@josephyan/qingflow-app-user-mcp 1.1.25 → 1.1.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (113) hide show
  1. package/README.md +7 -7
  2. package/docs/local-agent-install.md +6 -57
  3. package/entry_point.py +1 -1
  4. package/npm/bin/qingflow-app-user-mcp.mjs +33 -2
  5. package/npm/lib/runtime.mjs +101 -21
  6. package/npm/scripts/postinstall.mjs +10 -1
  7. package/package.json +2 -3
  8. package/pyproject.toml +1 -1
  9. package/skills/qingflow-app-builder/SKILL.md +277 -0
  10. package/skills/qingflow-app-builder/agents/openai.yaml +4 -0
  11. package/skills/qingflow-app-builder/references/build-complete-system.md +428 -0
  12. package/skills/qingflow-app-builder/references/build-single-app.md +530 -0
  13. package/skills/qingflow-app-builder/references/create-app.md +149 -0
  14. package/skills/qingflow-app-builder/references/environments.md +63 -0
  15. package/skills/qingflow-app-builder/references/flow-actors-and-permissions.md +123 -0
  16. package/skills/qingflow-app-builder/references/gotchas.md +108 -0
  17. package/skills/qingflow-app-builder/references/match-rules.md +114 -0
  18. package/skills/qingflow-app-builder/references/public-surface-sync.md +75 -0
  19. package/skills/qingflow-app-builder/references/solution-playbooks.md +52 -0
  20. package/skills/qingflow-app-builder/references/tool-selection.md +107 -0
  21. package/skills/qingflow-app-builder/references/update-flow.md +186 -0
  22. package/skills/qingflow-app-builder/references/update-layout.md +68 -0
  23. package/skills/qingflow-app-builder/references/update-schema.md +72 -0
  24. package/skills/qingflow-app-builder/references/update-views.md +291 -0
  25. package/skills/qingflow-app-builder-code-integrations/SKILL.md +137 -0
  26. package/skills/qingflow-app-builder-code-integrations/agents/openai.yaml +4 -0
  27. package/skills/qingflow-app-builder-code-integrations/references/code-block.md +66 -0
  28. package/skills/qingflow-app-builder-code-integrations/references/q-linker.md +77 -0
  29. package/skills/qingflow-app-user/SKILL.md +14 -17
  30. package/skills/qingflow-app-user/references/data-gotchas.md +2 -2
  31. package/skills/qingflow-app-user/references/public-surface-sync.md +3 -3
  32. package/skills/qingflow-app-user/references/record-patterns.md +5 -5
  33. package/skills/qingflow-app-user/references/workflow-usage.md +5 -4
  34. package/skills/qingflow-mcp-setup/SKILL.md +9 -13
  35. package/skills/qingflow-mcp-setup/references/claude-desktop.md +1 -1
  36. package/skills/qingflow-mcp-setup/references/environments.md +1 -2
  37. package/skills/qingflow-mcp-setup/references/generic-stdio.md +5 -6
  38. package/skills/qingflow-record-analysis/SKILL.md +8 -9
  39. package/skills/qingflow-record-delete/SKILL.md +3 -7
  40. package/skills/qingflow-record-import/SKILL.md +2 -35
  41. package/skills/qingflow-record-insert/SKILL.md +6 -78
  42. package/skills/qingflow-record-update/SKILL.md +24 -39
  43. package/skills/qingflow-task-ops/SKILL.md +27 -30
  44. package/skills/qingflow-task-ops/references/environments.md +1 -0
  45. package/skills/qingflow-task-ops/references/workflow-usage.md +6 -4
  46. package/skills/qingflow-workflow-builder/SKILL.md +96 -0
  47. package/skills/qingflow-workflow-builder/manifest.yaml +8 -0
  48. package/skills/qingflow-workflow-builder/references/01-overview.md +45 -0
  49. package/skills/qingflow-workflow-builder/references/02-update-mode.md +53 -0
  50. package/skills/qingflow-workflow-builder/references/03-flow-patterns.md +57 -0
  51. package/skills/qingflow-workflow-builder/references/04-stage1-business-modeling.md +131 -0
  52. package/skills/qingflow-workflow-builder/references/05-stage2-members-roles.md +29 -0
  53. package/skills/qingflow-workflow-builder/references/06-stage3-build-spec.md +165 -0
  54. package/skills/qingflow-workflow-builder/references/07-stage4-validate-spec.md +33 -0
  55. package/skills/qingflow-workflow-builder/references/08-stage5-apply-verify.md +51 -0
  56. package/skills/qingflow-workflow-builder/references/09-stage6-summary.md +88 -0
  57. package/skills/qingflow-workflow-builder/references/10-node-config-reference.md +93 -0
  58. package/skills/qingflow-workflow-builder/references/11-troubleshooting.md +15 -0
  59. package/skills/qingflow-workflow-builder/scripts/diff_flow_spec.py +275 -0
  60. package/skills/qingflow-workflow-builder/scripts/validate_flow_spec.py +605 -0
  61. package/src/qingflow_mcp/__init__.py +1 -1
  62. package/src/qingflow_mcp/__main__.py +2 -6
  63. package/src/qingflow_mcp/builder_facade/models.py +108 -485
  64. package/src/qingflow_mcp/builder_facade/service.py +1686 -6674
  65. package/src/qingflow_mcp/cli/commands/builder.py +364 -322
  66. package/src/qingflow_mcp/cli/commands/chart.py +1 -1
  67. package/src/qingflow_mcp/cli/commands/common.py +3 -12
  68. package/src/qingflow_mcp/cli/commands/exports.py +2 -2
  69. package/src/qingflow_mcp/cli/commands/imports.py +3 -3
  70. package/src/qingflow_mcp/cli/commands/portal.py +2 -2
  71. package/src/qingflow_mcp/cli/commands/record.py +27 -101
  72. package/src/qingflow_mcp/cli/commands/task.py +47 -28
  73. package/src/qingflow_mcp/cli/commands/view.py +1 -1
  74. package/src/qingflow_mcp/cli/context.py +3 -0
  75. package/src/qingflow_mcp/cli/formatters.py +16 -784
  76. package/src/qingflow_mcp/cli/main.py +33 -117
  77. package/src/qingflow_mcp/errors.py +2 -43
  78. package/src/qingflow_mcp/public_surface.py +17 -26
  79. package/src/qingflow_mcp/response_trim.py +17 -81
  80. package/src/qingflow_mcp/server.py +12 -14
  81. package/src/qingflow_mcp/server_app_builder.py +36 -79
  82. package/src/qingflow_mcp/server_app_user.py +16 -22
  83. package/src/qingflow_mcp/session_store.py +7 -11
  84. package/src/qingflow_mcp/solution/compiler/__init__.py +1 -3
  85. package/src/qingflow_mcp/solution/executor.py +18 -245
  86. package/src/qingflow_mcp/tools/ai_builder_tools.py +1396 -3103
  87. package/src/qingflow_mcp/tools/app_tools.py +43 -184
  88. package/src/qingflow_mcp/tools/approval_tools.py +35 -197
  89. package/src/qingflow_mcp/tools/auth_tools.py +16 -92
  90. package/src/qingflow_mcp/tools/code_block_tools.py +40 -298
  91. package/src/qingflow_mcp/tools/custom_button_tools.py +10 -64
  92. package/src/qingflow_mcp/tools/directory_tools.py +72 -236
  93. package/src/qingflow_mcp/tools/export_tools.py +34 -244
  94. package/src/qingflow_mcp/tools/feedback_tools.py +0 -9
  95. package/src/qingflow_mcp/tools/file_tools.py +3 -9
  96. package/src/qingflow_mcp/tools/import_tools.py +49 -336
  97. package/src/qingflow_mcp/tools/navigation_tools.py +12 -91
  98. package/src/qingflow_mcp/tools/package_tools.py +6 -118
  99. package/src/qingflow_mcp/tools/portal_tools.py +3 -39
  100. package/src/qingflow_mcp/tools/qingbi_report_tools.py +7 -116
  101. package/src/qingflow_mcp/tools/record_tools.py +360 -1145
  102. package/src/qingflow_mcp/tools/resource_read_tools.py +39 -188
  103. package/src/qingflow_mcp/tools/role_tools.py +9 -80
  104. package/src/qingflow_mcp/tools/solution_tools.py +45 -59
  105. package/src/qingflow_mcp/tools/task_context_tools.py +158 -662
  106. package/src/qingflow_mcp/tools/task_tools.py +29 -113
  107. package/src/qingflow_mcp/tools/view_tools.py +3 -106
  108. package/src/qingflow_mcp/tools/workflow_tools.py +4 -48
  109. package/src/qingflow_mcp/tools/workspace_tools.py +3 -71
  110. package/npm/bin/qingflow-skills.mjs +0 -5
  111. package/skills/qingflow-record-analysis/manifest.yaml +0 -10
  112. package/skills/qingflow-record-insert/manifest.yaml +0 -6
  113. package/src/qingflow_mcp/solution/compiler/workflow_compiler.py +0 -173
@@ -1,14 +1,12 @@
1
1
  ---
2
2
  name: qingflow-record-import
3
- description: Explain and operate Qingflow file-based bulk import using the current Wingent Momo runtime MCP session; recover auth/workspace only after a tool error.
3
+ description: Explain and operate Qingflow file-based bulk import after the MCP is already connected and authenticated.
4
4
  metadata:
5
5
  short-description: Qingflow bulk import workflow and troubleshooting
6
6
  ---
7
7
 
8
8
  # Qingflow Record Import
9
9
 
10
- > **Skill 版本**:`qingflow-skills-2026.06.24.2`(入口文档版本;如需确认 CLI 包版本,使用 `qingflow --version` 或 `qingflow --json version`)。
11
-
12
10
  ## Default Path
13
11
 
14
12
  `app_get -> record_import_schema_get -> record_import_template_get -> record_import_verify -> (optional authorized repair) -> record_import_start -> record_import_status_get`
@@ -23,33 +21,6 @@ metadata:
23
21
  - `record_import_start`
24
22
  - `record_import_status_get`
25
23
 
26
- ## File Shape And Field Mapping
27
-
28
- - Official template headers are the target contract. Do not rename them in the import file.
29
- - CSV can be used as a source format for planning or local transformation, but the current verify/start path expects the official Excel template (`.xlsx` / `.xls`).
30
- - When the user gives CSV-like data, map each source column to the official template header first, then write the mapped rows into a copy of the template after explicit user authorization.
31
- - Relation fields: prefer stable target `record_id` or another unique searchable value already accepted by the import schema. Do not rely on duplicated display names.
32
- - Member / department fields: use values inside the schema/candidate scope; do not invent departments or names that are not resolvable.
33
- - Select fields: use option labels from the schema/template; option ids are acceptable only when the import schema or prior readback proves they are supported.
34
-
35
- Example source CSV for planning only:
36
-
37
- ```csv
38
- 客户名称,关联客户,状态,负责人
39
- 上海示例客户,CUST_RECORD_ID_001,有效,张三
40
- ```
41
-
42
- Mapped template row concept:
43
-
44
- ```json
45
- {
46
- "客户名称": "上海示例客户",
47
- "关联客户": "CUST_RECORD_ID_001",
48
- "状态": "有效",
49
- "负责人": "张三"
50
- }
51
- ```
52
-
53
24
  ## Working Rules
54
25
 
55
26
  1. Inspect `app_get.data.import_capability` first
@@ -57,8 +28,4 @@ Mapped template row concept:
57
28
  3. Keep official headers unchanged
58
29
  4. Verify before start
59
30
  5. Only repair a file after explicit user authorization
60
- 6. After success, report the import status and tracking identifiers; read back one imported sample only when the user asks for row-level confirmation or when the import result does not already prove completion
61
-
62
- ## Template Fallback
63
-
64
- `record_import_template_get` may return `status: partial_success` with a locally generated applicant template when the official template endpoint is permission-restricted but applicant fields are readable. If the warning is `IMPORT_TEMPLATE_LOCAL_FALLBACK_AUTH_UNKNOWN` or `verification.import_auth_prechecked` is false, treat the result only as "template file prepared"; actual import permission is still decided by `record_import_verify` and `record_import_start`.
31
+ 6. Read back one imported sample after success
@@ -1,15 +1,12 @@
1
1
  ---
2
2
  name: qingflow-record-insert
3
- description: Create Qingflow records with a schema-first insert workflow.
3
+ description: Create Qingflow records with a schema-first insert workflow after the MCP is already connected and authenticated.
4
4
  metadata:
5
5
  short-description: Schema-first Qingflow record insert
6
-
7
6
  ---
8
7
 
9
8
  # Qingflow Record Insert
10
9
 
11
- > **Skill 版本**:`qingflow-skills-2026.06.24.2`(入口文档版本;如需确认 CLI 包版本,使用 `qingflow --version` 或 `qingflow --json version`)。
12
-
13
10
  ## Default Path
14
11
 
15
12
  `record_insert_schema_get -> record_insert(items) -> optional record_get/readback`
@@ -24,67 +21,10 @@ Default to batch-shaped insert. A single new record is `items` with one row.
24
21
  - `record_department_candidates`
25
22
  - `file_upload_local`
26
23
 
27
- ## Special Field Write Cheatsheet
28
-
29
- Always read the insert schema first, then use field titles as `items[].fields` keys. For special fields:
30
-
31
- - `member`: write a unique name, email, or resolved member id. If candidates are duplicated or the tool returns `needs_confirmation`, stop and surface candidates.
32
- - `department`: do not invent department names. Use a value inside the schema/candidate scope: unique department name, returned id/key, or returned object shape such as `{"key":"DEPT_ID","label":"部门名"}` / `{"id":"DEPT_ID","value":"部门名"}`.
33
- - `relation`: known target record id is most stable for batch inserts. Natural display text is allowed only when it uniquely resolves through the field's `searchable_fields`; duplicates require confirmation.
34
- - `single_select` / `multi_select`: option label and option id are both acceptable when present in schema/options. Prefer labels for readability; let the tool compile to the path-specific value.
35
- - `attachment`: upload the local file first with `file_upload_local`, then write the returned file value. Do not write only a filename or arbitrary URL.
36
- - System fields are read-only: `数据ID`, `编号`, `申请人`, `申请时间`, `创建人`, `创建时间`, `提交人`, `提交时间`, `更新时间`, `更新人`, `当前流程状态`, `当前处理人`, `当前处理节点`, `流程标题`.
37
-
38
- ## Failure Repair Contract
39
-
40
- When insert returns `blocked`, `partial_success`, or `needs_confirmation`, do not retry the whole batch blindly.
41
-
42
- - Read `items[].failed_fields[]` first.
43
- - Each failed field exposes `error_code`, `expected_format`, `example_value`, and `next_action`.
44
- - For `member`, `department`, `relation`, `attachment`, and `select` fields, `next_action` is field-type specific: candidate lookup, upload first, use record/apply id, or use schema option label/id.
45
- - Retry only the failed `row_number` with corrected values. If any row has `write_executed=true` or `created_record_ids` is non-empty, never replay the original batch.
46
-
47
- ## Candidate Lookup
48
-
49
- Do not pre-query member or department ids by default. Use candidate commands only when:
50
-
51
- - the user explicitly asks to see candidates
52
- - insert returns `needs_confirmation`
53
- - member / department names are likely duplicated
54
- - a natural value is outside the field's candidate scope
55
-
56
- ```bash
57
- qingflow --json record member-candidates \
58
- --app-key APP_KEY \
59
- --field-id FIELD_ID \
60
- --keyword "张三"
61
- ```
62
-
63
- ```bash
64
- qingflow --json record department-candidates \
65
- --app-key APP_KEY \
66
- --field-id FIELD_ID \
67
- --keyword "直销部"
68
- ```
69
-
70
- If the candidate scope must match an existing runtime context, pass the current record or pending fields:
71
-
72
- ```bash
73
- qingflow --json record member-candidates \
74
- --app-key APP_KEY \
75
- --field-id FIELD_ID \
76
- --record-id RECORD_ID \
77
- --workflow-node-id WORKFLOW_NODE_ID \
78
- --fields-file pending_fields.json \
79
- --keyword "张三"
80
- ```
81
-
82
- Without `record_id` / `workflow_node_id` / `fields-file`, the result is a static applicant-node preview. It is useful for explicit browsing, but not proof that every candidate is valid in a later workflow-specific write.
83
-
84
24
  ## Working Rules
85
25
 
86
26
  1. Start with `record_insert_schema_get`
87
- 2. Read `required_fields`, `optional_fields`, `runtime_linked_required_fields`, `payload_template`, field-level `expected_format`, `example_value`, and `options`
27
+ 2. Read `required_fields`, `optional_fields`, `runtime_linked_required_fields`, and `payload_template`
88
28
  3. Inside every field bucket, read field-level `linkage` first when present; it is the canonical static hint for linked visibility, reference-driven auto fill, or formula-driven fields
89
29
  4. Inside `optional_fields`, pay special attention to any field with `may_become_required=true`; these are writable fields that can become required when linked visibility or option-driven rules activate
90
30
  5. Build `items` as `[{"fields": {...}}]`, where each `fields` map uses field titles from the insert schema
@@ -92,18 +32,15 @@ Without `record_id` / `workflow_node_id` / `fields-file`, the result is a static
92
32
  7. For `linkage.kind=logic_visibility`, read `sources` as upstream trigger fields and treat `role=manual_input_after_activation` as "fill this only after the upstream condition is satisfied"
93
33
  8. For `linkage.kind=reference_fill`, prefer filling the source field first; treat target fields with `role=auto_fill_preferred` or `auto_fill_only` as reference-driven outputs rather than blind manual inputs
94
34
  9. For `linkage.kind=formula_fill`, treat the field as formula/default-auto-fill driven unless the user explicitly asks to override it and the field is still writable
95
- 10. If insert succeeds and single-record detail/readback matters, prefer `record_get`; for batch verification, rely on returned `created_record_ids` first, then use `record_get` for selected rows or `record_access -> Python` when a row-shaped bulk check is truly needed
35
+ 10. If insert succeeds and single-record detail/readback matters, prefer `record_get`; use `record_list(..., output_profile="normalized")` only for batch row-shaped normalized readback
96
36
  11. Keep subtable payloads under the parent field as a row array
97
- 12. Follow the Special Field Write Cheatsheet for member, department, relation, select, and attachment values; do not pre-query ids by default when a natural value is unique enough
37
+ 12. Member / department / relation fields may accept natural strings directly, such as `"张三"`, `"直销部"`, or `"海军军医大学"`; do not pre-query ids by default
98
38
  13. If the write returns `status="needs_confirmation"`, stop and surface the candidates
99
39
  14. Retry failed rows only with explicit ids / objects after the user confirms
100
40
  15. Keep `verify_write=true` for production inserts
101
- 16. If post-write detail context matters, read `record_get.fields[]`, `media_assets.items[].local_path`, `file_assets.items[].local_path`, `file_assets.items[].extraction.text_path`, and `semantic_context`; `record_get` follows the frontend storage cookie redirect path for Qingflow attachments, so prefer local paths over remote URLs and do not expect legacy flat record shapes
41
+ 16. If post-write detail context matters, read `record_get.fields[]`, `media_assets.items[].local_path`, `file_assets.items[].local_path`, `file_assets.items[].extraction.text_path`, and `semantic_context`; `record_get` follows the frontend storage cookie redirect path for Qingflow attachments, so prefer local paths over remote URLs and do not expect legacy `data.normalized_record`
102
42
  17. Treat nested schema shape as guidance, not a brittle contract; do not hard-code transient implementation details like optional nested `field_id` shape when composing inserts
103
43
  18. For `partial_success`, read `created_record_ids`, then repair only the failed `items[].row_number` using `failed_fields`; never retry the whole batch after any row has `write_executed=true`
104
- 19. Do not put Qingflow system fields in `fields`: `数据ID`, `编号`, `申请人`, `申请时间`, `创建人`, `创建时间`, `提交人`, `提交时间`, `更新时间`, `更新人`, `当前流程状态`, `当前处理人`, `当前处理节点`, `流程标题`. They are generated by the platform and can be read after creation, not manually inserted.
105
- 20. When the user asks to add sample records after system setup, still generate values from schema: required fields first, select values from `options`, scalar/date/amount values from `expected_format` and `example_value`; do not invent values outside the insert schema.
106
- 21. For ratio, completion-rate, score, and percentage-like fields, obey the schema's `expected_format/example_value`. If the field was modeled as money/amount or otherwise only accepts integers, do not invent decimal percentages; either use an integer value that matches the schema or report that the field should be modeled as `number` for decimal ratios.
107
44
 
108
45
  ## Field Notes
109
46
 
@@ -121,16 +58,10 @@ Without `record_id` / `workflow_node_id` / `fields-file`, the result is a static
121
58
 
122
59
  ## CLI Pattern
123
60
 
124
- CLI fallback for the schema step:
125
-
126
- ```bash
127
- qingflow --json record schema insert --app-key APP_KEY > tmp/qingflow_insert_schema.json
128
- ```
129
-
130
61
  Use a JSON array file:
131
62
 
132
63
  ```bash
133
- qingflow --json record insert --app-key APP_KEY --items-file records.json
64
+ qingflow record insert --app-key APP_KEY --items-file records.json --json
134
65
  ```
135
66
 
136
67
  `records.json`:
@@ -145,10 +76,7 @@ qingflow --json record insert --app-key APP_KEY --items-file records.json
145
76
 
146
77
  - Do not skip `record_insert_schema_get`
147
78
  - Do not invent missing required fields
148
- - Do not fill platform system fields such as `数据ID`, `编号`, `申请人`, `创建时间`, or `更新时间`
149
79
  - Do not flatten subtable leaf fields to the top level
150
- - Do not invent member / department / relation candidates outside schema or candidate scope
151
- - Do not invent select option labels outside schema `options`
152
80
  - Do not pre-query or silently guess member / department / relation ids when a natural string is enough
153
81
  - Do not retry a whole batch after `created_record_ids` is non-empty
154
82
  - Do not bind logic to a transient nested schema serialization detail when the field title and parent table already identify the legal payload shape
@@ -1,17 +1,15 @@
1
1
  ---
2
2
  name: qingflow-record-update
3
- description: Update Qingflow records through the current record detail context using the Wingent Momo runtime MCP session; recover auth/workspace only after a tool error.
3
+ description: Update Qingflow records with a schema-first record-specific workflow after the MCP is already connected and authenticated.
4
4
  metadata:
5
- short-description: Detail-first Qingflow record update
5
+ short-description: Schema-first Qingflow record update
6
6
  ---
7
7
 
8
8
  # Qingflow Record Update
9
9
 
10
- > **Skill 版本**:`qingflow-skills-2026.06.24.2`(入口文档版本;如需确认 CLI 包版本,使用 `qingflow --version` 或 `qingflow --json version`)。
11
-
12
10
  ## Default Path
13
11
 
14
- `record_get -> record_update`
12
+ `record_update_schema_get -> record_update`
15
13
 
16
14
  ## Core Tools
17
15
 
@@ -22,41 +20,28 @@ metadata:
22
20
 
23
21
  ## Working Rules
24
22
 
25
- 1. Start with `record_get(app_key, record_id, view_id when known)` to read the current detail-page context; if the frontend/custom view is known, keep that same `view_id` through the update
26
- 2. Use `record_get.fields[]` for field titles, `field_id`, `kind`, and current values
27
- 3. Build `fields` as a field-title keyed map containing only the user-requested changes
28
- 4. Run `record_update` directly with that key/value map; pass the same `view_id` when it is known so the tool tries that frontend view first, then let the tool fall back to other executable routes if needed
29
- 5. Keep `verify_write=true` for production updates
30
- 6. If the write returns `status="needs_confirmation"`, stop and surface the candidates
31
- 7. On success, read only the final status, `update_route`, `write_executed`, and verification result; do not surface intermediate route failures as the outcome
32
- 8. On failure, surface the failed reason and field/path diagnostics returned by `record_update`
33
- 9. Use `record_update_schema_get` only after an update failure, field ambiguity, or explicit request to diagnose writable fields/routes
34
- 10. Treat app-level `viewList` or applicant/insert schema 40002 as auxiliary-context loss, not as final record permission denial, when `record_get` or `record_update` succeeds through the selected `custom:*` view or `system:all`/type=8 route
35
- 11. If single-record readback matters, prefer `record_get` after the write and read top-level `fields[]`, `media_assets.items[].local_path`, `file_assets.items[].local_path`, `file_assets.items[].extraction.text_path`, and `semantic_context`; `record_get` follows the frontend storage cookie redirect path for Qingflow attachments, so prefer local paths over remote URLs; use `record_list(..., output_profile="normalized")` only for batch row-shaped normalized readback
36
- 12. For batch updates, read top-level `mode`, `dry_run`, `total`, `succeeded`, `failed`, `needs_confirmation`, `updated_record_ids`, `write_executed`, `safe_to_retry`, `verification_status`, and `items[].row_number/status/record_id`
37
- 13. If `write_executed=true`, do not blindly retry the whole batch; use `items[]` and `updated_record_ids` to decide whether only failed rows need repair
38
- 14. If you use `record_list` to locate candidates, parse `data.items[]` as flat row objects such as `row["客户名称"]` + `row["record_id"]`; do not expect a nested `fields[]` array in list rows
39
-
40
- ## Special Field Values
41
-
42
- Use the field `kind` from `record_get.fields[]` when shaping values:
43
-
44
- - `member`: start with a natural-language name such as `"周颖"`. If `record_update` returns `status="needs_confirmation"`, no write happened; retry with one candidate object, for example `{"uid":1048599,"name":"沈嘉慧Seth","email":"shenjiahui@exiao.tech"}`.
45
- - `department`: start with a department name such as `"客户成功部"`. The record tool resolves names through the member-visible directory path first; do not pre-query ContactAuth-only contact management APIs for ids. On `needs_confirmation`, retry with the explicit candidate object/id returned by the tool.
46
- - `relation`: prefer a unique human-readable target value or `{"apply_id":"..."}`. On multiple matches, stop and retry only after choosing one `confirmation_requests[].candidates[]` item.
47
- - `select`: single select uses one option string; multi select uses an array of option strings.
48
- - `attachment`: use a supported uploaded/file object from the returned format hints; do not invent remote URLs when the tool asks for upload.
49
- - Reference, formula, auto-fill, readonly, and system fields are not independent writable kinds. Do not force-write the filled target field; update the upstream driving field instead, or surface the blocker.
50
-
51
- `needs_confirmation` means `write_executed=false`: the tool found candidates but did not have enough certainty to write. Do not report it as success or failure. Surface the candidate list if user choice is needed; if the intended candidate is obvious from the user request or prior context, retry with the explicit object and then verify the final value.
52
-
53
- For member or department ambiguity, use the record candidate tools (`record_member_candidates` / `record_department_candidates`, or CLI `qingflow record member-candidates` / `department-candidates`). These follow the same field-scope candidate route as the frontend selector; do not replace them with contact-directory management queries.
23
+ 1. Start with `record_update_schema_get(app_key, record_id)`
24
+ 2. Use only `writable_fields` and `payload_template` from that response
25
+ 3. Read field-level `linkage` before composing updates; it is the static hint for whether a field is a linked source, linked target, reference-driven auto fill field, or formula-driven field
26
+ 4. Build `fields` as a field-title keyed map
27
+ 5. Build `fields` only from that returned field set; MCP will choose the first matched accessible view that can execute the payload
28
+ 6. If a field has `linkage.affects_fields`, treat it as a source field; changing it may also change how other fields are interpreted or auto-filled
29
+ 7. If a field has `linkage.sources`, treat those titles as upstream dependencies that explain why the field matters or why its validation can change
30
+ 8. For `linkage.kind=reference_fill`, prefer updating the source reference field first and treat `role=auto_fill_preferred` or `auto_fill_only` targets as outputs of that reference relationship
31
+ 9. For `linkage.kind=formula_fill`, treat the field as formula/default-auto-fill driven unless the field is still clearly writable and the user explicitly wants to override it
32
+ 10. Keep `verify_write=true` for production updates
33
+ 11. If the write returns `status="needs_confirmation"`, stop and surface the candidates
34
+ 12. Do not assume any arbitrary combination of writable fields will succeed; one single matched accessible view still has to cover the payload
35
+ 13. Do not look for any extra context bucket in update schema; lookup behavior stays inline on the field definitions themselves
36
+ 14. When update context feels unstable, trust `record_update_schema_get`'s route-aware matched-view result over guessed `view_id` or remembered UI scope
37
+ 15. If single-record detail/readback matters, prefer `record_get` after the write and read top-level `fields[]`, `media_assets.items[].local_path`, `file_assets.items[].local_path`, `file_assets.items[].extraction.text_path`, and `semantic_context`; `record_get` follows the frontend storage cookie redirect path for Qingflow attachments, so prefer local paths over remote URLs; use `record_list(..., output_profile="normalized")` only for batch row-shaped normalized readback
38
+ 16. For batch updates, read top-level `mode`, `dry_run`, `total`, `succeeded`, `failed`, `needs_confirmation`, `updated_record_ids`, `write_executed`, `safe_to_retry`, `verification_status`, and `items[].row_number/status/record_id`
39
+ 17. If `write_executed=true`, do not blindly retry the whole batch; use `items[]` and `updated_record_ids` to decide whether only failed rows need repair
54
40
 
55
41
  ## Do Not
56
42
 
57
- - Do not pass legacy `view_key` / `view_name` selectors; use `view_id` only when the frontend/detail view is known
58
- - Do not call `record_update_schema_get` as the normal pre-step for every update
59
- - Do not use applicant/insert schema to decide record update fields
60
- - Do not update fields that were absent from `record_get.fields[]` unless the user explicitly provided a raw field id and you can justify it
43
+ - Do not pass any `view_*` selector
44
+ - Do not update fields missing from `writable_fields`
61
45
  - Do not resolve lookup fields against a guessed record context
62
- - Do not treat a denied intermediate route as final failure when `record_update` later succeeds through another route
46
+ - Do not ignore `linkage.affects_fields` when changing source-like fields on complex forms
47
+ - Do not fall back to guessed browse scopes when `record_update_schema_get` already tells you which matched route can or cannot execute the payload
@@ -1,34 +1,32 @@
1
1
  ---
2
2
  name: qingflow-task-ops
3
- description: Use Qingflow todo discovery, workflow task context, associated approval context, workflow logs, and unified task actions with the current Wingent Momo runtime MCP session. Do not use this skill for record CRUD or final statistical analysis.
3
+ description: Use Qingflow todo discovery, workflow task context, associated approval context, workflow logs, and unified task actions after the MCP is already connected and authenticated. Do not use this skill for record CRUD or final statistical analysis.
4
4
  metadata:
5
5
  short-description: Qingflow task workflow context and actions
6
6
  ---
7
7
 
8
8
  # Qingflow Task Ops
9
9
 
10
- > **Skill 版本**:`qingflow-skills-2026.06.24.2`(入口文档版本;如需确认 CLI 包版本,使用 `qingflow --version` 或 `qingflow --json version`)。
11
-
12
10
  ## Overview
13
11
 
14
12
  This skill is for task workflow operations only.
15
- In Wingent Momo runtime, trust injected MCP credentials, workspace, and route context until a business tool explicitly reports otherwise.
13
+ Assumes MCP is connected, authenticated, and on the correct workspace.
16
14
  Before executing, skim the shared maintenance baseline: [public-surface-sync.md](../qingflow-app-user/references/public-surface-sync.md).
17
15
 
18
16
  ## Default Paths
19
17
 
20
18
  Use exactly one of these default paths:
21
19
 
22
- 1. Find target todos
20
+ 1. Find target todos
23
21
  `task_list`
24
22
 
25
- 2. Read one task context
23
+ 2. Read one task context
26
24
  `task_list -> exact target -> task_get`
27
25
 
28
- 3. Read associated approval context when material to a high-impact recommendation
29
- `task_get -> task_workflow_log_get` and/or material `task_associated_report_detail_get`
26
+ 3. Read associated approval context
27
+ `task_get -> task_associated_report_detail_get` or `task_workflow_log_get`
30
28
 
31
- 4. Execute workflow action
29
+ 4. Execute workflow action
32
30
  `task_list -> exact target -> task_get -> task_action_execute`
33
31
 
34
32
  5. Execute a user-specified action on an already-clear target
@@ -45,26 +43,29 @@ Use exactly one of these default paths:
45
43
  ## Supporting Tools
46
44
 
47
45
  - `app_list`
46
+ - `app_search`
48
47
 
49
48
  ## Standard Operating Order
50
49
 
51
50
  Use one of these two modes:
52
51
 
53
52
  1. Recommendation mode
54
- 1. Trust the current MCP/session when the runtime has already injected credentials; recover auth/workspace only after an actual tool error
55
- 2. Discover the exact target with `task_list`
56
- 3. Read node context with `task_get`
57
- 4. Before giving a high-impact approve/reject/rollback/transfer recommendation, read `task_workflow_log_get`
58
- 5. If `task_get` returns visible `associated_reports`, read the reports that are material to the decision; if a report cannot be read, disclose the gap instead of blocking indefinitely
59
- 6. Give a recommendation only after reviewing the available node context, workflow log when visible, and material associated reports
60
- 7. Wait for explicit user confirmation before `task_action_execute`
53
+ 1. Ensure auth exists
54
+ 2. Ensure workspace is selected
55
+ 3. Discover the exact target with `task_list`
56
+ 4. Read node context with `task_get`
57
+ 5. Before giving any approval recommendation, read `task_workflow_log_get`
58
+ 6. If `task_get` returns any `associated_reports`, read every visible report through `task_associated_report_detail_get`
59
+ 7. Give a recommendation only after reviewing node context, workflow log, and associated reports
60
+ 8. Wait for explicit user confirmation before `task_action_execute`
61
61
 
62
62
  2. User-directed execution mode
63
- 1. Trust the current MCP/session when the runtime has already injected credentials; recover auth/workspace only after an actual tool error
64
- 2. Discover the exact target with `task_list`
65
- 3. If the target or action requirements are ambiguous, read `task_get`; otherwise go straight to `task_action_execute`
66
- 4. Execute through `task_action_execute`
67
- 5. After actions, report whether it succeeded, the `task_id`, the executed action, the final route/status, and any warnings
63
+ 1. Ensure auth exists
64
+ 2. Ensure workspace is selected
65
+ 3. Discover the exact target with `task_list`
66
+ 4. If the target or action requirements are ambiguous, read `task_get`; otherwise go straight to `task_action_execute`
67
+ 5. Execute through `task_action_execute`
68
+ 6. After actions, report the exact `app_key`, `record_id`, `workflow_node_id`, executed action, and any warnings
68
69
 
69
70
  ## Task-Center Rules
70
71
 
@@ -87,8 +88,7 @@ Use one of these two modes:
87
88
  - `ended`
88
89
  - `task_list` is the only public task discovery path in this MCP surface
89
90
  - `task_list --query` uses backend `searchKey` first; only when backend returns zero rows does MCP apply a local fallback match on normalized `app_name / workflow_node_name / app_key / record_id`
90
- - `task_id` must be copied from `task_list.data.items[].task_id`; it is not a row number, list index, record id, or workflow node id
91
- - Use `task_id` directly with `task_get`, `task_workflow_log_get`, `task_associated_report_detail_get`, and `task_action_execute`; do not reconstruct actions from `app_key + record_id + workflow_node_id` unless the user explicitly provided that full locator for troubleshooting
91
+ - Treat `task_id` as a locator only; the action primary key is `app_key + record_id + workflow_node_id`
92
92
  - Default box usage:
93
93
  - `todo`: `task_list -> task_get -> task_workflow_log_get / task_associated_report_detail_get -> recommendation -> explicit user confirmation -> task_action_execute`
94
94
  - `initiated`: `task_list -> record_get`
@@ -106,18 +106,15 @@ Use one of these two modes:
106
106
  - `transfer`
107
107
  - `urge`
108
108
  - `save_only`
109
- - Before high-impact approve/reject/rollback/transfer recommendations, review `task_workflow_log_get` when `task_get.visibility.audit_record_visible=true`
110
- - If `task_get` returns visible `associated_reports`, review material reports with `task_associated_report_detail_get`; for unreadable or irrelevant reports, disclose the limitation instead of blocking the whole task
111
- - QingBI associated report detail follows the frontend/qflow visible chart-data route first; a middle `CHART_SEE` / `40002` from legacy BI data reads is not by itself proof that the task-associated report is invisible.
112
- - Do not give a high-impact approval recommendation based only on `task_get` unless workflow log/report visibility is unavailable and you explicitly state that limitation
109
+ - Before any approve/reject/rollback/transfer recommendation, always review `task_workflow_log_get` when `task_get.visibility.audit_record_visible=true`
110
+ - If `task_get` returns visible `associated_reports`, review each one with `task_associated_report_detail_get`; do not rely on report summary alone
111
+ - Do not give an approval recommendation based only on `task_get`
113
112
  - Do not execute `task_action_execute` until the user explicitly confirms the chosen action
114
113
  - Exception: if the user has already explicitly authorized a concrete action on exact targets, you may execute directly after exact target resolution
115
114
  - Avoid actions on ambiguous tasks or records
116
- - Summarize the final action by `task_id`; include `app_key`, `record_id`, or `workflow_node_id` only as read-only context when the tool returns them, not as the action locator
115
+ - Summarize the final action and the exact `app_key / record_id / workflow_node_id`
117
116
  - `reject` requires `payload.audit_feedback`
118
- - For approve/reject, trust the current task detail or an explicit frontend-provided `formId`; app baseInfo is only a fallback. A baseInfo `40002` is not final task-action denial when `formId` is already known.
119
117
  - `save_only` requires non-empty `fields` and is only available when the backend exposes editable fields for the current node
120
- - For `save_only`, trust `task_get.editable_fields` / `editableQueIds` from the current task node. An app applicant-schema `40002` is not final task denial when the task detail already exposes the editable field.
121
118
  - `task_action_execute` now distinguishes action execution from workflow continuation. Read `verification.runtime_continuation_verified` before claiming the workflow actually moved on.
122
119
  - If `task_action_execute` returns `partial_success` with `WORKFLOW_CONTINUATION_UNVERIFIED`, report the action as sent but the downstream continuation as unverified.
123
120
  - If `task_action_execute` returns `TASK_CONTEXT_VISIBILITY_UNVERIFIED` after a `46001`-style context loss, do not claim the task was already processed unless the workflow log or record state proves it.
@@ -41,3 +41,4 @@ For task ops, always report:
41
41
  - target app or task box
42
42
  - operation type: read, comment, approve, reject, rollback, transfer, urge, or mark_read
43
43
  - affected task ids or record ids
44
+
@@ -14,12 +14,14 @@ Examples:
14
14
 
15
15
  Rules:
16
16
 
17
- - if the user starts from inbox, todo, workload, cc, or bottleneck language, use the public task tools first
18
- - use `task_list` for headline counts and flat browsing; group locally by app or workflow node when buckets matter
19
- - use `task_get`, `task_workflow_log_get`, and `task_associated_report_detail_get` only after locating the exact task
17
+ - if the user starts from inbox, todo, workload, cc, or bottleneck language, use `task_*` first
18
+ - use `task_summary` for headline counts
19
+ - use `task_list` for flat browsing
20
+ - use `task_facets` when worksheet or workflow-node buckets matter
20
21
  - treat task counts as task-center counts, not record counts
21
22
  - switch to `record_get` only after locating the exact business record behind a task
22
23
  - identify the exact target first
23
- - for approve or reject, identify the exact target first; prefer `task_id` from task-center results, then use `task_action_execute` with action `approve` or `reject`
24
+ - for approve or reject, identify the exact `workflow_node_id` first; prefer task-center results or current audit info, then use `task_approve` or `task_reject`
24
25
  - avoid usage-side workflow actions on ambiguous records
25
26
  - summarize the final action and target task ids or record ids
27
+
@@ -0,0 +1,96 @@
1
+ ---
2
+ name: qingflow-workflow-builder
3
+ description: |
4
+ 在已有的轻流应用中,根据业务建模使用 qingflow CLI 声明式搭建工作流。
5
+ 适用场景:应用已存在、字段已就绪,需要创建或更新审批/填写/网关/自动化/抄送流程。
6
+ 不适用场景:应用不存在或字段缺失——应先完成应用搭建(schema apply)再使用本 Skill。
7
+ ---
8
+
9
+ # 轻流工作流搭建 Skill
10
+
11
+ ## 快速索引
12
+
13
+ | 主题 | 文件 |
14
+ |------|------|
15
+ | 依赖命令、能力边界 | [references/01-overview.md](references/01-overview.md) |
16
+ | 更新模式与最小修改原则 | [references/02-update-mode.md](references/02-update-mode.md) |
17
+ | 流程模式速查(线性/分支/回退) | [references/03-flow-patterns.md](references/03-flow-patterns.md) |
18
+ | 阶段 1:业务建模与自检 | [references/04-stage1-business-modeling.md](references/04-stage1-business-modeling.md) |
19
+ | 阶段 2:成员/角色搜索 | [references/05-stage2-members-roles.md](references/05-stage2-members-roles.md) |
20
+ | 阶段 3:Schema + 构建 Spec | [references/06-stage3-build-spec.md](references/06-stage3-build-spec.md) |
21
+ | 阶段 4:验证 Spec | [references/07-stage4-validate-spec.md](references/07-stage4-validate-spec.md) |
22
+ | 阶段 5:Apply + 验证循环 | [references/08-stage5-apply-verify.md](references/08-stage5-apply-verify.md) |
23
+ | 阶段 6:总结报告与回退 | [references/09-stage6-summary.md](references/09-stage6-summary.md) |
24
+ | 节点配置参考 | [references/10-node-config-reference.md](references/10-node-config-reference.md) |
25
+ | 常见问题与排障 | [references/11-troubleshooting.md](references/11-troubleshooting.md) |
26
+
27
+ ---
28
+
29
+ ## 一、思考(Thought):何时启用与前置条件
30
+
31
+ ### 触发条件
32
+
33
+ 当用户要求**在轻流应用中搭建工作流**时启用本 Skill,典型触发语:
34
+
35
+ - "帮我搭建审批流程"
36
+ - "在这个应用里创建工作流"
37
+ - "按照这张流程图实现工作流"
38
+ - "配置流程分支条件"
39
+ - "给这个应用加一个审批节点"
40
+
41
+ ### 前提检查(进入行动前必须完成)
42
+
43
+ 在开始任何搭建操作前,按顺序确认以下条件:
44
+
45
+ 1. **应用存在性**:`qingflow --json app get --app-key <APP_KEY>` 成功返回
46
+ 2. **字段就绪**:`qingflow --json builder app get --app-key <APP_KEY> fields` 返回字段列表,确认业务建模所需字段(如单选框、成员、部门字段)均已存在
47
+ 3. **未启用已有流程**(新建场景):`qingflow --json builder app get --app-key <APP_KEY> flow` 查看 `enabled` 状态,若已有流程则为**更新模式**
48
+
49
+ **不满足时的处理**:
50
+ - 应用不存在 → 先完成应用搭建和字段配置,再继续工作流搭建
51
+ - 字段缺失 → 先补充缺失的字段定义,再继续工作流搭建
52
+ - 应用已启用流程 → 进入更新模式(读取现有 spec 再修改)
53
+
54
+ ### 能力边界
55
+
56
+ | 在范围内 | 超出范围 |
57
+ |----------|----------|
58
+ | 基于已有应用搭建工作流 | 从零创建应用 |
59
+ | 声明式 WorkflowSpec 生成与 apply | 操作复杂命令拼接 |
60
+ | 分支条件(gateway + autoJudges)配置 | 后端不支持的高级特性 |
61
+ | 审批/填写/抄送/自动化节点配置 | 修改字段定义 |
62
+ | 成员/角色搜索用于节点负责人 | 组织架构管理 |
63
+ | 验证 → apply → 校验循环 | 前端 UI 拖拽操作 |
64
+
65
+ 完整命令与依赖说明见 [references/01-overview.md](references/01-overview.md)。
66
+ 本 Skill 中的 `scripts/...` 路径均以 `qingflow-workflow-builder/` 技能根目录为基准;执行脚本时先解析为该技能目录下的实际文件。
67
+
68
+ ---
69
+
70
+ ## 二、行动(Action):核心 SOP
71
+
72
+ 按顺序执行以下阶段,每个阶段详见对应 reference 文件:
73
+
74
+ | 阶段 | 任务 | 参考文件 |
75
+ |------|------|----------|
76
+ | 阶段 0 | 判断是否为更新模式,确认最小修改原则 | [references/02-update-mode.md](references/02-update-mode.md) |
77
+ | 阶段 1 | 提取业务建模,完成七维度业务自检 | [references/04-stage1-business-modeling.md](references/04-stage1-business-modeling.md) |
78
+ | 阶段 2 | 搜索成员/角色,用于节点负责人配置 | [references/05-stage2-members-roles.md](references/05-stage2-members-roles.md) |
79
+ | 阶段 3 | 获取 Schema、读取现有 Spec、构建新 Spec | [references/06-stage3-build-spec.md](references/06-stage3-build-spec.md) |
80
+ | 阶段 4 | 验证 Spec(JSON Schema + 自定义约束) | [references/07-stage4-validate-spec.md](references/07-stage4-validate-spec.md) |
81
+ | 阶段 5 | Apply 工作流并验证部署结果 | [references/08-stage5-apply-verify.md](references/08-stage5-apply-verify.md) |
82
+
83
+ 构建 Spec 前,若对流程模式有疑问,先查阅 [references/03-flow-patterns.md](references/03-flow-patterns.md)。
84
+
85
+ ---
86
+
87
+ ## 三、反思(Reflection):验证与总结
88
+
89
+ | 阶段 | 任务 | 参考文件 |
90
+ |------|------|----------|
91
+ | 阶段 6 | 输出结构化搭建报告,回顾业务完整性 | [references/09-stage6-summary.md](references/09-stage6-summary.md) |
92
+
93
+ 搭建失败时的回退策略、节点配置细节、常见问题排障分别见:
94
+ - [references/09-stage6-summary.md](references/09-stage6-summary.md)
95
+ - [references/10-node-config-reference.md](references/10-node-config-reference.md)
96
+ - [references/11-troubleshooting.md](references/11-troubleshooting.md)
@@ -0,0 +1,8 @@
1
+ identity: qingflow_workflow_builder
2
+ type: skill
3
+ description: 在轻流应用中搭建工作流。从业务建模提取流程结构(含业务完整性自检:规模分级、组织层级、异常路径、状态闭环、角色分离),映射为声明式 WorkflowSpec,通过 qingflow CLI 的 schema/get/apply 三步部署工作流,并验证分支条件与自动化节点配置一致性。
4
+ tags:
5
+ - qingflow
6
+ - workflow
7
+ - builder
8
+ - flow
@@ -0,0 +1,45 @@
1
+ # 轻流工作流搭建:概览与依赖
2
+
3
+ ## 关联文件
4
+
5
+ | 文件 | 说明 |
6
+ |------|------|
7
+ | `manifest.yaml` | 技能清单 |
8
+ | `SKILL.md` | 主流程入口 |
9
+ | `scripts/validate_flow_spec.py` | 工作流 Spec 验证脚本,基于 JSON Schema + 自定义约束 |
10
+ | `scripts/diff_flow_spec.py` | 新旧 Spec 差异分析脚本,辅助更新模式下最小修改原则判断 |
11
+
12
+ ---
13
+
14
+ ## 依赖声明
15
+
16
+ 本 Skill 关键依赖 **qingflow CLI**(已安装于 PATH,详见 `qingflow_cli` Skill)。以下 qingflow 命令为核心操作:
17
+
18
+ | 命令 | 用途 |
19
+ |------|------|
20
+ | `qingflow builder flow schema --json` | 获取最新 WorkflowSpecDTO JSON Schema |
21
+ | `qingflow builder flow get --app-key <KEY>` | 读取当前工作流 spec |
22
+ | `qingflow builder flow apply --app-key <KEY> --spec-file <FILE>` | 部署/更新工作流 |
23
+ | `qingflow builder member search --query <关键词>` | 搜索成员 |
24
+ | `qingflow builder role search --keyword <关键词>` | 搜索角色 |
25
+ | `qingflow --json app get --app-key <KEY>` | 获取应用信息(字段列表等) |
26
+ | `qingflow --json builder app get --app-key <KEY> fields` | 获取应用可搭建字段详情 |
27
+ | `qingflow --json builder app get --app-key <KEY> flow` | 获取流程摘要(是否启用等) |
28
+
29
+ ---
30
+
31
+ ## 能力边界
32
+
33
+ | 在范围内 | 超出范围 |
34
+ |----------|----------|
35
+ | 基于已有应用搭建工作流 | 从零创建应用 |
36
+ | 声明式 WorkflowSpec 生成与 apply | 操作复杂命令拼接 |
37
+ | 分支条件(gateway + autoJudges)配置 | 后端不支持的高级特性 |
38
+ | 审批/填写/抄送/自动化节点配置 | 修改字段定义 |
39
+ | 成员/角色搜索用于节点负责人 | 组织架构管理 |
40
+ | 验证 → apply → 校验循环 | 前端 UI 拖拽操作 |
41
+
42
+ ---
43
+
44
+ ← 返回主流程:[../SKILL.md](../SKILL.md)
45
+ → 下一步:[02-update-mode.md](02-update-mode.md)