@kodelyth/feishu 2026.5.39 → 2026.6.1

package/dist/monitor.state-C211a4tX.js

@@ -0,0 +1,100 @@
+import { t as probeFeishu } from "./probe-CF4duEpK.js";
+import { normalizeLowercaseStringOrEmpty } from "klaw/plugin-sdk/string-coerce-runtime";
+import { WEBHOOK_ANOMALY_COUNTER_DEFAULTS, WEBHOOK_RATE_LIMIT_DEFAULTS, createFixedWindowRateLimiter, createWebhookAnomalyTracker } from "klaw/plugin-sdk/webhook-ingress";
+//#region extensions/feishu/src/monitor.startup.ts
+const FEISHU_STARTUP_BOT_INFO_TIMEOUT_DEFAULT_MS = 3e4;
+const FEISHU_STARTUP_BOT_INFO_TIMEOUT_ENV = "KLAW_FEISHU_STARTUP_PROBE_TIMEOUT_MS";
+function resolveStartupProbeTimeoutMs() {
+	const raw = process.env[FEISHU_STARTUP_BOT_INFO_TIMEOUT_ENV];
+	if (raw) {
+		const parsed = Number(raw);
+		if (Number.isFinite(parsed) && parsed > 0) return Math.floor(parsed);
+		console.warn(`[feishu] ${FEISHU_STARTUP_BOT_INFO_TIMEOUT_ENV}="${raw}" is invalid; using default ${FEISHU_STARTUP_BOT_INFO_TIMEOUT_DEFAULT_MS}ms`);
+	}
+	return FEISHU_STARTUP_BOT_INFO_TIMEOUT_DEFAULT_MS;
+}
+const FEISHU_STARTUP_BOT_INFO_TIMEOUT_MS = resolveStartupProbeTimeoutMs();
+function isTimeoutErrorMessage(message) {
+	const lower = normalizeLowercaseStringOrEmpty(message);
+	return lower.includes("timeout") || lower.includes("timed out");
+}
+function isAbortErrorMessage(message) {
+	return normalizeLowercaseStringOrEmpty(message).includes("aborted");
+}
+async function fetchBotIdentityForMonitor(account, options = {}) {
+	if (options.abortSignal?.aborted) return {};
+	const timeoutMs = options.timeoutMs ?? FEISHU_STARTUP_BOT_INFO_TIMEOUT_MS;
+	const result = await probeFeishu(account, {
+		timeoutMs,
+		abortSignal: options.abortSignal
+	});
+	if (result.ok) return {
+		botOpenId: result.botOpenId,
+		botName: result.botName
+	};
+	const probeError = result.error ?? void 0;
+	if (options.abortSignal?.aborted || isAbortErrorMessage(probeError)) return {};
+	if (isTimeoutErrorMessage(probeError)) (options.runtime?.error ?? console.error)(`feishu[${account.accountId}]: bot info probe timed out after ${timeoutMs}ms; continuing startup`);
+	return {};
+}
+//#endregion
+//#region extensions/feishu/src/monitor.state.ts
+const wsClients = /* @__PURE__ */ new Map();
+const httpServers = /* @__PURE__ */ new Map();
+const botOpenIds = /* @__PURE__ */ new Map();
+const botNames = /* @__PURE__ */ new Map();
+const FEISHU_WEBHOOK_MAX_BODY_BYTES = 64 * 1024;
+const FEISHU_WEBHOOK_BODY_TIMEOUT_MS = 5e3;
+const FEISHU_WEBHOOK_RATE_LIMIT_FALLBACK_DEFAULTS = {
+	windowMs: 6e4,
+	maxRequests: 120,
+	maxTrackedKeys: 4096
+};
+const FEISHU_WEBHOOK_ANOMALY_FALLBACK_DEFAULTS = {
+	maxTrackedKeys: 4096,
+	ttlMs: 360 * 6e4,
+	logEvery: 25
+};
+function coercePositiveInt(value, fallback) {
+	if (typeof value !== "number" || !Number.isFinite(value)) return fallback;
+	const normalized = Math.floor(value);
+	return normalized > 0 ? normalized : fallback;
+}
+function resolveFeishuWebhookRateLimitDefaultsForTest(defaults) {
+	const resolved = defaults;
+	return {
+		windowMs: coercePositiveInt(resolved?.windowMs, FEISHU_WEBHOOK_RATE_LIMIT_FALLBACK_DEFAULTS.windowMs),
+		maxRequests: coercePositiveInt(resolved?.maxRequests, FEISHU_WEBHOOK_RATE_LIMIT_FALLBACK_DEFAULTS.maxRequests),
+		maxTrackedKeys: coercePositiveInt(resolved?.maxTrackedKeys, FEISHU_WEBHOOK_RATE_LIMIT_FALLBACK_DEFAULTS.maxTrackedKeys)
+	};
+}
+function resolveFeishuWebhookAnomalyDefaultsForTest(defaults) {
+	const resolved = defaults;
+	return {
+		maxTrackedKeys: coercePositiveInt(resolved?.maxTrackedKeys, FEISHU_WEBHOOK_ANOMALY_FALLBACK_DEFAULTS.maxTrackedKeys),
+		ttlMs: coercePositiveInt(resolved?.ttlMs, FEISHU_WEBHOOK_ANOMALY_FALLBACK_DEFAULTS.ttlMs),
+		logEvery: coercePositiveInt(resolved?.logEvery, FEISHU_WEBHOOK_ANOMALY_FALLBACK_DEFAULTS.logEvery)
+	};
+}
+const feishuWebhookRateLimitDefaults = resolveFeishuWebhookRateLimitDefaultsForTest(WEBHOOK_RATE_LIMIT_DEFAULTS);
+const feishuWebhookAnomalyDefaults = resolveFeishuWebhookAnomalyDefaultsForTest(WEBHOOK_ANOMALY_COUNTER_DEFAULTS);
+const feishuWebhookRateLimiter = createFixedWindowRateLimiter({
+	windowMs: feishuWebhookRateLimitDefaults.windowMs,
+	maxRequests: feishuWebhookRateLimitDefaults.maxRequests,
+	maxTrackedKeys: feishuWebhookRateLimitDefaults.maxTrackedKeys
+});
+const feishuWebhookAnomalyTracker = createWebhookAnomalyTracker({
+	maxTrackedKeys: feishuWebhookAnomalyDefaults.maxTrackedKeys,
+	ttlMs: feishuWebhookAnomalyDefaults.ttlMs,
+	logEvery: feishuWebhookAnomalyDefaults.logEvery
+});
+function recordWebhookStatus(runtime, accountId, path, statusCode) {
+	feishuWebhookAnomalyTracker.record({
+		key: `${accountId}:${path}:${statusCode}`,
+		statusCode,
+		log: runtime?.log ?? console.log,
+		message: (count) => `feishu[${accountId}]: webhook anomaly path=${path} status=${statusCode} count=${count}`
+	});
+}
+//#endregion
+export { feishuWebhookRateLimiter as a, wsClients as c, botOpenIds as i, fetchBotIdentityForMonitor as l, FEISHU_WEBHOOK_MAX_BODY_BYTES as n, httpServers as o, botNames as r, recordWebhookStatus as s, FEISHU_WEBHOOK_BODY_TIMEOUT_MS as t };

package/dist/probe-CF4duEpK.js

@@ -0,0 +1,149 @@
+import { t as __exportAll } from "./rolldown-runtime-DUslC3ob.js";
+import { r as createFeishuClient } from "./client-D1pzbBGo.js";
+import { formatErrorMessage } from "klaw/plugin-sdk/error-runtime";
+//#region extensions/feishu/src/async.ts
+const RACE_TIMEOUT = Symbol("race-timeout");
+const RACE_ABORT = Symbol("race-abort");
+async function raceWithTimeoutAndAbort(promise, options = {}) {
+	if (options.abortSignal?.aborted) return { status: "aborted" };
+	if (options.timeoutMs === void 0 && !options.abortSignal) return {
+		status: "resolved",
+		value: await promise
+	};
+	let timeoutHandle;
+	let abortHandler;
+	const contenders = [promise];
+	if (options.timeoutMs !== void 0) contenders.push(new Promise((resolve) => {
+		timeoutHandle = setTimeout(() => resolve(RACE_TIMEOUT), options.timeoutMs);
+	}));
+	if (options.abortSignal) contenders.push(new Promise((resolve) => {
+		abortHandler = () => resolve(RACE_ABORT);
+		options.abortSignal?.addEventListener("abort", abortHandler, { once: true });
+	}));
+	try {
+		const result = await Promise.race(contenders);
+		if (result === RACE_TIMEOUT) return { status: "timeout" };
+		if (result === RACE_ABORT) return { status: "aborted" };
+		return {
+			status: "resolved",
+			value: result
+		};
+	} finally {
+		if (timeoutHandle) clearTimeout(timeoutHandle);
+		if (abortHandler) options.abortSignal?.removeEventListener("abort", abortHandler);
+	}
+}
+function waitForAbortableDelay(delayMs, abortSignal) {
+	if (abortSignal?.aborted) return Promise.resolve(false);
+	return new Promise((resolve) => {
+		let settled = false;
+		let timer;
+		let handleAbort;
+		const finish = (value) => {
+			if (settled) return;
+			settled = true;
+			if (timer) clearTimeout(timer);
+			if (handleAbort) abortSignal?.removeEventListener("abort", handleAbort);
+			resolve(value);
+		};
+		handleAbort = () => {
+			finish(false);
+		};
+		abortSignal?.addEventListener("abort", handleAbort, { once: true });
+		if (abortSignal?.aborted) {
+			finish(false);
+			return;
+		}
+		timer = setTimeout(() => finish(true), delayMs);
+		timer.unref?.();
+	});
+}
+//#endregion
+//#region extensions/feishu/src/probe.ts
+var probe_exports = /* @__PURE__ */ __exportAll({
+	FEISHU_PROBE_REQUEST_TIMEOUT_MS: () => FEISHU_PROBE_REQUEST_TIMEOUT_MS,
+	probeFeishu: () => probeFeishu
+});
+/** Cache probe results to reduce repeated health-check calls.
+* Gateway health checks call probeFeishu() every minute; without caching this
+* burns ~43,200 calls/month, easily exceeding Feishu's free-tier quota.
+* Successful bot info is effectively static, while failures are cached briefly
+* to avoid hammering the API during transient outages. */
+const probeCache = /* @__PURE__ */ new Map();
+const PROBE_SUCCESS_TTL_MS = 600 * 1e3;
+const PROBE_ERROR_TTL_MS = 60 * 1e3;
+const MAX_PROBE_CACHE_SIZE = 64;
+const FEISHU_PROBE_REQUEST_TIMEOUT_MS = 1e4;
+function setCachedProbeResult(cacheKey, result, ttlMs) {
+	probeCache.set(cacheKey, {
+		result,
+		expiresAt: Date.now() + ttlMs
+	});
+	if (probeCache.size > MAX_PROBE_CACHE_SIZE) {
+		const oldest = probeCache.keys().next().value;
+		if (oldest !== void 0) probeCache.delete(oldest);
+	}
+	return result;
+}
+async function probeFeishu(creds, options = {}) {
+	if (!creds?.appId || !creds?.appSecret) return {
+		ok: false,
+		error: "missing credentials (appId, appSecret)"
+	};
+	if (options.abortSignal?.aborted) return {
+		ok: false,
+		appId: creds.appId,
+		error: "probe aborted"
+	};
+	const timeoutMs = options.timeoutMs ?? 1e4;
+	const cacheKey = creds.accountId ?? `${creds.appId}:${creds.appSecret.slice(0, 8)}`;
+	const cached = probeCache.get(cacheKey);
+	if (cached && cached.expiresAt > Date.now()) return cached.result;
+	try {
+		const responseResult = await raceWithTimeoutAndAbort(createFeishuClient(creds).request({
+			method: "POST",
+			url: "/open-apis/bot/v1/klaw_bot/ping",
+			data: { needBotInfo: true },
+			timeout: timeoutMs
+		}), {
+			timeoutMs,
+			abortSignal: options.abortSignal
+		});
+		if (responseResult.status === "aborted") return {
+			ok: false,
+			appId: creds.appId,
+			error: "probe aborted"
+		};
+		if (responseResult.status === "timeout") return setCachedProbeResult(cacheKey, {
+			ok: false,
+			appId: creds.appId,
+			error: `probe timed out after ${timeoutMs}ms`
+		}, PROBE_ERROR_TTL_MS);
+		const response = responseResult.value;
+		if (options.abortSignal?.aborted) return {
+			ok: false,
+			appId: creds.appId,
+			error: "probe aborted"
+		};
+		if (response.code !== 0) return setCachedProbeResult(cacheKey, {
+			ok: false,
+			appId: creds.appId,
+			error: `API error: ${response.msg || `code ${response.code}`}`
+		}, PROBE_ERROR_TTL_MS);
+		const botInfo = response.data?.pingBotInfo;
+		return setCachedProbeResult(cacheKey, {
+			ok: true,
+			appId: creds.appId,
+			botName: botInfo?.botName,
+			botOpenId: botInfo?.botID
+		}, PROBE_SUCCESS_TTL_MS);
+	} catch (err) {
+		return setCachedProbeResult(cacheKey, {
+			ok: false,
+			appId: creds.appId,
+			error: formatErrorMessage(err)
+		}, PROBE_ERROR_TTL_MS);
+	}
+}
+//#endregion
+export { waitForAbortableDelay as i, probe_exports as n, raceWithTimeoutAndAbort as r, probeFeishu as t };

package/dist/rolldown-runtime-DUslC3ob.js

@@ -0,0 +1,14 @@
+import "node:module";
+//#region \0rolldown/runtime.js
+var __defProp = Object.defineProperty;
+var __exportAll = (all, no_symbols) => {
+	let target = {};
+	for (var name in all) __defProp(target, name, {
+		get: all[name],
+		enumerable: true
+	});
+	if (!no_symbols) __defProp(target, Symbol.toStringTag, { value: "Module" });
+	return target;
+};
+//#endregion
+export { __exportAll as t };

package/dist/runtime-DSh5rL_d.js

@@ -0,0 +1,8 @@
+import { createPluginRuntimeStore } from "klaw/plugin-sdk/runtime-store";
+//#region extensions/feishu/src/runtime.ts
+const { setRuntime: setFeishuRuntime, getRuntime: getFeishuRuntime } = createPluginRuntimeStore({
+	pluginId: "feishu",
+	errorMessage: "Feishu runtime not initialized"
+});
+//#endregion
+export { setFeishuRuntime as n, getFeishuRuntime as t };

package/dist/runtime-api.js

@@ -0,0 +1,14 @@
+import { n as setFeishuRuntime } from "./runtime-DSh5rL_d.js";
+import { normalizeAgentId } from "klaw/plugin-sdk/routing";
+import { createReplyPrefixContext } from "klaw/plugin-sdk/channel-message";
+import { createChannelPairingController } from "klaw/plugin-sdk/channel-pairing";
+import { PAIRING_APPROVED_MESSAGE, buildProbeChannelStatusSummary, createDefaultChannelRuntimeState } from "klaw/plugin-sdk/channel-status";
+import { chunkTextForOutbound } from "klaw/plugin-sdk/text-chunking";
+import { DEFAULT_ACCOUNT_ID, buildChannelConfigSchema, createActionGate, createDedupeCache } from "klaw/plugin-sdk/core";
+import { buildAgentMediaPayload } from "klaw/plugin-sdk/agent-media-payload";
+import { evaluateSupplementalContextVisibility, filterSupplementalContextItems, resolveChannelContextVisibilityMode } from "klaw/plugin-sdk/context-visibility-runtime";
+import { loadSessionStore, resolveSessionStoreEntry } from "klaw/plugin-sdk/session-store-runtime";
+import { readJsonFileWithFallback } from "klaw/plugin-sdk/json-store";
+import { createPersistentDedupe } from "klaw/plugin-sdk/persistent-dedupe";
+import { isRequestBodyLimitError, readRequestBodyWithLimit, requestBodyErrorToText } from "klaw/plugin-sdk/webhook-ingress";
+export { DEFAULT_ACCOUNT_ID, PAIRING_APPROVED_MESSAGE, buildAgentMediaPayload, buildChannelConfigSchema, buildProbeChannelStatusSummary, chunkTextForOutbound, createActionGate, createChannelPairingController, createDedupeCache, createDefaultChannelRuntimeState, createPersistentDedupe, createReplyPrefixContext, evaluateSupplementalContextVisibility, filterSupplementalContextItems, isRequestBodyLimitError, loadSessionStore, normalizeAgentId, readJsonFileWithFallback, readRequestBodyWithLimit, requestBodyErrorToText, resolveChannelContextVisibilityMode, resolveSessionStoreEntry, setFeishuRuntime };

package/dist/secret-contract-NSee-WzN.js

@@ -0,0 +1,119 @@
+import { collectConditionalChannelFieldAssignments, collectSimpleChannelFieldAssignments, getChannelSurface, hasOwnProperty, normalizeSecretStringValue } from "klaw/plugin-sdk/channel-secret-basic-runtime";
+//#region extensions/feishu/src/secret-contract.ts
+const secretTargetRegistryEntries = [
+	{
+		id: "channels.feishu.accounts.*.appSecret",
+		targetType: "channels.feishu.accounts.*.appSecret",
+		configFile: "klaw.json",
+		pathPattern: "channels.feishu.accounts.*.appSecret",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.accounts.*.encryptKey",
+		targetType: "channels.feishu.accounts.*.encryptKey",
+		configFile: "klaw.json",
+		pathPattern: "channels.feishu.accounts.*.encryptKey",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.accounts.*.verificationToken",
+		targetType: "channels.feishu.accounts.*.verificationToken",
+		configFile: "klaw.json",
+		pathPattern: "channels.feishu.accounts.*.verificationToken",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.appSecret",
+		targetType: "channels.feishu.appSecret",
+		configFile: "klaw.json",
+		pathPattern: "channels.feishu.appSecret",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.encryptKey",
+		targetType: "channels.feishu.encryptKey",
+		configFile: "klaw.json",
+		pathPattern: "channels.feishu.encryptKey",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.verificationToken",
+		targetType: "channels.feishu.verificationToken",
+		configFile: "klaw.json",
+		pathPattern: "channels.feishu.verificationToken",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	}
+];
+function collectRuntimeConfigAssignments(params) {
+	const resolved = getChannelSurface(params.config, "feishu");
+	if (!resolved) return;
+	const { channel: feishu, surface } = resolved;
+	collectSimpleChannelFieldAssignments({
+		channelKey: "feishu",
+		field: "appSecret",
+		channel: feishu,
+		surface,
+		defaults: params.defaults,
+		context: params.context,
+		topInactiveReason: "no enabled account inherits this top-level Feishu appSecret.",
+		accountInactiveReason: "Feishu account is disabled."
+	});
+	const baseConnectionMode = normalizeSecretStringValue(feishu.connectionMode) === "webhook" ? "webhook" : "websocket";
+	const resolveAccountMode = (account) => hasOwnProperty(account, "connectionMode") ? normalizeSecretStringValue(account.connectionMode) : baseConnectionMode;
+	collectConditionalChannelFieldAssignments({
+		channelKey: "feishu",
+		field: "encryptKey",
+		channel: feishu,
+		surface,
+		defaults: params.defaults,
+		context: params.context,
+		topLevelActiveWithoutAccounts: baseConnectionMode === "webhook",
+		topLevelInheritedAccountActive: ({ account, enabled }) => enabled && !hasOwnProperty(account, "encryptKey") && resolveAccountMode(account) === "webhook",
+		accountActive: ({ account, enabled }) => enabled && resolveAccountMode(account) === "webhook",
+		topInactiveReason: "no enabled Feishu webhook-mode surface inherits this top-level encryptKey.",
+		accountInactiveReason: "Feishu account is disabled or not running in webhook mode."
+	});
+	collectConditionalChannelFieldAssignments({
+		channelKey: "feishu",
+		field: "verificationToken",
+		channel: feishu,
+		surface,
+		defaults: params.defaults,
+		context: params.context,
+		topLevelActiveWithoutAccounts: baseConnectionMode === "webhook",
+		topLevelInheritedAccountActive: ({ account, enabled }) => enabled && !hasOwnProperty(account, "verificationToken") && resolveAccountMode(account) === "webhook",
+		accountActive: ({ account, enabled }) => enabled && resolveAccountMode(account) === "webhook",
+		topInactiveReason: "no enabled Feishu webhook-mode surface inherits this top-level verificationToken.",
+		accountInactiveReason: "Feishu account is disabled or not running in webhook mode."
+	});
+}
+const channelSecrets = {
+	secretTargetRegistryEntries,
+	collectRuntimeConfigAssignments
+};
+//#endregion
+export { collectRuntimeConfigAssignments as n, secretTargetRegistryEntries as r, channelSecrets as t };

package/dist/secret-contract-api.js

@@ -0,0 +1,2 @@
+import { n as collectRuntimeConfigAssignments, r as secretTargetRegistryEntries, t as channelSecrets } from "./secret-contract-NSee-WzN.js";
+export { channelSecrets, collectRuntimeConfigAssignments, secretTargetRegistryEntries };

package/dist/security-audit-DWVC0vSK.js

@@ -0,0 +1,11 @@
+import "./security-audit-shared-Dpcwxeft.js";
+//#region extensions/feishu/src/message-action-contract.ts
+const messageActionTargetAliases = {
+	read: { aliases: ["messageId"] },
+	pin: { aliases: ["messageId"] },
+	unpin: { aliases: ["messageId"] },
+	"list-pins": { aliases: ["chatId"] },
+	"channel-info": { aliases: ["chatId"] }
+};
+//#endregion
+export { messageActionTargetAliases as t };

package/dist/security-audit-shared-Dpcwxeft.js

@@ -0,0 +1,38 @@
+import { hasConfiguredSecretInput } from "klaw/plugin-sdk/secret-input";
+//#region extensions/feishu/src/security-audit-shared.ts
+function asRecord(value) {
+	return value && typeof value === "object" && !Array.isArray(value) ? value : void 0;
+}
+function hasNonEmptyString(value) {
+	return typeof value === "string" && value.trim().length > 0;
+}
+function isFeishuDocToolEnabled(cfg) {
+	const feishu = asRecord(asRecord(cfg.channels)?.feishu);
+	if (!feishu || feishu.enabled === false) return false;
+	const baseTools = asRecord(feishu.tools);
+	const baseDocEnabled = baseTools?.doc !== false;
+	const baseAppId = hasNonEmptyString(feishu.appId);
+	const baseAppSecret = hasConfiguredSecretInput(feishu.appSecret, cfg.secrets?.defaults);
+	const baseConfigured = baseAppId && baseAppSecret;
+	const accounts = asRecord(feishu.accounts);
+	if (!accounts || Object.keys(accounts).length === 0) return baseDocEnabled && baseConfigured;
+	for (const accountValue of Object.values(accounts)) {
+		const account = asRecord(accountValue) ?? {};
+		if (account.enabled === false) continue;
+		if (!((asRecord(account.tools) ?? baseTools)?.doc !== false)) continue;
+		if ((hasNonEmptyString(account.appId) || baseAppId) && (hasConfiguredSecretInput(account.appSecret, cfg.secrets?.defaults) || baseAppSecret)) return true;
+	}
+	return false;
+}
+function collectFeishuSecurityAuditFindings(params) {
+	if (!isFeishuDocToolEnabled(params.cfg)) return [];
+	return [{
+		checkId: "channels.feishu.doc_owner_open_id",
+		severity: "warn",
+		title: "Feishu doc create can grant requester permissions",
+		detail: "channels.feishu tools include \"doc\"; feishu_doc action \"create\" can grant document access to the trusted requesting Feishu user.",
+		remediation: "Disable channels.feishu.tools.doc when not needed, and restrict tool access for untrusted prompts."
+	}];
+}
+//#endregion
+export { collectFeishuSecurityAuditFindings as t };

package/dist/security-contract-api.js

@@ -0,0 +1,2 @@
+import { t as collectFeishuSecurityAuditFindings } from "./security-audit-shared-Dpcwxeft.js";
+export { collectFeishuSecurityAuditFindings };