@raolin2025/claude-code-node 1.1.0 → 2.0.0

package/src/core/cost-tracker.js

@@ -0,0 +1,171 @@
+/**
+ * 费用追踪 (Cost Tracking) — API 调用费用计算和报告
+ * 
+ * 支持主流模型的价格表，自动根据 model 名称匹配价格。
+ * 对应原版: src/utils/costTracker.ts
+ */
+
+// ============================================================
+// 模型价格表（美元 / 1M tokens）
+// ============================================================
+
+const PRICING = {
+  // DeepSeek
+  'deepseek-chat':           { input: 0.27,  output: 1.10,  cache_read: 0.07 },
+  'deepseek-reasoner':       { input: 0.55,  output: 2.19,  cache_read: 0.14 },
+
+  // OpenAI
+  'gpt-4o':                  { input: 2.50,  output: 10.00 },
+  'gpt-4o-mini':             { input: 0.15,  output: 0.60 },
+  'gpt-4.1':                 { input: 2.00,  output: 8.00 },
+  'gpt-4.1-mini':            { input: 0.40,  output: 1.60 },
+  'gpt-4.1-nano':            { input: 0.10,  output: 0.40 },
+  'o3':                      { input: 2.00,  output: 8.00 },
+  'o3-mini':                 { input: 1.10,  output: 4.40 },
+  'o4-mini':                 { input: 1.10,  output: 4.40 },
+
+  // 通义千问 (Qwen)
+  'qwen-plus':               { input: 0.50,  output: 2.00 },
+  'qwen-turbo':              { input: 0.05,  output: 0.20 },
+  'qwen-max':                { input: 2.00,  output: 6.00 },
+  'qwen-long':               { input: 0.07,  output: 0.28 },
+
+  // 智谱 GLM
+  'glm-4-flash':             { input: 0.10,  output: 0.10 },
+  'glm-4-plus':              { input: 0.50,  output: 0.50 },
+  'glm-4':                   { input: 1.00,  output: 1.00 },
+  'glm-4-long':              { input: 0.10,  output: 0.10 },
+
+  // Moonshot Kimi
+  'moonshot-v1-8k':          { input: 0.50,  output: 2.00 },
+  'moonshot-v1-32k':         { input: 1.00,  output: 4.00 },
+  'moonshot-v1-128k':        { input: 2.00,  output: 8.00 },
+
+  // Ollama (本地免费)
+  'ollama':                  { input: 0,     output: 0 },
+}
+
+// 默认价格（未匹配到的模型）
+const DEFAULT_PRICING = { input: 0.50, output: 2.00 }
+
+/**
+ * 根据模型名查找价格
+ */
+function findPricing(model) {
+  if (!model) return DEFAULT_PRICING
+
+  // 精确匹配
+  if (PRICING[model]) return PRICING[model]
+
+  // 前缀匹配 (e.g. "deepseek-chat-v3" → "deepseek-chat")
+  for (const [key, price] of Object.entries(PRICING)) {
+    if (model.startsWith(key) || model.includes(key)) return price
+  }
+
+  // Ollama 系列全部免费
+  if (model.includes('ollama') || model.includes('local') || model.includes('localhost')) {
+    return PRICING.ollama
+  }
+
+  return DEFAULT_PRICING
+}
+
+/**
+ * 费用追踪器
+ */
+export class CostTracker {
+  constructor(options = {}) {
+    this.model = options.model || ''
+    this.pricing = findPricing(this.model)
+    this.totalInputTokens = 0
+    this.totalOutputTokens = 0
+    this.totalCacheReadTokens = 0
+    this.totalApiCalls = 0
+    this.history = []  // 每次 API 调用的记录
+  }
+
+  /** 切换模型（更新价格表） */
+  setModel(model) {
+    this.model = model
+    this.pricing = findPricing(model)
+  }
+
+  /** 记录一次 API 调用 */
+  recordUsage(usage) {
+    const inputTokens = usage.input_tokens || usage.prompt_tokens || 0
+    const outputTokens = usage.output_tokens || usage.completion_tokens || 0
+    const cacheReadTokens = usage.cache_read_input_tokens || 0
+
+    const cost = this.calculateCost(inputTokens, outputTokens, cacheReadTokens)
+
+    this.totalInputTokens += inputTokens
+    this.totalOutputTokens += outputTokens
+    this.totalCacheReadTokens += cacheReadTokens
+    this.totalApiCalls++
+
+    this.history.push({
+      timestamp: Date.now(),
+      inputTokens,
+      outputTokens,
+      cacheReadTokens,
+      cost,
+    })
+
+    return cost
+  }
+
+  /** 计算单次费用 */
+  calculateCost(inputTokens, outputTokens, cacheReadTokens = 0) {
+    const cost = {
+      input: (inputTokens / 1_000_000) * this.pricing.input,
+      output: (outputTokens / 1_000_000) * this.pricing.output,
+      cacheRead: (cacheReadTokens / 1_000_000) * (this.pricing.cache_read || 0),
+    }
+    cost.total = cost.input + cost.output + cost.cacheRead
+    return cost
+  }
+
+  /** 获取总费用 */
+  getTotalCost() {
+    const cost = this.calculateCost(
+      this.totalInputTokens,
+      this.totalOutputTokens,
+      this.totalCacheReadTokens
+    )
+    return cost
+  }
+
+  /** 格式化费用报告 */
+  formatReport() {
+    const cost = this.getTotalCost()
+    const lines = [
+      `💰 Cost Report — ${this.model}`,
+      `   API Calls:     ${this.totalApiCalls}`,
+      `   Input Tokens:  ${this.totalInputTokens.toLocaleString()} → $${cost.input.toFixed(4)}`,
+      `   Output Tokens: ${this.totalOutputTokens.toLocaleString()} → $${cost.output.toFixed(4)}`,
+    ]
+    if (this.totalCacheReadTokens > 0) {
+      lines.push(`   Cache Read:    ${this.totalCacheReadTokens.toLocaleString()} → $${cost.cacheRead.toFixed(4)}`)
+    }
+    lines.push(`   ───────────────────────────────`)
+    lines.push(`   Total:         $${cost.total.toFixed(4)}`)
+    return lines.join('\n')
+  }
+
+  /** 简短格式（单行） */
+  formatShort() {
+    const cost = this.getTotalCost()
+    return `$${cost.total.toFixed(4)} (${this.totalApiCalls} calls, ${this.totalInputTokens.toLocaleString()}+${this.totalOutputTokens.toLocaleString()} tok)`
+  }
+
+  /** 重置 */
+  reset() {
+    this.totalInputTokens = 0
+    this.totalOutputTokens = 0
+    this.totalCacheReadTokens = 0
+    this.totalApiCalls = 0
+    this.history = []
+  }
+}
+
+export { PRICING, findPricing }

package/src/core/paths.js

@@ -0,0 +1,12 @@
+/**
+ * 共享路径常量 — cc-node 和 cc-notify 共用
+ */
+import { join } from 'path'
+import { homedir } from 'os'
+
+export const SOCK_DIR = join(homedir(), '.cc-node')
+export const SOCK_PATH = join(SOCK_DIR, 'repl.sock')
+export const CC_NODE_PID = join(SOCK_DIR, 'cc-node.pid')
+export const CC_NOTIFY_PID = join(SOCK_DIR, 'cc-notify.pid')
+export const CC_NOTIFY_LOG = join(SOCK_DIR, 'cc-notify.log')
+export const DEFAULT_HTTP_PORT = 3456

package/src/core/query-engine.js

@@ -12,8 +12,12 @@
  * 适用于: OpenAI / DeepSeek / Qwen / GLM / Kimi / Ollama / vLLM / LM Studio / 任何兼容接口
  */
 import crypto from 'crypto'
-import { Message, UserMessage, AssistantMessage, SystemMessage, ToolCall, ToolResult, SessionState } from '../types/index.js'
+import { UserMessage, AssistantMessage, ToolCall, ToolResult, SessionState } from '../types/index.js'
+import { parseStream, parseNonStreamResponse } from './streaming.js'
+import { autoCompact } from './compact.js'
+import { CostTracker } from './cost-tracker.js'
 import { EnhancedPermissionChecker } from '../security/enhanced-permission.js'
+import { checkHostSafety } from '../security/ssrf-guard.js'
 
 /**
  * 配置选项
@@ -35,6 +39,9 @@ export class QueryEngineConfig {
     this.apiKey = options.apiKey || process.env.LLM_API_KEY || process.env.DEEPSEEK_API_KEY || process.env.OPENAI_API_KEY || process.env.QWEN_API_KEY || process.env.GLM_API_KEY || process.env.KIMI_API_KEY || ''
     // API Base — DeepSeek 为默认
     this.apiBase = options.apiBase || process.env.LLM_API_BASE || 'https://api.deepseek.com/v1'
+    this.noStream = options.noStream || false
+    this.costTracker = options.costTracker || null
+    this.tokenBudget = options.tokenBudget || null
     this.initialMessages = options.initialMessages || []
   }
 }
@@ -51,6 +58,8 @@ export class QueryEngine {
       projectDir: this.config.cwd,
     })
     this.abortController = null
+    this.costTracker = this.config.costTracker || new CostTracker({ model: this.config.model })
+    this.tokenBudget = this.config.tokenBudget || null
   }
 
   /**
@@ -66,6 +75,15 @@ export class QueryEngine {
     const userMsg = new UserMessage(userInput)
     this.state.messages.push(userMsg)
 
+    // M3: 自动上下文压缩
+    if (this.tokenBudget) {
+      const { compacted, messages } = autoCompact(this.state.messages, this.tokenBudget)
+      if (compacted) {
+        this.state.messages = messages
+        if (this.config.verbose) console.error('[compact] Context compressed to fit token budget')
+      }
+    }
+
     try {
       const result = await this._runToolLoop(userMsg)
       return result
@@ -81,12 +99,11 @@ export class QueryEngine {
    * 最多跑 maxTurns 次
    */
   async _runToolLoop(userMessage) {
-    let currentMessages = [...this.state.messages]
     let finalResponse = ''
 
     for (let turn = 0; turn < this.config.maxTurns; turn++) {
-      const requestMessages = this._buildRequest(currentMessages)
-      const response = await this._callLLM(requestMessages, currentMessages)
+      const requestMessages = this._buildRequest(this.state.messages)
+      const response = await this._callLLM(requestMessages, this.state.messages)
 
       if (this.abortController.signal.aborted) {
         throw new Error('操作已取消')
@@ -95,40 +112,22 @@ export class QueryEngine {
       // 没有工具调用 → 最终回复
       if (!response.toolCalls || response.toolCalls.length === 0) {
         finalResponse = response.content
-        const assistantMsg = new AssistantMessage(response.content)
-        this.state.messages.push(assistantMsg)
+        this.state.messages.push(new AssistantMessage(response.content))
         break
       }
 
-      // 有工具调用 → 记录助手消息
-      const assistantMsg = new AssistantMessage(response.content, response.toolCalls)
-      this.state.messages.push(assistantMsg)
+      // 有工具调用 → 记录 assistant 消息（含 tool_calls）
+      this.state.messages.push(new AssistantMessage(response.content, response.toolCalls))
 
       // 执行工具
       const toolResults = await this._executeToolCalls(response.toolCalls)
 
-      // 工具结果加入消息流（OpenAI 兼容格式）
+      // 工具结果加入 state.messages（OpenAI 兼容格式）
       for (const result of toolResults) {
-        // 先加 assistant 的 tool_calls 消息
-        currentMessages.push({
-          role: 'assistant',
-          content: null,
-          tool_calls: [{
-            id: result.toolCallId,
-            type: 'function',
-            function: {
-              name: result.toolName || '',
-              arguments: '{}',
-            },
-          }],
-        })
-        // 再加 tool 结果消息
-        currentMessages.push({
+        this.state.messages.push({
           role: 'tool',
           tool_call_id: result.toolCallId,
-          content: result.isError
-            ? `[ERROR] ${result.content}`
-            : result.content,
+          content: result.isError ? `[ERROR] ${result.content}` : result.content,
         })
         this.state.toolResults.set(result.toolCallId, result)
       }
@@ -150,7 +149,7 @@ export class QueryEngine {
   }
 
   /**
-   * 构建 LLM 请求消息列表
+   * 构建 LLM 请求消息列表 — 统一 OpenAI 兼容格式
    */
   _buildRequest(messages) {
     const request = []
@@ -160,37 +159,53 @@ export class QueryEngine {
       request.push({ role: 'system', content: this.config.systemPrompt })
     }
 
-    // 历史消息
+    // 历史消息 — 转换为 OpenAI 兼容格式
     for (const msg of messages) {
       if (msg.role === 'system') {
         request.push({ role: 'system', content: msg.content })
       } else if (msg.role === 'user') {
         request.push({ role: 'user', content: this._formatContent(msg.content) })
       } else if (msg.role === 'assistant') {
-        const content = []
-        if (msg.content) content.push({ type: 'text', text: msg.content })
-        if (msg.toolCalls) {
-          for (const tc of msg.toolCalls) {
-            content.push({ type: 'tool_use', id: tc.id, name: tc.name, input: tc.input })
-          }
+        // 带 tool_calls 的 assistant 消息：OpenAI 格式
+        if (msg.toolCalls && msg.toolCalls.length > 0) {
+          request.push({
+            role: 'assistant',
+            content: msg.content || null,
+            tool_calls: msg.toolCalls.map(tc => ({
+              id: tc.id,
+              type: 'function',
+              function: { name: tc.name, arguments: typeof tc.input === 'string' ? tc.input : JSON.stringify(tc.input) },
+            })),
+          })
+        } else {
+          // 纯文本 assistant 消息
+          request.push({ role: 'assistant', content: this._formatContent(msg.content) })
         }
-        request.push({ role: 'assistant', content })
+      } else if (msg.role === 'tool') {
+        // tool 结果消息 — 直接透传
+        request.push({
+          role: 'tool',
+          tool_call_id: msg.tool_call_id,
+          content: typeof msg.content === 'string' ? msg.content : JSON.stringify(msg.content),
+        })
       }
     }
 
     return request
   }
 
+
   /**
    * 执行工具调用
    */
   async _executeToolCalls(toolCalls) {
     const results = []
     for (const tc of toolCalls) {
-      // 安全检查（一票否决）
+      // 安全检查
       const permResult = await this.permissionChecker.check(tc.name, tc.input)
       if (!permResult.allowed) {
-        results.push(new ToolResult(tc.id, `工具调用被安全策略拒绝: ${tc.name} — ${permResult.reason || ''}`, true))
+        results.push(new ToolResult(tc.id, `工具调用被安全策略拒绝: ${tc.name} — ${permResult.reason || ""}`, true))
+        results[results.length - 1].toolName = tc.name
         continue
       }
 
@@ -198,6 +213,7 @@ export class QueryEngine {
       const tool = this.config.tools.find(t => t.name === tc.name)
       if (!tool) {
         results.push(new ToolResult(tc.id, `未找到工具: ${tc.name}`, true))
+        results[results.length - 1].toolName = tc.name
         continue
       }
 
@@ -206,7 +222,6 @@ export class QueryEngine {
         const content = await tool.handler(tc.input, { cwd: this.config.cwd, engine: this })
         tc.status = 'done'
         results.push(new ToolResult(tc.id, typeof content === 'string' ? content : JSON.stringify(content), false))
-        // 记录工具名用于消息构建
         results[results.length - 1].toolName = tc.name
       } catch (err) {
         tc.status = 'error'
@@ -217,19 +232,6 @@ export class QueryEngine {
     return results
   }
 
-  /**
-   * 调用 LLM API — OpenAI 兼容协议（全行业通用）
-   *
-   * 支持的提供商（举例）:
-   * - DeepSeek:      https://api.deepseek.com/v1
-   * - 通义千问:       https://dashscope.aliyuncs.com/compatible-mode/v1
-   * - 智谱 GLM:       https://open.bigmodel.cn/api/paas/v4
-   * - Moonshot Kimi:  https://api.moonshot.cn/v1
-   * - Ollama 本地:    http://localhost:11434/v1
-   * - vLLM:          http://localhost:8000/v1
-   * - LM Studio:     http://localhost:1234/v1
-   * - OpenAI:        https://api.openai.com/v1
-   */
   async _callLLM(messages, contextMessages) {
     const apiKey = this.config.apiKey
     const apiBase = this.config.apiBase
@@ -237,69 +239,162 @@ export class QueryEngine {
     if (!apiKey) {
       throw new Error(
         `未设置 API Key。请设置以下环境变量之一:\n` +
-        `  LLM_API_KEY=xxx          (通用，推荐)\n` +
-        `  DEEPSEEK_API_KEY=xxx     (DeepSeek)\n` +
-        `  OPENAI_API_KEY=xxx       (OpenAI)\n` +
-        `  QWEN_API_KEY=xxx         (通义千问)\n` +
-        `  GLM_API_KEY=xxx          (智谱 GLM)\n` +
-        `  KIMI_API_KEY=xxx         (Moonshot Kimi)\n` +
+        `  LLM_API_KEY=xxx (通用，推荐)\n` +
+        `  DEEPSEEK_API_KEY=xxx (DeepSeek)\n` +
+        `  OPENAI_API_KEY=xxx (OpenAI)\n` +
+        `  QWEN_API_KEY=xxx (通义千问)\n` +
+        `  GLM_API_KEY=xxx (智谱 GLM)\n` +
+        `  KIMI_API_KEY=xxx (Moonshot Kimi)\n` +
         `或通过 --api-key 参数传入`
       )
     }
 
     if (!apiBase) {
       throw new Error(
-        `未设置 API Base URL。默认使用 https://api.deepseek.com/v1
-` +
-        `可通过 LLM_API_BASE 或 --api-base 参数切换其他提供商，例如:\n` +
-        `  --api-base https://dashscope.aliyuncs.com/compatible-mode/v1   (通义千问)\n` +
-        `  --api-base https://open.bigmodel.cn/api/paas/v4              (智谱 GLM)\n` +
-        `  --api-base https://api.moonshot.cn/v1                         (Moonshot Kimi)\n` +
-        `  --api-base http://localhost:11434/v1                          (Ollama 本地)\n` +
-        `  --api-base http://localhost:8000/v1                           (vLLM 本地)\n` +
-        `  --api-base https://api.openai.com/v1                          (OpenAI)`
+        `未设置 API Base URL。默认使用 https://api.deepseek.com/v1 ` +
+        `可通过 LLM_API_BASE 或 --api-base 参数切换其他提供商`
       )
     }
 
-    // 构建工具定义 — OpenAI function-calling 格式
+    // 构建工具定义
     const tools = this.config.tools.map(t => ({
       type: 'function',
-      function: {
-        name: t.name,
-        description: t.description,
-        parameters: t.parameters,
-      },
+      function: { name: t.name, description: t.description, parameters: t.parameters },
     }))
 
+    const useStream = !this.config.noStream
     const body = {
       model: this.config.model,
       messages,
       max_tokens: 4096,
       ...(tools.length && { tools }),
+      ...(useStream && { stream: true }),
     }
 
     const url = apiBase.replace(/\/+$/, '') + '/chat/completions'
 
-    const response = await fetch(url, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        'Authorization': `Bearer ${apiKey}`,
-      },
-      body: JSON.stringify(body),
-      signal: this.abortController?.signal,
-    })
-
-    if (!response.ok) {
-      const errText = await response.text()
-      throw new Error(`API 错误 ${response.status}: ${errText}`)
+    // H3 修复：SSRF 防护 — 在 fetch 之前检查 API 主机名
+    try {
+      const parsedUrl = new URL(url)
+      const hostResult = await checkHostSafety(parsedUrl.hostname)
+      if (!hostResult.allowed) {
+        throw new Error(`SSRF blocked: ${hostResult.reason}`)
+      }
+    } catch (err) {
+      if (err.message.startsWith('SSRF blocked:')) {
+        throw err
+      }
+      // URL 解析错误忽略，让 fetch 自己处理
     }
 
-    const data = await response.json()
-    return this._parseResponse(data)
+    // 带重试的 fetch
+    const maxRetries = 3
+    let lastError = null
+    for (let attempt = 1; attempt <= maxRetries; attempt++) {
+      try {
+        if (this.abortController?.signal?.aborted) {
+          throw new Error('请求已取消')
+        }
+
+        const response = await fetch(url, {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${apiKey}`,
+          },
+          body: JSON.stringify(body),
+          signal: this.abortController?.signal,
+        })
+
+        if (!response.ok) {
+          const errText = await response.text()
+          // 429/503 可重试
+          if ((response.status === 429 || response.status === 503) && attempt < maxRetries) {
+            const waitMs = response.status === 429 ? 2000 * attempt : 1000
+            if (this.config.verbose) {
+              console.error(`[retry] API ${response.status}, waiting ${waitMs}ms (attempt ${attempt}/${maxRetries})`)
+            }
+            await new Promise(r => setTimeout(r, waitMs))
+            continue
+          }
+          throw new Error(`API 错误 ${response.status}: ${errText}`)
+        }
+
+        // 流式或非流式处理
+        if (useStream && response.body) {
+          return await this._handleStreamResponse(response)
+        } else {
+          const data = await response.json()
+          const result = parseNonStreamResponse(data)
+          // M4: 记录非流式响应费用
+          if (result.usage && this.costTracker) {
+            this.costTracker.recordUsage(result.usage)
+          }
+          if (this.tokenBudget && result.usage) {
+            this.tokenBudget.recordUsage(result.usage)
+          }
+          return result
+        }
+      } catch (err) {
+        lastError = err
+        // 网络错误重试
+        if (err.name !== 'AbortError' && attempt < maxRetries && !err.message.startsWith('API 错误')) {
+          const waitMs = 1000 * attempt
+          if (this.config.verbose) {
+            console.error(`[retry] Network error: ${err.message}, waiting ${waitMs}ms (attempt ${attempt}/${maxRetries})`)
+          }
+          await new Promise(r => setTimeout(r, waitMs))
+          continue
+        }
+        throw err
+      }
+    }
+    throw lastError
   }
 
   /**
+   * 处理流式响应 — 逐 token 输出
+   */
+  async _handleStreamResponse(response) {
+    const result = { content: '', toolCalls: [], usage: {} }
+    let currentText = ''
+
+    try {
+      for await (const event of parseStream(response)) {
+        if (event.type === 'text') {
+          // 实时输出到终端
+          process.stdout.write(event.text)
+          currentText += event.text
+        } else if (event.type === 'tool_use') {
+          // 收集工具调用
+          result.toolCalls.push(new ToolCall(
+            event.toolCall.id,
+            event.toolCall.name,
+            event.toolCall.input
+          ))
+        } else if (event.type === 'done') {
+          result.content = event.result.content || currentText
+          result.toolCalls = event.result.toolCalls?.map(tc =>
+            new ToolCall(tc.id, tc.name, tc.input)
+          ) || result.toolCalls
+          result.usage = event.result.usage || {}
+        }
+      }
+    } catch (err) {
+      // 流中断 — 返回已收到的内容
+      result.content = currentText || ''
+      if (this.config.verbose) {
+        console.error(`[stream] interrupted: ${err.message}`)
+      }
+    }
+
+    // 流式输出后换行
+    if (currentText) process.stdout.write('\n')
+
+    return result
+  }
+
+    /**
    * 解析 OpenAI 兼容响应
    */
   _parseResponse(data) {
@@ -322,6 +417,14 @@ export class QueryEngine {
       result.toolCalls.push(new ToolCall(tc.id, tc.function.name, input))
     }
 
+    // M4: 记录 API 调用费用
+    if (result.usage && this.costTracker) {
+      this.costTracker.recordUsage(result.usage)
+    }
+    if (this.tokenBudget && result.usage) {
+      this.tokenBudget.recordUsage(result.usage)
+    }
+
     return result
   }
 

package/src/core/session.js

@@ -2,10 +2,8 @@
  * 会话管理
  * 对应原版: src/utils/sessionState.ts + src/utils/sessionStorage.ts
  */
-import { readFile, writeFile, mkdir, readdir, rm } from 'fs/promises'
+import { readFile, writeFile, mkdir, readdir, rm, chmod } from 'fs/promises'
 import { resolve, join } from 'path'
-import { existsSync } from 'fs'
-import { SessionState } from '../types/index.js'
 
 const DEFAULT_SESSIONS_DIR = '.claude-code/sessions'
 
@@ -15,9 +13,9 @@ export class SessionManager {
     this.currentSession = null
   }
 
-  /** 确保会话目录存在 */
+  /** 确保会话目录存在（v1.1: 目录权限 0700） */
   async ensureDir() {
-    await mkdir(this.sessionsDir, { recursive: true })
+    await mkdir(this.sessionsDir, { recursive: true, mode: 0o700 })
   }
 
   /** 创建新会话 */
@@ -37,12 +35,12 @@ export class SessionManager {
     return session
   }
 
-  /** 保存会话 */
+  /** 保存会话（v1.1: 文件权限 0600，防止其他用户读取敏感对话内容） */
   async save(session) {
     await this.ensureDir()
     session.updated = new Date().toISOString()
     const filePath = join(this.sessionsDir, `${session.id}.json`)
-    await writeFile(filePath, JSON.stringify(session, null, 2), 'utf-8')
+    await writeFile(filePath, JSON.stringify(session, null, 2), { encoding: 'utf-8', mode: 0o600 })
     return session
   }
 
@@ -109,11 +107,28 @@ export class SessionManager {
   /** 追加消息到当前会话 */
   async appendMessage(message) {
     if (!this.currentSession) await this.getOrCreate()
-    this.currentSession.messages.push({
+
+    const entry = {
       role: message.role,
       content: typeof message.content === 'string' ? message.content : JSON.stringify(message.content),
       timestamp: new Date().toISOString(),
-    })
+    }
+
+    // 保存 tool_calls 信息（assistant 消息可能包含工具调用）
+    if (message.toolCalls && message.toolCalls.length > 0) {
+      entry.toolCalls = message.toolCalls.map(tc => ({
+        id: tc.id,
+        name: tc.name,
+        input: tc.input,
+      }))
+    }
+
+    // 保存 tool_call_id（tool 结果消息）
+    if (message.tool_call_id) {
+      entry.tool_call_id = message.tool_call_id
+    }
+
+    this.currentSession.messages.push(entry)
     await this.save(this.currentSession)
     return this.currentSession
   }