.5 Test editedByUser protection: manually edit node → verify AI respects it
diff --git a/openspec/specs/agent-core/spec.md b/openspec/specs/agent-core/spec.md
new file mode 100644
index 0000000..7c42445
--- /dev/null
+++ b/openspec/specs/agent-core/spec.md
@@ -0,0 +1,101 @@
+## ADDED Requirements
+
+### Requirement: BaseAgent provides unified LLM calling
+
+The system SHALL provide a `BaseAgent` class that encapsulates LLM invocation and tool interaction for all agent implementations.
+
+```typescript
+abstract class BaseAgent {
+  protected ctx: AgentContext
+  abstract get name(): string
+  protected async callLLM(params: CallLLMParams): Promise<LLMResponse>
+  protected async callTool(name: string, args: unknown): Promise<unknown>
+}
+
+interface AgentContext {
+  model: string
+  systemPrompt: string
+  providerConfig: { apiEndpoint: string; apiKey: string }
+  onToolCall: (name: string, args: unknown) => Promise<unknown>
+  onStatusReport: (status: AgentStatus, message?: string) => void
+}
+```
+
+#### Scenario: Agent calls LLM with system prompt
+- **WHEN** an agent invokes `this.callLLM({ messages, tools })`
+- **THEN** the system SHALL send the messages + system prompt to the LLM
+- **THEN** the response SHALL include text content and any tool calls
+
+#### Scenario: Agent calls a tool
+- **WHEN** an agent invokes `this.callTool('readMindmap', {})`
+- **THEN** the system SHALL forward the call to the main thread via `onToolCall`
+- **THEN** the result SHALL be returned to the agent
+
+### Requirement: ReActRunner encapsulates reasoning loop
+
+The system SHALL provide a `ReActRunner` class that orchestrates the tool-use reasoning loop independently of message routing.
+
+```typescript
+class ReActRunner {
+  constructor(agent: BaseAgent, tools: ToolDefinition[])
+  async run(userPrompt: string, options?: { maxSteps?: number }): Promise<string>
+}
+```
+
+The ReActRunner SHALL:
+- Accept a max of 5 steps per run
+- Process tool calls and inject tool results back into the conversation
+- Return the final text response when no more tool calls are needed
+- Report status updates (thinking, reading_mindmap, generating_mindmap) at appropriate steps
+
+#### Scenario: ReActRunner completes with tool calls
+- **WHEN** the LLM calls `readMindmap` then `generateMindmapOps`
+- **THEN** the ReActRunner SHALL execute both tools in sequence
+- **THEN** the ReActRunner SHALL return the final LLM text response
+
+#### Scenario: ReActRunner handles invalid tool call
+- **WHEN** the LLM produces a tool call with invalid JSON parameters
+- **THEN** the ReActRunner SHALL inject an error message into the conversation
+- **THEN** the ReActRunner SHALL continue the loop (up to maxSteps)
+
+### Requirement: System prompt lives in a separate module
+
+The system prompt for the mindmap agent SHALL be defined in `src/lib/agent/system-prompt.ts` as an exported function.
+
+```typescript
+export function buildMindmapAgentPrompt(): string
+```
+
+The prompt SHALL include:
+- Tool descriptions (readMindmap, generateMindmapOps)
+- Workflow guidance (read → think → execute → respond)
+- Operational rules (editedByUser protection, ID naming rules, 10 ops max, summary ≤ 50 chars)
+
+#### Scenario: Prompt is imported by Worker and hook
+- **WHEN** `agent.worker.ts` initializes the agent
+- **THEN** it SHALL call `buildMindmapAgentPrompt()` to get the system prompt
+- **THEN** `useMindmapAgent.ts` SHALL NOT contain inline prompt strings
+
+### Requirement: Worker file only handles message routing
+
+The `src/workers/agent.worker.ts` SHALL be reduced to message routing and orchestration only:
+
+```
+onmessage → switch(msg.type)
+  INIT       → create BaseAgent + ReActRunner
+  ENHANCE    → build user prompt → ReActRunner.run()
+  MEDIATE    → build user prompt → ReActRunner.run()
+```
+
+The file SHALL NOT contain:
+- ReAct loop logic (moved to ReActRunner)
+- System prompt text (moved to system-prompt.ts)
+- Tool definitions (already in agent.worker.ts as AI SDK tool objects, kept here)
+
+#### Scenario: Worker routes ENHANCE_MESSAGE
+- **WHEN** Worker receives ENHANCE_MESSAGE
+- **THEN** it SHALL construct a user prompt from messages → call `runner.run(prompt)` → post AGENT_COMPLETE
+
+#### Scenario: Worker routes MEDIATE_MESSAGE
+- **WHEN** Worker receives MEDIATE_MESSAGE
+- **THEN** it SHALL construct a user prompt → call `runner.run(prompt)` → post STREAM_TOKEN / STREAM_DONE
diff --git a/openspec/specs/agent-schema/spec.md b/openspec/specs/agent-schema/spec.md
new file mode 100644
index 0000000..997e966
--- /dev/null
+++ b/openspec/specs/agent-schema/spec.md
@@ -0,0 +1,63 @@
+## ADDED Requirements
+
+### Requirement: Operations are validated before application
+
+The system SHALL validate all mindmap operations using Zod schema BEFORE calling `applyOperations()`.
+
+```typescript
+import { z } from 'zod'
+
+export const MindmapOperationSchema = z.object({
+  type: z.enum(['add_child', 'update', 'delete_leaf', 'add_root']),
+  parentId: z.string().optional(),
+  nodeId: z.string().optional(),
+  id: z.string().optional(),
+  label: z.string().optional(),
+  summary: z.string().optional(),
+  patch: z.object({
+    label: z.string().optional(),
+    summary: z.string().optional(),
+  }).optional(),
+})
+
+export const OperationsArraySchema = z
+  .array(MindmapOperationSchema)
+  .max(10, '每次最多 10 个操作')
+```
+
+The validation SHALL be performed in the `generateMindmapOps` tool handler in `agent-tools.ts`.
+
+#### Scenario: Valid operations pass validation
+- **WHEN** `generateMindmapOps` receives `{ operations: [{ type: 'add_child', parentId: 'n1a2b3c', label: 'TypeScript' }] }`
+- **THEN** `OperationsArraySchema.safeParse()` SHALL return `success: true`
+- **THEN** the operations SHALL be applied to the mindmap
+
+#### Scenario: Invalid type is rejected
+- **WHEN** `generateMindmapOps` receives `{ operations: [{ type: 'invalid_type' }] }`
+- **THEN** `safeParse()` SHALL return `success: false`
+- **THEN** the tool SHALL return `{ error: '操作校验失败: ...', success: false }`
+- **THEN** the mindmap SHALL NOT be modified
+
+#### Scenario: Missing required label on add_child is rejected
+- **WHEN** `generateMindmapOps` receives `{ operations: [{ type: 'add_child', parentId: 'n1a2b3c' }] }` (no label)
+- **THEN** validation SHALL succeed (label is optional in schema, the apply engine handles default)
+- **THEN** the node SHALL be created with default label
+
+#### Scenario: Numeric IDs are rejected
+- **WHEN** `generateMindmapOps` receives `{ operations: [{ type: 'add_child', id: '1', label: 'X' }] }`
+- **THEN** validation SHALL succeed (Zod doesn't check semantics — the apply engine rejects id='1')
+- **THEN** the operation SHALL be applied with the ID as-is (id validation is a future enhancement)
+
+#### Scenario: Operations exceed maximum
+- **WHEN** `generateMindmapOps` receives 15 operations in one call
+- **THEN** `OperationsArraySchema.safeParse()` SHALL return `success: false`
+- **THEN** the error message SHALL indicate the operations count exceeded 10
+
+### Requirement: Validation errors are surfaced to the Agent
+
+When Zod validation fails, the error SHALL be returned to the Worker so the ReAct loop can retry with corrected input.
+
+#### Scenario: Agent retries after validation error
+- **WHEN** the ReActRunner receives a validation error from `generateMindmapOps`
+- **THEN** the error SHALL be injected into the LLM conversation as a tool result
+- **THEN** the LLM SHALL have the opportunity to correct its output in the next ReAct step
diff --git a/src/components/ui/button.tsx b/src/components/ui/button.tsx
index b520e87..11f0cda 100644
--- a/src/components/ui/button.tsx
+++ b/src/components/ui/button.tsx
@@ -1,3 +1,4 @@
+import * as React from 'react'
 import { Button as ButtonPrimitive } from '@base-ui/react/button'
 import { cva, type VariantProps } from 'class-variance-authority'
 
@@ -40,19 +41,18 @@ const buttonVariants = cva(
   },
 )
 
-function Button({
-  className,
-  variant = 'default',
-  size = 'default',
-  ...props
-}: ButtonPrimitive.Props & VariantProps<typeof buttonVariants>) {
-  return (
-    <ButtonPrimitive
-      data-slot="button"
-      className={cn(buttonVariants({ variant, size, className }))}
-      {...props}
-    />
-  )
-}
+const Button = React.forwardRef<HTMLButtonElement, ButtonPrimitive.Props & VariantProps<typeof buttonVariants>>(
+  ({ className, variant = 'default', size = 'default', ...props }, ref) => {
+    return (
+      <ButtonPrimitive
+        ref={ref}
+        data-slot="button"
+        className={cn(buttonVariants({ variant, size, className }))}
+        {...props}
+      />
+    )
+  },
+)
+Button.displayName = 'Button'
 
 export { Button, buttonVariants }
diff --git a/src/components/ui/textarea.tsx b/src/components/ui/textarea.tsx
index 69d4a0c..1814caa 100644
--- a/src/components/ui/textarea.tsx
+++ b/src/components/ui/textarea.tsx
@@ -2,17 +2,21 @@ import * as React from 'react'
 
 import { cn } from '@/lib/utils'
 
-function Textarea({ className, ...props }: React.ComponentProps<'textarea'>) {
-  return (
-    <textarea
-      data-slot="textarea"
-      className={cn(
-        'flex field-sizing-content min-h-16 w-full rounded-lg border border-input bg-transparent px-2.5 py-2 text-base transition-colors outline-none placeholder:text-muted-foreground focus-visible:border-ring focus-visible:ring-3 focus-visible:ring-ring/50 disabled:cursor-not-allowed disabled:bg-input/50 disabled:opacity-50 aria-invalid:border-destructive aria-invalid:ring-3 aria-invalid:ring-destructive/20 md:text-sm dark:bg-input/30 dark:disabled:bg-input/80 dark:aria-invalid:border-destructive/50 dark:aria-invalid:ring-destructive/40',
-        className,
-      )}
-      {...props}
-    />
-  )
-}
+const Textarea = React.forwardRef<HTMLTextAreaElement, React.ComponentProps<'textarea'>>(
+  ({ className, ...props }, ref) => {
+    return (
+      <textarea
+        ref={ref}
+        data-slot="textarea"
+        className={cn(
+          'flex field-sizing-content min-h-16 w-full rounded-lg border border-input bg-transparent px-2.5 py-2 text-base transition-colors outline-none placeholder:text-muted-foreground focus-visible:border-ring focus-visible:ring-3 focus-visible:ring-ring/50 disabled:cursor-not-allowed disabled:bg-input/50 disabled:opacity-50 aria-invalid:border-destructive aria-invalid:ring-3 aria-invalid:ring-destructive/20 md:text-sm dark:bg-input/30 dark:disabled:bg-input/80 dark:aria-invalid:border-destructive/50 dark:aria-invalid:ring-destructive/40',
+          className,
+        )}
+        {...props}
+      />
+    )
+  },
+)
+Textarea.displayName = 'Textarea'
 
 export { Textarea }
diff --git a/src/features/chat/ChatInputPanel.tsx b/src/features/chat/ChatInputPanel.tsx
index b0a610d..dec43fb 100644
--- a/src/features/chat/ChatInputPanel.tsx
+++ b/src/features/chat/ChatInputPanel.tsx
@@ -79,6 +79,7 @@ export default function ChatInputPanel({
     if (!activeConversation) return
     if (mode === 'enhance') {
       stopGeneration()
+      useChatStore.getState().setAgentStatus('idle')
     }
     updateConversation(activeConversation.id, { agentMode: mode })
   }
diff --git a/src/features/chat/ChatPage.tsx b/src/features/chat/ChatPage.tsx
index 6bb0956..7067f3e 100644
--- a/src/features/chat/ChatPage.tsx
+++ b/src/features/chat/ChatPage.tsx
@@ -60,11 +60,14 @@ export default function ChatPage() {
     (content: string) => {
       if (!activeConversation) return
 
-      const currentAgentMode = activeConversation.agentMode ?? 'enhance'
+      // 实时从 store 读取 agentMode，避免 useCallback 闭包缓存旧值
+      const { agentMode } = useConversationStore.getState().conversations.find(
+        (c) => c.id === activeConversation.id,
+      ) ?? { agentMode: 'enhance' as const }
+      const currentAgentMode = agentMode ?? 'enhance'
 
       if (currentAgentMode === 'mediate') {
         stopGeneration()
-        agent.initialize()
         const store = useConversationStore.getState()
         store.addMessageToConversation(activeConversation.id, {
           id: generateId(),
@@ -100,10 +103,30 @@ export default function ChatPage() {
     if (!lastMsg || lastMsg.role !== 'assistant') return
     const lastUserMsg = [...conv.messages].reverse().find((m) => m.role === 'user')
     removeLastAssistantMessage(convId)
-    if (lastUserMsg) {
+
+    if (!lastUserMsg) return
+
+    // 根据当前模式选择路径
+    const currentConv = useConversationStore.getState().conversations.find(
+      (c) => c.id === convId,
+    )
+    const agentMode = currentConv?.agentMode ?? 'enhance'
+
+    if (agentMode === 'mediate') {
+      // Agent 模式：通过 Worker 重新生成
+      const store = useConversationStore.getState()
+      store.addMessageToConversation(convId, {
+        id: generateId(),
+        role: 'assistant',
+        content: '',
+        createdAt: Date.now(),
+        status: 'streaming',
+      })
+      agent.mediateMessage(lastUserMsg.content, convId)
+    } else {
       sendMessage(lastUserMsg.content, convId)
     }
-  }, [activeConversation, isGenerating, removeLastAssistantMessage, sendMessage])
+  }, [activeConversation, isGenerating, removeLastAssistantMessage, sendMessage, agent])
 
   // ── 新建会话 ──
   const handleNewConversation = () => {
diff --git a/src/features/chat/ModelSelector.tsx b/src/features/chat/ModelSelector.tsx
index 54629db..3faa32d 100644
--- a/src/features/chat/ModelSelector.tsx
+++ b/src/features/chat/ModelSelector.tsx
@@ -27,11 +27,11 @@ export default function ModelSelector() {
 
   return (
     <DropdownMenu>
-      <DropdownMenuTrigger>
-        <Button variant="outline" className="max-w-72 min-w-0 justify-between text-sm gap-2">
-          <span className="truncate">{label}</span>
-          <ChevronDown className="w-3.5 h-3.5 shrink-0 text-muted-foreground" />
-        </Button>
+      <DropdownMenuTrigger
+        render={<Button variant="outline" className="max-w-72 min-w-0 justify-between text-sm gap-2" />}
+      >
+        <span className="truncate">{label}</span>
+        <ChevronDown className="w-3.5 h-3.5 shrink-0 text-muted-foreground" />
       </DropdownMenuTrigger>
       <DropdownMenuContent className="w-56">
         {providers.length === 0 ? (
diff --git a/src/features/mindmap/MindMapPanel.tsx b/src/features/mindmap/MindMapPanel.tsx
index 5acdac4..4b82486 100644
--- a/src/features/mindmap/MindMapPanel.tsx
+++ b/src/features/mindmap/MindMapPanel.tsx
@@ -5,7 +5,6 @@ import {
   Download,
   FileImage,
   FileText,
-  Link2,
   Maximize2,
   Minimize2,
   X,
@@ -48,17 +47,6 @@ export default function MindMapPanel({ onClose }: MindMapPanelProps) {
 
   const activeConvId = useConversationStore((s) => s.activeConversationId)
 
-  const isCurrentLinked =
-    activeMindmapId != null && activeConvId != null
-      ? (activeMindmap?.monitoredConversationIds ?? []).includes(activeConvId)
-      : false
-
-  const handleLinkCurrent = useCallback(() => {
-    if (activeConvId && activeMindmapId) {
-      useMindmapStore.getState().addMonitoredConversation(activeMindmapId, activeConvId)
-    }
-  }, [activeConvId, activeMindmapId])
-
   const handleUnlink = useCallback(
     (convId: string) => {
       if (activeMindmapId) {
@@ -186,9 +174,12 @@ export default function MindMapPanel({ onClose }: MindMapPanelProps) {
 
       {activeMindmap && (
         <div className="border-t border-sidebar-border pt-2 px-3">
-          <button
-            className="flex items-center gap-1 text-xs font-medium text-sidebar-foreground/80 hover:text-sidebar-foreground w-full"
+          <div
+            className="flex items-center gap-1 text-xs font-medium text-sidebar-foreground/80 hover:text-sidebar-foreground w-full cursor-pointer"
             onClick={() => setLinkedOpen((o) => !o)}
+            role="button"
+            tabIndex={0}
+            onKeyDown={(e) => { if (e.key === 'Enter' || e.key === ' ') { e.preventDefault(); setLinkedOpen((o) => !o) } }}
           >
             {linkedOpen ? (
               <ChevronDown className="w-3 h-3 shrink-0" />
@@ -196,24 +187,7 @@ export default function MindMapPanel({ onClose }: MindMapPanelProps) {
               <ChevronRight className="w-3 h-3 shrink-0" />
             )}
             关联会话 ({linkedConversations.length})
-            {activeConvId && (
-              <button
-                className="ml-auto inline-flex items-center gap-1 text-xs text-sidebar-foreground/60 hover:text-sidebar-foreground"
-                onClick={(e) => {
-                  e.stopPropagation()
-                  if (isCurrentLinked) {
-                    handleUnlink(activeConvId)
-                  } else {
-                    handleLinkCurrent()
-                  }
-                }}
-                title={isCurrentLinked ? '取消关联当前会话' : '关联当前会话'}
-              >
-                <Link2 className="w-3 h-3" />
-                {isCurrentLinked ? '已关联' : '关联当前'}
-              </button>
-            )}
-          </button>
+          </div>
           {linkedOpen && (
             <div className="mt-1 space-y-0.5 max-h-32 overflow-y-auto">
               {linkedConversations.length === 0 ? (
diff --git a/src/hooks/useMindmapAgent.ts b/src/hooks/useMindmapAgent.ts
index 0569ae6..b11010a 100644
--- a/src/hooks/useMindmapAgent.ts
+++ b/src/hooks/useMindmapAgent.ts
@@ -4,6 +4,7 @@ import { useProviderStore } from '@/stores/providerStore'
 import { useMindmapStore } from '@/stores/mindmapStore'
 import { useChatStore } from '@/stores/chatStore'
 import { agentToolHandlers } from '@/lib/agent/agent-tools'
+import { buildMindmapAgentPrompt } from '@/lib/agent/system-prompt'
 import type {
   MainToWorkerMessage,
   WorkerToMainMessage,
@@ -171,31 +172,7 @@ export function useMindmapAgent() {
           apiKey: provider.apiKey,
         },
         model: conv.modelId,
-        // Agent 的系统 prompt 是工具使用指南，不是脑图生成指令
-        // buildFullMindmapPrompt() 只在 generateMindmapOps 工具内部使用
-        mindmapSystemPrompt: `你是思维导图生成助手。通过工具来更新脑图。
-
-工具：
-1. readMindmap — 读取当前脑图，返回每个节点的 ID（如 [id: xxxx]）、标签、摘要。
-2. generateMindmapOps — 提交脑图增量操作。调用它传入 operations 数组来更新脑图。
-
-工作方式：
-- 如果上下文中还没有脑图信息，先调用 readMindmap 获取
-- 如果上下文中已经有 readMindmap 的结果了，直接调用 generateMindmapOps 更新
-- generateMindmapOps 之后用自然语言回答用户，不提工具名或操作过程
-
-工具只用来更新脑图和了解结构，不要重复调用 readMindmap。每次操作尽量用 generateMindmapOps 来扩展和丰富脑图。注意：
-  - 创建新节点时（add_child/add_root），请用 id 字段指定一个有意义的英文 ID（如 "python", "rust-vs-cangjie"），后续操作用 parentId 引用
-  - 每次 generateMindmapOps 最多 10 个操作，超过可以一次回复中同时发出多个 generateMindmapOps 调用
-  - 每个 summary 控制在 50 字以内，避免 JSON 过长导致语法错误
-  - 不能用数字 1、2、3 等作为 ID
-  - [用户编辑] 节点不要 update 或 delete
-  - delete_leaf 只能删无子节点的叶子
-  - 重复概念用 update 更新摘要，而不是 add_child
-  - 无改动时传 {"operations": []}
-步骤 3: 用自然语言回答用户。不要提及工具名称、操作过程或脑图内部结构，就像你在做一个正常的对话回答。
-
-如果没有新信息需要补充，传 {"operations": []}，然后直接输出回答。`,
+        mindmapSystemPrompt: buildMindmapAgentPrompt(),
       },
     }
     worker.postMessage(initMsg)
diff --git a/src/lib/agent/ReActRunner.ts b/src/lib/agent/ReActRunner.ts
new file mode 100644
index 0000000..d3eaa42
--- /dev/null
+++ b/src/lib/agent/ReActRunner.ts
@@ -0,0 +1,181 @@
+import { generateText } from 'ai'
+
+const LOG = '[🧠 ReActRunner]'
+
+/**
+ * Tool definition as used by the Vercel AI SDK.
+ */
+export type ToolSet = Record<string, unknown>
+
+/**
+ * Status report callback signature.
+ */
+export type StatusReporter = (
+  status: 'idle' | 'thinking' | 'reading_mindmap' | 'generating_mindmap' | 'complete' | 'error',
+  message?: string,
+) => void
+
+/**
+ * Configuration for the ReActRunner.
+ */
+export interface ReActRunnerConfig {
+  /** The AI SDK language model (may be updated per-message) */
+  model: ReturnType<ReturnType<typeof import('@ai-sdk/openai').createOpenAI>['chat']>
+  /** System prompt for the agent */
+  systemPrompt: string
+  /** Tool definitions (AI SDK tool() objects) */
+  tools: ToolSet
+  /** Status report callback */
+  onStatusReport: StatusReporter
+  /** Maximum ReAct loop steps (default: 5) */
+  maxSteps?: number
+}
+
+/**
+ * Encapsulates the ReAct (Reasoning + Acting) loop for the mindmap agent.
+ *
+ * Extracted from agent.worker.ts to separate the reasoning loop from
+ * Web Worker message routing. The runner is framework-agnostic — it only
+ * depends on the AI SDK's generateText() and a tool set.
+ */
+export class ReActRunner {
+  private config: ReActRunnerConfig
+
+  constructor(config: ReActRunnerConfig) {
+    this.config = config
+  }
+
+  /**
+   * Update the language model (e.g., when a message carries a different model ID).
+   */
+  setModel(model: ReActRunnerConfig['model']): void {
+    this.config.model = model
+  }
+
+  /**
+   * Update the system prompt.
+   */
+  setSystemPrompt(prompt: string): void {
+    this.config.systemPrompt = prompt
+  }
+
+  /**
+   * Run the ReAct loop.
+   *
+   * @param userPrompt - The user's message / conversation context
+   * @returns Final LLM text response (or empty string if only tool calls were made)
+   */
+  async run(userPrompt: string): Promise<string> {
+    const maxSteps = this.config.maxSteps ?? 5
+
+    console.log(LOG, '===== ReAct 循环开始 =====')
+
+    const messages: Array<{ role: 'user' | 'assistant'; content: string }> = [
+      { role: 'user', content: userPrompt },
+    ]
+
+    let stepIndex = 0
+
+    while (stepIndex < maxSteps) {
+      stepIndex++
+      console.log(LOG, `--- Step ${stepIndex}/${maxSteps} ---`)
+      this.config.onStatusReport('thinking', `[${stepIndex}/${maxSteps}] 分析对话，决定下一步...`)
+
+      const result = await generateText({
+        model: this.config.model,
+        system: this.config.systemPrompt,
+        messages,
+        tools: this.config.tools as never,
+      })
+
+      const text = result.text
+      console.log(LOG, `LLM 回答 ${text?.length ?? 0} 字`)
+      if (text && text.length > 0) {
+        console.log(LOG, 'LLM 文本前 200 字:', text.slice(0, 200))
+      }
+
+      // Check if SDK auto-executed tools
+      const toolCallsRaw = result.toolCalls as unknown as
+        | Array<{ toolName: string; args: unknown; invalid?: boolean }>
+        | undefined
+      const toolResults = result.toolResults as unknown as
+        | Array<{ toolName: string; output: unknown }>
+        | undefined
+
+      // Save assistant response to message history
+      messages.push({
+        role: 'assistant' as const,
+        content: text || '（调用工具中...）',
+      })
+
+      if (!toolResults || toolResults.length === 0) {
+        // Check for failed tool calls (e.g., JSON too large / syntax error)
+        const invalidCalls = toolCallsRaw?.filter((t) => t.invalid)
+        if (invalidCalls && invalidCalls.length > 0) {
+          console.warn(
+            LOG,
+            `发现 ${invalidCalls.length} 个无效工具调用，重试中:`,
+            invalidCalls.map((t) => t.toolName),
+          )
+          messages.push({
+            role: 'assistant' as const,
+            content:
+              '上一次工具调用参数格式有误（可能 JSON 过长或未闭合），请精简 operations 数量或缩短 summary 后重试。',
+          })
+          continue
+        }
+
+        // toolCalls exist but no results → tool definition mismatch
+        if (toolCallsRaw && (toolCallsRaw as Array<{ toolName: string }>).length > 0) {
+          console.warn(LOG, 'toolCalls 存在但 toolResults 为空，跳过')
+        }
+
+        // No tool calls → final answer
+        if (text) {
+          const preview = text.length > 100 ? text.slice(0, 100) + '...' : text
+          console.log(LOG, '✅ Agent 最终回答:', preview)
+          this.config.onStatusReport('generating_mindmap', `完成: ${preview}`)
+        }
+        return text ?? ''
+      }
+
+      console.log(
+        LOG,
+        `SDK 执行了 ${toolResults.length} 个工具:`,
+        toolResults.map((t) => t.toolName).join(', '),
+      )
+      this.config.onStatusReport(
+        'thinking',
+        `[${stepIndex}/${maxSteps}] 工具结果已返回，继续分析...`,
+      )
+
+      // Inject tool results into message history
+      let hadNoopOps = false
+      for (const tr of toolResults) {
+        if (tr.toolName === 'generateMindmapOps') {
+          const output = tr.output as Record<string, unknown> | undefined
+          const ops = output?.operations as unknown[] | undefined
+          if (ops && ops.length === 0) {
+            hadNoopOps = true
+          }
+        }
+        messages.push({
+          role: 'assistant' as const,
+          content: JSON.stringify({ tool: tr.toolName, result: tr.output }),
+        })
+      }
+
+      // 如果 generateMindmapOps 返回 0 个操作 → LLM 认为不需要更新 → 结束循环
+      if (hadNoopOps) {
+        console.log(LOG, 'generateMindmapOps 返回 0 操作，结束循环')
+        if (text) {
+          this.config.onStatusReport('generating_mindmap', `完成: ${text.slice(0, 100)}`)
+        }
+        return text ?? ''
+      }
+    }
+
+    console.warn(LOG, `达到最大步骤数 ${maxSteps}，循环结束`)
+    return '已达到最大推理步骤数，请重试或简化问题。'
+  }
+}
diff --git a/src/lib/agent/__tests__/base-agent.test.ts b/src/lib/agent/__tests__/base-agent.test.ts
new file mode 100644
index 0000000..075039e
--- /dev/null
+++ b/src/lib/agent/__tests__/base-agent.test.ts
@@ -0,0 +1,102 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest'
+import { BaseAgent } from '../base-agent'
+import type { AgentContext } from '../base-agent'
+
+// Mock the AI SDK
+vi.mock('ai', () => ({
+  generateText: vi.fn(),
+}))
+
+import { generateText } from 'ai'
+
+function createMockContext(overrides?: Partial<AgentContext>): AgentContext {
+  return {
+    model: { provider: 'openai' } as unknown as AgentContext['model'],
+    systemPrompt: 'You are a test agent',
+    onStatusReport: vi.fn(),
+    ...overrides,
+  }
+}
+
+describe('BaseAgent', () => {
+  beforeEach(() => {
+    vi.clearAllMocks()
+  })
+
+  it('can be instantiated with a context', () => {
+    const ctx = createMockContext()
+    const agent = new BaseAgent(ctx)
+    expect(agent).toBeInstanceOf(BaseAgent)
+    expect(agent.name).toBe('MindmapAgent')
+  })
+
+  it('reports status through context callback', () => {
+    const onStatusReport = vi.fn()
+    const agent = new BaseAgent(createMockContext({ onStatusReport }))
+
+    // Use the protected method via type assertion
+    ;(agent as unknown as { reportStatus: BaseAgent['reportStatus'] }).reportStatus(
+      'thinking',
+      'testing',
+    )
+
+    expect(onStatusReport).toHaveBeenCalledWith('thinking', 'testing')
+  })
+
+  it('callLLM invokes generateText with correct parameters', async () => {
+    const ctx = createMockContext()
+    const agent = new BaseAgent(ctx)
+
+    const mockResult = { text: 'Hello', toolCalls: [], toolResults: [] }
+    vi.mocked(generateText).mockResolvedValue(mockResult as never)
+
+    const result = await (
+      agent as unknown as {
+        callLLM: (params: {
+          messages: Array<{ role: 'user' | 'assistant'; content: string }>
+          tools?: Record<string, unknown>
+        }) => Promise<unknown>
+      }
+    ).callLLM({
+      messages: [{ role: 'user', content: 'Hi' }],
+    })
+
+    expect(generateText).toHaveBeenCalledWith(
+      expect.objectContaining({
+        model: ctx.model,
+        system: ctx.systemPrompt,
+        messages: [{ role: 'user', content: 'Hi' }],
+      }),
+    )
+    expect(result).toEqual({
+      text: 'Hello',
+      toolCalls: [],
+      toolResults: [],
+    })
+  })
+
+  it('callLLM passes tools to generateText', async () => {
+    const agent = new BaseAgent(createMockContext())
+    const mockTools = { readMindmap: {} }
+
+    vi.mocked(generateText).mockResolvedValue({ text: '', toolCalls: [], toolResults: [] } as never)
+
+    await (
+      agent as unknown as {
+        callLLM: (params: {
+          messages: Array<{ role: 'user' | 'assistant'; content: string }>
+          tools?: Record<string, unknown>
+        }) => Promise<unknown>
+      }
+    ).callLLM({
+      messages: [{ role: 'user', content: 'Test' }],
+      tools: mockTools,
+    })
+
+    expect(generateText).toHaveBeenCalledWith(
+      expect.objectContaining({
+        tools: mockTools,
+      }),
+    )
+  })
+})
diff --git a/src/lib/agent/__tests__/schema.test.ts b/src/lib/agent/__tests__/schema.test.ts
new file mode 100644
index 0000000..71d7d2c
--- /dev/null
+++ b/src/lib/agent/__tests__/schema.test.ts
@@ -0,0 +1,128 @@
+import { describe, it, expect } from 'vitest'
+import {
+  MindmapOperationSchema,
+  OperationsArraySchema,
+  validateOperations,
+} from '../schema'
+
+describe('MindmapOperationSchema', () => {
+  it('accepts a valid add_child operation', () => {
+    const result = MindmapOperationSchema.safeParse({
+      type: 'add_child',
+      parentId: 'n1a2b3c',
+      id: 'typescript',
+      label: 'TypeScript',
+      summary: 'JavaScript 的超集',
+    })
+    expect(result.success).toBe(true)
+  })
+
+  it('accepts a valid update operation', () => {
+    const result = MindmapOperationSchema.safeParse({
+      type: 'update',
+      nodeId: 'n1a2b3c',
+      patch: { summary: '更新后的摘要' },
+    })
+    expect(result.success).toBe(true)
+  })
+
+  it('accepts a valid delete_leaf operation', () => {
+    const result = MindmapOperationSchema.safeParse({
+      type: 'delete_leaf',
+      nodeId: 'n1a2b3c',
+    })
+    expect(result.success).toBe(true)
+  })
+
+  it('accepts a valid add_root operation', () => {
+    const result = MindmapOperationSchema.safeParse({
+      type: 'add_root',
+      label: 'Python',
+      summary: '编程语言',
+    })
+    expect(result.success).toBe(true)
+  })
+
+  it('rejects an invalid operation type', () => {
+    const result = MindmapOperationSchema.safeParse({
+      type: 'invalid_type',
+    })
+    expect(result.success).toBe(false)
+  })
+
+  it('rejects missing type field', () => {
+    const result = MindmapOperationSchema.safeParse({
+      label: 'No type',
+    })
+    expect(result.success).toBe(false)
+  })
+})
+
+describe('OperationsArraySchema', () => {
+  it('accepts an array of valid operations', () => {
+    const result = OperationsArraySchema.safeParse([
+      { type: 'add_child', parentId: 'n1', label: 'A' },
+      { type: 'update', nodeId: 'n2', patch: { summary: 'B' } },
+    ])
+    expect(result.success).toBe(true)
+  })
+
+  it('accepts an empty operations array', () => {
+    const result = OperationsArraySchema.safeParse([])
+    expect(result.success).toBe(true)
+  })
+
+  it('rejects more than 10 operations', () => {
+    const ops = Array.from({ length: 11 }, (_, i) => ({
+      type: 'add_child' as const,
+      parentId: `n${i}`,
+      label: `Node ${i}`,
+    }))
+    const result = OperationsArraySchema.safeParse(ops)
+    expect(result.success).toBe(false)
+  })
+
+  it('accepts exactly 10 operations', () => {
+    const ops = Array.from({ length: 10 }, (_, i) => ({
+      type: 'add_child' as const,
+      parentId: `n${i}`,
+      label: `Node ${i}`,
+    }))
+    const result = OperationsArraySchema.safeParse(ops)
+    expect(result.success).toBe(true)
+  })
+})
+
+describe('validateOperations', () => {
+  it('returns success with parsed data for valid input', () => {
+    const result = validateOperations([
+      { type: 'add_child', parentId: 'n1', label: 'A', summary: 'B' },
+    ])
+    expect(result.success).toBe(true)
+    if (result.success) {
+      expect(result.data).toHaveLength(1)
+      expect(result.data[0]!.label).toBe('A')
+    }
+  })
+
+  it('returns error for invalid input', () => {
+    const result = validateOperations([{ type: 'invalid' }])
+    expect(result.success).toBe(false)
+    if (!result.success) {
+      expect(result.error).toContain('操作校验失败')
+    }
+  })
+
+  it('returns error for non-array input', () => {
+    const result = validateOperations('not an array')
+    expect(result.success).toBe(false)
+  })
+
+  it('returns success with empty data for empty array', () => {
+    const result = validateOperations([])
+    expect(result.success).toBe(true)
+    if (result.success) {
+      expect(result.data).toHaveLength(0)
+    }
+  })
+})
diff --git a/src/lib/agent/agent-tools.ts b/src/lib/agent/agent-tools.ts
index d2e03e5..74f820d 100644
--- a/src/lib/agent/agent-tools.ts
+++ b/src/lib/agent/agent-tools.ts
@@ -5,6 +5,7 @@ import {
 } from '@/lib/mindmap-generator'
 import { deriveNodeId } from '@/lib/id'
 import type { MindMapNode } from '@/types/mindmap'
+import { validateOperations } from './schema'
 
 const LOG = '[🧠 Tools]'
 
@@ -62,15 +63,22 @@ export const agentToolHandlers: Record<
       return { success: true, nodeCount: 0, operations: [] }
     }
 
+    // ─── Zod schema 校验：拒绝格式错误的 operations ───
+    const validation = validateOperations(operations)
+    if (!validation.success) {
+      console.error(LOG, '操作校验失败:', validation.error)
+      return { error: validation.error, success: false }
+    }
+    const validatedOps = validation.data
+
     const conv = useConversationStore.getState().getActiveConversation()
     if (!conv) return { error: '无活跃会话' }
 
     const targetMindmap = getMindmapForConversation(conv.id)
     if (!targetMindmap) return { error: '会话未关联脑图' }
 
-    const ops = operations.filter(
-      (op) => op.type && ['add_child', 'update', 'delete_leaf', 'add_root'].includes(op.type),
-    ) as import('@/lib/agent/types').MindmapOperation[]
+    // 操作已通过 Zod 校验，直接使用
+    const ops = validatedOps as import('@/lib/agent/types').MindmapOperation[]
 
     if (ops.length === 0) {
       console.warn(LOG, '操作列表无有效操作')
@@ -102,6 +110,10 @@ export function applyOperations(
   for (const op of operations) {
     try {
       result = applyOne(result, op)
+      // 顶层验证：add_child 操作后检查父节点是否存在
+      if (op.type === 'add_child' && op.parentId && !hasNode(result, op.parentId)) {
+        console.warn(LOG, `add_child: 未找到父节点 "${op.parentId}"`)
+      }
     } catch (err) {
       console.warn(LOG, `跳过操作 ${op.type}: ${String(err)}`)
     }
@@ -110,6 +122,18 @@ export function applyOperations(
   return result
 }
 
+/**
+ * 检查树中是否包含指定 ID 的节点。
+ * 用于在 add_child 操作后验证目标父节点是否存在。
+ */
+function hasNode(nodes: MindMapNode[], nodeId: string): boolean {
+  for (const n of nodes) {
+    if (n.id === nodeId) return true
+    if (n.children.length > 0 && hasNode(n.children, nodeId)) return true
+  }
+  return false
+}
+
 function addChildToNode(
   node: MindMapNode,
   op: Extract<
@@ -134,11 +158,10 @@ function applyOne(
 
     case 'add_child': {
       const pid = op.parentId ?? ''
-      let matched = false
 
       const tryAdd = (node: MindMapNode): MindMapNode => {
-        if (node.id === pid) { matched = true; return addChildToNode(node, op) }
-        if (pid && node.label === pid) { matched = true; return addChildToNode(node, op) }
+        if (node.id === pid) { return addChildToNode(node, op) }
+        if (pid && node.label === pid) { return addChildToNode(node, op) }
         if (node.children.length > 0) {
           return { ...node, children: applyOne(node.children, op) }
         }
@@ -148,15 +171,11 @@ function applyOne(
       const result = nodes.map((n, i) => {
         // 无 parentId → 默认第一个根节点
         if (!pid && i === 0 && !n.editedByUser) {
-          matched = true
           return addChildToNode(n, op)
         }
         return tryAdd(n)
       })
 
-      if (!matched && pid) {
-        console.warn(LOG, `add_child: 未找到父节点 "${pid}"`)
-      }
       return result
     }
 
diff --git a/src/lib/agent/base-agent.ts b/src/lib/agent/base-agent.ts
new file mode 100644
index 0000000..a8abcd1
--- /dev/null
+++ b/src/lib/agent/base-agent.ts
@@ -0,0 +1,78 @@
+import { generateText } from 'ai'
+import type { AgentStatus } from './types'
+
+// ─── Agent Context ─────────────────────────────────────────────────
+
+/**
+ * Context injected into every agent instance.
+ * Provides the LLM connection and status reporting channel.
+ */
+export interface AgentContext {
+  /** The AI SDK language model (e.g., openai.chat('gpt-4o')) */
+  model: ReturnType<ReturnType<typeof import('@ai-sdk/openai').createOpenAI>['chat']>
+  /** System prompt that defines the agent's role and rules */
+  systemPrompt: string
+  /** Callback to report agent status to the main thread */
+  onStatusReport: (status: AgentStatus, message?: string) => void
+}
+
+// ─── BaseAgent ─────────────────────────────────────────────────────
+
+/**
+ * Base class for all mindmap agents.
+ *
+ * Encapsulates LLM calling and provides a common interface.
+ * Currently a concrete class — when we add more agent types,
+ * extract process() as an abstract method.
+ */
+export class BaseAgent {
+  protected ctx: AgentContext
+
+  constructor(ctx: AgentContext) {
+    this.ctx = ctx
+  }
+
+  /** Human-readable agent name for logging */
+  get name(): string {
+    return 'MindmapAgent'
+  }
+
+  /**
+   * Report agent status to the main thread.
+   */
+  protected reportStatus(status: AgentStatus, message?: string): void {
+    this.ctx.onStatusReport(status, message)
+  }
+
+  /**
+   * Call the LLM with messages and optional tools.
+   *
+   * This is a thin wrapper around the AI SDK's generateText()
+   * that injects the system prompt and handles error reporting.
+   */
+  protected async callLLM(params: {
+    messages: Array<{ role: 'user' | 'assistant'; content: string }>
+    tools?: Record<string, unknown>
+  }): Promise<{
+    text?: string
+    toolCalls?: Array<{ toolName: string; args: unknown; invalid?: boolean }>
+    toolResults?: Array<{ toolName: string; output: unknown }>
+  }> {
+    const result = await generateText({
+      model: this.ctx.model,
+      system: this.ctx.systemPrompt,
+      messages: params.messages,
+      tools: params.tools as never,
+    })
+
+    return {
+      text: result.text,
+      toolCalls: result.toolCalls as unknown as
+        | Array<{ toolName: string; args: unknown; invalid?: boolean }>
+        | undefined,
+      toolResults: result.toolResults as unknown as
+        | Array<{ toolName: string; output: unknown }>
+        | undefined,
+    }
+  }
+}
diff --git a/src/lib/agent/schema.ts b/src/lib/agent/schema.ts
new file mode 100644
index 0000000..3d60dad
--- /dev/null
+++ b/src/lib/agent/schema.ts
@@ -0,0 +1,59 @@
+import { z } from 'zod'
+
+/**
+ * Zod schema for a single mindmap operation.
+ *
+ * Validates the structure of each operation before it reaches applyOperations().
+ * This is the data integrity gate — LLM output is untrusted.
+ */
+export const MindmapOperationSchema = z.object({
+  type: z.enum(['add_child', 'update', 'delete_leaf', 'add_root']),
+  parentId: z.string().optional(),
+  nodeId: z.string().optional(),
+  id: z.string().optional(),
+  label: z.string().optional(),
+  summary: z.string().optional(),
+  patch: z
+    .object({
+      label: z.string().optional(),
+      summary: z.string().optional(),
+    })
+    .optional(),
+})
+
+/**
+ * Array of mindmap operations, capped at 10.
+ *
+ * The LLM should not attempt to batch more than 10 operations in a single call.
+ * If more are needed, the ReAct loop will make multiple generateMindmapOps calls.
+ */
+export const OperationsArraySchema = z
+  .array(MindmapOperationSchema)
+  .max(10, '每次最多 10 个操作，请拆分为多次调用')
+
+/** Inferred type of a parsed mindmap operation */
+export type ValidatedMindmapOperation = z.infer<typeof MindmapOperationSchema>
+
+/** Inferred type of a parsed operations array */
+export type ValidatedOperationsArray = z.infer<typeof OperationsArraySchema>
+
+/**
+ * Validate raw operations from LLM output.
+ * Returns the parsed result or a descriptive error.
+ */
+export function validateOperations(raw: unknown): {
+  success: true
+  data: ValidatedOperationsArray
+} | {
+  success: false
+  error: string
+} {
+  const result = OperationsArraySchema.safeParse(raw)
+  if (result.success) {
+    return { success: true, data: result.data }
+  }
+  const issues = result.error.issues
+    .map((i) => `  - ${i.path.join('.') || '(root)'}: ${i.message}`)
+    .join('\n')
+  return { success: false, error: `操作校验失败:\n${issues}` }
+}
diff --git a/src/lib/agent/system-prompt.ts b/src/lib/agent/system-prompt.ts
new file mode 100644
index 0000000..eb3f16f
--- /dev/null
+++ b/src/lib/agent/system-prompt.ts
@@ -0,0 +1,31 @@
+/**
+ * Mindmap Agent system prompt.
+ *
+ * Defines the agent's tools, workflow, and operational rules.
+ * Used by both the Web Worker (agent.worker.ts) and the useMindmapAgent hook.
+ */
+export function buildMindmapAgentPrompt(): string {
+  return `你是思维导图生成助手。通过工具来更新脑图。
+
+工具：
+1. readMindmap — 读取当前脑图，返回每个节点的 ID（如 [id: xxxx]）、标签、摘要。
+2. generateMindmapOps — 提交脑图增量操作。调用它传入 operations 数组来更新脑图。
+
+工作方式：
+- 如果上下文中还没有脑图信息，先调用 readMindmap 获取
+- 如果上下文中已经有 readMindmap 的结果了，直接调用 generateMindmapOps 更新
+- generateMindmapOps 之后用自然语言回答用户，不提工具名或操作过程
+
+工具只用来更新脑图和了解结构，不要重复调用 readMindmap。每次操作尽量用 generateMindmapOps 来扩展和丰富脑图。注意：
+  - 创建新节点时（add_child/add_root），请用 id 字段指定一个有意义的英文 ID（如 "python", "rust-vs-cangjie"），后续操作用 parentId 引用
+  - 每次 generateMindmapOps 最多 10 个操作，超过可以一次回复中同时发出多个 generateMindmapOps 调用
+  - 每个 summary 控制在 50 字以内，避免 JSON 过长导致语法错误
+  - 不能用数字 1、2、3 等作为 ID
+  - [用户编辑] 节点不要 update 或 delete
+  - delete_leaf 只能删无子节点的叶子
+  - 重复概念用 update 更新摘要，而不是 add_child
+  - 无改动时传 {"operations": []}
+步骤 3: 用自然语言回答用户。不要提及工具名称、操作过程或脑图内部结构，就像你在做一个正常的对话回答。
+
+如果没有新信息需要补充，传 {"operations": []}，然后直接输出回答。`
+}
diff --git a/src/workers/agent-tools.def.ts b/src/workers/agent-tools.def.ts
new file mode 100644
index 0000000..d5f21f3
--- /dev/null
+++ b/src/workers/agent-tools.def.ts
@@ -0,0 +1,86 @@
+/// <reference lib="WebWorker" />
+import { tool } from 'ai'
+import { z } from 'zod'
+import type { WorkerToMainMessage, MainToWorkerResponse } from '../lib/agent/types'
+
+// ─── Round-trip: Worker 请求主线程执行工具 ───
+export function callMain(toolName: string, args: unknown): Promise<unknown> {
+  return new Promise((resolve, reject) => {
+    const callId = crypto.randomUUID()
+    console.log('[🧠 Worker]', `→ 请求主线程执行工具: ${toolName}`, { args, callId })
+
+    const handler = (event: MessageEvent<MainToWorkerResponse>) => {
+      const msg = event.data
+      if (msg.type === 'TOOL_RESULT' && msg.payload.callId === callId) {
+        self.removeEventListener('message', handler)
+        console.log('[🧠 Worker]', `← 工具 ${toolName} 结果已返回`)
+        resolve(msg.payload.result)
+      }
+      if (msg.type === 'TOOL_ERROR' && msg.payload.callId === callId) {
+        self.removeEventListener('message', handler)
+        console.error('[🧠 Worker]', `← 工具 ${toolName} 返回错误:`, msg.payload.error)
+        reject(new Error(msg.payload.error))
+      }
+    }
+    self.addEventListener('message', handler)
+
+    const postMsg: WorkerToMainMessage = {
+      type: 'TOOL_RESULT_NEEDED',
+      payload: { callId, toolName, args },
+    }
+    self.postMessage(postMsg)
+  })
+}
+
+// ─── 报告状态 ───
+export function reportStatus(
+  status: 'idle' | 'thinking' | 'reading_mindmap' | 'generating_mindmap' | 'complete' | 'error',
+  message?: string,
+) {
+  const postMsg: WorkerToMainMessage = {
+    type: 'AGENT_STATUS',
+    payload: { status: status as never, message },
+  }
+  self.postMessage(postMsg)
+}
+
+// ─── 工具定义（使用 AI SDK 原生 tool，含 inputSchema） ───
+export const agentTools = {
+  readMindmap: tool({
+    description:
+      '读取当前脑图结构，返回每个节点的 ID、标签、摘要。用于了解现有结构后再决定操作。',
+    inputSchema: z.object({}),
+    execute: async () => {
+      reportStatus('reading_mindmap', '正在读取脑图...')
+      return callMain('readMindmap', {}) as Promise<Record<string, unknown>>
+    },
+  }),
+  generateMindmapOps: tool({
+    description:
+      '应用脑图增量更新操作。先调用 readMindmap 获取节点 ID，然后根据对话内容决定操作，最后调用本工具提交操作。',
+    inputSchema: z.object({
+      operations: z.array(
+        z.object({
+          type: z
+            .enum(['add_child', 'update', 'delete_leaf', 'add_root'])
+            .describe('操作类型'),
+          parentId: z.string().optional().describe('add_child 时，目标父节点 ID。不填默认第一个根节点'),
+          nodeId: z.string().optional().describe('update/delete_leaf 的目标节点 ID'),
+          id: z.string().optional().describe(
+            'add_child/add_root 时可选，为新节点指定 ID。指定后可在同批次后续操作中用 parentId 引用',
+          ),
+          label: z.string().optional().describe('add_child/add_root 时必填，节点标题'),
+          summary: z.string().optional().describe('节点摘要'),
+          patch: z
+            .object({ label: z.string().optional(), summary: z.string().optional() })
+            .optional()
+            .describe('update 时使用，要更新的字段'),
+        }),
+      ),
+    }),
+    execute: async ({ operations }) => {
+      reportStatus('generating_mindmap', `应用 ${operations.length} 个操作...`)
+      return callMain('generateMindmapOps', { operations }) as Promise<Record<string, unknown>>
+    },
+  }),
+}
diff --git a/src/workers/agent.worker.ts b/src/workers/agent.worker.ts
index bdb38e6..04a87d7 100644
--- a/src/workers/agent.worker.ts
+++ b/src/workers/agent.worker.ts
@@ -1,180 +1,13 @@
 /// <reference lib="WebWorker" />
-import { generateText, tool } from 'ai'
 import { createOpenAI } from '@ai-sdk/openai'
-import { z } from 'zod'
-import type {
-  MainToWorkerMessage,
-  WorkerToMainMessage,
-  MainToWorkerResponse,
-} from '../lib/agent/types'
+import type { MainToWorkerMessage, WorkerToMainMessage } from '../lib/agent/types'
+import { ReActRunner } from '../lib/agent/ReActRunner'
+import { agentTools, reportStatus } from './agent-tools.def'
 
-// ─── 初始化状态 ───
-let languageModel: ReturnType<ReturnType<typeof createOpenAI>> | null = null
+let runner: ReActRunner | null = null
 let systemPrompt = ''
-const MAX_STEPS = 5
-
 const LOG = '[🧠 Worker]'
 
-// ─── Round-trip: Worker 请求主线程执行工具 ───
-function callMain(toolName: string, args: unknown): Promise<unknown> {
-  return new Promise((resolve, reject) => {
-    const callId = crypto.randomUUID()
-    console.log(LOG, `→ 请求主线程执行工具: ${toolName}`, { args, callId })
-
-    const handler = (event: MessageEvent<MainToWorkerResponse>) => {
-      const msg = event.data
-      if (msg.type === 'TOOL_RESULT' && msg.payload.callId === callId) {
-        self.removeEventListener('message', handler)
-        console.log(LOG, `← 工具 ${toolName} 结果已返回`)
-        resolve(msg.payload.result)
-      }
-      if (msg.type === 'TOOL_ERROR' && msg.payload.callId === callId) {
-        self.removeEventListener('message', handler)
-        console.error(LOG, `← 工具 ${toolName} 返回错误:`, msg.payload.error)
-        reject(new Error(msg.payload.error))
-      }
-    }
-    self.addEventListener('message', handler)
-
-    const postMsg: WorkerToMainMessage = {
-      type: 'TOOL_RESULT_NEEDED',
-      payload: { callId, toolName, args },
-    }
-    self.postMessage(postMsg)
-  })
-}
-
-// ─── 报告状态 ───
-function reportStatus(
-  status: 'idle' | 'thinking' | 'reading_mindmap' | 'generating_mindmap' | 'complete' | 'error',
-  message?: string,
-) {
-  const postMsg: WorkerToMainMessage = {
-    type: 'AGENT_STATUS',
-    payload: { status: status as never, message },
-  }
-  self.postMessage(postMsg)
-}
-
-// ─── 工具定义（使用 AI SDK 原生 tool，含 inputSchema） ───
-const agentTools = {
-  readMindmap: tool({
-    description: '读取当前脑图结构，返回每个节点的 ID、标签、摘要。用于了解现有结构后再决定操作。',
-    inputSchema: z.object({}),
-    execute: async () => {
-      reportStatus('reading_mindmap', '正在读取脑图...')
-      return callMain('readMindmap', {}) as Promise<Record<string, unknown>>
-    },
-  }),
-  generateMindmapOps: tool({
-    description: '应用脑图增量更新操作。先调用 readMindmap 获取节点 ID，然后根据对话内容决定操作，最后调用本工具提交操作。',
-    inputSchema: z.object({
-      operations: z.array(z.object({
-        type: z.enum(['add_child', 'update', 'delete_leaf', 'add_root']).describe('操作类型'),
-        parentId: z.string().optional().describe('add_child 时，目标父节点 ID。不填默认第一个根节点'),
-        nodeId: z.string().optional().describe('update/delete_leaf 的目标节点 ID'),
-        id: z.string().optional().describe('add_child/add_root 时可选，为新节点指定 ID。指定后可在同批次后续操作中用 parentId 引用'),
-        label: z.string().optional().describe('add_child/add_root 时必填，节点标题'),
-        summary: z.string().optional().describe('节点摘要'),
-        patch: z.object({
-          label: z.string().optional(),
-          summary: z.string().optional(),
-        }).optional().describe('update 时使用，要更新的字段'),
-      })),
-    }),
-    execute: async ({ operations }) => {
-      reportStatus('generating_mindmap', `应用 ${operations.length} 个操作...`)
-      return callMain('generateMindmapOps', { operations }) as Promise<Record<string, unknown>>
-    },
-  }),
-}
-
-// ─── ReAct 循环（AI SDK 原生工具调用） ───
-async function runReActLoop(userPrompt: string): Promise<string> {
-  if (!languageModel) throw new Error('Agent 未初始化')
-
-  console.log(LOG, '===== ReAct 循环开始 =====')
-
-  const messages: Array<{ role: 'user' | 'assistant'; content: string }> = [
-    { role: 'user', content: userPrompt },
-  ]
-
-  let stepIndex = 0
-  const maxSteps = 5
-
-  while (stepIndex < maxSteps) {
-    stepIndex++
-    console.log(LOG, `--- Step ${stepIndex}/${maxSteps} ---`)
-    reportStatus('thinking', `[${stepIndex}/${maxSteps}] 分析对话，决定下一步...`)
-
-    const result = await generateText({
-      model: languageModel,
-      system: systemPrompt,
-      messages,
-      tools: agentTools as never,
-    })
-
-    const text = result.text
-    console.log(LOG, `LLM 回答 ${text?.length ?? 0} 字`)
-    if (text && text.length > 0) {
-      console.log(LOG, 'LLM 文本前 200 字:', text.slice(0, 200))
-    }
-
-    // 检查 SDK 是否已自动执行了工具
-    const toolCallsRaw = result.toolCalls as unknown as
-      | Array<{ toolName: string; args: unknown; invalid?: boolean }>
-      | undefined
-    const toolResults = result.toolResults as unknown as
-      | Array<{ toolName: string; output: unknown }>
-      | undefined
-
-    // 保存 LLM 本轮的行为（即使 text 为空，也表示 LLM 调了工具）
-    messages.push({
-      role: 'assistant' as const,
-      content: text || '（调用工具中...）',
-    })
-
-    if (!toolResults || toolResults.length === 0) {
-      // 检查是否有工具调用但执行失败（如 JSON 太大/语法错误）
-      const invalidCalls = toolCallsRaw?.filter((t) => t.invalid)
-      if (invalidCalls && invalidCalls.length > 0) {
-        console.warn(LOG, `发现 ${invalidCalls.length} 个无效工具调用，重试中:`, invalidCalls.map((t) => t.toolName))
-        messages.push({
-          role: 'assistant' as const,
-          content: '上一次工具调用参数格式有误（可能 JSON 过长或未闭合），请精简 operations 数量或缩短 summary 后重试。',
-        })
-        continue
-      }
-      // 有 toolCalls 但没 results → 工具定义可能不匹配
-      if (toolCallsRaw && (toolCallsRaw as Array<{ toolName: string }>).length > 0) {
-        console.warn(LOG, 'toolCalls 存在但 toolResults 为空，跳过')
-      }
-      // 没有工具调用 → 最终回答
-      if (text) {
-        const preview = text.length > 100 ? text.slice(0, 100) + '...' : text
-        console.log(LOG, '✅ Agent 最终回答:', preview)
-        reportStatus('generating_mindmap', `完成: ${preview}`)
-      }
-      return text ?? ''
-    }
-
-    console.log(LOG, `SDK 执行了 ${toolResults.length} 个工具:`, toolResults.map((t) => t.toolName).join(', '))
-    reportStatus('thinking', `[${stepIndex}/${maxSteps}] 工具结果已返回，继续分析...`)
-
-    // 把工具结果直接塞进 messages
-    for (const tr of toolResults) {
-      messages.push({
-        role: 'assistant' as const,
-        content: JSON.stringify({ tool: tr.toolName, result: tr.output }),
-      })
-    }
-  }
-
-  console.warn(LOG, `达到最大步骤数 ${MAX_STEPS}，循环结束`)
-  return '已达到最大推理步骤数，请重试或简化问题。'
-}
-
-// ─── 模式提示 ───
 function getPatternHint(pattern: string): string {
   const hints: Record<string, string> = {
     '5w1h': '知识组织模式：5W1H（What/Why/Who/When/Where/How）',
@@ -185,7 +18,11 @@ function getPatternHint(pattern: string): string {
   return hint ? `${hint}\n\n` : ''
 }
 
-// ─── 主消息处理 ───
+function createModel(apiKey: string, apiEndpoint: string, modelId: string) {
+  const openaiProvider = createOpenAI({ apiKey, baseURL: apiEndpoint })
+  return openaiProvider.chat(modelId) as never
+}
+
 self.onmessage = async (event: MessageEvent<MainToWorkerMessage>) => {
   const msg = event.data
   console.log(LOG, '收到消息:', msg.type)
@@ -194,17 +31,10 @@ self.onmessage = async (event: MessageEvent<MainToWorkerMessage>) => {
     case 'INIT': {
       const { providerConfig, model: modelId, mindmapSystemPrompt } = msg.payload
       systemPrompt = mindmapSystemPrompt
-      console.log(LOG, '初始化 Agent', {
-        model: modelId,
-        endpoint: providerConfig.apiEndpoint,
-      })
-
+      console.log(LOG, '初始化 Agent', { model: modelId, endpoint: providerConfig.apiEndpoint })
       try {
-        const openaiProvider = createOpenAI({
-          apiKey: providerConfig.apiKey,
-          baseURL: providerConfig.apiEndpoint,
-        })
-        languageModel = openaiProvider.chat(modelId) as never
+        const model = createModel(providerConfig.apiKey, providerConfig.apiEndpoint, modelId)
+        runner = new ReActRunner({ model, systemPrompt, tools: agentTools, onStatusReport: reportStatus })
         console.log(LOG, '✅ Agent 初始化成功')
         reportStatus('idle', 'Agent 就绪')
       } catch (err) {
@@ -219,57 +49,46 @@ self.onmessage = async (event: MessageEvent<MainToWorkerMessage>) => {
         conversationId: msg.payload.conversationId,
         model: msg.payload.model,
         消息数: msg.payload.recentMessages.length,
-        有现有脑图: !!msg.payload.mindmapTreeJson,
       })
-
-      // 用消息里最新的 provider 配置创建 model（避免跨会话用错模型）
       try {
-        const openaiProvider = createOpenAI({
-          apiKey: msg.payload.providerConfig.apiKey,
-          baseURL: msg.payload.providerConfig.apiEndpoint,
-        })
-        languageModel = openaiProvider.chat(msg.payload.model) as never
+        const model = createModel(
+          msg.payload.providerConfig.apiKey,
+          msg.payload.providerConfig.apiEndpoint,
+          msg.payload.model,
+        )
+        runner?.setModel(model)
+        runner?.setSystemPrompt(systemPrompt)
       } catch (err) {
         console.error(LOG, '❌ 创建 model 失败:', err)
         reportStatus('error', `模型初始化失败: ${String(err)}`)
         return
       }
-
       reportStatus('thinking', '开始分析对话内容...')
-
       try {
         const patternHint = getPatternHint(msg.payload.pattern)
-
         const userPrompt = `基于以下对话内容，更新思维导图。
 
 ${patternHint}
 对话内容：
-${msg.payload.recentMessages
-  .map((m) => `[${m.role}]: ${m.content}`)
-  .join('\n')}
+${msg.payload.recentMessages.map((m) => `[${m.role}]: ${m.content}`).join('\n')}
 
 请按系统指令中的工作流程执行。`
-
         console.log(LOG, '进入 ReAct 循环')
-        const finalAnswer = await runReActLoop(userPrompt)
+        const finalAnswer = await runner!.run(userPrompt)
         console.log(LOG, 'ReAct 循环结束，最终回答长度:', finalAnswer.length)
         void finalAnswer
-
         reportStatus('generating_mindmap', '脑图生成完成')
-
-        const completeMsg: WorkerToMainMessage = {
+        self.postMessage({
           type: 'AGENT_COMPLETE',
           payload: { operations: [], newTreeJson: '' },
-        }
-        self.postMessage(completeMsg)
+        } satisfies WorkerToMainMessage)
         console.log(LOG, '✅ 已发送 AGENT_COMPLETE')
       } catch (err) {
         console.error(LOG, '❌ ENHANCE_MESSAGE 处理异常:', err)
-        const errorMsg: WorkerToMainMessage = {
+        self.postMessage({
           type: 'AGENT_ERROR',
           payload: { error: String(err) },
-        }
-        self.postMessage(errorMsg)
+        } satisfies WorkerToMainMessage)
       }
       break
     }
@@ -279,38 +98,35 @@ ${msg.payload.recentMessages
         conversationId: msg.payload.conversationId,
         model: msg.payload.model,
       })
-
-      // 用消息里最新的 provider 配置创建 model（避免用旧的 key）
       try {
-        const openaiProvider = createOpenAI({
-          apiKey: msg.payload.providerConfig.apiKey,
-          baseURL: msg.payload.providerConfig.apiEndpoint,
-        })
-        languageModel = openaiProvider.chat(msg.payload.model) as never
+        const model = createModel(
+          msg.payload.providerConfig.apiKey,
+          msg.payload.providerConfig.apiEndpoint,
+          msg.payload.model,
+        )
+        runner?.setModel(model)
+        runner?.setSystemPrompt(systemPrompt)
       } catch (err) {
         console.error(LOG, '❌ 创建 model 失败:', err)
         reportStatus('error', `模型初始化失败: ${String(err)}`)
         return
       }
-
       reportStatus('thinking', '正在处理...')
-
       try {
+        const recentContext =
+          msg.payload.recentMessages.length > 0
+            ? `最近对话（上下文参考）：
+${msg.payload.recentMessages.map((m) => `[${m.role}]: ${m.content.slice(0, 500)}`).join('\n')}`
+            : ''
         const userPrompt = `用户提问：
 ${msg.payload.content}
 
-${msg.payload.recentMessages.length > 0 ? `最近对话（上下文参考）：
-${msg.payload.recentMessages
-  .map((m) => `[${m.role}]: ${m.content.slice(0, 500)}`)
-  .join('\n')}` : ''}
+${recentContext}
 
 请按系统指令工作：先读脑图 → 更新脑图（尽可能扩展节点、丰富内容）→ 回答用户。`
-
         console.log(LOG, '进入 ReAct 循环')
-        const finalAnswer = await runReActLoop(userPrompt)
+        const finalAnswer = await runner!.run(userPrompt)
         console.log(LOG, 'ReAct 循环结束，最终回答长度:', finalAnswer.length)
-
-        // 流式输出到主线程
         self.postMessage({
           type: 'STREAM_TOKEN',
           payload: { token: finalAnswer },
@@ -319,15 +135,13 @@ ${msg.payload.recentMessages
           type: 'STREAM_DONE',
           payload: { mindmapUpdated: true },
         } satisfies WorkerToMainMessage)
-
         reportStatus('generating_mindmap', '完成')
       } catch (err) {
         console.error(LOG, '❌ MEDIATE_MESSAGE 处理异常:', err)
-        const errorMsg: WorkerToMainMessage = {
+        self.postMessage({
           type: 'AGENT_ERROR',
           payload: { error: String(err) },
-        }
-        self.postMessage(errorMsg)
+        } satisfies WorkerToMainMessage)
       }
       break
     }