From 6ff9d65350dcd4d73c2c719396cb32d644326cfe Mon Sep 17 00:00:00 2001
From: hive-lead <hive-lead@hive.dev>
Date: Tue, 10 Mar 2026 00:46:56 +0000
Subject: [PATCH 1/4] Support uploading any file type, not just images

Extends the upload system from image-only to general file uploads
(PDFs, text, archives, code, docs, etc.). Images render inline as
before; non-image files appear as styled download links with the
original filename.

Changes:
- Media: expand allowed MIME types, add ext_for map, bump limit to 10MB
- ChatLive: accept any file type, show file icon + name for non-images
- MCP bridge: remove image-only enum, add optional filename param
- ToolsController: pass filename option, update error messages
- CSS: file preview cards in composer and download link styling
- JS: open file download links in new tab (skip lightbox)
- Tests: unit tests for all new file types, e2e Playwright tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 assets/css/app.css                            |  41 +++++
 assets/js/app.js                              |   8 +
 e2e/file-upload.spec.ts                       | 168 ++++++++++++++++++
 lib/hive/media.ex                             | 102 +++++++++--
 lib/hive_web/controllers/tools_controller.ex  |  12 +-
 lib/hive_web/live/chat_live.ex                |  71 ++++++--
 sdk/hive_mcp_bridge.js                        |  11 +-
 test/hive/media_test.exs                      | 155 +++++++++++++---
 .../controllers/tools_controller_test.exs     | 109 +++++++++++-
 9 files changed, 612 insertions(+), 65 deletions(-)
 create mode 100644 e2e/file-upload.spec.ts

diff --git a/assets/css/app.css b/assets/css/app.css
index 26df2fb..059c654 100644
--- a/assets/css/app.css
+++ b/assets/css/app.css
@@ -1105,6 +1105,26 @@ select {
   border: 1px solid var(--ui-border);
 }
 
+.ui-upload-preview__file {
+  display: flex;
+  align-items: center;
+  gap: 0.35rem;
+  padding: 0.35rem 0.6rem;
+  border-radius: 4px;
+  border: 1px solid var(--ui-border);
+  background: var(--ui-surface-muted);
+  font-size: 0.75rem;
+  color: var(--ui-text-soft);
+  max-width: 160px;
+  height: 48px;
+}
+
+.ui-upload-preview__filename {
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
+}
+
 .ui-upload-preview__remove {
   position: absolute;
   top: -6px;
@@ -1122,6 +1142,27 @@ select {
   cursor: pointer;
 }
 
+/* File attachment links in messages */
+.ui-markdown a[href^="/uploads/"] {
+  display: inline-flex;
+  align-items: center;
+  gap: 0.35rem;
+  padding: 0.25rem 0.6rem;
+  border-radius: 6px;
+  border: 1px solid var(--ui-border);
+  background: var(--ui-surface-muted);
+  color: var(--ui-text);
+  font-size: 0.85rem;
+  text-decoration: none;
+  transition: background 0.15s;
+  margin: 0.15rem 0;
+}
+
+.ui-markdown a[href^="/uploads/"]:hover {
+  background: var(--ui-surface-hover, var(--ui-border));
+  text-decoration: none;
+}
+
 /* Upload button in composer */
 .ui-chat-composer__upload-btn {
   display: inline-flex;
diff --git a/assets/js/app.js b/assets/js/app.js
index bf68642..88a06e1 100644
--- a/assets/js/app.js
+++ b/assets/js/app.js
@@ -427,6 +427,14 @@ const Hooks = {
           return
         }
 
+        // File download links — open in new tab
+        const fileLink = event.target.closest('.ui-markdown a[href^="/uploads/"]')
+        if (fileLink && this.el.contains(fileLink) && !fileLink.querySelector("img")) {
+          event.preventDefault()
+          window.open(fileLink.href, "_blank")
+          return
+        }
+
         const mention = event.target.closest(".ui-mention[data-agent-name]")
         if (!mention || !this.el.contains(mention)) return
 
diff --git a/e2e/file-upload.spec.ts b/e2e/file-upload.spec.ts
new file mode 100644
index 0000000..d147414
--- /dev/null
+++ b/e2e/file-upload.spec.ts
@@ -0,0 +1,168 @@
+import { test, expect } from "@playwright/test";
+import { waitForLiveView } from "./helpers";
+import * as path from "path";
+import * as fs from "fs";
+import * as os from "os";
+
+/**
+ * Create a temporary file with the given content and extension.
+ * Returns the file path. Caller is responsible for cleanup.
+ */
+function createTempFile(
+  name: string,
+  content: string | Buffer,
+): string {
+  const dir = fs.mkdtempSync(path.join(os.tmpdir(), "hive-e2e-"));
+  const filePath = path.join(dir, name);
+  fs.writeFileSync(filePath, content);
+  return filePath;
+}
+
+test.describe("File upload", () => {
+  test.beforeEach(async ({ page }) => {
+    await page.goto("/");
+    await waitForLiveView(page);
+  });
+
+  test("upload button is visible with correct title", async ({ page }) => {
+    const uploadBtn = page.locator(".ui-chat-composer__upload-btn");
+    await expect(uploadBtn).toBeVisible();
+    await expect(uploadBtn).toHaveAttribute("title", "Attach file");
+  });
+
+  test("image upload shows thumbnail preview", async ({ page }) => {
+    // Create a tiny valid PNG (1x1 red pixel)
+    const pngData = Buffer.from(
+      "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAIAAACQd1PeAAAADklEQVQI12P4z8BQDwAEgAF/QualzQAAAABJRU5ErkJggg==",
+      "base64",
+    );
+    const filePath = createTempFile("test-image.png", pngData);
+
+    try {
+      // Need an active topic first — click on one if available
+      const topicItem = page.locator(".ui-topic-item").first();
+      if (await topicItem.isVisible({ timeout: 2000 }).catch(() => false)) {
+        await topicItem.click();
+        await page.waitForTimeout(500);
+      }
+
+      // Set file via the hidden file input
+      const fileInput = page.locator('input[type="file"]');
+      await fileInput.setInputFiles(filePath);
+
+      // Should show image thumbnail preview
+      const previews = page.locator(".ui-upload-previews");
+      await expect(previews).toBeVisible();
+
+      const thumb = page.locator(".ui-upload-preview__thumb");
+      await expect(thumb).toBeVisible();
+    } finally {
+      fs.unlinkSync(filePath);
+      fs.rmdirSync(path.dirname(filePath));
+    }
+  });
+
+  test("non-image file upload shows filename preview", async ({ page }) => {
+    const filePath = createTempFile(
+      "test-document.pdf",
+      "%PDF-1.4 test content for upload testing",
+    );
+
+    try {
+      const topicItem = page.locator(".ui-topic-item").first();
+      if (await topicItem.isVisible({ timeout: 2000 }).catch(() => false)) {
+        await topicItem.click();
+        await page.waitForTimeout(500);
+      }
+
+      const fileInput = page.locator('input[type="file"]');
+      await fileInput.setInputFiles(filePath);
+
+      // Should show file icon + filename preview (not image thumbnail)
+      const previews = page.locator(".ui-upload-previews");
+      await expect(previews).toBeVisible();
+
+      const filePreview = page.locator(".ui-upload-preview__file");
+      await expect(filePreview).toBeVisible();
+
+      const filename = page.locator(".ui-upload-preview__filename");
+      await expect(filename).toContainText("test-document.pdf");
+    } finally {
+      fs.unlinkSync(filePath);
+      fs.rmdirSync(path.dirname(filePath));
+    }
+  });
+
+  test("can cancel a file upload before sending", async ({ page }) => {
+    const filePath = createTempFile("cancel-me.txt", "temporary file");
+
+    try {
+      const topicItem = page.locator(".ui-topic-item").first();
+      if (await topicItem.isVisible({ timeout: 2000 }).catch(() => false)) {
+        await topicItem.click();
+        await page.waitForTimeout(500);
+      }
+
+      const fileInput = page.locator('input[type="file"]');
+      await fileInput.setInputFiles(filePath);
+
+      const previews = page.locator(".ui-upload-previews");
+      await expect(previews).toBeVisible();
+
+      // Click remove button
+      const removeBtn = page.locator(".ui-upload-preview__remove");
+      await removeBtn.click();
+
+      // Previews should be gone
+      await expect(
+        page.locator(".ui-upload-preview__file"),
+      ).not.toBeVisible();
+    } finally {
+      fs.unlinkSync(filePath);
+      fs.rmdirSync(path.dirname(filePath));
+    }
+  });
+
+  test("multiple file types can be attached simultaneously", async ({
+    page,
+  }) => {
+    const pngData = Buffer.from(
+      "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAIAAACQd1PeAAAADklEQVQI12P4z8BQDwAEgAF/QualzQAAAABJRU5ErkJggg==",
+      "base64",
+    );
+    const imgPath = createTempFile("photo.png", pngData);
+    const txtPath = createTempFile("notes.txt", "some notes");
+    const csvPath = createTempFile("data.csv", "name,age\nAlice,30");
+
+    try {
+      const topicItem = page.locator(".ui-topic-item").first();
+      if (await topicItem.isVisible({ timeout: 2000 }).catch(() => false)) {
+        await topicItem.click();
+        await page.waitForTimeout(500);
+      }
+
+      const fileInput = page.locator('input[type="file"]');
+      await fileInput.setInputFiles([imgPath, txtPath, csvPath]);
+
+      // Should show 3 previews: 1 image thumb + 2 file icons
+      const allPreviews = page.locator(".ui-upload-preview");
+      await expect(allPreviews).toHaveCount(3);
+
+      // Image gets a thumbnail
+      const thumb = page.locator(".ui-upload-preview__thumb");
+      await expect(thumb).toHaveCount(1);
+
+      // Non-images get file previews
+      const filePreviews = page.locator(".ui-upload-preview__file");
+      await expect(filePreviews).toHaveCount(2);
+    } finally {
+      fs.unlinkSync(imgPath);
+      fs.unlinkSync(txtPath);
+      fs.unlinkSync(csvPath);
+      // Clean up temp dirs
+      fs.rmdirSync(path.dirname(imgPath));
+      fs.rmdirSync(path.dirname(txtPath));
+      fs.rmdirSync(path.dirname(csvPath));
+    }
+  });
+});
diff --git a/lib/hive/media.ex b/lib/hive/media.ex
index e45ae88..1aa9f95 100644
--- a/lib/hive/media.ex
+++ b/lib/hive/media.ex
@@ -2,35 +2,115 @@ defmodule Hive.Media do
   @moduledoc """
   Saves uploaded media files to disk and returns public URLs.
   Files are stored in `priv/static/uploads/` and served via Plug.Static.
+  Supports images and general file uploads (documents, archives, code, etc.).
   """
 
   @upload_dir Path.join([:code.priv_dir(:hive) |> to_string(), "static", "uploads"])
-  @max_size 5_000_000
-  @allowed_types ~w(image/png image/jpeg image/gif image/webp)
+  @max_size 10_000_000
+
+  @allowed_types ~w(
+    image/png image/jpeg image/gif image/webp image/svg+xml
+    application/pdf
+    application/zip application/gzip application/x-tar
+    application/x-7z-compressed application/x-rar-compressed
+    application/json application/xml
+    application/msword application/vnd.openxmlformats-officedocument.wordprocessingml.document
+    application/vnd.ms-excel application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
+    application/vnd.ms-powerpoint application/vnd.openxmlformats-officedocument.presentationml.presentation
+    text/plain text/csv text/html text/css text/javascript text/markdown text/xml
+    audio/mpeg audio/wav audio/ogg
+    video/mp4 video/webm
+    application/octet-stream
+  )
+
+  @image_types ~w(image/png image/jpeg image/gif image/webp image/svg+xml)
+
+  @ext_map %{
+    "image/png" => "png",
+    "image/jpeg" => "jpg",
+    "image/gif" => "gif",
+    "image/webp" => "webp",
+    "image/svg+xml" => "svg",
+    "application/pdf" => "pdf",
+    "application/zip" => "zip",
+    "application/gzip" => "gz",
+    "application/x-tar" => "tar",
+    "application/x-7z-compressed" => "7z",
+    "application/x-rar-compressed" => "rar",
+    "application/json" => "json",
+    "application/xml" => "xml",
+    "application/msword" => "doc",
+    "application/vnd.openxmlformats-officedocument.wordprocessingml.document" => "docx",
+    "application/vnd.ms-excel" => "xls",
+    "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" => "xlsx",
+    "application/vnd.ms-powerpoint" => "ppt",
+    "application/vnd.openxmlformats-officedocument.presentationml.presentation" => "pptx",
+    "text/plain" => "txt",
+    "text/csv" => "csv",
+    "text/html" => "html",
+    "text/css" => "css",
+    "text/javascript" => "js",
+    "text/markdown" => "md",
+    "text/xml" => "xml",
+    "audio/mpeg" => "mp3",
+    "audio/wav" => "wav",
+    "audio/ogg" => "ogg",
+    "video/mp4" => "mp4",
+    "video/webm" => "webm",
+    "application/octet-stream" => "bin"
+  }
 
   def upload_dir, do: @upload_dir
 
   def ensure_upload_dir, do: File.mkdir_p!(@upload_dir)
 
-  def save(data, media_type) when media_type in @allowed_types do
+  def max_size, do: @max_size
+
+  def allowed_types, do: @allowed_types
+
+  def image_type?(media_type), do: media_type in @image_types
+
+  @doc """
+  Saves file data to disk. Returns `{:ok, url}` or `{:error, reason}`.
+  Optionally accepts an original filename to preserve the extension.
+  """
+  def save(data, media_type, opts \\ []) when media_type in @allowed_types do
     if byte_size(data) > @max_size do
-      {:error, "file too large (max 5MB)"}
+      {:error, "file too large (max #{div(@max_size, 1_000_000)}MB)"}
     else
       id = Base.hex_encode32(:crypto.strong_rand_bytes(10), case: :lower, padding: false)
-      ext = ext_for(media_type)
+      ext = ext_for(media_type, opts[:filename])
       filename = "#{id}.#{ext}"
       path = Path.join(@upload_dir, filename)
+      ensure_upload_dir()
       File.write!(path, data)
       {:ok, "/uploads/#{filename}"}
     end
   end
 
-  def save(_data, _media_type) do
-    {:error, "unsupported media type (allowed: png, jpeg, gif, webp)"}
+  def save(_data, _media_type, _opts) do
+    {:error, "unsupported file type"}
   end
 
-  defp ext_for("image/png"), do: "png"
-  defp ext_for("image/jpeg"), do: "jpg"
-  defp ext_for("image/gif"), do: "gif"
-  defp ext_for("image/webp"), do: "webp"
+  @doc """
+  Returns the file extension for a MIME type.
+  Falls back to extracting from the original filename if provided.
+  """
+  def ext_for(media_type, filename \\ nil) do
+    case Map.get(@ext_map, media_type) do
+      nil ->
+        # Fallback: try to extract from original filename, or use "bin"
+        if filename do
+          case Path.extname(filename) do
+            "." <> ext -> ext
+            _ -> "bin"
+          end
+        else
+          "bin"
+        end
+
+      ext ->
+        ext
+    end
+  end
 end
diff --git a/lib/hive_web/controllers/tools_controller.ex b/lib/hive_web/controllers/tools_controller.ex
index 6ced3e1..0d5387b 100644
--- a/lib/hive_web/controllers/tools_controller.ex
+++ b/lib/hive_web/controllers/tools_controller.ex
@@ -289,9 +289,11 @@ defmodule HiveWeb.ToolsController do
     {:ok, "CLAUDE.md updated at #{path}"}
   end
 
-  defp execute_tool(_agent, "upload_media", %{"data" => base64, "media_type" => media_type}) do
+  defp execute_tool(_agent, "upload_media", %{"data" => base64, "media_type" => media_type} = params) do
+    opts = if params["filename"], do: [filename: params["filename"]], else: []
+
     with {:ok, data} <- Base.decode64(base64),
-         {:ok, url} <- Hive.Media.save(data, media_type) do
+         {:ok, url} <- Hive.Media.save(data, media_type, opts) do
       {:ok, url}
     else
       :error -> {:error, "invalid base64 data"}
@@ -305,9 +307,11 @@ defmodule HiveWeb.ToolsController do
 
       if File.exists?(path) do
         data = File.read!(path)
-        {:ok, %{base64: Base.encode64(data), media_type: MIME.from_path(path)}}
+        media_type = MIME.from_path(path)
+
+        {:ok, %{base64: Base.encode64(data), media_type: media_type}}
       else
-        {:error, "image not found"}
+        {:error, "file not found"}
       end
     else
       {:error, "only /uploads/ URLs are supported"}
diff --git a/lib/hive_web/live/chat_live.ex b/lib/hive_web/live/chat_live.ex
index 923c078..1945e99 100644
--- a/lib/hive_web/live/chat_live.ex
+++ b/lib/hive_web/live/chat_live.ex
@@ -62,9 +62,9 @@ defmodule HiveWeb.ChatLive do
       |> assign(:scratchpad_agent, nil)
       |> assign(:scratchpad_events, [])
       |> allow_upload(:media,
-        accept: ~w(.jpg .jpeg .png .gif .webp),
+        accept: :any,
         max_entries: 4,
-        max_file_size: 5_000_000
+        max_file_size: 10_000_000
       )
 
     {:ok, socket}
@@ -225,7 +225,16 @@ defmodule HiveWeb.ChatLive do
                     style="padding: 0.5rem 0.95rem 0;"
                   >
                     <div :for={entry <- @uploads.media.entries} class="ui-upload-preview">
-                      <.live_img_preview entry={entry} class="ui-upload-preview__thumb" />
+                      <%= if image_entry?(entry) do %>
+                        <.live_img_preview entry={entry} class="ui-upload-preview__thumb" />
+                      <% else %>
+                        <div class="ui-upload-preview__file">
+                          <.icon name="hero-document" class="size-5" />
+                          <span class="ui-upload-preview__filename" title={entry.client_name}>
+                            {truncate_filename(entry.client_name, 20)}
+                          </span>
+                        </div>
+                      <% end %>
                       <button
                         type="button"
                         phx-click="cancel_upload"
@@ -239,7 +248,7 @@ defmodule HiveWeb.ChatLive do
                   </div>
 
                   <div class="ui-chat-composer__toolbar">
-                    <label class="ui-chat-composer__upload-btn" title="Attach image">
+                    <label class="ui-chat-composer__upload-btn" title="Attach file">
                       <.live_file_input upload={@uploads.media} class="hidden" />
                       <.icon name="hero-paper-clip" class="size-5" />
                     </label>
@@ -396,16 +405,16 @@ defmodule HiveWeb.ChatLive do
   end
 
   def handle_event("send_message", %{"text" => text}, socket) when text != "" do
-    # Consume any uploaded images and get their URLs
-    urls =
+    # Consume any uploaded files and get their URLs
+    attachments =
       consume_uploaded_entries(socket, :media, fn %{path: path}, entry ->
         data = File.read!(path)
-        {:ok, url} = Hive.Media.save(data, entry.client_type)
-        {:ok, url}
+        {:ok, url} = Hive.Media.save(data, entry.client_type, filename: entry.client_name)
+        {:ok, {url, entry.client_name, entry.client_type}}
       end)
 
-    img_md = Enum.map_join(urls, "\n", &"![image](#{&1})")
-    full_text = if img_md == "", do: text, else: text <> "\n" <> img_md
+    attachment_md = format_attachments_markdown(attachments)
+    full_text = if attachment_md == "", do: text, else: text <> "\n" <> attachment_md
 
     active_topic = socket.assigns.active_topic
 
@@ -431,16 +440,16 @@ defmodule HiveWeb.ChatLive do
   def handle_event("send_message", _params, socket) do
     # Handle case where text is empty but there are uploads
     if socket.assigns.uploads.media.entries != [] do
-      urls =
+      attachments =
         consume_uploaded_entries(socket, :media, fn %{path: path}, entry ->
           data = File.read!(path)
-          {:ok, url} = Hive.Media.save(data, entry.client_type)
-          {:ok, url}
+          {:ok, url} = Hive.Media.save(data, entry.client_type, filename: entry.client_name)
+          {:ok, {url, entry.client_name, entry.client_type}}
         end)
 
-      img_md = Enum.map_join(urls, "\n", &"![image](#{&1})")
+      attachment_md = format_attachments_markdown(attachments)
 
-      if img_md != "" do
+      if attachment_md != "" do
         active_topic = socket.assigns.active_topic
 
         socket =
@@ -451,11 +460,11 @@ defmodule HiveWeb.ChatLive do
             "dm:" <> _ ->
               other = dm_other_party(active_topic, "human")
               {:ok, dm_name} = Hive.Topic.ensure_dm("human", other)
-              :ok = Hive.Topic.post(dm_name, "human", img_md)
+              :ok = Hive.Topic.post(dm_name, "human", attachment_md)
               switch_active_topic(socket, dm_name)
 
             _topic ->
-              :ok = Hive.Topic.post(active_topic, "human", img_md)
+              :ok = Hive.Topic.post(active_topic, "human", attachment_md)
               switch_active_topic(socket, active_topic)
           end
 
@@ -1257,4 +1266,32 @@ defmodule HiveWeb.ChatLive do
   end
 
   defp unread_count(unread_counts, topic), do: Map.get(unread_counts, topic, 0)
+
+  # ---------------------------------------------------------------------------
+  # File upload helpers
+  # ---------------------------------------------------------------------------
+
+  defp image_entry?(entry) do
+    Hive.Media.image_type?(entry.client_type)
+  end
+
+  defp format_attachments_markdown(attachments) do
+    Enum.map_join(attachments, "\n", fn {url, client_name, client_type} ->
+      if Hive.Media.image_type?(client_type) do
+        "![image](#{url})"
+      else
+        "[📎 #{client_name}](#{url})"
+      end
+    end)
+  end
+
+  defp truncate_filename(name, max_len) do
+    if String.length(name) > max_len do
+      ext = Path.extname(name)
+      base = Path.basename(name, ext)
+      String.slice(base, 0, max_len - String.length(ext) - 1) <> "…" <> ext
+    else
+      name
+    end
+  end
 end
diff --git a/sdk/hive_mcp_bridge.js b/sdk/hive_mcp_bridge.js
index ad57ae2..7d5f8db 100644
--- a/sdk/hive_mcp_bridge.js
+++ b/sdk/hive_mcp_bridge.js
@@ -72,14 +72,15 @@ const TOOLS = [
     inputSchema: { type: "object", properties: {
       content: { type: "string", description: "Full CLAUDE.md content" }
     }, required: ["content"] }},
-  { name: "upload_media", description: "Upload a base64-encoded image. Returns a URL. Use ![alt](url) in send_message/send_dm.",
+  { name: "upload_media", description: "Upload a base64-encoded file. Returns a URL. For images use ![alt](url), for other files use [filename](url) in send_message/send_dm.",
     inputSchema: { type: "object", properties: {
-      data: { type: "string", description: "Base64-encoded image data" },
-      media_type: { type: "string", enum: ["image/png", "image/jpeg", "image/gif", "image/webp"], description: "MIME type of the image" }
+      data: { type: "string", description: "Base64-encoded file data" },
+      media_type: { type: "string", description: "MIME type of the file (e.g. image/png, application/pdf, text/plain)" },
+      filename: { type: "string", description: "Original filename (optional, used for display)" }
     }, required: ["data", "media_type"] }},
-  { name: "view_image", description: "View an image by URL. Returns the image so you can see its contents.",
+  { name: "view_image", description: "View an uploaded file by URL. Returns images visually; returns other files as base64.",
     inputSchema: { type: "object", properties: {
-      url: { type: "string", description: "Image URL (e.g. /uploads/abc.png)" }
+      url: { type: "string", description: "File URL (e.g. /uploads/abc.png)" }
     }, required: ["url"] }},
 ];
 
diff --git a/test/hive/media_test.exs b/test/hive/media_test.exs
index 46b01cf..5eea0bc 100644
--- a/test/hive/media_test.exs
+++ b/test/hive/media_test.exs
@@ -19,7 +19,12 @@ defmodule Hive.MediaTest do
     {:ok, tmp_dir: tmp_dir}
   end
 
-  describe "save/2" do
+  defp cleanup(url) do
+    "/uploads/" <> filename = url
+    File.rm(Path.join(Hive.Media.upload_dir(), filename))
+  end
+
+  describe "save/2 — image types" do
     test "saves a PNG image and returns a URL" do
       assert {:ok, "/uploads/" <> filename} = Hive.Media.save(@tiny_png, "image/png")
       assert String.ends_with?(filename, ".png")
@@ -29,63 +34,152 @@ defmodule Hive.MediaTest do
       assert File.exists?(path)
       assert File.read!(path) == @tiny_png
 
-      # Cleanup
-      File.rm(path)
+      cleanup("/uploads/" <> filename)
     end
 
     test "saves JPEG images" do
-      # Not a valid JPEG, but we're testing the save logic
       data = <<0xFF, 0xD8, 0xFF, 0xE0>> <> :crypto.strong_rand_bytes(100)
       assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "image/jpeg")
       assert String.ends_with?(filename, ".jpg")
-      File.rm(Path.join(Hive.Media.upload_dir(), filename))
+      cleanup("/uploads/" <> filename)
     end
 
     test "saves GIF images" do
       data = "GIF89a" <> :crypto.strong_rand_bytes(100)
       assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "image/gif")
       assert String.ends_with?(filename, ".gif")
-      File.rm(Path.join(Hive.Media.upload_dir(), filename))
+      cleanup("/uploads/" <> filename)
     end
 
     test "saves WebP images" do
       data = "RIFF" <> :crypto.strong_rand_bytes(100)
       assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "image/webp")
       assert String.ends_with?(filename, ".webp")
-      File.rm(Path.join(Hive.Media.upload_dir(), filename))
+      cleanup("/uploads/" <> filename)
+    end
+  end
+
+  describe "save/2 — document and file types" do
+    test "saves PDF files" do
+      data = "%PDF-1.4" <> :crypto.strong_rand_bytes(100)
+      assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "application/pdf")
+      assert String.ends_with?(filename, ".pdf")
+      cleanup("/uploads/" <> filename)
+    end
+
+    test "saves plain text files" do
+      data = "Hello, world!"
+      assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "text/plain")
+      assert String.ends_with?(filename, ".txt")
+      cleanup("/uploads/" <> filename)
+    end
+
+    test "saves CSV files" do
+      data = "name,age\nAlice,30\nBob,25"
+      assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "text/csv")
+      assert String.ends_with?(filename, ".csv")
+      cleanup("/uploads/" <> filename)
+    end
+
+    test "saves JSON files" do
+      data = ~s({"key": "value"})
+      assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "application/json")
+      assert String.ends_with?(filename, ".json")
+      cleanup("/uploads/" <> filename)
+    end
+
+    test "saves ZIP archives" do
+      data = "PK" <> :crypto.strong_rand_bytes(100)
+      assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "application/zip")
+      assert String.ends_with?(filename, ".zip")
+      cleanup("/uploads/" <> filename)
+    end
+
+    test "saves markdown files" do
+      data = "# Hello\n\nThis is **markdown**."
+      assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "text/markdown")
+      assert String.ends_with?(filename, ".md")
+      cleanup("/uploads/" <> filename)
+    end
+
+    test "saves application/octet-stream as .bin" do
+      data = :crypto.strong_rand_bytes(100)
+      assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "application/octet-stream")
+      assert String.ends_with?(filename, ".bin")
+      cleanup("/uploads/" <> filename)
+    end
+  end
+
+  describe "save/3 — with filename option" do
+    test "uses the provided filename's extension for octet-stream" do
+      data = :crypto.strong_rand_bytes(100)
+
+      assert {:ok, "/uploads/" <> filename} =
+               Hive.Media.save(data, "application/octet-stream", filename: "report.xlsx")
+
+      # octet-stream maps to "bin" via ext_map, filename not used for extension in this case
+      # because ext_map has a mapping for octet-stream
+      assert String.ends_with?(filename, ".bin")
+      cleanup("/uploads/" <> filename)
     end
+  end
 
+  describe "save/2 — rejection" do
     test "rejects unsupported media types" do
-      assert {:error, msg} = Hive.Media.save("data", "text/plain")
-      assert msg =~ "unsupported media type"
+      assert {:error, msg} = Hive.Media.save("data", "application/x-executable")
+      assert msg =~ "unsupported file type"
     end
 
-    test "rejects application/pdf" do
-      assert {:error, _} = Hive.Media.save("data", "application/pdf")
+    test "rejects completely unknown types" do
+      assert {:error, _} = Hive.Media.save("data", "fake/type")
     end
 
-    test "rejects files over 5MB" do
-      big_data = :crypto.strong_rand_bytes(5_000_001)
+    test "rejects files over 10MB" do
+      big_data = :crypto.strong_rand_bytes(10_000_001)
       assert {:error, msg} = Hive.Media.save(big_data, "image/png")
       assert msg =~ "too large"
     end
 
-    test "accepts files exactly at 5MB" do
-      data = :crypto.strong_rand_bytes(5_000_000)
+    test "accepts files exactly at 10MB" do
+      data = :crypto.strong_rand_bytes(10_000_000)
       assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "image/png")
-      File.rm(Path.join(Hive.Media.upload_dir(), filename))
+      cleanup("/uploads/" <> filename)
     end
+  end
 
-    test "generates unique filenames" do
-      {:ok, url1} = Hive.Media.save(@tiny_png, "image/png")
-      {:ok, url2} = Hive.Media.save(@tiny_png, "image/png")
-      assert url1 != url2
+  describe "image_type?/1" do
+    test "returns true for image types" do
+      assert Hive.Media.image_type?("image/png")
+      assert Hive.Media.image_type?("image/jpeg")
+      assert Hive.Media.image_type?("image/gif")
+      assert Hive.Media.image_type?("image/webp")
+      assert Hive.Media.image_type?("image/svg+xml")
+    end
 
-      # Cleanup
-      for url <- [url1, url2] do
-        "/uploads/" <> filename = url
-        File.rm(Path.join(Hive.Media.upload_dir(), filename))
-      end
+    test "returns false for non-image types" do
+      refute Hive.Media.image_type?("application/pdf")
+      refute Hive.Media.image_type?("text/plain")
+      refute Hive.Media.image_type?("application/zip")
+    end
+  end
+
+  describe "ext_for/2" do
+    test "returns correct extensions for known MIME types" do
+      assert Hive.Media.ext_for("image/png") == "png"
+      assert Hive.Media.ext_for("image/jpeg") == "jpg"
+      assert Hive.Media.ext_for("application/pdf") == "pdf"
+      assert Hive.Media.ext_for("text/plain") == "txt"
+      assert Hive.Media.ext_for("application/zip") == "zip"
+    end
+
+    test "falls back to filename extension for unknown MIME types" do
+      assert Hive.Media.ext_for("application/x-unknown", "report.xlsx") == "xlsx"
+      assert Hive.Media.ext_for("application/x-unknown", "data.parquet") == "parquet"
+    end
+
+    test "returns bin when no mapping and no filename" do
+      assert Hive.Media.ext_for("application/x-unknown") == "bin"
+      assert Hive.Media.ext_for("application/x-unknown", nil) == "bin"
     end
   end
 
@@ -95,4 +189,15 @@ defmodule Hive.MediaTest do
       assert File.dir?(Hive.Media.upload_dir())
     end
   end
+
+  describe "unique filenames" do
+    test "generates unique filenames for identical content" do
+      {:ok, url1} = Hive.Media.save(@tiny_png, "image/png")
+      {:ok, url2} = Hive.Media.save(@tiny_png, "image/png")
+      assert url1 != url2
+
+      cleanup(url1)
+      cleanup(url2)
+    end
+  end
 end
diff --git a/test/hive_web/controllers/tools_controller_test.exs b/test/hive_web/controllers/tools_controller_test.exs
index 237b2bd..a6e7ea8 100644
--- a/test/hive_web/controllers/tools_controller_test.exs
+++ b/test/hive_web/controllers/tools_controller_test.exs
@@ -1018,12 +1018,85 @@ defmodule HiveWeb.ToolsControllerTest do
         conn
         |> tool_call("test-agent", "upload_media", %{
           "data" => base64,
-          "media_type" => "text/plain"
+          "media_type" => "application/x-executable"
         })
         |> json_response(200)
 
       assert body["ok"] == false
-      assert body["error"] =~ "unsupported media type"
+      assert body["error"] =~ "unsupported file type"
+    end
+
+    test "uploads a PDF file", %{conn: conn} do
+      base64 = Base.encode64("%PDF-1.4 test content")
+
+      body =
+        conn
+        |> tool_call("test-agent", "upload_media", %{
+          "data" => base64,
+          "media_type" => "application/pdf"
+        })
+        |> json_response(200)
+
+      assert body["ok"] == true
+      assert "/uploads/" <> filename = body["result"]
+      assert String.ends_with?(filename, ".pdf")
+
+      on_exit(fn -> File.rm(Path.join(Hive.Media.upload_dir(), filename)) end)
+    end
+
+    test "uploads a plain text file", %{conn: conn} do
+      base64 = Base.encode64("Hello, world!")
+
+      body =
+        conn
+        |> tool_call("test-agent", "upload_media", %{
+          "data" => base64,
+          "media_type" => "text/plain"
+        })
+        |> json_response(200)
+
+      assert body["ok"] == true
+      assert "/uploads/" <> filename = body["result"]
+      assert String.ends_with?(filename, ".txt")
+
+      on_exit(fn -> File.rm(Path.join(Hive.Media.upload_dir(), filename)) end)
+    end
+
+    test "uploads with optional filename param", %{conn: conn} do
+      base64 = Base.encode64("name,age\nAlice,30")
+
+      body =
+        conn
+        |> tool_call("test-agent", "upload_media", %{
+          "data" => base64,
+          "media_type" => "text/csv",
+          "filename" => "data.csv"
+        })
+        |> json_response(200)
+
+      assert body["ok"] == true
+      assert "/uploads/" <> filename = body["result"]
+      assert String.ends_with?(filename, ".csv")
+
+      on_exit(fn -> File.rm(Path.join(Hive.Media.upload_dir(), filename)) end)
+    end
+
+    test "uploads a ZIP archive", %{conn: conn} do
+      base64 = Base.encode64("PK" <> :crypto.strong_rand_bytes(50))
+
+      body =
+        conn
+        |> tool_call("test-agent", "upload_media", %{
+          "data" => base64,
+          "media_type" => "application/zip"
+        })
+        |> json_response(200)
+
+      assert body["ok"] == true
+      assert "/uploads/" <> filename = body["result"]
+      assert String.ends_with?(filename, ".zip")
+
+      on_exit(fn -> File.rm(Path.join(Hive.Media.upload_dir(), filename)) end)
     end
   end
 
@@ -1058,7 +1131,7 @@ defmodule HiveWeb.ToolsControllerTest do
       on_exit(fn -> File.rm(Path.join(Hive.Media.upload_dir(), filename)) end)
     end
 
-    test "returns error for non-existent image", %{conn: conn} do
+    test "returns error for non-existent file", %{conn: conn} do
       body =
         conn
         |> tool_call("test-agent", "view_image", %{"url" => "/uploads/nonexistent.png"})
@@ -1068,6 +1141,36 @@ defmodule HiveWeb.ToolsControllerTest do
       assert body["error"] =~ "not found"
     end
 
+    test "returns base64 for a non-image file", %{conn: conn} do
+      # Upload a text file first
+      text_data = "Hello from a text file"
+      base64 = Base.encode64(text_data)
+
+      upload_body =
+        conn
+        |> tool_call("test-agent", "upload_media", %{
+          "data" => base64,
+          "media_type" => "text/plain"
+        })
+        |> json_response(200)
+
+      url = upload_body["result"]
+
+      # Now view it
+      view_body =
+        conn
+        |> recycle()
+        |> tool_call("test-agent", "view_image", %{"url" => url})
+        |> json_response(200)
+
+      assert view_body["ok"] == true
+      assert view_body["result"]["base64"] == base64
+
+      # Cleanup
+      "/uploads/" <> filename = url
+      on_exit(fn -> File.rm(Path.join(Hive.Media.upload_dir(), filename)) end)
+    end
+
     test "rejects non-upload URLs", %{conn: conn} do
       body =
         conn

From 7deea19006b802202536b59389c8c67ec8034aa6 Mon Sep 17 00:00:00 2001
From: hive-lead <hive-lead@hive.dev>
Date: Tue, 10 Mar 2026 00:51:36 +0000
Subject: [PATCH 2/4] Fix multi-clause default value warning in Media.save/3

Separate the default value header from the clause bodies to
satisfy the Elixir compiler (warnings-as-errors clean).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 lib/hive/media.ex | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/hive/media.ex b/lib/hive/media.ex
index 1aa9f95..46674cc 100644
--- a/lib/hive/media.ex
+++ b/lib/hive/media.ex
@@ -74,7 +74,9 @@ defmodule Hive.Media do
   Saves file data to disk. Returns `{:ok, url}` or `{:error, reason}`.
   Optionally accepts an original filename to preserve the extension.
   """
-  def save(data, media_type, opts \\ []) when media_type in @allowed_types do
+  def save(data, media_type, opts \\ [])
+
+  def save(data, media_type, opts) when media_type in @allowed_types do
     if byte_size(data) > @max_size do
       {:error, "file too large (max #{div(@max_size, 1_000_000)}MB)"}
     else

From d314dcc6e6f612528d4067e7f63c7b085e897a17 Mon Sep 17 00:00:00 2001
From: hive-lead <hive-lead@hive.dev>
Date: Tue, 10 Mar 2026 01:30:53 +0000
Subject: [PATCH 3/4] Accept any MIME type in Media.save/3, remove allowlist
 gate
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Previously, save/3 guarded against a whitelist of ~40 MIME types
and rejected anything else. Now any file type is accepted — the
only rejection is on file size (>10MB). The ext_map and filename
fallback still provide good extension detection for unknown types.

Also fixes invalid `E` regex modifier in config/dev.exs that
prevented compilation on Elixir <1.16.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 config/dev.exs                                |  8 ++---
 lib/hive/media.ex                             |  6 +---
 test/hive/media_test.exs                      | 29 +++++++++++++++----
 .../controllers/tools_controller_test.exs     | 11 ++++---
 4 files changed, 35 insertions(+), 19 deletions(-)

diff --git a/config/dev.exs b/config/dev.exs
index d72d084..2ce3f53 100644
--- a/config/dev.exs
+++ b/config/dev.exs
@@ -48,12 +48,12 @@ config :hive, HiveWeb.Endpoint,
     web_console_logger: true,
     patterns: [
       # Static assets, except user uploads
-      ~r"priv/static/(?!uploads/).*\.(js|css|png|jpeg|jpg|gif|svg)$"E,
+      ~r"priv/static/(?!uploads/).*\.(js|css|png|jpeg|jpg|gif|svg)$",
       # Gettext translations
-      ~r"priv/gettext/.*\.po$"E,
+      ~r"priv/gettext/.*\.po$",
       # Router, Controllers, LiveViews and LiveComponents
-      ~r"lib/hive_web/router\.ex$"E,
-      ~r"lib/hive_web/(controllers|live|components)/.*\.(ex|heex)$"E
+      ~r"lib/hive_web/router\.ex$",
+      ~r"lib/hive_web/(controllers|live|components)/.*\.(ex|heex)$"
     ]
   ]
 
diff --git a/lib/hive/media.ex b/lib/hive/media.ex
index 46674cc..3888d49 100644
--- a/lib/hive/media.ex
+++ b/lib/hive/media.ex
@@ -76,7 +76,7 @@ defmodule Hive.Media do
   """
   def save(data, media_type, opts \\ [])
 
-  def save(data, media_type, opts) when media_type in @allowed_types do
+  def save(data, media_type, opts) when is_binary(data) and is_binary(media_type) do
     if byte_size(data) > @max_size do
       {:error, "file too large (max #{div(@max_size, 1_000_000)}MB)"}
     else
@@ -90,10 +90,6 @@ defmodule Hive.Media do
     end
   end
 
-  def save(_data, _media_type, _opts) do
-    {:error, "unsupported file type"}
-  end
-
   @doc """
   Returns the file extension for a MIME type.
   Falls back to extracting from the original filename if provided.
diff --git a/test/hive/media_test.exs b/test/hive/media_test.exs
index 5eea0bc..6ce4479 100644
--- a/test/hive/media_test.exs
+++ b/test/hive/media_test.exs
@@ -124,16 +124,33 @@ defmodule Hive.MediaTest do
     end
   end
 
-  describe "save/2 — rejection" do
-    test "rejects unsupported media types" do
-      assert {:error, msg} = Hive.Media.save("data", "application/x-executable")
-      assert msg =~ "unsupported file type"
+  describe "save/2 — any file type" do
+    test "accepts files with unknown MIME types" do
+      data = "some binary data"
+      assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "application/x-executable")
+      assert String.ends_with?(filename, ".bin")
+      cleanup("/uploads/" <> filename)
     end
 
-    test "rejects completely unknown types" do
-      assert {:error, _} = Hive.Media.save("data", "fake/type")
+    test "accepts completely custom MIME types" do
+      data = "custom format data"
+      assert {:ok, "/uploads/" <> filename} = Hive.Media.save(data, "application/x-custom-format")
+      assert String.ends_with?(filename, ".bin")
+      cleanup("/uploads/" <> filename)
     end
 
+    test "uses filename extension for unknown MIME types" do
+      data = "print('hello')"
+
+      assert {:ok, "/uploads/" <> filename} =
+               Hive.Media.save(data, "text/x-python", filename: "script.py")
+
+      assert String.ends_with?(filename, ".py")
+      cleanup("/uploads/" <> filename)
+    end
+  end
+
+  describe "save/2 — size limits" do
     test "rejects files over 10MB" do
       big_data = :crypto.strong_rand_bytes(10_000_001)
       assert {:error, msg} = Hive.Media.save(big_data, "image/png")
diff --git a/test/hive_web/controllers/tools_controller_test.exs b/test/hive_web/controllers/tools_controller_test.exs
index a6e7ea8..c5e22c7 100644
--- a/test/hive_web/controllers/tools_controller_test.exs
+++ b/test/hive_web/controllers/tools_controller_test.exs
@@ -1011,8 +1011,8 @@ defmodule HiveWeb.ToolsControllerTest do
       assert body["error"] =~ "invalid base64"
     end
 
-    test "rejects unsupported media types", %{conn: conn} do
-      base64 = Base.encode64("not an image")
+    test "accepts any MIME type", %{conn: conn} do
+      base64 = Base.encode64("some binary data")
 
       body =
         conn
@@ -1022,8 +1022,11 @@ defmodule HiveWeb.ToolsControllerTest do
         })
         |> json_response(200)
 
-      assert body["ok"] == false
-      assert body["error"] =~ "unsupported file type"
+      assert body["ok"] == true
+      assert "/uploads/" <> filename = body["result"]
+      assert String.ends_with?(filename, ".bin")
+
+      on_exit(fn -> File.rm(Path.join(Hive.Media.upload_dir(), filename)) end)
     end
 
     test "uploads a PDF file", %{conn: conn} do

From 36a44c2df3d1791e1fc7c98351cd788e74df5020 Mon Sep 17 00:00:00 2001
From: hive-lead <hive-lead@hive.dev>
Date: Tue, 10 Mar 2026 03:00:25 +0000
Subject: [PATCH 4/4] Add phx-change to message form so LiveView tracks file
 uploads

The message form was missing phx-change, which meant LiveView's
LiveFileUpload hook never called trackFiles() on file input changes.
Uploads appeared broken in both the browser and Playwright e2e tests.

- Add phx-change="validate" to the message form
- Add no-op validate handler for form change events
- Update e2e spec with triggerLiveViewUpload helper that re-dispatches
  change events for LiveView compatibility

Co-Authored-By: hive-dev <noreply@hive.dev>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 e2e/file-upload.spec.ts        | 107 +++++++++++++++++----------------
 lib/hive_web/live/chat_live.ex |   6 +-
 2 files changed, 60 insertions(+), 53 deletions(-)

diff --git a/e2e/file-upload.spec.ts b/e2e/file-upload.spec.ts
index d147414..08a7ced 100644
--- a/e2e/file-upload.spec.ts
+++ b/e2e/file-upload.spec.ts
@@ -1,4 +1,4 @@
-import { test, expect } from "@playwright/test";
+import { test, expect, Page } from "@playwright/test";
 import { waitForLiveView } from "./helpers";
 import * as path from "path";
 import * as fs from "fs";
@@ -8,20 +8,60 @@ import * as os from "os";
  * Create a temporary file with the given content and extension.
  * Returns the file path. Caller is responsible for cleanup.
  */
-function createTempFile(
-  name: string,
-  content: string | Buffer,
-): string {
+function createTempFile(name: string, content: string | Buffer): string {
   const dir = fs.mkdtempSync(path.join(os.tmpdir(), "hive-e2e-"));
   const filePath = path.join(dir, name);
   fs.writeFileSync(filePath, content);
   return filePath;
 }
 
+/**
+ * Clean up a temp file and its directory. Silently ignores errors.
+ */
+function cleanupTempFile(filePath: string): void {
+  try {
+    fs.unlinkSync(filePath);
+    fs.rmdirSync(path.dirname(filePath));
+  } catch {
+    // ignore cleanup errors
+  }
+}
+
+/**
+ * Set files on the LiveView upload input and trigger the LV upload hook.
+ * Playwright's setInputFiles() alone doesn't fire LiveView's internal
+ * file tracking — we need to re-dispatch a change event so the
+ * Phoenix.LiveFileUpload hook calls trackFiles().
+ */
+async function triggerLiveViewUpload(
+  page: Page,
+  files: string | string[],
+): Promise<void> {
+  const fileInput = page.locator("input[data-phx-upload-ref]");
+  await fileInput.setInputFiles(files);
+  await page.evaluate(() => {
+    const input = document.querySelector(
+      'input[data-phx-upload-ref]',
+    ) as HTMLInputElement;
+    if (input) {
+      input.dispatchEvent(new Event("change", { bubbles: true }));
+    }
+  });
+  // Give LiveView time to process the upload tracking
+  await page.waitForTimeout(500);
+}
+
 test.describe("File upload", () => {
   test.beforeEach(async ({ page }) => {
     await page.goto("/");
     await waitForLiveView(page);
+
+    // Select a topic so the composer is active
+    const topicItem = page.locator(".ui-topic-item").first();
+    if (await topicItem.isVisible({ timeout: 2000 }).catch(() => false)) {
+      await topicItem.click();
+      await page.waitForTimeout(500);
+    }
   });
 
   test("upload button is visible with correct title", async ({ page }) => {
@@ -39,16 +79,7 @@ test.describe("File upload", () => {
     const filePath = createTempFile("test-image.png", pngData);
 
     try {
-      // Need an active topic first — click on one if available
-      const topicItem = page.locator(".ui-topic-item").first();
-      if (await topicItem.isVisible({ timeout: 2000 }).catch(() => false)) {
-        await topicItem.click();
-        await page.waitForTimeout(500);
-      }
-
-      // Set file via the hidden file input
-      const fileInput = page.locator('input[type="file"]');
-      await fileInput.setInputFiles(filePath);
+      await triggerLiveViewUpload(page, filePath);
 
       // Should show image thumbnail preview
       const previews = page.locator(".ui-upload-previews");
@@ -57,8 +88,7 @@ test.describe("File upload", () => {
       const thumb = page.locator(".ui-upload-preview__thumb");
       await expect(thumb).toBeVisible();
     } finally {
-      fs.unlinkSync(filePath);
-      fs.rmdirSync(path.dirname(filePath));
+      cleanupTempFile(filePath);
     }
   });
 
@@ -69,14 +99,7 @@ test.describe("File upload", () => {
     );
 
     try {
-      const topicItem = page.locator(".ui-topic-item").first();
-      if (await topicItem.isVisible({ timeout: 2000 }).catch(() => false)) {
-        await topicItem.click();
-        await page.waitForTimeout(500);
-      }
-
-      const fileInput = page.locator('input[type="file"]');
-      await fileInput.setInputFiles(filePath);
+      await triggerLiveViewUpload(page, filePath);
 
       // Should show file icon + filename preview (not image thumbnail)
       const previews = page.locator(".ui-upload-previews");
@@ -88,8 +111,7 @@ test.describe("File upload", () => {
       const filename = page.locator(".ui-upload-preview__filename");
       await expect(filename).toContainText("test-document.pdf");
     } finally {
-      fs.unlinkSync(filePath);
-      fs.rmdirSync(path.dirname(filePath));
+      cleanupTempFile(filePath);
     }
   });
 
@@ -97,14 +119,7 @@ test.describe("File upload", () => {
     const filePath = createTempFile("cancel-me.txt", "temporary file");
 
     try {
-      const topicItem = page.locator(".ui-topic-item").first();
-      if (await topicItem.isVisible({ timeout: 2000 }).catch(() => false)) {
-        await topicItem.click();
-        await page.waitForTimeout(500);
-      }
-
-      const fileInput = page.locator('input[type="file"]');
-      await fileInput.setInputFiles(filePath);
+      await triggerLiveViewUpload(page, filePath);
 
       const previews = page.locator(".ui-upload-previews");
       await expect(previews).toBeVisible();
@@ -118,8 +133,7 @@ test.describe("File upload", () => {
         page.locator(".ui-upload-preview__file"),
       ).not.toBeVisible();
     } finally {
-      fs.unlinkSync(filePath);
-      fs.rmdirSync(path.dirname(filePath));
+      cleanupTempFile(filePath);
     }
   });
 
@@ -135,14 +149,7 @@ test.describe("File upload", () => {
     const csvPath = createTempFile("data.csv", "name,age\nAlice,30");
 
     try {
-      const topicItem = page.locator(".ui-topic-item").first();
-      if (await topicItem.isVisible({ timeout: 2000 }).catch(() => false)) {
-        await topicItem.click();
-        await page.waitForTimeout(500);
-      }
-
-      const fileInput = page.locator('input[type="file"]');
-      await fileInput.setInputFiles([imgPath, txtPath, csvPath]);
+      await triggerLiveViewUpload(page, [imgPath, txtPath, csvPath]);
 
       // Should show 3 previews: 1 image thumb + 2 file icons
       const allPreviews = page.locator(".ui-upload-preview");
@@ -156,13 +163,9 @@ test.describe("File upload", () => {
       const filePreviews = page.locator(".ui-upload-preview__file");
       await expect(filePreviews).toHaveCount(2);
     } finally {
-      fs.unlinkSync(imgPath);
-      fs.unlinkSync(txtPath);
-      fs.unlinkSync(csvPath);
-      // Clean up temp dirs
-      fs.rmdirSync(path.dirname(imgPath));
-      fs.rmdirSync(path.dirname(txtPath));
-      fs.rmdirSync(path.dirname(csvPath));
+      cleanupTempFile(imgPath);
+      cleanupTempFile(txtPath);
+      cleanupTempFile(csvPath);
     }
   });
 });
diff --git a/lib/hive_web/live/chat_live.ex b/lib/hive_web/live/chat_live.ex
index 1945e99..375d4fd 100644
--- a/lib/hive_web/live/chat_live.ex
+++ b/lib/hive_web/live/chat_live.ex
@@ -187,7 +187,7 @@ defmodule HiveWeb.ChatLive do
                 <span>{thinking_summary(@typing_agents)}</span>
               </div>
 
-              <form id={"msg-form-#{@form_reset}"} phx-submit="send_message" class="ui-chat-composer">
+              <form id={"msg-form-#{@form_reset}"} phx-submit="send_message" phx-change="validate" class="ui-chat-composer">
                 <div
                   id="chat-composer-shell"
                   class="ui-chat-composer__editor"
@@ -490,6 +490,10 @@ defmodule HiveWeb.ChatLive do
      )}
   end
 
+  # No-op handler for phx-change on the message form.
+  # Required so LiveView processes form changes, which triggers file upload tracking.
+  def handle_event("validate", _params, socket), do: {:noreply, socket}
+
   def handle_event("validate_topic_name", %{"name" => name}, socket) do
     error =
       case Hive.Validation.validate_name(name) do