@dcrays/dcgchat-test 0.4.0 → 0.4.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dcrays/dcgchat-test",
-  "version": "0.4.0",
+  "version": "0.4.1",
   "type": "module",
   "description": "OpenClaw channel plugin for 书灵墨宝 (WebSocket)",
   "main": "index.ts",

package/src/bot.ts

@@ -238,7 +238,7 @@ export async function handleDcgchatMessage(msg: InboundMessage, accountId: strin
     if (msg.content.skills_scope.length > 0) {
       const workspaceDir = getWorkspaceDir()
       const skillCode = msg.content.skills_scope.map((skill) => `${workspaceDir}/skills/${skill.skill_code}`).join('\n')
-      const skillText = `技能${skillCode} 在目录${skillCode}下，在目录${skillCode}下查找技能 \n`
+      const skillText = `技能${skillCode} 在目录${skillCode}下，在目录${skillCode}下读取技能 \n`
       text = skillText ? `${skillText} \n ${text}` : text
     }
     const prefixContext = createReplyPrefixContext({

package/src/tools/messageTool.ts

@@ -18,15 +18,26 @@ function toPosixPath(p: string): string {
   return path.normalize(p.trim()).replace(/\\/g, '/')
 }
 
+/** `filepath` 解析后在 `rootDir` 内或等于 `rootDir`（防 `..` 逃逸）。 */
+function isPathInsideDir(filepath: string, rootDir: string): boolean {
+  const root = path.resolve(rootDir)
+  const resolved = path.resolve(filepath)
+  const rel = path.relative(root, resolved)
+  if (rel.startsWith('..') || path.isAbsolute(rel)) return false
+  return true
+}
+
 /**
- * 允许发送的挂载根：Unix/macOS/Linux 为 /workspace、/mobook；
- * Windows 为盘符路径如 C:/workspace、D:\\mobook\\...（规范化后比较）。
+ * 允许发送的路径：
+ * - 当前 Agent 工作区根及其子路径（`workspaceDir`，如 ~/.openclaw/workspace-xxx/output/...）；
+ * - 兼容旧挂载：Unix `/workspace`、`/mobook`；Windows 盘符下 `workspace`、`mobook`。
  */
-function isSafePath(filepath: string): boolean {
+function isSafePath(filepath: string, workspaceDir?: string): boolean {
+  const ws = workspaceDir?.trim()
+  if (ws && isPathInsideDir(filepath, ws)) return true
   const p = toPosixPath(filepath)
   if (p.startsWith('/workspace/') || p === '/workspace') return true
-  if (p.startsWith('/mobook/') || p === '/mobook') return true
-  // Windows: C:/workspace/...、c:/mobook/...
+  if (p === '/mobook') return true
   return /^[A-Za-z]:\/(workspace|mobook)(\/|$)/.test(p)
 }
 
@@ -64,7 +75,7 @@ const messageToolParameters = {
           file: {
             type: 'string',
             description:
-              '文件路径。Unix/macOS/Linux 如 /workspace/output/report.pdf；Windows 如 C:/workspace/output/report.pdf 或 C:\\workspace\\output\\report.pdf'
+              '文件绝对路径：须在「当前 Agent 工作区」目录下（如 /root/.openclaw/workspace-xxx/output/28337/slices_result.json），或为兼容环境的 /workspace/、/mobook/（Windows 盘符下 workspace、mobook）'
           }
         },
         required: ['file']
@@ -74,12 +85,32 @@ const messageToolParameters = {
   oneOf: [{ required: ['content'] }, { required: ['media'] }]
 }
 
-function extractPaths(text?: string): string[] {
+/** 从正文提取可发送的文件路径（固定挂载 + 当前工作区前缀）。 */
+function extractPaths(text: string | undefined, workspaceDir?: string): string[] {
   if (!text) return []
   const unix = text.match(/\/workspace\/[^\s]+|\/mobook\/[^\s]+/g) ?? []
-  // Windows: C:\workspace\...、C:/mobook/...（不含空白）
   const win = text.match(/[A-Za-z]:[/\\](?:workspace|mobook)[/\\][^\s]+/g) ?? []
-  return [...new Set([...unix, ...win])]
+  const underWs: string[] = []
+  const ws = workspaceDir?.trim()
+  if (ws) {
+    const variants = new Set<string>()
+    variants.add(ws)
+    variants.add(toPosixPath(ws))
+    if (path.sep === '\\') variants.add(ws.replace(/\//g, '\\'))
+    for (const prefix of variants) {
+      if (!prefix) continue
+      let from = 0
+      while (from < text.length) {
+        const i = text.indexOf(prefix, from)
+        if (i === -1) break
+        let end = i + prefix.length
+        while (end < text.length && !/\s/.test(text[end])) end++
+        underWs.push(text.slice(i, end))
+        from = i + 1
+      }
+    }
+  }
+  return [...new Set([...unix, ...win, ...underWs])]
 }
 
 function isSafeFile(filepath: string) {
@@ -104,8 +135,8 @@ export function createDcgchatMessageTool(pluginCtx: DcgchatMessageToolContext):
       向用户发送消息。
       若传 target，target 必须是 sessionKey，不能是 userId。
       如果发送附件：必须使用 media 字段
-      支持路径目录（Unix/macOS/Linux：/workspace/、/mobook/；Windows：盘符下 workspace、mobook，如 C:/workspace/）：
-      禁止直接输出路径文本
+      文件路径须在当前 Agent 工作区目录下（随部署变化，如 ~/.openclaw/workspace-xxx/...），或为兼容环境的 /workspace/、/mobook/（Windows 盘符下 workspace、mobook）。
+      禁止在正文中直接输出可访问路径（应通过 media 发送）
     `,
     parameters: messageToolParameters,
     execute: async (_toolCallId, args, signal) => {
@@ -123,12 +154,13 @@ export function createDcgchatMessageTool(pluginCtx: DcgchatMessageToolContext):
       try {
         const sentFiles = new Set<string>()
         const sentKeys = new Set<string>()
+        const workspaceDir = pluginCtx.workspaceDir
 
         if (args.media?.length) {
           for (const media of args.media) {
             const filepath = media.file
             if (!filepath) continue
-            if (!isSafePath(filepath)) continue
+            if (!isSafePath(filepath, workspaceDir)) continue
             if (!isSafeFile(filepath)) continue
             const key = pathKey(filepath)
             if (sentKeys.has(key)) continue
@@ -139,9 +171,9 @@ export function createDcgchatMessageTool(pluginCtx: DcgchatMessageToolContext):
           }
         }
 
-        const fallbackPaths = extractPaths(args.content)
+        const fallbackPaths = extractPaths(args.content, workspaceDir)
         for (const filepath of fallbackPaths) {
-          if (!isSafePath(filepath)) continue
+          if (!isSafePath(filepath, workspaceDir)) continue
           if (!isSafeFile(filepath)) continue
           const key = pathKey(filepath)
           if (sentKeys.has(key)) continue