@marshulll/openclaw-wecom 0.1.16 → 0.1.18

package/docs/wecom.config.full.example.json

@@ -43,7 +43,8 @@
           "corpSecret": "CORP_SECRET",
           "agentId": 1000001,
           "callbackToken": "CALLBACK_TOKEN",
-          "callbackAesKey": "CALLBACK_AES"
+          "callbackAesKey": "CALLBACK_AES",
+          "pushToken": "PUSH_TOKEN"
         }
       }
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@marshulll/openclaw-wecom",
-  "version": "0.1.16",
+  "version": "0.1.18",
   "type": "module",
   "description": "OpenClaw WeCom channel plugin (intelligent bot + internal app)",
   "author": "OpenClaw",

package/wecom/src/accounts.ts

@@ -88,6 +88,9 @@ export function resolveWecomAccount(params: {
   const callbackAesKey = merged.callbackAesKey?.trim()
     || resolveAccountEnv(params.cfg, accountId, "CALLBACK_AES_KEY")
     || undefined;
+  const pushToken = merged.pushToken?.trim()
+    || resolveAccountEnv(params.cfg, accountId, "PUSH_TOKEN")
+    || undefined;
   const webhookPath = merged.webhookPath?.trim()
     || resolveAccountEnv(params.cfg, accountId, "WEBHOOK_PATH")
     || undefined;
@@ -109,6 +112,7 @@ export function resolveWecomAccount(params: {
     agentId,
     callbackToken,
     callbackAesKey,
+    pushToken,
   };
 
   return {

package/wecom/src/channel.ts

@@ -183,6 +183,7 @@ export const wecomPlugin: ChannelPlugin<ResolvedWecomAccount> = {
         return { stop: () => {} };
       }
       const path = (account.config.webhookPath ?? "/wecom").trim();
+      const pushPath = path.endsWith("/") ? `${path}push` : `${path}/push`;
       const unregister = registerWecomWebhookTarget({
         account,
         config: ctx.cfg as ClawdbotConfig,
@@ -191,7 +192,16 @@ export const wecomPlugin: ChannelPlugin<ResolvedWecomAccount> = {
         path,
         statusSink: (patch) => ctx.setStatus({ accountId: ctx.accountId, ...patch }),
       });
+      const unregisterPush = registerWecomWebhookTarget({
+        account,
+        config: ctx.cfg as ClawdbotConfig,
+        runtime: ctx.runtime,
+        core: ({} as unknown) as any,
+        path: pushPath,
+        statusSink: (patch) => ctx.setStatus({ accountId: ctx.accountId, ...patch }),
+      });
       ctx.log?.info(`[${account.accountId}] wecom webhook registered at ${path}`);
+      ctx.log?.info(`[${account.accountId}] wecom push endpoint registered at ${pushPath}`);
       ctx.setStatus({
         accountId: account.accountId,
         running: true,
@@ -202,6 +212,7 @@ export const wecomPlugin: ChannelPlugin<ResolvedWecomAccount> = {
       return {
         stop: () => {
           unregister();
+          unregisterPush();
           ctx.setStatus({
             accountId: account.accountId,
             running: false,

package/wecom/src/config-schema.ts

@@ -41,6 +41,7 @@ const accountSchema = z.object({
   agentId: z.union([z.string(), z.number()]).optional(),
   callbackToken: z.string().optional(),
   callbackAesKey: z.string().optional(),
+  pushToken: z.string().optional(),
 
   media: z.object({
     tempDir: z.string().optional(),
@@ -85,6 +86,7 @@ export const WecomConfigSchema = ensureJsonSchema(z.object({
   agentId: z.union([z.string(), z.number()]).optional(),
   callbackToken: z.string().optional(),
   callbackAesKey: z.string().optional(),
+  pushToken: z.string().optional(),
 
   media: z.object({
     tempDir: z.string().optional(),

package/wecom/src/monitor.ts

@@ -3,7 +3,7 @@ import type { IncomingMessage, ServerResponse } from "node:http";
 import type { ClawdbotConfig, PluginRuntime } from "openclaw/plugin-sdk";
 
 import type { ResolvedWecomAccount } from "./types.js";
-import { handleWecomAppWebhook } from "./wecom-app.js";
+import { handleWecomAppWebhook, handleWecomPushRequest } from "./wecom-app.js";
 import { handleWecomBotWebhook } from "./wecom-bot.js";
 
 export type WecomRuntimeEnv = {
@@ -55,6 +55,9 @@ export async function handleWecomWebhookRequest(
   const path = resolvePath(req);
   const targets = webhookTargets.get(path);
   if (!targets || targets.length === 0) return false;
+  if (path.endsWith("/push")) {
+    return await handleWecomPushRequest({ req, res, targets });
+  }
   const firstTarget = targets[0];
   const ua = req.headers["user-agent"] ?? "";
   const fwd = req.headers["x-forwarded-for"] ?? "";

package/wecom/src/types.ts

@@ -40,6 +40,7 @@ export type WecomAccountConfig = {
   agentId?: string | number;
   callbackToken?: string;
   callbackAesKey?: string;
+  pushToken?: string;
 
   // Media handling
   media?: {

package/wecom/src/wecom-app.ts

@@ -1,9 +1,9 @@
 import type { IncomingMessage, ServerResponse } from "node:http";
 import crypto from "node:crypto";
 import { XMLParser } from "fast-xml-parser";
-import { mkdir, readdir, rm, stat, writeFile } from "node:fs/promises";
+import { mkdir, readFile, readdir, rm, stat, writeFile } from "node:fs/promises";
 import { tmpdir } from "node:os";
-import { join } from "node:path";
+import { basename, extname, join } from "node:path";
 
 import type { WecomWebhookTarget } from "./monitor.js";
 import { decryptWecomEncrypted, verifyWecomSignature } from "./crypto.js";
@@ -101,6 +101,27 @@ async function readRequestBody(req: IncomingMessage, maxSize = MAX_REQUEST_BODY_
   });
 }
 
+function resolveHeaderToken(req: IncomingMessage): string {
+  const auth = req.headers.authorization ?? "";
+  if (typeof auth === "string" && auth.toLowerCase().startsWith("bearer ")) {
+    return auth.slice(7).trim();
+  }
+  const token = req.headers["x-openclaw-token"];
+  if (typeof token === "string") return token.trim();
+  return "";
+}
+
+function pickFirstString(...values: unknown[]): string {
+  for (const value of values) {
+    if (typeof value === "string" && value.trim()) return value.trim();
+  }
+  return "";
+}
+
+function sleep(ms: number): Promise<void> {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
 function logVerbose(target: WecomWebhookTarget, message: string): void {
   target.runtime.log?.(`[wecom] ${message}`);
 }
@@ -173,6 +194,139 @@ function normalizeMediaType(raw?: string): "image" | "voice" | "video" | "file"
   return null;
 }
 
+function pickString(...values: unknown[]): string {
+  for (const value of values) {
+    if (typeof value === "string" && value.trim()) return value.trim();
+  }
+  return "";
+}
+
+function resolveContentTypeFromExt(ext: string): string {
+  const value = ext.toLowerCase();
+  if (value === "png") return "image/png";
+  if (value === "gif") return "image/gif";
+  if (value === "jpg" || value === "jpeg") return "image/jpeg";
+  if (value === "webp") return "image/webp";
+  if (value === "bmp") return "image/bmp";
+  if (value === "amr") return "audio/amr";
+  if (value === "wav") return "audio/wav";
+  if (value === "mp3") return "audio/mpeg";
+  if (value === "m4a") return "audio/mp4";
+  if (value === "mp4") return "video/mp4";
+  if (value === "mov") return "video/quicktime";
+  if (value === "avi") return "video/x-msvideo";
+  if (value === "pdf") return "application/pdf";
+  if (value === "txt") return "text/plain";
+  if (value === "csv") return "text/csv";
+  if (value === "json") return "application/json";
+  if (value === "doc") return "application/msword";
+  if (value === "docx") return "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
+  if (value === "xls") return "application/vnd.ms-excel";
+  if (value === "xlsx") return "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";
+  if (value === "ppt") return "application/vnd.ms-powerpoint";
+  if (value === "pptx") return "application/vnd.openxmlformats-officedocument.presentationml.presentation";
+  if (value === "zip") return "application/zip";
+  return "application/octet-stream";
+}
+
+function resolveMediaTypeFromContentType(contentType: string): "image" | "voice" | "video" | "file" {
+  const value = contentType.toLowerCase();
+  if (value.startsWith("image/")) return "image";
+  if (value.startsWith("audio/")) return "voice";
+  if (value.startsWith("video/")) return "video";
+  return "file";
+}
+
+function stripFileProtocol(rawPath: string): string {
+  return rawPath.startsWith("file://") ? rawPath.replace(/^file:\/\//, "") : rawPath;
+}
+
+function parseBase64Input(input: string): { data: string; mimeType?: string } {
+  const match = input.match(/^data:([^;]+);base64,(.*)$/i);
+  if (match) {
+    return { data: match[2], mimeType: match[1] };
+  }
+  return { data: input };
+}
+
+function resolveOutboundMediaSpec(payload: any): {
+  type?: string;
+  url?: string;
+  path?: string;
+  base64?: string;
+  filename?: string;
+  mimeType?: string;
+} | null {
+  if (!payload || typeof payload !== "object") return null;
+  const mediaBlockRaw = payload.media ?? payload.attachment ?? payload.file ?? payload.files;
+  const mediaBlock = Array.isArray(mediaBlockRaw) ? mediaBlockRaw[0] : mediaBlockRaw;
+  const url = pickString(
+    payload.mediaUrl,
+    mediaBlock?.url,
+    mediaBlock?.mediaUrl,
+    mediaBlock?.fileUrl,
+    mediaBlock?.file_url,
+  );
+  const path = pickString(
+    payload.mediaPath,
+    payload.filePath,
+    mediaBlock?.path,
+    mediaBlock?.filePath,
+    mediaBlock?.localPath,
+  );
+  const base64 = pickString(
+    payload.mediaBase64,
+    payload.base64,
+    mediaBlock?.base64,
+    mediaBlock?.data,
+  );
+  const type = pickString(payload.mediaType, mediaBlock?.type, mediaBlock?.mediaType);
+  const filename = pickString(payload.filename, payload.fileName, mediaBlock?.filename, mediaBlock?.fileName, mediaBlock?.name);
+  const mimeType = pickString(payload.mimeType, payload.mediaMimeType, mediaBlock?.mimeType, mediaBlock?.contentType);
+  if (!url && !path && !base64) return null;
+  return { type, url, path, base64, filename, mimeType };
+}
+
+async function loadOutboundMedia(params: {
+  payload: any;
+  account: WecomWebhookTarget["account"];
+  maxBytes: number | undefined;
+}): Promise<{ buffer: Buffer; contentType: string; type: "image" | "voice" | "video" | "file"; filename: string } | null> {
+  const spec = resolveOutboundMediaSpec(params.payload);
+  if (!spec) return null;
+
+  let buffer: Buffer | null = null;
+  let contentType = spec.mimeType ?? "";
+  let filename = spec.filename ?? "";
+
+  if (spec.base64) {
+    const parsed = parseBase64Input(spec.base64);
+    buffer = Buffer.from(parsed.data, "base64");
+    if (!contentType && parsed.mimeType) contentType = parsed.mimeType;
+  } else if (spec.path) {
+    const resolvedPath = stripFileProtocol(spec.path);
+    buffer = await readFile(resolvedPath);
+    if (!filename) filename = basename(resolvedPath);
+    if (!contentType) {
+      const ext = extname(resolvedPath).replace(".", "");
+      contentType = resolveContentTypeFromExt(ext);
+    }
+  } else if (spec.url) {
+    const media = await fetchMediaFromUrl(spec.url, params.account);
+    buffer = media.buffer;
+    if (!contentType) contentType = media.contentType;
+  }
+
+  if (!buffer) return null;
+  if (params.maxBytes && buffer.length > params.maxBytes) return null;
+
+  const type = normalizeMediaType(spec.type) ?? resolveMediaTypeFromContentType(contentType || "application/octet-stream");
+  const ext = resolveExtFromContentType(contentType || "application/octet-stream", type);
+  const safeName = sanitizeFilename(filename, `${type}.${ext}`);
+
+  return { buffer, contentType: contentType || resolveContentTypeFromExt(ext), type, filename: safeName };
+}
+
 function sanitizeFilename(name: string, fallback: string): string {
   const base = name.split(/[/\\\\]/).pop() ?? "";
   const trimmed = base.trim();
@@ -329,38 +483,35 @@ async function startAgentForApp(params: {
     cfg: config,
     dispatcherOptions: {
       deliver: async (payload, info) => {
-        const maybeMediaUrl = (payload as any).mediaUrl as string | undefined;
-        const maybeMediaType = (payload as any).mediaType as string | undefined;
-        if (maybeMediaUrl) {
-          try {
-            const media = await fetchMediaFromUrl(maybeMediaUrl, account);
-            const type = normalizeMediaType(maybeMediaType) ?? "file";
-            const ext = resolveExtFromContentType(media.contentType, type);
+        const maxBytes = resolveMediaMaxBytes(target);
+        try {
+          const outbound = await loadOutboundMedia({ payload, account, maxBytes });
+          if (outbound) {
             const mediaId = await uploadWecomMedia({
               account,
-              type: type as "image" | "voice" | "video" | "file",
-              buffer: media.buffer,
-              filename: `${type}.${ext}`,
+              type: outbound.type,
+              buffer: outbound.buffer,
+              filename: outbound.filename,
             });
-            if (type === "image") {
+            if (outbound.type === "image") {
               await sendWecomImage({ account, toUser: fromUser, chatId: isGroup ? chatId : undefined, mediaId });
               logVerbose(target, `app image reply delivered (${info.kind}) to ${fromUser}`);
-            } else if (type === "voice") {
+            } else if (outbound.type === "voice") {
               await sendWecomVoice({ account, toUser: fromUser, chatId: isGroup ? chatId : undefined, mediaId });
               logVerbose(target, `app voice reply delivered (${info.kind}) to ${fromUser}`);
-            } else if (type === "video") {
+            } else if (outbound.type === "video") {
               const title = (payload as any).title as string | undefined;
               const description = (payload as any).description as string | undefined;
               await sendWecomVideo({ account, toUser: fromUser, chatId: isGroup ? chatId : undefined, mediaId, title, description });
               logVerbose(target, `app video reply delivered (${info.kind}) to ${fromUser}`);
-            } else if (type === "file") {
+            } else if (outbound.type === "file") {
               await sendWecomFile({ account, toUser: fromUser, chatId: isGroup ? chatId : undefined, mediaId });
               logVerbose(target, `app file reply delivered (${info.kind}) to ${fromUser}`);
             }
             target.statusSink?.({ lastOutboundAt: Date.now() });
-          } catch (err) {
-            target.runtime.error?.(`wecom app media reply failed: ${String(err)}`);
           }
+        } catch (err) {
+          target.runtime.error?.(`wecom app media reply failed: ${String(err)}`);
         }
 
         const text = markdownToWecomText(core.channel.text.convertMarkdownTables(payload.text ?? "", tableMode));
@@ -599,7 +750,8 @@ async function processAppMessage(params: {
         if (cached) {
           mediaContext = { type: cached.type, path: cached.path, mimeType: cached.mimeType, url: cached.url };
           logVerbose(target, `app file cache hit: ${cached.path}`);
-          messageText = `[用户发送了一个文件: ${fileName || "未知文件"}]\n\n请根据文件内容回复用户。`;
+          const cachedName = fileName || basename(cached.path) || "未知文件";
+          messageText = `[用户发送了一个文件: ${cachedName}，已保存到: ${cached.path}]\n\n请使用 Read 工具查看这个文件的内容并回复用户。`;
         } else {
           const media = await downloadWecomMedia({ account: target.account, mediaId });
         const maxBytes = resolveMediaMaxBytes(target);
@@ -627,7 +779,7 @@ async function processAppMessage(params: {
             size: media.buffer.length,
           });
           logVerbose(target, `app file saved (${media.buffer.length} bytes): ${tempFilePath}`);
-          messageText = `[用户发送了一个文件: ${safeName}]\n\n请根据文件内容回复用户。`;
+          messageText = `[用户发送了一个文件: ${safeName}，已保存到: ${tempFilePath}]\n\n请使用 Read 工具查看这个文件的内容并回复用户。`;
         }
         }
       } catch (err) {
@@ -678,6 +830,163 @@ async function processAppMessage(params: {
   }
 }
 
+type PushMessage = {
+  text?: string;
+  mediaUrl?: string;
+  mediaPath?: string;
+  mediaBase64?: string;
+  mediaType?: string;
+  filename?: string;
+  title?: string;
+  description?: string;
+  delayMs?: number;
+};
+
+type PushPayload = PushMessage & {
+  accountId?: string;
+  toUser?: string;
+  chatId?: string;
+  token?: string;
+  intervalMs?: number;
+  messages?: PushMessage[];
+};
+
+function resolvePushToken(target: WecomWebhookTarget): string {
+  return target.account.config.pushToken?.trim() || "";
+}
+
+function selectPushTarget(targets: WecomWebhookTarget[], accountId?: string): WecomWebhookTarget | undefined {
+  const appTargets = targets.filter((candidate) => shouldHandleApp(candidate));
+  if (!accountId) return appTargets[0];
+  return appTargets.find((candidate) => candidate.account.accountId === accountId);
+}
+
+export async function handleWecomPushRequest(params: {
+  req: IncomingMessage;
+  res: ServerResponse;
+  targets: WecomWebhookTarget[];
+}): Promise<boolean> {
+  const { req, res, targets } = params;
+  if ((req.method ?? "").toUpperCase() !== "POST") {
+    res.statusCode = 405;
+    res.setHeader("Content-Type", "text/plain; charset=utf-8");
+    res.end("Method Not Allowed");
+    return true;
+  }
+
+  let payload: PushPayload | null = null;
+  try {
+    const raw = await readRequestBody(req, MAX_REQUEST_BODY_SIZE);
+    payload = raw ? (JSON.parse(raw) as PushPayload) : {};
+  } catch (err) {
+    res.statusCode = 400;
+    res.setHeader("Content-Type", "application/json; charset=utf-8");
+    res.end(JSON.stringify({ ok: false, error: `Invalid JSON: ${String(err)}` }));
+    return true;
+  }
+
+  const url = new URL(req.url ?? "/", "http://localhost");
+  const accountId = pickFirstString(payload?.accountId, url.searchParams.get("accountId"));
+  const target = selectPushTarget(targets, accountId);
+  if (!target) {
+    res.statusCode = 404;
+    res.setHeader("Content-Type", "application/json; charset=utf-8");
+    res.end(JSON.stringify({ ok: false, error: "No matching WeCom app account" }));
+    return true;
+  }
+
+  const expectedToken = resolvePushToken(target);
+  const requestToken = pickFirstString(
+    payload?.token,
+    url.searchParams.get("token"),
+    resolveHeaderToken(req),
+  );
+  if (expectedToken && expectedToken !== requestToken) {
+    res.statusCode = 403;
+    res.setHeader("Content-Type", "application/json; charset=utf-8");
+    res.end(JSON.stringify({ ok: false, error: "Invalid push token" }));
+    return true;
+  }
+
+  const toUser = pickFirstString(payload?.toUser, url.searchParams.get("toUser"));
+  const chatId = pickFirstString(payload?.chatId, url.searchParams.get("chatId"));
+  if (!toUser && !chatId) {
+    res.statusCode = 400;
+    res.setHeader("Content-Type", "application/json; charset=utf-8");
+    res.end(JSON.stringify({ ok: false, error: "Missing toUser or chatId" }));
+    return true;
+  }
+
+  if (!target.account.corpId || !target.account.corpSecret || !target.account.agentId) {
+    res.statusCode = 500;
+    res.setHeader("Content-Type", "application/json; charset=utf-8");
+    res.end(JSON.stringify({ ok: false, error: "WeCom app not configured" }));
+    return true;
+  }
+
+  const messages = Array.isArray(payload?.messages) && payload?.messages.length > 0
+    ? payload.messages
+    : [payload ?? {}];
+  const intervalMs = typeof payload?.intervalMs === "number" && payload.intervalMs > 0 ? payload.intervalMs : 0;
+  let sent = 0;
+
+  for (const message of messages) {
+    if (message.delayMs && message.delayMs > 0) {
+      await sleep(message.delayMs);
+    }
+    try {
+      const outbound = await loadOutboundMedia({
+        payload: message,
+        account: target.account,
+        maxBytes: resolveMediaMaxBytes(target),
+      });
+      if (outbound) {
+        const mediaId = await uploadWecomMedia({
+          account: target.account,
+          type: outbound.type,
+          buffer: outbound.buffer,
+          filename: outbound.filename,
+        });
+        if (outbound.type === "image") {
+          await sendWecomImage({ account: target.account, toUser, chatId: chatId || undefined, mediaId });
+        } else if (outbound.type === "voice") {
+          await sendWecomVoice({ account: target.account, toUser, chatId: chatId || undefined, mediaId });
+        } else if (outbound.type === "video") {
+          await sendWecomVideo({
+            account: target.account,
+            toUser,
+            chatId: chatId || undefined,
+            mediaId,
+            title: message.title,
+            description: message.description,
+          });
+        } else {
+          await sendWecomFile({ account: target.account, toUser, chatId: chatId || undefined, mediaId });
+        }
+        sent += 1;
+      }
+
+      const text = markdownToWecomText(message.text ?? "");
+      if (text) {
+        await sendWecomText({ account: target.account, toUser, chatId: chatId || undefined, text });
+        sent += 1;
+      }
+    } catch (err) {
+      target.runtime.error?.(`wecom push failed: ${String(err)}`);
+    }
+
+    if (intervalMs) {
+      await sleep(intervalMs);
+    }
+  }
+
+  target.statusSink?.({ lastOutboundAt: Date.now() });
+  res.statusCode = 200;
+  res.setHeader("Content-Type", "application/json; charset=utf-8");
+  res.end(JSON.stringify({ ok: true, sent }));
+  return true;
+}
+
 export async function handleWecomAppWebhook(params: {
   req: IncomingMessage;
   res: ServerResponse;

package/wecom/src/wecom-bot.ts

@@ -1,8 +1,8 @@
 import type { IncomingMessage, ServerResponse } from "node:http";
 import crypto from "node:crypto";
-import { mkdir, readdir, rm, stat, writeFile } from "node:fs/promises";
+import { mkdir, readFile, readdir, rm, stat, writeFile } from "node:fs/promises";
 import { tmpdir } from "node:os";
-import { join } from "node:path";
+import { basename, extname, join } from "node:path";
 
 import type { PluginRuntime } from "openclaw/plugin-sdk";
 
@@ -414,49 +414,44 @@ async function startAgentForStream(params: {
     cfg: config,
     dispatcherOptions: {
       deliver: async (payload) => {
-        const maybeMediaUrl = (payload as any).mediaUrl as string | undefined;
-        const maybeMediaType = (payload as any).mediaType as string | undefined;
         const canBridgeMedia = account.config.botMediaBridge !== false
           && Boolean(account.corpId && account.corpSecret && account.agentId);
         const toChatId = chatType === "group" ? chatId : undefined;
 
-        if (maybeMediaUrl && canBridgeMedia) {
+        if (canBridgeMedia) {
           try {
-            const media = await fetchMediaFromUrl(maybeMediaUrl, account);
-            const type = normalizeMediaType(maybeMediaType) ?? "file";
-            const ext = media.contentType.includes("png") ? "png"
-              : media.contentType.includes("gif") ? "gif"
-              : media.contentType.includes("jpeg") || media.contentType.includes("jpg") ? "jpg"
-              : media.contentType.includes("mp4") ? "mp4"
-              : media.contentType.includes("amr") ? "amr"
-              : media.contentType.includes("wav") ? "wav"
-              : media.contentType.includes("mp3") ? "mp3"
-              : "bin";
+            const outbound = await loadOutboundMedia({
+              payload,
+              account,
+              maxBytes: resolveMediaMaxBytes(target),
+            });
+            if (outbound) {
             const mediaId = await uploadWecomMedia({
               account,
-              type: type as "image" | "voice" | "video" | "file",
-              buffer: media.buffer,
-              filename: `${type}.${ext}`,
+              type: outbound.type,
+              buffer: outbound.buffer,
+              filename: outbound.filename,
             });
-            if (type === "image") {
+            if (outbound.type === "image") {
               await sendWecomImage({ account, toUser: userid, chatId: toChatId, mediaId });
-            } else if (type === "voice") {
+            } else if (outbound.type === "voice") {
               await sendWecomVoice({ account, toUser: userid, chatId: toChatId, mediaId });
-            } else if (type === "video") {
+            } else if (outbound.type === "video") {
               const title = (payload as any).title as string | undefined;
               const description = (payload as any).description as string | undefined;
               await sendWecomVideo({ account, toUser: userid, chatId: toChatId, mediaId, title, description });
-            } else if (type === "file") {
+            } else if (outbound.type === "file") {
               await sendWecomFile({ account, toUser: userid, chatId: toChatId, mediaId });
             }
             const current = streams.get(streamId);
             if (current) {
-              const note = mediaSentLabel(type);
+              const note = mediaSentLabel(outbound.type);
               const nextText = current.content ? `${current.content}\n\n${note}` : note;
               current.content = truncateUtf8Bytes(nextText.trim(), STREAM_MAX_BYTES);
               current.updatedAt = Date.now();
             }
             target.statusSink?.({ lastOutboundAt: Date.now() });
+            }
           } catch (err) {
             target.runtime.error?.(`[${account.accountId}] wecom bot media bridge failed: ${String(err)}`);
           }
@@ -594,11 +589,21 @@ async function buildBotMediaMessage(params: {
     const cacheKey = buildMediaCacheKey({ url, base64 });
     const cached = await getCachedMedia(cacheKey, resolveMediaRetentionMs(target));
     if (cached) {
-      const text = msgtype === "image" && cached.summary
-        ? `[用户发送了一张图片]\n\n[图片识别结果]\n${cached.summary}\n\n请根据识别结果回复用户。`
-        : buildInboundMediaPrompt(msgtype, filename);
+      if (msgtype === "image" && cached.summary) {
+        return {
+          text: `[用户发送了一张图片]\n\n[图片识别结果]\n${cached.summary}\n\n请根据识别结果回复用户。`,
+          media: cached.media,
+        };
+      }
+      if (msgtype === "file") {
+        const safeName = sanitizeFilename(filename || basename(cached.media.path), "file");
+        return {
+          text: `[用户发送了一个文件: ${safeName}，已保存到: ${cached.media.path}]\n\n请使用 Read 工具查看这个文件的内容并回复用户。`,
+          media: cached.media,
+        };
+      }
       return {
-        text,
+        text: buildInboundMediaPrompt(msgtype, filename),
         media: cached.media,
       };
     }
@@ -656,7 +661,7 @@ async function buildBotMediaMessage(params: {
       };
       storeCachedMedia(cacheKey, media, buffer.length);
       return {
-        text: buildInboundMediaPrompt("file", safeName),
+        text: `[用户发送了一个文件: ${safeName}，已保存到: ${tempFilePath}]\n\n请使用 Read 工具查看这个文件的内容并回复用户。`,
         media,
       };
     }
@@ -790,6 +795,132 @@ function normalizeMediaType(raw?: string): "image" | "voice" | "video" | "file"
   return null;
 }
 
+function resolveContentTypeFromExt(ext: string): string {
+  const value = ext.toLowerCase();
+  if (value === "png") return "image/png";
+  if (value === "gif") return "image/gif";
+  if (value === "jpg" || value === "jpeg") return "image/jpeg";
+  if (value === "webp") return "image/webp";
+  if (value === "bmp") return "image/bmp";
+  if (value === "amr") return "audio/amr";
+  if (value === "wav") return "audio/wav";
+  if (value === "mp3") return "audio/mpeg";
+  if (value === "m4a") return "audio/mp4";
+  if (value === "mp4") return "video/mp4";
+  if (value === "mov") return "video/quicktime";
+  if (value === "avi") return "video/x-msvideo";
+  if (value === "pdf") return "application/pdf";
+  if (value === "txt") return "text/plain";
+  if (value === "csv") return "text/csv";
+  if (value === "json") return "application/json";
+  if (value === "doc") return "application/msword";
+  if (value === "docx") return "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
+  if (value === "xls") return "application/vnd.ms-excel";
+  if (value === "xlsx") return "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";
+  if (value === "ppt") return "application/vnd.ms-powerpoint";
+  if (value === "pptx") return "application/vnd.openxmlformats-officedocument.presentationml.presentation";
+  if (value === "zip") return "application/zip";
+  return "application/octet-stream";
+}
+
+function resolveMediaTypeFromContentType(contentType: string): "image" | "voice" | "video" | "file" {
+  const value = contentType.toLowerCase();
+  if (value.startsWith("image/")) return "image";
+  if (value.startsWith("audio/")) return "voice";
+  if (value.startsWith("video/")) return "video";
+  return "file";
+}
+
+function stripFileProtocol(rawPath: string): string {
+  return rawPath.startsWith("file://") ? rawPath.replace(/^file:\/\//, "") : rawPath;
+}
+
+function parseBase64Input(input: string): { data: string; mimeType?: string } {
+  const match = input.match(/^data:([^;]+);base64,(.*)$/i);
+  if (match) {
+    return { data: match[2], mimeType: match[1] };
+  }
+  return { data: input };
+}
+
+function resolveOutboundMediaSpec(payload: any): {
+  type?: string;
+  url?: string;
+  path?: string;
+  base64?: string;
+  filename?: string;
+  mimeType?: string;
+} | null {
+  if (!payload || typeof payload !== "object") return null;
+  const mediaBlockRaw = payload.media ?? payload.attachment ?? payload.file ?? payload.files;
+  const mediaBlock = Array.isArray(mediaBlockRaw) ? mediaBlockRaw[0] : mediaBlockRaw;
+  const url = pickString(
+    payload.mediaUrl,
+    mediaBlock?.url,
+    mediaBlock?.mediaUrl,
+    mediaBlock?.fileUrl,
+    mediaBlock?.file_url,
+  );
+  const path = pickString(
+    payload.mediaPath,
+    payload.filePath,
+    mediaBlock?.path,
+    mediaBlock?.filePath,
+    mediaBlock?.localPath,
+  );
+  const base64 = pickString(
+    payload.mediaBase64,
+    payload.base64,
+    mediaBlock?.base64,
+    mediaBlock?.data,
+  );
+  const type = pickString(payload.mediaType, mediaBlock?.type, mediaBlock?.mediaType);
+  const filename = pickString(payload.filename, payload.fileName, mediaBlock?.filename, mediaBlock?.fileName, mediaBlock?.name);
+  const mimeType = pickString(payload.mimeType, payload.mediaMimeType, mediaBlock?.mimeType, mediaBlock?.contentType);
+  if (!url && !path && !base64) return null;
+  return { type, url, path, base64, filename, mimeType };
+}
+
+async function loadOutboundMedia(params: {
+  payload: any;
+  account: ResolvedWecomAccount;
+  maxBytes: number | undefined;
+}): Promise<{ buffer: Buffer; contentType: string; type: "image" | "voice" | "video" | "file"; filename: string } | null> {
+  const spec = resolveOutboundMediaSpec(params.payload);
+  if (!spec) return null;
+
+  let buffer: Buffer | null = null;
+  let contentType = spec.mimeType ?? "";
+  let filename = spec.filename ?? "";
+
+  if (spec.base64) {
+    const parsed = parseBase64Input(spec.base64);
+    buffer = Buffer.from(parsed.data, "base64");
+    if (!contentType && parsed.mimeType) contentType = parsed.mimeType;
+  } else if (spec.path) {
+    const resolvedPath = stripFileProtocol(spec.path);
+    buffer = await readFile(resolvedPath);
+    if (!filename) filename = basename(resolvedPath);
+    if (!contentType) {
+      const ext = extname(resolvedPath).replace(".", "");
+      contentType = resolveContentTypeFromExt(ext);
+    }
+  } else if (spec.url) {
+    const media = await fetchMediaFromUrl(spec.url, params.account);
+    buffer = media.buffer;
+    if (!contentType) contentType = media.contentType;
+  }
+
+  if (!buffer) return null;
+  if (params.maxBytes && buffer.length > params.maxBytes) return null;
+
+  const type = normalizeMediaType(spec.type) ?? resolveMediaTypeFromContentType(contentType || "application/octet-stream");
+  const ext = resolveExtFromContentType(contentType || "application/octet-stream", type);
+  const safeName = sanitizeFilename(filename, `${type}.${ext}`);
+
+  return { buffer, contentType: contentType || resolveContentTypeFromExt(ext), type, filename: safeName };
+}
+
 function mediaSentLabel(type: string): string {
   if (type === "image") return "[已发送图片]";
   if (type === "voice") return "[已发送语音]";