@lightcone-ai/daemon 0.9.69 → 0.9.70

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lightcone-ai/daemon",
-  "version": "0.9.69",
+  "version": "0.9.70",
   "type": "module",
   "main": "src/index.js",
   "bin": {

package/src/agent-manager.js

@@ -49,12 +49,14 @@ export class AgentManager {
     const dir = path.join(homedir(), '.lightcone', 'workspace', teamId ?? '_global');
     mkdirSync(path.join(dir, 'artifacts'), { recursive: true });
     mkdirSync(path.join(dir, 'notes'), { recursive: true });
+    mkdirSync(path.join(dir, 'tmp'), { recursive: true });
     return dir;
   }
 
   _workspaceDir(agentId, teamId) {
     const dir = path.join(homedir(), '.lightcone', 'workspace', teamId ?? '_global', agentId);
     mkdirSync(dir, { recursive: true });
+    mkdirSync(path.join(dir, 'tmp'), { recursive: true });
     return dir;
   }
 
@@ -226,6 +228,7 @@ export class AgentManager {
             MACHINE_API_KEY: config.authToken,
             AGENT_ID: agentId,
             TEAM_ID: teamId ?? '',
+            WORKSPACE_DIR: workspaceDir,
           },
         },
       };

package/src/chat-bridge.js

@@ -3,7 +3,7 @@ import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
 import { z } from 'zod';
 import { readFileSync } from 'fs';
-import { extname } from 'path';
+import path, { extname } from 'path';
 
 const cliArgs = process.argv.slice(2);
 function getArg(name) {
@@ -15,6 +15,8 @@ const SERVER_URL      = process.env.SERVER_URL || getArg('--server-url') || 'htt
 const MACHINE_API_KEY = process.env.MACHINE_API_KEY || getArg('--auth-token') || '';
 const AGENT_ID        = process.env.AGENT_ID || getArg('--agent-id') || '';
 const TEAM_ID      = process.env.TEAM_ID || getArg('--team-id') || '';  // injected per-team at spawn time
+const WORKSPACE_DIR = path.resolve(process.env.WORKSPACE_DIR || getArg('--workspace-dir') || process.cwd());
+const TEAM_WORKSPACE_DIR = path.dirname(WORKSPACE_DIR);
 
 // Current active teamId for memory isolation (defaults to spawn-time TEAM_ID)
 let currentTeamId = TEAM_ID;
@@ -51,6 +53,21 @@ function formatBytes(bytes) {
   return `${(bytes / 1024 / 1024).toFixed(1)} MB`;
 }
 
+function isInsideDir(filePath, dir) {
+  const rel = path.relative(dir, filePath);
+  return rel === '' || (!!rel && !rel.startsWith('..') && !path.isAbsolute(rel));
+}
+
+function resolveLocalWorkspaceFile(filePath) {
+  const resolved = path.resolve(WORKSPACE_DIR, filePath);
+  if (isInsideDir(resolved, WORKSPACE_DIR)) return resolved;
+
+  const allowedTeamRoots = ['artifacts', 'notes', 'tmp'].map(dir => path.join(TEAM_WORKSPACE_DIR, dir));
+  if (allowedTeamRoots.some(root => isInsideDir(resolved, root))) return resolved;
+
+  throw new Error(`Local file must be inside the agent workspace or team shared artifacts/notes/tmp directories. Got: ${filePath}`);
+}
+
 async function api(method, path, body) {
   const url = `${SERVER_URL}/internal/agent/${AGENT_ID}${path}`;
   const res = await fetch(url, {
@@ -316,7 +333,7 @@ server.tool('read_workspace', 'Read a file from the shared team workspace (e.g.
       return {
         content: [{
           type: 'text',
-          text: `${path} is a binary workspace file (${summary.mime}, ${formatBytes(summary.bytes)}). Do not read it as text. Use it by path in the Files tab, or use upload_image/read_file_base64 if you need a public URL or local base64.`,
+          text: `${path} is a binary workspace file (${summary.mime}, ${formatBytes(summary.bytes)}). Do not read it as text. Use it by path in the Files tab. If a temporary public URL is needed for a chat preview or external platform, use upload_image separately.`,
         }],
       };
     }
@@ -337,14 +354,15 @@ server.tool('write_workspace', 'Write a file to the shared team workspace. Use t
   return { content: [{ type: 'text', text: `Saved to team workspace: ${path}` }] };
 });
 
-server.tool('write_workspace_file', 'Write a local file directly to the shared team workspace. Prefer this over write_workspace for images/PDFs/binary files so large base64 content never enters the model context.', {
-  file_path: z.string().describe('Absolute path to the local file, e.g. "/home/ubuntu/lightcone/public/cover.png"'),
+server.tool('write_workspace_file', 'Write a local file directly to the shared team workspace. Prefer this over write_workspace for images/PDFs/binary files so large base64 content never enters the model context. The source file may be a relative path under the current agent workspace, or an absolute path inside the agent workspace/team shared artifacts/notes/tmp directories.', {
+  file_path: z.string().describe('Local file path. Relative paths resolve from the current agent workspace. Absolute paths must stay inside the agent/team workspace.'),
   path:      z.string().describe('Destination path relative to team workspace root, e.g. "artifacts/cover.png"'),
 }, async ({ file_path, path }) => {
   if (!currentTeamId) return { content: [{ type: 'text', text: 'No team context.' }] };
-  const ext = extname(path || file_path).toLowerCase();
+  const localPath = resolveLocalWorkspaceFile(file_path);
+  const ext = extname(path || localPath).toLowerCase();
   const mime = WORKSPACE_BINARY_MIME[ext] ?? 'application/octet-stream';
-  const buf = readFileSync(file_path);
+  const buf = readFileSync(localPath);
   const content = `data:${mime};base64,${buf.toString('base64')}`;
   await api('PUT', `/team-memory?path=${encodeURIComponent(path)}&teamId=${encodeURIComponent(currentTeamId)}`, { content });
   return { content: [{ type: 'text', text: `Saved local file to team workspace: ${path} (${mime}, ${formatBytes(buf.length)})` }] };
@@ -429,30 +447,30 @@ server.tool('skill_search', 'Search for skills by keyword across all accessible
 // ── read_file_base64 ──────────────────────────────────────────────────────────
 // Agent 需要在本机读取图片文件内容，转为 base64 后上传服务器
 server.tool('read_file_base64',
-  '读取本机文件内容，返回 base64 编码。用于上传图片到服务器。',
+  '读取本机文件内容，返回 base64 编码。优先使用 write_workspace_file 保存正式产出；只有外部工具明确需要 base64 字符串时才使用。',
   {
-    file_path: z.string().describe('本机文件的绝对路径'),
+    file_path: z.string().describe('本机文件路径。相对路径从当前 agent workspace 解析；绝对路径必须在 agent/team workspace 内。'),
   },
   async ({ file_path }) => {
-    const { readFileSync } = await import('fs');
-    const data = readFileSync(file_path).toString('base64');
+    const localPath = resolveLocalWorkspaceFile(file_path);
+    const data = readFileSync(localPath).toString('base64');
     return { content: [{ type: 'text', text: data }] };
   }
 );
 
 // ── upload_image ──────────────────────────────────────────────────────────────
 server.tool('upload_image',
-  '将本机图片文件（绝对路径）上传到服务器，返回公开可访问的 URL。用于将 QR 码截图等发给用户。',
+  '将本机图片文件上传为临时公开 URL，用于聊天预览、二维码截图或外部平台临时访问。它不会保存正式产出；正式产出必须同时写入 artifacts/，优先使用 write_workspace_file。',
   {
-    file_path: z.string().describe('本机图片文件的绝对路径'),
+    file_path: z.string().describe('本机图片文件路径。相对路径从当前 agent workspace 解析；绝对路径必须在 agent/team workspace 内。'),
   },
   async ({ file_path }) => {
-    const { readFileSync } = await import('fs');
     const { extname, basename } = await import('path');
-    const data = readFileSync(file_path).toString('base64');
-    const filename = basename(file_path);
+    const localPath = resolveLocalWorkspaceFile(file_path);
+    const data = readFileSync(localPath).toString('base64');
+    const filename = basename(localPath);
     const result = await api('POST', '/upload', { filename, data });
-    return { content: [{ type: 'text', text: `上传成功: ${result.url}` }] };
+    return { content: [{ type: 'text', text: `临时公开 URL: ${result.url}\n注意：这不是正式产出存储。如需保留文件，请同时使用 write_workspace_file 保存到 artifacts/。` }] };
   }
 );
 

package/src/drivers/claude.js

@@ -22,7 +22,7 @@ You have MCP tools from the "chat" server. Use ONLY these for communication:
 8. **${t("claim_tasks")}** — Claim tasks by number (supports batch, handles conflicts).
 9. **${t("unclaim_task")}** — Release your claim on a task.
 10. **${t("update_task_status")}** — Change a task's status (e.g. to in_review or done).
-11. **${t("upload_image")}** — Upload an image file to attach to a message. Returns an attachment ID to pass to send_message.
+11. **${t("upload_image")}** — Upload an image file for a temporary public preview URL in a chat message. This is not durable artifact storage.
 12. **${t("view_file")}** — Download an attached image by its attachment ID so you can view it. Use when messages contain image attachments.
 
 CRITICAL RULES:
@@ -189,8 +189,7 @@ When writing a URL next to non-ASCII punctuation (Chinese, Japanese, etc.), alwa
 - **You MUST only read/write files inside your workspace directories.** Never modify files outside these paths:
   - Your personal workspace (shown at startup)
   - The team shared workspace (one level up)
-  - \`/home/ubuntu/lightcone/public/\` — shared web server, for serving completed web artifacts only
-- **NEVER touch other projects or directories** (e.g. \`/home/ubuntu/staircase/\`, \`/home/ubuntu/someproject/\`, etc.) without explicit permission from a human in this conversation.
+- **NEVER touch other projects or directories outside your workspace roots** without explicit permission from a human in this conversation.
 - If a task requires modifying an external codebase, **ask for explicit authorization first**, stating exactly which files you intend to change.
 
 ## Workspace Structure
@@ -209,12 +208,14 @@ Located one level up from your personal workspace. Contains:
 - \`BRIEF.md\` — **read this on every startup**. Set by humans. Defines team mission, conventions, and background.
 - \`KNOWLEDGE.md\` — shared knowledge index. Use \`${t("write_workspace")}\` to record team-level learnings here.
 - \`notes/\` — shared research notes and decisions.
-- \`artifacts/\` — **ALL deliverables go here without exception**: code, scripts, HTML pages, data files, reports, images — everything you produce for a task. **Use \`${t("write_workspace")}({ path: "artifacts/filename.ext", content: "..." })\` to create every output file.** Never create deliverable files anywhere else.
+- \`artifacts/\` — **ALL deliverables go here without exception**: code, scripts, HTML pages, data files, reports, images — everything you produce for a task. Use \`${t("write_workspace")}({ path: "artifacts/filename.ext", content: "..." })\` for text files and \`${t("write_workspace_file")}({ file_path: "tmp/local-file.png", path: "artifacts/file.png" })\` for local binary files. Never create deliverable files anywhere else.
 
 **Write rule:**
 - Personal learnings → \`${t("write_memory")}\`
 - Team-level knowledge → \`${t("write_workspace")}({ path: "KNOWLEDGE.md", ... })\`
-- **Any file you produce for a task** → \`${t("write_workspace")}({ path: "artifacts/your-file.ext", ... })\`
+- **Any file you produce for a task** → \`${t("write_workspace")}({ path: "artifacts/your-file.ext", ... })\` or \`${t("write_workspace_file")}({ file_path, path: "artifacts/your-file.ext" })\`
+
+Temporary local files belong under \`tmp/\` in your personal workspace. If you need to show an image in chat, first save the durable copy to \`artifacts/\`, then optionally call \`${t("upload_image")}\` for a temporary public preview URL.
 
 Example: writing a web page → \`${t("write_workspace")}({ path: "artifacts/job-query.html", content: "<!DOCTYPE html>..." })\`
 
@@ -228,6 +229,7 @@ Example: writing a web page → \`${t("write_workspace")}({ path: "artifacts/job
 **Team memory** (shared filesystem — visible to all agents in the team):
 - \`${t("read_workspace")}({ path })\` — read a team workspace file (e.g. \`"BRIEF.md"\`, \`"KNOWLEDGE.md"\`)
 - \`${t("write_workspace")}({ path, content })\` — write a team workspace file
+- \`${t("write_workspace_file")}({ file_path, path })\` — write a local file from your workspace to a team workspace artifact without putting base64 in context
 - \`${t("list_workspace")}()\` — list all files in the team workspace
 
 ### Startup sequence (CRITICAL)

package/src/drivers/codex.js

@@ -4,12 +4,13 @@ import path from 'path';
 import { buildSystemPrompt as buildClaudeSystemPrompt } from './claude.js';
 import { buildSkillMcpServers } from '../mcp-config.js';
 
-function buildChatBridgeArgs(chatBridgePath, { agentId, teamId, serverUrl, authToken }) {
+function buildChatBridgeArgs(chatBridgePath, { agentId, teamId, serverUrl, authToken, workspaceDir }) {
   const args = [
     chatBridgePath,
     '--agent-id', agentId,
     '--server-url', serverUrl,
     '--auth-token', authToken,
+    '--workspace-dir', workspaceDir,
   ];
   if (teamId) args.push('--team-id', teamId);
   return args;
@@ -77,6 +78,7 @@ export function buildCodexSpawn({
     teamId,
     serverUrl,
     authToken: config.authToken || machineApiKey,
+    workspaceDir,
   });
 
   args.push(

package/src/drivers/kimi.js

@@ -48,6 +48,7 @@ export function buildKimiSpawn({ config, agentId, teamId, workspaceDir, chatBrid
         MACHINE_API_KEY: config.authToken,
         AGENT_ID: agentId,
         TEAM_ID: teamId ?? '',
+        WORKSPACE_DIR: workspaceDir,
       },
     },
   };