@searchfe/openclaw-baiduapp 0.1.6 → 0.1.7-beta.10

package/dist/index.js

@@ -1,5 +1,12 @@
-import crypto from 'crypto';
+import path2 from 'path';
+import { fileURLToPath } from 'url';
+import crypto3 from 'crypto';
 import { createRequire } from 'module';
+import { lookup } from 'dns/promises';
+import fs2 from 'fs/promises';
+import net from 'net';
+import fs from 'fs';
+import { tmpdir } from 'os';
 
 var __defProp = Object.defineProperty;
 var __export = (target, all) => {
@@ -7,7 +14,7 @@ var __export = (target, all) => {
     __defProp(target, name, { get: all[name], enumerable: true });
 };
 
-// ../../node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/external.js
+// node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/external.js
 var external_exports = {};
 __export(external_exports, {
   BRAND: () => BRAND,
@@ -119,7 +126,7 @@ __export(external_exports, {
   void: () => voidType
 });
 
-// ../../node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/helpers/util.js
+// node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/helpers/util.js
 var util;
 (function(util2) {
   util2.assertEqual = (_) => {
@@ -253,7 +260,7 @@ var getParsedType = (data) => {
   }
 };
 
-// ../../node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/ZodError.js
+// node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/ZodError.js
 var ZodIssueCode = util.arrayToEnum([
   "invalid_type",
   "invalid_literal",
@@ -371,7 +378,7 @@ ZodError.create = (issues) => {
   return error;
 };
 
-// ../../node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/locales/en.js
+// node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/locales/en.js
 var errorMap = (issue, _ctx) => {
   let message;
   switch (issue.code) {
@@ -474,7 +481,7 @@ var errorMap = (issue, _ctx) => {
 };
 var en_default = errorMap;
 
-// ../../node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/errors.js
+// node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/errors.js
 var overrideErrorMap = en_default;
 function setErrorMap(map) {
   overrideErrorMap = map;
@@ -483,10 +490,10 @@ function getErrorMap() {
   return overrideErrorMap;
 }
 
-// ../../node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/helpers/parseUtil.js
+// node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/helpers/parseUtil.js
 var makeIssue = (params) => {
-  const { data, path, errorMaps, issueData } = params;
-  const fullPath = [...path, ...issueData.path || []];
+  const { data, path: path4, errorMaps, issueData } = params;
+  const fullPath = [...path4, ...issueData.path || []];
   const fullIssue = {
     ...issueData,
     path: fullPath
@@ -593,20 +600,20 @@ var isDirty = (x) => x.status === "dirty";
 var isValid = (x) => x.status === "valid";
 var isAsync = (x) => typeof Promise !== "undefined" && x instanceof Promise;
 
-// ../../node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/helpers/errorUtil.js
+// node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/helpers/errorUtil.js
 var errorUtil;
 (function(errorUtil2) {
   errorUtil2.errToObj = (message) => typeof message === "string" ? { message } : message || {};
   errorUtil2.toString = (message) => typeof message === "string" ? message : message?.message;
 })(errorUtil || (errorUtil = {}));
 
-// ../../node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/types.js
+// node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/types.js
 var ParseInputLazyPath = class {
-  constructor(parent, value, path, key) {
+  constructor(parent, value, path4, key) {
     this._cachedPath = [];
     this.parent = parent;
     this.data = value;
-    this._path = path;
+    this._path = path4;
     this._key = key;
   }
   get path() {
@@ -4053,6 +4060,7 @@ var DEFAULT_API_BASE = "https://claw.baidu.com";
 var BaiduAppAccountSchema = external_exports.object({
   name: external_exports.string().optional(),
   enabled: external_exports.boolean().optional(),
+  pollingEnabled: external_exports.boolean().optional(),
   webhookPath: external_exports.string().optional(),
   token: external_exports.string().optional(),
   encodingAESKey: external_exports.string().optional(),
@@ -4072,6 +4080,7 @@ var BaiduAppConfigJsonSchema = {
     properties: {
       name: { type: "string" },
       enabled: { type: "boolean" },
+      pollingEnabled: { type: "boolean" },
       webhookPath: { type: "string" },
       token: { type: "string" },
       encodingAESKey: { type: "string" },
@@ -4088,6 +4097,7 @@ var BaiduAppConfigJsonSchema = {
           properties: {
             name: { type: "string" },
             enabled: { type: "boolean" },
+            pollingEnabled: { type: "boolean" },
             webhookPath: { type: "string" },
             token: { type: "string" },
             encodingAESKey: { type: "string" },
@@ -4117,6 +4127,9 @@ function listBaiduAppAccountIds(cfg) {
   if (ids.length === 0) {
     return [DEFAULT_ACCOUNT_ID];
   }
+  if (!ids.includes(DEFAULT_ACCOUNT_ID)) {
+    ids.push(DEFAULT_ACCOUNT_ID);
+  }
   return ids.sort((a, b) => a.localeCompare(b));
 }
 function resolveDefaultBaiduAppAccountId(cfg) {
@@ -4154,7 +4167,7 @@ function resolveBaiduAppAccount(params) {
   const appKey = merged.appKey?.trim() || (isDefaultAccount ? process.env.BAIDU_APP_KEY?.trim() : void 0) || void 0;
   const appSecret = merged.appSecret?.trim() || (isDefaultAccount ? process.env.BAIDU_APP_SECRET?.trim() : void 0) || void 0;
   const configured = Boolean(token && encodingAESKey);
-  const canSendActive = Boolean(appKey && token && encodingAESKey);
+  const canSendActive = Boolean(appKey && appSecret && token && encodingAESKey);
   const rawApiBase = merged.apiBase?.trim() || (isDefaultAccount ? process.env.BAIDU_API_BASE?.trim() : void 0) || void 0;
   const apiBase = (rawApiBase || DEFAULT_API_BASE).replace(/\/+$/, "");
   return {
@@ -4217,7 +4230,7 @@ function pkcs7Unpad(buf, blockSize) {
   return buf.subarray(0, buf.length - pad);
 }
 function sha1Hex(input) {
-  return crypto.createHash("sha1").update(input).digest("hex");
+  return crypto3.createHash("sha1").update(input).digest("hex");
 }
 function computeBaiduAppMsgSignature(params) {
   const parts = [params.token, params.timestamp, params.nonce, params.encrypt].map((value) => String(value ?? "")).sort();
@@ -4235,7 +4248,7 @@ function verifyBaiduAppSignature(params) {
 function decryptBaiduAppEncrypted(params) {
   const aesKey = decodeEncodingAESKey(params.encodingAESKey);
   const iv = aesKey.subarray(0, 16);
-  const decipher = crypto.createDecipheriv("aes-256-cbc", aesKey, iv);
+  const decipher = crypto3.createDecipheriv("aes-256-cbc", aesKey, iv);
   decipher.setAutoPadding(false);
   const decryptedPadded = Buffer.concat([decipher.update(Buffer.from(params.encrypt, "base64")), decipher.final()]);
   const decrypted = pkcs7Unpad(decryptedPadded, PKCS7_BLOCK_SIZE);
@@ -4253,13 +4266,13 @@ function decryptBaiduAppEncrypted(params) {
 function encryptBaiduAppPlaintext(params) {
   const aesKey = decodeEncodingAESKey(params.encodingAESKey);
   const iv = aesKey.subarray(0, 16);
-  const random16 = crypto.randomBytes(16);
+  const random16 = crypto3.randomBytes(16);
   const msg = Buffer.from(params.plaintext ?? "", "utf8");
   const msgLen = Buffer.alloc(4);
   msgLen.writeUInt32BE(msg.length, 0);
   const raw = Buffer.concat([random16, msgLen, msg]);
   const padded = pkcs7Pad(raw, PKCS7_BLOCK_SIZE);
-  const cipher = crypto.createCipheriv("aes-256-cbc", aesKey, iv);
+  const cipher = crypto3.createCipheriv("aes-256-cbc", aesKey, iv);
   cipher.setAutoPadding(false);
   const encrypted = Buffer.concat([cipher.update(padded), cipher.final()]);
   return encrypted.toString("base64");
@@ -4279,9 +4292,12 @@ async function sendBaiduAppMessage(account, message, options) {
       errmsg: "Account not configured for active sending (missing appKey, token, or encodingAESKey)"
     };
   }
-  const payload = {
+  const normalizedPayload = typeof message === "string" ? {
     msgtype: "text",
-    text: { content: message },
+    text: { content: message }
+  } : message;
+  const payload = {
+    ...normalizedPayload,
     version: PLUGIN_VERSION,
     ...options?.msgid != null ? { msgid: options.msgid } : {},
     ...options?.streamId != null ? { streamId: options.streamId } : {},
@@ -4293,7 +4309,7 @@ async function sendBaiduAppMessage(account, message, options) {
     plaintext
   });
   const timestamp = String(Math.floor(Date.now() / 1e3));
-  const nonce = crypto.randomBytes(8).toString("hex");
+  const nonce = crypto3.randomBytes(8).toString("hex");
   const msgSignature = computeBaiduAppMsgSignature({
     token: account.token ?? "",
     timestamp,
@@ -4325,22 +4341,30 @@ async function sendBaiduAppMessage(account, message, options) {
     return { ok: false, errcode: resp.status, errmsg };
   }
   const result = {
-    ok: data.errcode === 0,
-    errcode: data.errcode,
-    errmsg: data.errmsg,
-    invaliduser: data.invaliduser,
-    msgid: data.msgid
+    ok: true
   };
-  if (result.ok) {
-    logger.info(`request succeeded: msgid=${result.msgid ?? "unknown"}`);
-  } else {
-    logger.error(`request failed: errcode=${result.errcode} errmsg=${result.errmsg ?? "unknown"}`);
-  }
+  logger.info(`request succeeded`);
   return result;
 }
 
+// src/media-payload.ts
+function buildMediaPayload(mediaList, opts) {
+  const first = mediaList[0];
+  const mediaPaths = mediaList.map((media) => media.path);
+  const rawMediaTypes = mediaList.map((media) => media.contentType ?? "");
+  const mediaTypes = opts?.preserveMediaTypeCardinality ? rawMediaTypes : rawMediaTypes.filter((value) => Boolean(value));
+  return {
+    MediaPath: first?.path,
+    MediaType: first?.contentType,
+    MediaUrl: first?.path,
+    MediaPaths: mediaPaths.length > 0 ? mediaPaths : void 0,
+    MediaUrls: mediaPaths.length > 0 ? mediaPaths : void 0,
+    MediaTypes: mediaTypes.length > 0 ? mediaTypes : void 0
+  };
+}
+
 // src/bot.ts
-function extractBaiduAppContent(msg) {
+function extractBaiduAppTextContent(msg) {
   const msgtype = String(msg.msgtype ?? msg.MsgType ?? "").toLowerCase();
   if (msgtype === "text") {
     const content = msg.text?.content ?? msg.Content;
@@ -4354,13 +4378,71 @@ function extractBaiduAppContent(msg) {
   }
   return msgtype ? `[${msgtype}]` : "";
 }
+function canDispatchBaiduAppInboundMessage(msg) {
+  const msgtype = String(msg.msgtype ?? msg.MsgType ?? "").toLowerCase();
+  if (msgtype === "text") {
+    if (extractBaiduAppTextContent(msg)) {
+      return true;
+    }
+    const files = msg.files;
+    return Array.isArray(files) && files.length > 0;
+  }
+  return msgtype === "event" || Boolean(msgtype);
+}
+function buildFilesOnlySummary(fileCount) {
+  return fileCount === 1 ? "[files] 1 attachment received" : `[files] ${fileCount} attachments received`;
+}
+function countInboundFiles(msg) {
+  const files = msg.files;
+  return Array.isArray(files) ? files.length : 0;
+}
+function appendLocalFilesBlock(base, localPaths) {
+  if (localPaths.length === 0) {
+    return base;
+  }
+  const fileList = localPaths.map((localPath) => `- ${localPath}`).join("\n");
+  return `${base}
+
+[local files]
+${fileList}`;
+}
+function appendNonEmptySections(sections) {
+  return sections.map((section) => section?.trim()).filter(Boolean).join("\n\n");
+}
+function buildBaiduAppInboundDispatchContent(msg, localFiles = [], diagnostics = {}) {
+  const baseText = extractBaiduAppTextContent(msg);
+  const inboundFileCount = countInboundFiles(msg);
+  const summaryLine = diagnostics.summaryLine ?? (inboundFileCount > 0 ? buildFilesOnlySummary(inboundFileCount) : "");
+  const failureBlock = diagnostics.failurePlaceholders?.filter(Boolean).join("\n");
+  const baseBody = appendNonEmptySections([baseText, summaryLine, failureBlock]);
+  const localPaths = localFiles.map((file) => file.path);
+  const rawBody = appendLocalFilesBlock(baseBody, localPaths);
+  const mediaPayload = buildMediaPayload(
+    localFiles.map((file) => ({ path: file.path, contentType: file.contentType })),
+    { preserveMediaTypeCardinality: true }
+  );
+  const contextPatch = {
+    MediaPath: mediaPayload.MediaPath,
+    MediaPaths: mediaPayload.MediaPaths,
+    MediaType: mediaPayload.MediaType,
+    MediaTypes: mediaPayload.MediaTypes
+  };
+  if (localFiles.length === 1) {
+    contextPatch.FileName = localFiles[0]?.fileName;
+    contextPatch.FileSize = localFiles[0]?.size;
+  }
+  return {
+    rawBody,
+    contextPatch
+  };
+}
 async function dispatchBaiduAppMessage(params) {
   const { cfg, account, msg, core, hooks } = params;
   const safeCfg = cfg ?? {};
-  const logger2 = createLogger("openclaw-baiduapp", { log: params.log, error: params.error });
+  const logger3 = createLogger("openclaw-baiduapp", { log: params.log, error: params.error });
   const channel = core.channel;
   if (!channel?.routing?.resolveAgentRoute || !channel.reply?.dispatchReplyWithBufferedBlockDispatcher) {
-    logger2.warn("core routing or buffered dispatcher missing, skipping dispatch");
+    logger3.warn("core routing or buffered dispatcher missing, skipping dispatch");
     return;
   }
   const route = channel.routing.resolveAgentRoute({
@@ -4369,13 +4451,17 @@ async function dispatchBaiduAppMessage(params) {
     accountId: account.accountId,
     peer: { kind: "dm", id: "default" }
   });
-  logger2.info(`SessionKey: ${route.sessionKey}`);
-  route.sessionKey = "agent:main:main";
-  logger2.info(
+  logger3.info(`SessionKey: ${route.sessionKey}`);
+  logger3.info(
     `route resolved: sessionKey=${route.sessionKey} agentId=${route.agentId ?? "default"} accountId=${route.accountId}`
   );
-  const rawBody = extractBaiduAppContent(msg);
-  logger2.debug(
+  const inboundContent = buildBaiduAppInboundDispatchContent(
+    msg,
+    params.inboundMediaFiles ?? [],
+    params.inboundFileDiagnostic
+  );
+  const rawBody = inboundContent.rawBody;
+  logger3.debug(
     `message content extracted: len=${rawBody.length} preview="${rawBody.slice(0, 80)}${rawBody.length > 80 ? "..." : ""}"`
   );
   const storePath = channel.session?.resolveStorePath?.(safeCfg.session?.store, {
@@ -4409,7 +4495,8 @@ async function dispatchBaiduAppMessage(params) {
     MessageSid: msgid,
     OriginatingChannel: "openclaw-baiduapp",
     OriginatingTo: "user",
-    CommandAuthorized: true
+    CommandAuthorized: true,
+    ...inboundContent.contextPatch
   }) : {
     Body: body,
     RawBody: rawBody,
@@ -4425,7 +4512,8 @@ async function dispatchBaiduAppMessage(params) {
     MessageSid: msgid,
     OriginatingChannel: "openclaw-baiduapp",
     OriginatingTo: "user",
-    CommandAuthorized: true
+    CommandAuthorized: true,
+    ...inboundContent.contextPatch
   };
   if (channel.session?.recordInboundSession && storePath) {
     await channel.session.recordInboundSession({
@@ -4433,7 +4521,7 @@ async function dispatchBaiduAppMessage(params) {
       sessionKey: ctxPayload.SessionKey ?? route.sessionKey,
       ctx: ctxPayload,
       onRecordError: (err) => {
-        logger2.error(`openclaw-baiduapp: failed updating session meta: ${String(err)}`);
+        logger3.error(`openclaw-baiduapp: failed updating session meta: ${String(err)}`);
       }
     });
   }
@@ -4442,7 +4530,7 @@ async function dispatchBaiduAppMessage(params) {
     channel: "openclaw-baiduapp",
     accountId: account.accountId
   }) : void 0;
-  logger2.info(`dispatching to agent: sessionKey=${route.sessionKey}`);
+  logger3.info(`dispatching to agent: sessionKey=${route.sessionKey}`);
   await channel.reply.dispatchReplyWithBufferedBlockDispatcher({
     ctx: ctxPayload,
     cfg: safeCfg,
@@ -4450,20 +4538,575 @@ async function dispatchBaiduAppMessage(params) {
       deliver: async (payload) => {
         const rawText = payload.text ?? "";
         if (!rawText.trim()) {
-          logger2.debug("deliver callback: empty text, skipping");
+          logger3.debug("deliver callback: empty text, skipping");
           return;
         }
         const converted = channel.text?.convertMarkdownTables && tableMode ? channel.text.convertMarkdownTables(rawText, tableMode) : rawText;
-        logger2.debug(`deliver callback: textLen=${converted.length}`);
+        logger3.debug(`deliver callback: textLen=${converted.length}`);
         hooks.onChunk(converted);
       },
       onError: (err, info) => {
         hooks.onError?.(err);
-        logger2.error(`${info.kind} reply failed: ${String(err)}`);
+        logger3.error(`${info.kind} reply failed: ${String(err)}`);
+      }
+    }
+  });
+  logger3.info(`agent reply dispatch complete: sessionKey=${route.sessionKey}`);
+}
+var POSIX_OPENCLAW_TMP_DIR = "/tmp/openclaw";
+var TMP_DIR_ACCESS_MODE = fs.constants.W_OK | fs.constants.X_OK;
+function isNodeErrorWithCode(err, code) {
+  return typeof err === "object" && err !== null && "code" in err && err.code === code;
+}
+function resolvePreferredOpenClawTmpDir(options = {}) {
+  const accessSync = options.accessSync ?? fs.accessSync;
+  const chmodSync = options.chmodSync ?? fs.chmodSync;
+  const lstatSync = options.lstatSync ?? fs.lstatSync;
+  const mkdirSync = options.mkdirSync ?? fs.mkdirSync;
+  const warn = options.warn ?? ((message) => console.warn(message));
+  const getuid = options.getuid ?? (() => {
+    try {
+      return typeof process.getuid === "function" ? process.getuid() : void 0;
+    } catch {
+      return void 0;
+    }
+  });
+  const tmpdir$1 = typeof options.tmpdir === "function" ? options.tmpdir : tmpdir;
+  const uid = getuid();
+  const isSecureDirForUser = (st) => {
+    if (uid === void 0) {
+      return true;
+    }
+    if (typeof st.uid === "number" && st.uid !== uid) {
+      return false;
+    }
+    if (typeof st.mode === "number" && (st.mode & 18) !== 0) {
+      return false;
+    }
+    return true;
+  };
+  const fallback = () => {
+    const base = tmpdir$1();
+    const suffix = uid === void 0 ? "openclaw" : `openclaw-${uid}`;
+    return path2.join(base, suffix);
+  };
+  const isTrustedTmpDir = (st) => {
+    return st.isDirectory() && !st.isSymbolicLink() && isSecureDirForUser(st);
+  };
+  const resolveDirState = (candidatePath) => {
+    try {
+      const candidate = lstatSync(candidatePath);
+      if (!isTrustedTmpDir(candidate)) {
+        return "invalid";
+      }
+      accessSync(candidatePath, TMP_DIR_ACCESS_MODE);
+      return "available";
+    } catch (err) {
+      if (isNodeErrorWithCode(err, "ENOENT")) {
+        return "missing";
+      }
+      return "invalid";
+    }
+  };
+  const tryRepairWritableBits = (candidatePath) => {
+    try {
+      const st = lstatSync(candidatePath);
+      if (!st.isDirectory() || st.isSymbolicLink()) {
+        return false;
+      }
+      if (uid !== void 0 && typeof st.uid === "number" && st.uid !== uid) {
+        return false;
+      }
+      if (typeof st.mode !== "number" || (st.mode & 18) === 0) {
+        return false;
+      }
+      chmodSync(candidatePath, 448);
+      warn(`[openclaw] tightened permissions on temp dir: ${candidatePath}`);
+      return resolveDirState(candidatePath) === "available";
+    } catch {
+      return false;
+    }
+  };
+  const ensureTrustedFallbackDir = () => {
+    const fallbackPath = fallback();
+    const state = resolveDirState(fallbackPath);
+    if (state === "available") {
+      return fallbackPath;
+    }
+    if (state === "invalid") {
+      if (tryRepairWritableBits(fallbackPath)) {
+        return fallbackPath;
+      }
+      throw new Error(`Unsafe fallback OpenClaw temp dir: ${fallbackPath}`);
+    }
+    try {
+      mkdirSync(fallbackPath, { recursive: true, mode: 448 });
+      chmodSync(fallbackPath, 448);
+    } catch {
+      throw new Error(`Unable to create fallback OpenClaw temp dir: ${fallbackPath}`);
+    }
+    if (resolveDirState(fallbackPath) !== "available" && !tryRepairWritableBits(fallbackPath)) {
+      throw new Error(`Unsafe fallback OpenClaw temp dir: ${fallbackPath}`);
+    }
+    return fallbackPath;
+  };
+  const existingPreferredState = resolveDirState(POSIX_OPENCLAW_TMP_DIR);
+  if (existingPreferredState === "available") {
+    return POSIX_OPENCLAW_TMP_DIR;
+  }
+  if (existingPreferredState === "invalid") {
+    if (tryRepairWritableBits(POSIX_OPENCLAW_TMP_DIR)) {
+      return POSIX_OPENCLAW_TMP_DIR;
+    }
+    return ensureTrustedFallbackDir();
+  }
+  try {
+    accessSync("/tmp", TMP_DIR_ACCESS_MODE);
+    mkdirSync(POSIX_OPENCLAW_TMP_DIR, { recursive: true, mode: 448 });
+    chmodSync(POSIX_OPENCLAW_TMP_DIR, 448);
+    if (resolveDirState(POSIX_OPENCLAW_TMP_DIR) !== "available" && !tryRepairWritableBits(POSIX_OPENCLAW_TMP_DIR)) {
+      return ensureTrustedFallbackDir();
+    }
+    return POSIX_OPENCLAW_TMP_DIR;
+  } catch {
+    return ensureTrustedFallbackDir();
+  }
+}
+
+// src/media.ts
+var MEDIA_TEMP_RETENTION_MS = 7 * 24 * 60 * 60 * 1e3;
+var DEFAULT_DOWNLOAD_TIMEOUT_MS = 3e4;
+var DEFAULT_DOWNLOAD_MAX_BYTES = 20 * 1024 * 1024;
+path2.join("openclaw-baiduapp", "media");
+var require3 = createRequire(import.meta.url);
+var BaiduCloudSdk = require3("@baiducloud/sdk");
+var DefaultBosClient = BaiduCloudSdk.BosClient;
+var MAX_DOWNLOAD_REDIRECTS = 5;
+var EMPTY_QUERY_MD5 = crypto3.createHash("md5").update("").digest("hex");
+var SKS_BASE_TOKEN_POSITIONS = [12, 37, 5, 23, 48, 15, 62, 33];
+async function fetchSksCredentials(account, deps = {}) {
+  if (!account.appKey?.trim()) {
+    throw new Error("Cannot fetch SKS credentials without account.appKey");
+  }
+  if (!account.appSecret?.trim()) {
+    throw new Error("Cannot fetch SKS credentials without account.appSecret");
+  }
+  const fetchImpl = deps.fetchImpl ?? fetch;
+  const apiBase = account.apiBase.replace(/\/+$/, "");
+  const pageLid = deps.createPageLid?.() ?? generateSksPageLid();
+  const timestamp = String((deps.now?.() ?? /* @__PURE__ */ new Date()).getTime());
+  const token = createSksRequestToken({ pageLid, timestamp });
+  const url = `${apiBase}/file/sts?ak=${encodeURIComponent(account.appKey)}&sk=${encodeURIComponent(account.appSecret)}&tk=${encodeURIComponent(token)}`;
+  const response = await fetchImpl(url, { method: "POST" });
+  if (!response.ok) {
+    throw new Error(`SKS request failed with HTTP ${response.status}`);
+  }
+  let payload;
+  try {
+    payload = await response.json();
+  } catch (error) {
+    throw new Error(`SKS response is not valid JSON: ${formatError(error)}`, { cause: error });
+  }
+  return parseSksCredentialsFromPayload(payload);
+}
+function parseSksCredentialsFromPayload(payload) {
+  const parsed = parseSksResponse(payload);
+  if (parsed.status !== 0) {
+    throw new Error(`SKS request failed with status ${parsed.status}`);
+  }
+  if (!parsed.data) {
+    throw new Error("SKS response missing data");
+  }
+  return {
+    ak: requireNonEmptyString(parsed.data.ak, "SKS data.ak"),
+    sk: requireNonEmptyString(parsed.data.sk, "SKS data.sk"),
+    sessionToken: requireNonEmptyString(parsed.data.token, "SKS data.token"),
+    bucketName: requireNonEmptyString(parsed.data.bucketName, "SKS data.bucketName"),
+    prefixPath: sanitizeObjectKeyPrefix(requireNonEmptyString(parsed.data.preFixPath, "SKS data.preFixPath")),
+    endpoint: requireNonEmptyString(parsed.data.bceUrl, "SKS data.bceUrl")
+  };
+}
+function createSksRequestToken(params) {
+  const pageLid = requireNonEmptyString(params.pageLid, "SKS pageLid");
+  const timestamp = requireNonEmptyString(params.timestamp, "SKS timestamp");
+  const baseToken = createSksBaseToken(pageLid);
+  const payload = `${baseToken}|${EMPTY_QUERY_MD5}|${timestamp}|${pageLid}`;
+  return `${Buffer.from(payload, "utf8").toString("base64")}-${pageLid}-3`;
+}
+function createBosClient(credentials, deps = {}) {
+  const BosClientCtor = deps.bosClientCtor ?? DefaultBosClient;
+  return new BosClientCtor({
+    endpoint: credentials.endpoint,
+    sessionToken: credentials.sessionToken,
+    credentials: {
+      ak: credentials.ak,
+      sk: credentials.sk
+    }
+  });
+}
+async function uploadLocalFileToBos(options, deps = {}) {
+  const localFile = await assertUploadableLocalFile(options.filePath);
+  const credentials = await fetchSksCredentials(options.account, deps);
+  const client = createBosClient(credentials, deps);
+  const sourceName = options.fileName ?? path2.basename(localFile);
+  const sanitizedFileName = sanitizeFileName(sourceName);
+  const key = buildBosObjectKey({
+    prefixPath: credentials.prefixPath,
+    fileName: sanitizedFileName,
+    now: deps.now
+  });
+  const uploadOptions = options.contentType?.trim() ? {
+    "Content-Type": options.contentType.trim()
+  } : void 0;
+  const [, fileStat] = await Promise.all([
+    client.putObjectFromFile(credentials.bucketName, key, localFile, uploadOptions),
+    fs2.stat(localFile)
+  ]);
+  return {
+    bucketName: credentials.bucketName,
+    key,
+    url: client.generateUrl(credentials.bucketName, key),
+    fileName: sanitizedFileName,
+    fileSize: fileStat.size
+  };
+}
+async function downloadInboundFileToTemp(options, deps = {}) {
+  const remoteUrl = parseRemoteHttpUrl(options.remoteUrl);
+  const timeoutMs = options.timeoutMs ?? DEFAULT_DOWNLOAD_TIMEOUT_MS;
+  const maxBytes = options.maxBytes ?? DEFAULT_DOWNLOAD_MAX_BYTES;
+  const fetchImpl = deps.fetchImpl ?? fetch;
+  const tempDir = await ensurePluginTempDir(deps.resolveTmpDir);
+  const lookupHost = deps.lookupHost ?? defaultLookupHost;
+  const controller = new AbortController();
+  const timeout = setTimeout(() => controller.abort(), timeoutMs);
+  try {
+    const response = await fetchInboundFileWithRedirectProtection({
+      fetchImpl,
+      lookupHost,
+      remoteUrl,
+      signal: controller.signal
+    });
+    if (!response.ok) {
+      throw new Error(`Download failed with HTTP ${response.status}`);
+    }
+    const declaredLength = response.headers.get("content-length");
+    if (declaredLength) {
+      const parsedLength = Number.parseInt(declaredLength, 10);
+      if (Number.isFinite(parsedLength) && parsedLength > maxBytes) {
+        throw new Error(`Download exceeds max size of ${maxBytes} bytes`);
+      }
+    }
+    const resolvedFileName = resolveDownloadFileName({
+      explicitFileName: options.fileName,
+      headerFileName: parseContentDispositionFileName(response.headers.get("content-disposition")),
+      urlFileName: path2.posix.basename(remoteUrl.pathname)
+    });
+    const targetPath = buildTempFilePath({
+      tempDir,
+      fileName: resolvedFileName,
+      now: deps.now
+    });
+    const arrayBuffer = await response.arrayBuffer();
+    const buffer = Buffer.from(arrayBuffer);
+    if (buffer.byteLength > maxBytes) {
+      throw new Error(`Download exceeds max size of ${maxBytes} bytes`);
+    }
+    await fs2.writeFile(targetPath, buffer, { mode: 384, flag: "wx" });
+    return {
+      path: targetPath,
+      fileName: path2.basename(targetPath),
+      size: buffer.byteLength,
+      contentType: response.headers.get("content-type") ?? void 0
+    };
+  } catch (error) {
+    if (isAbortError(error)) {
+      throw new Error(`Download timed out after ${timeoutMs}ms`, { cause: error });
+    }
+    throw error;
+  } finally {
+    clearTimeout(timeout);
+  }
+}
+async function pruneExpiredTempFiles(deps = {}) {
+  const tempDir = await ensurePluginTempDir(deps.resolveTmpDir);
+  const now = deps.now?.() ?? /* @__PURE__ */ new Date();
+  let deletedFiles = 0;
+  const walk = async (currentDir) => {
+    const entries = await fs2.readdir(currentDir, { withFileTypes: true });
+    let hasRemainingEntries = false;
+    for (const entry of entries) {
+      const entryPath = path2.join(currentDir, entry.name);
+      const stat = await fs2.lstat(entryPath);
+      if (stat.isSymbolicLink()) {
+        throw new Error(`Refusing to traverse symlink in media temp dir: ${entryPath}`);
+      }
+      if (stat.isDirectory()) {
+        const childEmpty = await walk(entryPath);
+        if (childEmpty) {
+          await fs2.rmdir(entryPath);
+        } else {
+          hasRemainingEntries = true;
+        }
+        continue;
+      }
+      if (!stat.isFile()) {
+        hasRemainingEntries = true;
+        continue;
+      }
+      if (now.getTime() - stat.mtimeMs > MEDIA_TEMP_RETENTION_MS) {
+        await fs2.rm(entryPath, { force: true });
+        deletedFiles += 1;
+        continue;
       }
+      hasRemainingEntries = true;
     }
+    return !hasRemainingEntries;
+  };
+  await walk(tempDir);
+  return { deletedFiles };
+}
+function parseSksResponse(payload) {
+  if (!payload || typeof payload !== "object") {
+    throw new Error("SKS response must be an object");
+  }
+  const record = payload;
+  const status = typeof record.code === "number" ? record.code : typeof record.status === "number" ? record.status : void 0;
+  const data = record.data;
+  return {
+    status,
+    data: data && typeof data === "object" ? {
+      ak: data.ak,
+      sk: data.sk,
+      token: data.token,
+      bucketName: data.bucketName,
+      preFixPath: data.preFixPath,
+      bceUrl: data.bceUrl
+    } : void 0
+  };
+}
+function generateSksPageLid() {
+  return crypto3.randomBytes(16).toString("hex");
+}
+function createSksBaseToken(pageLid) {
+  const pageLidHash = crypto3.createHash("sha256").update(pageLid).digest("hex");
+  const characters = SKS_BASE_TOKEN_POSITIONS.map((position) => {
+    const character = pageLidHash[position];
+    if (!character) {
+      throw new Error(`SKS base token position is out of range: ${position}`);
+    }
+    return character;
+  });
+  return characters.join("");
+}
+function requireNonEmptyString(value, label) {
+  if (typeof value !== "string" || !value.trim()) {
+    throw new Error(`${label} is required`);
+  }
+  return value.trim();
+}
+function sanitizeObjectKeyPrefix(prefixPath) {
+  const normalized = prefixPath.replace(/\\/g, "/").trim();
+  const segments = normalized.split("/").map((segment) => segment.trim()).filter(Boolean);
+  if (segments.length === 0) {
+    throw new Error("SKS data.preFixPath must contain at least one safe path segment");
+  }
+  const safeSegments = segments.map((segment) => {
+    if (segment === "." || segment === "..") {
+      throw new Error("SKS data.preFixPath contains path traversal");
+    }
+    return sanitizeObjectKeySegment(segment);
   });
-  logger2.info(`agent reply dispatch complete: sessionKey=${route.sessionKey}`);
+  return safeSegments.join("/");
+}
+function sanitizeObjectKeySegment(segment) {
+  const sanitized = segment.replace(/[^a-zA-Z0-9._-]+/g, "-").replace(/-+/g, "-").replace(/^-|-$/g, "");
+  if (!sanitized) {
+    throw new Error(`Object key segment is not safe: ${segment}`);
+  }
+  return sanitized.slice(0, 80);
+}
+function sanitizeFileName(fileName) {
+  assertSafeUntrustedFileName(fileName);
+  const parsed = path2.parse(fileName.trim());
+  const safeBase = parsed.name.replace(/[^a-zA-Z0-9._-]+/g, "-").replace(/-+/g, "-").replace(/^-|-$/g, "");
+  const safeExt = parsed.ext.replace(/[^a-zA-Z0-9.]+/g, "").slice(0, 16);
+  const baseName = safeBase || "file";
+  return `${baseName.slice(0, 80)}${safeExt}`;
+}
+function assertSafeUntrustedFileName(fileName) {
+  const trimmed = fileName.trim();
+  if (!trimmed) {
+    throw new Error("Filename cannot be empty");
+  }
+  if (trimmed.includes("/") || trimmed.includes("\\")) {
+    throw new Error(`Filename contains path separators: ${fileName}`);
+  }
+  if (trimmed === "." || trimmed === "..") {
+    throw new Error(`Filename is not safe: ${fileName}`);
+  }
+}
+function buildBosObjectKey(params) {
+  const timestamp = formatUtcDate(params.now?.() ?? /* @__PURE__ */ new Date());
+  const uniqueId = crypto3.randomUUID();
+  return `${params.prefixPath}/${timestamp}/${uniqueId}-${params.fileName}`;
+}
+function formatUtcDate(date) {
+  return date.toISOString().slice(0, 10);
+}
+async function assertUploadableLocalFile(filePath) {
+  const resolvedPath = path2.resolve(filePath);
+  const stat = await fs2.lstat(resolvedPath);
+  if (stat.isSymbolicLink()) {
+    throw new Error(`Refusing to upload symlink: ${resolvedPath}`);
+  }
+  if (!stat.isFile()) {
+    throw new Error(`Upload source must be a regular file: ${resolvedPath}`);
+  }
+  return resolvedPath;
+}
+function parseRemoteHttpUrl(remoteUrl) {
+  let url;
+  try {
+    url = new URL(remoteUrl);
+  } catch {
+    throw new Error(`Invalid remote URL: ${remoteUrl}`);
+  }
+  if (url.protocol !== "http:" && url.protocol !== "https:") {
+    throw new Error(`Unsupported remote URL protocol: ${url.protocol}`);
+  }
+  if (url.username || url.password) {
+    throw new Error("Remote URL must not contain credentials");
+  }
+  return url;
+}
+async function fetchInboundFileWithRedirectProtection(params) {
+  let currentUrl = params.remoteUrl;
+  for (let redirectCount = 0; redirectCount <= MAX_DOWNLOAD_REDIRECTS; redirectCount += 1) {
+    await assertSafeRemoteHttpUrl(currentUrl, params.lookupHost);
+    const response = await params.fetchImpl(currentUrl.toString(), {
+      signal: params.signal,
+      redirect: "manual"
+    });
+    if (!isRedirectResponse(response.status)) {
+      return response;
+    }
+    const location = response.headers.get("location");
+    if (!location) {
+      throw new Error(`Redirect response missing Location header: HTTP ${response.status}`);
+    }
+    if (redirectCount === MAX_DOWNLOAD_REDIRECTS) {
+      throw new Error(`Download exceeded max redirects of ${MAX_DOWNLOAD_REDIRECTS}`);
+    }
+    currentUrl = parseRemoteHttpUrl(new URL(location, currentUrl).toString());
+  }
+  throw new Error(`Download exceeded max redirects of ${MAX_DOWNLOAD_REDIRECTS}`);
+}
+async function assertSafeRemoteHttpUrl(remoteUrl, lookupHost) {
+  const hostname = remoteUrl.hostname.trim().replace(/\.$/, "").toLowerCase();
+  if (!hostname) {
+    throw new Error("Remote URL hostname is required");
+  }
+  if (isBlockedHostname(hostname)) {
+    throw new Error(`Remote URL host is not allowed: ${hostname}`);
+  }
+  if (net.isIP(hostname)) {
+    if (isBlockedIpAddress(hostname)) {
+      throw new Error(`Remote URL host is not allowed: ${hostname}`);
+    }
+    return;
+  }
+  let resolvedAddresses;
+  try {
+    resolvedAddresses = await lookupHost(hostname);
+  } catch (error) {
+    throw new Error(`Remote URL host lookup failed: ${hostname} (${formatError(error)})`, { cause: error });
+  }
+  if (!resolvedAddresses.length) {
+    throw new Error(`Remote URL host lookup returned no addresses: ${hostname}`);
+  }
+  const blockedAddress = resolvedAddresses.find((result) => isBlockedIpAddress(result.address));
+  if (blockedAddress) {
+    throw new Error(`Remote URL host resolved to a blocked address: ${hostname} -> ${blockedAddress.address}`);
+  }
+}
+async function defaultLookupHost(hostname) {
+  return await lookup(hostname, { all: true, verbatim: true });
+}
+function isRedirectResponse(status) {
+  return status === 301 || status === 302 || status === 303 || status === 307 || status === 308;
+}
+function isBlockedHostname(hostname) {
+  return hostname === "localhost" || hostname.endsWith(".localhost") || hostname === "metadata" || hostname.endsWith(".metadata") || hostname === "metadata.google.internal" || hostname.endsWith(".metadata.google.internal");
+}
+function isBlockedIpAddress(address) {
+  const family = net.isIP(address);
+  if (family === 4) {
+    return isBlockedIpv4Address(address);
+  }
+  if (family === 6) {
+    return isBlockedIpv6Address(address);
+  }
+  return false;
+}
+function isBlockedIpv4Address(address) {
+  const octets = address.split(".").map((part) => Number.parseInt(part, 10));
+  if (octets.length !== 4 || octets.some((octet) => !Number.isInteger(octet) || octet < 0 || octet > 255)) {
+    return false;
+  }
+  const [a, b] = octets;
+  return a === 0 || a === 10 || a === 127 || a === 100 && b >= 64 && b <= 127 || a === 169 && b === 254 || a === 172 && b >= 16 && b <= 31 || a === 192 && b === 168 || a === 198 && (b === 18 || b === 19) || a === 224 && b >= 0 || a >= 240;
+}
+function isBlockedIpv6Address(address) {
+  const normalized = address.toLowerCase();
+  return normalized === "::1" || normalized === "::" || normalized.startsWith("fc") || normalized.startsWith("fd") || normalized.startsWith("fe80:") || normalized.startsWith("::ffff:127.") || normalized.startsWith("::ffff:10.") || normalized.startsWith("::ffff:169.254.") || normalized.startsWith("::ffff:172.16.") || normalized.startsWith("::ffff:172.17.") || normalized.startsWith("::ffff:172.18.") || normalized.startsWith("::ffff:172.19.") || normalized.startsWith("::ffff:172.2") || normalized.startsWith("::ffff:172.30.") || normalized.startsWith("::ffff:172.31.") || normalized.startsWith("::ffff:192.168.");
+}
+function parseContentDispositionFileName(contentDisposition) {
+  if (!contentDisposition) {
+    return void 0;
+  }
+  const utf8Match = contentDisposition.match(/filename\*=UTF-8''([^;]+)/i);
+  if (utf8Match?.[1]) {
+    return decodeURIComponent(utf8Match[1].replace(/^"|"$/g, "").trim());
+  }
+  const plainMatch = contentDisposition.match(/filename=([^;]+)/i);
+  if (plainMatch?.[1]) {
+    return plainMatch[1].replace(/^"|"$/g, "").trim();
+  }
+  return void 0;
+}
+function resolveDownloadFileName(params) {
+  const candidate = params.explicitFileName ?? params.headerFileName ?? params.urlFileName ?? "file.bin";
+  return sanitizeFileName(candidate);
+}
+function buildTempFilePath(params) {
+  const timestamp = (params.now?.() ?? /* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
+  return path2.join(params.tempDir, `${timestamp}-${crypto3.randomUUID()}-${params.fileName}`);
+}
+async function ensurePluginTempDir(resolveTmpDir) {
+  const baseTmpDir = resolveTmpDir?.() ?? resolvePreferredOpenClawTmpDir();
+  const pluginRoot = await ensureSecureChildDirectory(baseTmpDir, "openclaw-baiduapp");
+  return ensureSecureChildDirectory(pluginRoot, "media");
+}
+async function ensureSecureChildDirectory(parentDir, childName) {
+  const targetDir = path2.join(parentDir, childName);
+  const stat = await fs2.lstat(targetDir).catch(() => null);
+  if (stat) {
+    if (stat.isSymbolicLink()) {
+      throw new Error(`Refusing to use symlink as temp directory: ${targetDir}`);
+    }
+    if (!stat.isDirectory()) {
+      throw new Error(`Expected directory but found file: ${targetDir}`);
+    }
+    return targetDir;
+  }
+  await fs2.mkdir(targetDir, { mode: 448 });
+  return targetDir;
+}
+function formatError(error) {
+  return error instanceof Error ? error.message : String(error);
+}
+function isAbortError(error) {
+  return error instanceof Error && error.name === "AbortError";
 }
 
 // src/runtime.ts
@@ -4488,6 +5131,7 @@ var msgidToStreamId = /* @__PURE__ */ new Map();
 var STREAM_TTL_MS = 10 * 60 * 1e3;
 var STREAM_MAX_BYTES = 512e3;
 var MAX_MESSAGE_BYTES = 2048;
+var tempPruneInFlight = null;
 function normalizeWebhookPath(raw) {
   const trimmed = raw.trim();
   if (!trimmed) {
@@ -4654,7 +5298,7 @@ function buildStreamReplyFromState(state) {
   };
 }
 function createStreamId() {
-  return crypto.randomBytes(16).toString("hex");
+  return crypto3.randomBytes(16).toString("hex");
 }
 function parseBaiduAppPlainMessage(raw) {
   const trimmed = raw.trim();
@@ -4725,230 +5369,96 @@ function buildLogger(target) {
     error: target.runtime.error
   });
 }
-function registerBaiduAppWebhookTarget(target) {
-  const key = normalizeWebhookPath(target.path);
-  const normalizedTarget = { ...target, path: key };
-  const existing = webhookTargets.get(key) ?? [];
-  const next = [...existing, normalizedTarget];
-  webhookTargets.set(key, next);
-  return () => {
-    const updated = (webhookTargets.get(key) ?? []).filter((entry) => entry !== normalizedTarget);
-    if (updated.length > 0) {
-      webhookTargets.set(key, updated);
-    } else {
-      webhookTargets.delete(key);
-    }
-  };
+function buildRuntimeLogger(runtime2) {
+  return createLogger("openclaw-baiduapp", {
+    log: runtime2.log,
+    error: runtime2.error
+  });
 }
-async function handleBaiduAppWebhookRequest(req, res) {
-  pruneStreams();
-  const path = resolvePath(req);
-  const targets = webhookTargets.get(path);
-  if (!targets || targets.length === 0) {
-    return false;
+function triggerBestEffortTempPrune(params) {
+  if (tempPruneInFlight) {
+    return;
   }
-  const query = resolveQueryParams(req);
-  const timestamp = query.get("timestamp") ?? "";
-  const nonce = query.get("nonce") ?? "";
-  const signature = resolveSignatureParam(query);
-  const primary = targets[0];
-  const logger2 = buildLogger(primary);
-  if (req.method === "GET") {
-    const echostr = query.get("echostr") ?? "";
-    if (!timestamp || !nonce || !signature || !echostr) {
-      jsonError(res, "missing query params", 400);
-      return true;
-    }
-    const signatureMatched2 = targets.filter((candidate) => {
-      if (!candidate.account.token) {
-        return false;
+  const logger3 = buildRuntimeLogger(params.runtime);
+  tempPruneInFlight = pruneExpiredTempFiles().then(() => void 0).catch((error) => {
+    logger3.warn(`temp prune failed: reason=${params.reason} error=${String(error)}`);
+  }).finally(() => {
+    tempPruneInFlight = null;
+  });
+}
+async function downloadInboundFiles(params) {
+  const rawFiles = params.msg.files;
+  if (!Array.isArray(rawFiles) || rawFiles.length === 0) {
+    return { localFiles: [], diagnostic: {} };
+  }
+  const localFiles = [];
+  const failurePlaceholders = [];
+  try {
+    for (const [index, rawFile] of rawFiles.entries()) {
+      if (!rawFile || typeof rawFile !== "object") {
+        params.logger.warn(`inbound file skipped: index=${index} reason=invalid-file-record`);
+        continue;
+      }
+      const fileRecord = rawFile;
+      const remoteUrl = typeof fileRecord.url === "string" ? fileRecord.url.trim() : "";
+      if (!remoteUrl) {
+        params.logger.warn(`inbound file skipped: index=${index} reason=missing-url`);
+        continue;
+      }
+      try {
+        const downloaded = await downloadInboundFileToTemp({ remoteUrl });
+        localFiles.push({
+          ...downloaded,
+          contentType: downloaded.contentType ?? (typeof fileRecord.fileType === "string" && fileRecord.fileType.trim() ? fileRecord.fileType : void 0)
+        });
+        params.logger.info(
+          `inbound file downloaded: index=${index} path=${downloaded.path} size=${downloaded.size}`
+        );
+      } catch (err) {
+        failurePlaceholders.push(`[file download failed] ${remoteUrl} (${err instanceof Error ? err.message : String(err)})`);
+        params.logger.warn(`inbound file download failed: index=${index} error=${String(err)}`);
       }
-      return verifyBaiduAppSignature({
-        token: candidate.account.token,
-        timestamp,
-        nonce,
-        encrypt: echostr,
-        signature
-      });
-    });
-    if (signatureMatched2.length === 0) {
-      jsonError(res, "unauthorized");
-      return true;
-    }
-    const decryptable2 = signatureMatched2.filter((candidate) => Boolean(candidate.account.encodingAESKey));
-    if (decryptable2.length === 0) {
-      jsonError(res, "unauthorized");
-      return true;
-    }
-    const decryptedCandidates2 = decryptBaiduAppCandidates({
-      candidates: decryptable2,
-      encrypt: echostr
-    });
-    if (decryptedCandidates2.length === 0) {
-      jsonError(res, "decrypt failed");
-      return true;
     }
-    const selected2 = selectDecryptedTarget({ candidates: decryptedCandidates2, logger: logger2 });
-    jsonOk(res, selected2.plaintext);
-    return true;
+  } finally {
+    triggerBestEffortTempPrune({ runtime: params.runtime, reason: "inbound-file" });
   }
-  if (req.method !== "POST") {
-    jsonError(res, "Method Not Allowed", 405);
-    return true;
-  }
-  if (!timestamp || !nonce || !signature) {
-    jsonError(res, "missing query params");
-    return true;
-  }
-  const body = await readRawBody(req, 1024 * 1024);
-  if (!body.ok || !body.raw) {
-    jsonError(res, body.error ?? "invalid payload");
-    return true;
-  }
-  const rawBody = body.raw;
-  let encrypt = "";
-  let msgSignature = signature;
-  let msgTimestamp = timestamp;
-  let msgNonce = nonce;
-  if (isXmlFormat(rawBody)) {
-    const xmlData = parseXmlBody(rawBody);
-    encrypt = xmlData.Encrypt ?? "";
-    msgSignature = xmlData.MsgSignature ?? signature;
-    msgTimestamp = xmlData.TimeStamp ?? timestamp;
-    msgNonce = xmlData.Nonce ?? nonce;
-    logger2.info(`inbound xml parsed: hasEncrypt=${Boolean(encrypt)}, msg_signature=${msgSignature ? "yes" : "no"}`);
-  } else {
-    try {
-      const record = JSON.parse(rawBody);
-      encrypt = String(record.encrypt ?? record.Encrypt ?? "");
-      logger2.info(`inbound json parsed: hasEncrypt=${Boolean(encrypt)}`);
-    } catch {
-      logger2.warn(`inbound payload parse failed: not valid xml or json`);
-      jsonError(res, "invalid payload format");
-      return true;
-    }
-  }
-  if (!encrypt) {
-    jsonError(res, "missing encrypt");
-    return true;
-  }
-  const signatureMatched = targets.filter((candidate) => {
-    if (!candidate.account.token) {
-      return false;
+  return {
+    localFiles,
+    diagnostic: {
+      failurePlaceholders
     }
-    return verifyBaiduAppSignature({
-      token: candidate.account.token,
-      timestamp: msgTimestamp,
-      nonce: msgNonce,
-      encrypt,
-      signature: msgSignature
-    });
-  });
-  if (signatureMatched.length === 0) {
-    logger2.warn(`signature verification failed: checked ${targets.length} account(s), none matched`);
-    jsonError(res, "unauthorized");
-    return true;
-  }
-  logger2.debug(`signature verified: ${signatureMatched.length} account(s) matched`);
-  const decryptable = signatureMatched.filter((candidate) => Boolean(candidate.account.encodingAESKey));
-  if (decryptable.length === 0) {
-    logger2.warn(`no account has encodingAESKey configured`);
-    jsonError(res, "openclaw-baiduapp not configured");
-    return true;
-  }
-  const decryptedCandidates = decryptBaiduAppCandidates({
-    candidates: decryptable,
-    encrypt
-  });
-  if (decryptedCandidates.length === 0) {
-    logger2.warn(`decrypt failed for all ${decryptable.length} candidate account(s)`);
-    jsonError(res, "decrypt failed");
-    return true;
-  }
-  const selected = selectDecryptedTarget({ candidates: decryptedCandidates, logger: logger2 });
-  const target = selected.target;
-  if (!target.account.configured || !target.account.token || !target.account.encodingAESKey) {
-    logger2.warn(`selected account ${target.account.accountId} not fully configured`);
-    jsonError(res, "openclaw-baiduapp not configured");
-    return true;
-  }
-  const msg = selected.msg;
+  };
+}
+async function processBaiduAppInboundMessage(params) {
+  const { target, msg } = params;
+  const logger3 = buildLogger(target);
   target.statusSink?.({ lastInboundAt: Date.now() });
   const msgtype = String(msg.msgtype ?? msg.MsgType ?? "").toLowerCase();
   const msgid = msg.msgid ?? msg.MsgId ? String(msg.msgid ?? msg.MsgId) : void 0;
-  logger2.info(`inbound: type=${msgtype || "unknown"} msgid=${msgid ?? "none"} account=${target.account.accountId}`);
+  logger3.info(`inbound: type=${msgtype || "unknown"} msgid=${msgid ?? "none"} account=${target.account.accountId}`);
   if (msgtype === "stream") {
     const streamId2 = String(msg.stream?.id ?? "").trim();
     const state = streamId2 ? streams.get(streamId2) : void 0;
-    logger2.info(
+    logger3.info(
       `[REPLY-MODE:STREAM-POLL] stream poll request: streamId=${streamId2 || "none"} found=${Boolean(state)} finished=${state?.finished ?? "n/a"} contentLen=${state?.content.length ?? 0}`
     );
-    const reply = state ? buildStreamReplyFromState(state) : buildStreamReplyFromState({
+    return state ? buildStreamReplyFromState(state) : buildStreamReplyFromState({
       streamId: streamId2 || "unknown",
       finished: true,
       content: ""
     });
-    jsonOk(
-      res,
-      buildEncryptedJsonReply({
-        account: target.account,
-        plaintextJson: reply,
-        nonce: msgNonce,
-        timestamp: msgTimestamp
-      })
-    );
-    return true;
   }
   if (msgid && msgidToStreamId.has(msgid)) {
     const streamId2 = msgidToStreamId.get(msgid) ?? "";
-    logger2.debug(`duplicate msgid detected: msgid=${msgid} streamId=${streamId2}, returning placeholder`);
-    const reply = buildStreamPlaceholderReply(streamId2);
-    jsonOk(
-      res,
-      buildEncryptedJsonReply({
-        account: target.account,
-        plaintextJson: reply,
-        nonce: msgNonce,
-        timestamp: msgTimestamp
-      })
-    );
-    return true;
+    logger3.debug(`duplicate msgid detected: msgid=${msgid} streamId=${streamId2}, returning placeholder`);
+    return buildStreamPlaceholderReply(streamId2);
   }
-  if (msgtype === "event") {
-    const eventtype = String(
-      msg.event?.eventtype ?? msg.Event ?? ""
-    ).toLowerCase();
-    logger2.info(`event received: type=${eventtype || "unknown"}`);
-    if (eventtype === "enter_chat" || eventtype === "subscribe") {
-      const welcome = target.account.config.welcomeText?.trim();
-      if (welcome && target.account.canSendActive) {
-        logger2.info("sending welcome message");
-        sendBaiduAppMessage(target.account, welcome).catch((err) => {
-          logger2.error(`failed to send welcome message: ${String(err)}`);
-        });
-      }
-      jsonOk(
-        res,
-        buildEncryptedJsonReply({
-          account: target.account,
-          plaintextJson: {},
-          nonce: msgNonce,
-          timestamp: msgTimestamp
-        })
-      );
-      return true;
-    }
-    jsonOk(
-      res,
-      buildEncryptedJsonReply({
-        account: target.account,
-        plaintextJson: {},
-        nonce: msgNonce,
-        timestamp: msgTimestamp
-      })
-    );
-    return true;
+  if (!canDispatchBaiduAppInboundMessage(msg)) {
+    logger3.warn(`inbound message skipped: type=${msgtype || "unknown"} reason=no-dispatchable-content`);
+    return {};
   }
+  const inboundFileResult = msgtype === "text" ? await downloadInboundFiles({ msg, logger: logger3, runtime: target.runtime }) : { localFiles: [], diagnostic: {} };
+  const inboundMediaFiles = inboundFileResult.localFiles;
   const streamId = createStreamId();
   if (msgid) {
     msgidToStreamId.set(msgid, streamId);
@@ -4962,14 +5472,14 @@ async function handleBaiduAppWebhookRequest(req, res) {
     finished: false,
     content: ""
   });
-  logger2.info(`stream created: streamId=${streamId} msgid=${msgid ?? "none"}`);
+  logger3.info(`stream created: streamId=${streamId} msgid=${msgid ?? "none"}`);
   const core = tryGetBaiduAppRuntime();
   if (core) {
     const state = streams.get(streamId);
     if (state) {
       state.started = true;
     }
-    logger2.info(`agent dispatch started: streamId=${streamId} canSendActive=${target.account.canSendActive}`);
+    logger3.info(`agent dispatch started: streamId=${streamId} canSendActive=${target.account.canSendActive}`);
     const hooks = {
       onChunk: (text) => {
         const current = streams.get(streamId);
@@ -4977,7 +5487,7 @@ async function handleBaiduAppWebhookRequest(req, res) {
           return;
         }
         appendStreamContent(current, text);
-        logger2.debug(
+        logger3.debug(
           `chunk received: streamId=${streamId} chunkLen=${text.length} totalLen=${current.content.length}`
         );
         target.statusSink?.({ lastOutboundAt: Date.now() });
@@ -4990,7 +5500,7 @@ async function handleBaiduAppWebhookRequest(req, res) {
           current.finished = true;
           current.updatedAt = Date.now();
         }
-        logger2.error(`openclaw-baiduapp agent failed: ${String(err)}`);
+        logger3.error(`openclaw-baiduapp agent failed: ${String(err)}`);
       }
     };
     dispatchBaiduAppMessage({
@@ -4999,6 +5509,8 @@ async function handleBaiduAppWebhookRequest(req, res) {
       msg,
       core,
       hooks,
+      inboundMediaFiles,
+      inboundFileDiagnostic: inboundFileResult.diagnostic,
       log: target.runtime.log,
       error: target.runtime.error
     }).then(async () => {
@@ -5007,20 +5519,20 @@ async function handleBaiduAppWebhookRequest(req, res) {
         current.finished = true;
         current.updatedAt = Date.now();
         const contentLen = current.content.trim().length;
-        logger2.info(
+        logger3.info(
           `agent dispatch done: streamId=${streamId} contentLen=${contentLen} canSendActive=${target.account.canSendActive}`
         );
         if (!target.account.canSendActive) {
-          logger2.warn(
+          logger3.warn(
             `active send skipped: appKey/appSecret not configured for account ${target.account.accountId}`
           );
         } else if (!contentLen) {
-          logger2.warn(`active send skipped: agent produced no content`);
+          logger3.warn(`active send skipped: agent produced no content`);
         }
         if (target.account.canSendActive && current.content.trim()) {
           try {
             const chunks = splitMessageByBytes(current.content, MAX_MESSAGE_BYTES);
-            logger2.info(
+            logger3.info(
               `[REPLY-MODE:ACTIVE-SEND] active send starting: streamId=${streamId} chunks=${chunks.length} contentLen=${contentLen}`
             );
             for (let i = 0; i < chunks.length; i++) {
@@ -5029,13 +5541,13 @@ async function handleBaiduAppWebhookRequest(req, res) {
                 streamId,
                 chunkKey: i
               });
-              logger2.debug(`active send chunk ${i + 1}/${chunks.length} sent: streamId=${streamId}`);
+              logger3.debug(`active send chunk ${i + 1}/${chunks.length} sent: streamId=${streamId}`);
             }
-            logger2.info(
+            logger3.info(
               `[REPLY-MODE:ACTIVE-SEND] active send complete: streamId=${streamId} chunks=${chunks.length}`
             );
           } catch (err) {
-            logger2.error(`active send failed: streamId=${streamId} error=${String(err)}`);
+            logger3.error(`active send failed: streamId=${streamId} error=${String(err)}`);
           }
         }
       }
@@ -5047,10 +5559,10 @@ async function handleBaiduAppWebhookRequest(req, res) {
         current.finished = true;
         current.updatedAt = Date.now();
       }
-      logger2.error(`agent dispatch failed: streamId=${streamId} error=${String(err)}`);
+      logger3.error(`agent dispatch failed: streamId=${streamId} error=${String(err)}`);
     });
   } else {
-    logger2.warn(`runtime not available: streamId=${streamId} \u2014 agent dispatch skipped, no reply will be generated`);
+    logger3.warn(`runtime not available: streamId=${streamId} \u2014 agent dispatch skipped, no reply will be generated`);
     const state = streams.get(streamId);
     if (state) {
       state.finished = true;
@@ -5058,12 +5570,165 @@ async function handleBaiduAppWebhookRequest(req, res) {
     }
   }
   const placeholderReply = buildStreamPlaceholderReply(streamId);
-  logger2.debug(`stream placeholder reply sent: streamId=${streamId}`);
+  logger3.debug(`stream placeholder reply sent: streamId=${streamId}`);
+  return placeholderReply;
+}
+function registerBaiduAppWebhookTarget(target) {
+  const key = normalizeWebhookPath(target.path);
+  const normalizedTarget = { ...target, path: key };
+  const existing = webhookTargets.get(key) ?? [];
+  const next = [...existing, normalizedTarget];
+  webhookTargets.set(key, next);
+  return () => {
+    const updated = (webhookTargets.get(key) ?? []).filter((entry) => entry !== normalizedTarget);
+    if (updated.length > 0) {
+      webhookTargets.set(key, updated);
+    } else {
+      webhookTargets.delete(key);
+    }
+  };
+}
+async function handleBaiduAppWebhookRequest(req, res) {
+  pruneStreams();
+  const path4 = resolvePath(req);
+  const targets = webhookTargets.get(path4);
+  if (!targets || targets.length === 0) {
+    return false;
+  }
+  const query = resolveQueryParams(req);
+  const timestamp = query.get("timestamp") ?? "";
+  const nonce = query.get("nonce") ?? "";
+  const signature = resolveSignatureParam(query);
+  const primary = targets[0];
+  const logger3 = buildLogger(primary);
+  if (req.method === "GET") {
+    const echostr = query.get("echostr") ?? "";
+    if (!timestamp || !nonce || !signature || !echostr) {
+      jsonError(res, "missing query params", 400);
+      return true;
+    }
+    const signatureMatched2 = targets.filter((candidate) => {
+      if (!candidate.account.token) {
+        return false;
+      }
+      return verifyBaiduAppSignature({
+        token: candidate.account.token,
+        timestamp,
+        nonce,
+        encrypt: echostr,
+        signature
+      });
+    });
+    if (signatureMatched2.length === 0) {
+      jsonError(res, "unauthorized");
+      return true;
+    }
+    const decryptable2 = signatureMatched2.filter((candidate) => Boolean(candidate.account.encodingAESKey));
+    if (decryptable2.length === 0) {
+      jsonError(res, "unauthorized");
+      return true;
+    }
+    const decryptedCandidates2 = decryptBaiduAppCandidates({
+      candidates: decryptable2,
+      encrypt: echostr
+    });
+    if (decryptedCandidates2.length === 0) {
+      jsonError(res, "decrypt failed");
+      return true;
+    }
+    const selected2 = selectDecryptedTarget({ candidates: decryptedCandidates2, logger: logger3 });
+    jsonOk(res, selected2.plaintext);
+    return true;
+  }
+  if (req.method !== "POST") {
+    jsonError(res, "Method Not Allowed", 405);
+    return true;
+  }
+  if (!timestamp || !nonce || !signature) {
+    jsonError(res, "missing query params");
+    return true;
+  }
+  const body = await readRawBody(req, 1024 * 1024);
+  if (!body.ok || !body.raw) {
+    jsonError(res, body.error ?? "invalid payload");
+    return true;
+  }
+  const rawBody = body.raw;
+  let encrypt = "";
+  let msgSignature = signature;
+  let msgTimestamp = timestamp;
+  let msgNonce = nonce;
+  if (isXmlFormat(rawBody)) {
+    const xmlData = parseXmlBody(rawBody);
+    encrypt = xmlData.Encrypt ?? "";
+    msgSignature = xmlData.MsgSignature ?? signature;
+    msgTimestamp = xmlData.TimeStamp ?? timestamp;
+    msgNonce = xmlData.Nonce ?? nonce;
+    logger3.info(`inbound xml parsed: hasEncrypt=${Boolean(encrypt)}, msg_signature=${msgSignature ? "yes" : "no"}`);
+  } else {
+    try {
+      const record = JSON.parse(rawBody);
+      encrypt = String(record.encrypt ?? record.Encrypt ?? "");
+      logger3.info(`inbound json parsed: hasEncrypt=${Boolean(encrypt)}`);
+    } catch {
+      logger3.warn(`inbound payload parse failed: not valid xml or json`);
+      jsonError(res, "invalid payload format");
+      return true;
+    }
+  }
+  if (!encrypt) {
+    jsonError(res, "missing encrypt");
+    return true;
+  }
+  const signatureMatched = targets.filter((candidate) => {
+    if (!candidate.account.token) {
+      return false;
+    }
+    return verifyBaiduAppSignature({
+      token: candidate.account.token,
+      timestamp: msgTimestamp,
+      nonce: msgNonce,
+      encrypt,
+      signature: msgSignature
+    });
+  });
+  if (signatureMatched.length === 0) {
+    logger3.warn(`signature verification failed: checked ${targets.length} account(s), none matched`);
+    jsonError(res, "unauthorized");
+    return true;
+  }
+  logger3.debug(`signature verified: ${signatureMatched.length} account(s) matched`);
+  const decryptable = signatureMatched.filter((candidate) => Boolean(candidate.account.encodingAESKey));
+  if (decryptable.length === 0) {
+    logger3.warn(`no account has encodingAESKey configured`);
+    jsonError(res, "openclaw-baiduapp not configured");
+    return true;
+  }
+  const decryptedCandidates = decryptBaiduAppCandidates({
+    candidates: decryptable,
+    encrypt
+  });
+  if (decryptedCandidates.length === 0) {
+    logger3.warn(`decrypt failed for all ${decryptable.length} candidate account(s)`);
+    jsonError(res, "decrypt failed");
+    return true;
+  }
+  const selected = selectDecryptedTarget({ candidates: decryptedCandidates, logger: logger3 });
+  const target = selected.target;
+  if (!target.account.configured || !target.account.token || !target.account.encodingAESKey) {
+    logger3.warn(`selected account ${target.account.accountId} not fully configured`);
+    jsonError(res, "openclaw-baiduapp not configured");
+    return true;
+  }
+  const reply = await processBaiduAppInboundMessage({
+    target,
+    msg: selected.msg
+  });
   jsonOk(
     res,
     buildEncryptedJsonReply({
       account: target.account,
-      plaintextJson: placeholderReply,
+      plaintextJson: reply,
       nonce: msgNonce,
       timestamp: msgTimestamp
     })
@@ -5071,7 +5736,243 @@ async function handleBaiduAppWebhookRequest(req, res) {
   return true;
 }
 
+// src/poller.ts
+var DEFAULT_POLL_INTERVAL_MS = 1e3;
+var DEFAULT_POLL_REQUEST_TIMEOUT_MS = 1e4;
+var accountPollers = /* @__PURE__ */ new Map();
+function buildPollingTextInboundMessage(content) {
+  return {
+    msgtype: "text",
+    text: {
+      content
+    }
+  };
+}
+async function dispatchPendingPollingMessages(data, target) {
+  if (!target || data.length === 0) {
+    return;
+  }
+  for (const item of data) {
+    if (String(item.msgtype).toLowerCase() !== "text") {
+      continue;
+    }
+    const content = item.data?.content;
+    if (typeof content !== "string" || content.length === 0) {
+      continue;
+    }
+    await processBaiduAppInboundMessage({
+      target,
+      msg: buildPollingTextInboundMessage(content)
+    });
+  }
+}
+function isAbortError2(error) {
+  return error instanceof Error && error.name === "AbortError";
+}
+function buildPollResult(params) {
+  return {
+    ok: params.ok,
+    data: params.data ?? [],
+    error: params.error
+  };
+}
+function createAbortSignalController(params) {
+  if (params.signal == null && params.timeoutMs == null) {
+    return {
+      signal: void 0,
+      cleanup: () => void 0,
+      didTimeout: () => false
+    };
+  }
+  const controller = new AbortController();
+  let timeoutId;
+  let timedOut = false;
+  const abortFromParent = () => {
+    controller.abort();
+  };
+  if (params.signal) {
+    if (params.signal.aborted) {
+      controller.abort();
+    } else {
+      params.signal.addEventListener("abort", abortFromParent, { once: true });
+    }
+  }
+  if (params.timeoutMs != null) {
+    timeoutId = setTimeout(() => {
+      timedOut = true;
+      controller.abort();
+    }, params.timeoutMs);
+  }
+  return {
+    signal: controller.signal,
+    cleanup: () => {
+      if (timeoutId) {
+        clearTimeout(timeoutId);
+      }
+      if (params.signal) {
+        params.signal.removeEventListener("abort", abortFromParent);
+      }
+    },
+    didTimeout: () => timedOut
+  };
+}
+async function pollBaiduAppChatlistOnce(account, loggerOptions, requestOptions) {
+  const endpoint = `${account.apiBase}/chat/demo/chatlist`;
+  const query = new URLSearchParams({
+    ak: account.appKey ?? "",
+    sk: account.appSecret ?? ""
+  });
+  const url = `${endpoint}?${query.toString()}`;
+  const requestSignal = createAbortSignalController({
+    signal: requestOptions?.signal,
+    timeoutMs: requestOptions?.timeoutMs
+  });
+  let response;
+  try {
+    response = await (requestOptions?.fetchImpl ?? fetch)(url, {
+      method: "GET",
+      signal: requestSignal.signal
+    });
+  } catch (error) {
+    requestSignal.cleanup();
+    if (requestSignal.didTimeout()) {
+      return buildPollResult({
+        ok: false,
+        error: {
+          kind: "timeout",
+          message: `chatlist request timed out after ${requestOptions?.timeoutMs}ms`
+        }
+      });
+    }
+    if (isAbortError2(error)) {
+      return buildPollResult({
+        ok: false,
+        error: {
+          kind: "aborted",
+          message: "chatlist request aborted"
+        }
+      });
+    }
+    return buildPollResult({
+      ok: false,
+      error: {
+        kind: "request-failed",
+        message: error instanceof Error ? error.message : String(error)
+      }
+    });
+  }
+  const responseText = await response.text();
+  requestSignal.cleanup();
+  if (!responseText) {
+    return buildPollResult({
+      ok: false,
+      error: {
+        kind: "empty-response",
+        message: `empty response from chatlist API (status=${response.status})`
+      }
+    });
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(responseText);
+  } catch {
+    return buildPollResult({
+      ok: false,
+      error: {
+        kind: "invalid-json",
+        message: `invalid JSON response from chatlist API (status=${response.status})`
+      }
+    });
+  }
+  const data = Array.isArray(parsed.data) ? parsed.data : [];
+  return buildPollResult({
+    ok: true,
+    data
+  });
+}
+function scheduleNextPoll(account, state) {
+  if (state.stopped) {
+    return;
+  }
+  state.timer = setTimeout(() => {
+    void runPollCycle(account, state);
+  }, state.intervalMs);
+}
+async function runPollCycle(account, state) {
+  if (state.stopped || state.pending) {
+    return;
+  }
+  const controller = new AbortController();
+  state.activeController = controller;
+  const pending = (async () => {
+    try {
+      const result = await pollBaiduAppChatlistOnce(account, void 0, {
+        signal: controller.signal,
+        fetchImpl: state.fetchImpl,
+        timeoutMs: state.requestTimeoutMs
+      });
+      await dispatchPendingPollingMessages(result.data, state.dispatchTarget);
+    } catch (error) {
+      if (!(state.stopped && isAbortError2(error))) {
+        state.onError?.(error);
+      }
+    } finally {
+      if (state.activeController === controller) {
+        state.activeController = null;
+      }
+      state.pending = null;
+      if (!state.stopped) {
+        scheduleNextPoll(account, state);
+      }
+    }
+  })();
+  state.pending = pending;
+  await pending;
+}
+function startAccountPolling(params) {
+  if (accountPollers.has(params.account.accountId)) {
+    return;
+  }
+  const state = {
+    stopped: false,
+    timer: null,
+    activeController: null,
+    pending: null,
+    intervalMs: params.intervalMs ?? DEFAULT_POLL_INTERVAL_MS,
+    requestTimeoutMs: params.requestTimeoutMs ?? DEFAULT_POLL_REQUEST_TIMEOUT_MS,
+    fetchImpl: params.fetchImpl,
+    onError: params.onError,
+    dispatchTarget: params.dispatchTarget
+  };
+  accountPollers.set(params.account.accountId, state);
+  void runPollCycle(params.account, state);
+}
+function stopAccountPolling(accountId) {
+  const state = accountPollers.get(accountId);
+  if (!state) {
+    return;
+  }
+  state.stopped = true;
+  if (state.timer) {
+    clearTimeout(state.timer);
+    state.timer = null;
+  }
+  state.activeController?.abort();
+  state.activeController = null;
+  accountPollers.delete(accountId);
+}
+
 // src/channel.ts
+function resolveOutboundMediaUrls(payload) {
+  if (payload.mediaUrls?.length) {
+    return payload.mediaUrls;
+  }
+  if (payload.mediaUrl) {
+    return [payload.mediaUrl];
+  }
+  return [];
+}
+var logger2 = createLogger("openclaw-baiduapp");
 var meta = {
   id: "openclaw-baiduapp",
   label: "Baidu App",
@@ -5083,6 +5984,87 @@ var meta = {
   order: 85
 };
 var unregisterHooks = /* @__PURE__ */ new Map();
+function resolveOutboundLocalMediaPath(mediaUrl) {
+  const trimmed = mediaUrl?.trim();
+  if (!trimmed) {
+    return void 0;
+  }
+  if (trimmed.startsWith("file://")) {
+    return fileURLToPath(trimmed);
+  }
+  if (/^[a-zA-Z]:[\\/]/.test(trimmed)) {
+    return trimmed;
+  }
+  if (trimmed.startsWith("/") || trimmed.startsWith("./") || trimmed.startsWith("../")) {
+    return trimmed;
+  }
+  if (/^[a-zA-Z][a-zA-Z\d+.-]*:\/\//.test(trimmed)) {
+    return void 0;
+  }
+  return trimmed;
+}
+function inferBaiduOutboundFileType(params) {
+  const ext = path2.extname(params.mediaPath).toLowerCase();
+  return ext.startsWith(".") ? ext.slice(1) : ext || "bin";
+}
+function buildOutboundMediaPayload(params) {
+  const caption = params.caption?.trim();
+  return {
+    msgtype: "text",
+    ...caption ? { text: { content: caption } } : {},
+    files: [{ url: params.uploadedUrl, fileType: params.fileType }]
+  };
+}
+function resolveDirectOutboundFiles(files) {
+  if (!Array.isArray(files) || files.length === 0) {
+    return [];
+  }
+  return files.map((file) => ({
+    mediaUrl: file.url?.trim() ?? "",
+    mimeType: file.fileType?.trim() || void 0
+  })).filter((file) => Boolean(file.mediaUrl));
+}
+async function sendBaiduAppPayload(params) {
+  const text = params.payload.text ?? params.payload.content ?? "";
+  const mediaInputs = [
+    ...resolveOutboundMediaUrls(params.payload).map((mediaUrl) => ({ mediaUrl, mimeType: void 0 })),
+    ...resolveDirectOutboundFiles(params.payload.files)
+  ];
+  if (!text && mediaInputs.length === 0) {
+    return {
+      channel: "openclaw-baiduapp",
+      ok: false,
+      messageId: ""
+    };
+  }
+  if (mediaInputs.length === 0) {
+    return baiduAppPlugin.outbound.sendText({
+      cfg: params.cfg,
+      accountId: params.accountId ?? void 0,
+      to: params.to,
+      text
+    });
+  }
+  let lastResult = {
+    channel: "openclaw-baiduapp",
+    ok: false,
+    messageId: ""
+  };
+  for (const [index, mediaInput] of mediaInputs.entries()) {
+    lastResult = await baiduAppPlugin.outbound.sendMedia({
+      cfg: params.cfg,
+      accountId: params.accountId,
+      to: params.to,
+      text: index === 0 ? text : "",
+      mediaUrl: mediaInput.mediaUrl,
+      mimeType: mediaInput.mimeType
+    });
+    if (!lastResult.ok) {
+      return lastResult;
+    }
+  }
+  return lastResult;
+}
 var baiduAppPlugin = {
   id: "openclaw-baiduapp",
   meta: {
@@ -5090,7 +6072,7 @@ var baiduAppPlugin = {
   },
   capabilities: {
     chatTypes: ["direct"],
-    media: false,
+    media: true,
     reactions: false,
     threads: false,
     edit: false,
@@ -5098,6 +6080,19 @@ var baiduAppPlugin = {
     polls: false,
     activeSend: true
   },
+  messaging: {
+    normalizeTarget: (raw) => {
+      const trimmed = raw.trim();
+      if (!trimmed) {
+        return void 0;
+      }
+      return trimmed.replace(/^openclaw-baiduapp:/i, "").trim() || void 0;
+    },
+    targetResolver: {
+      looksLikeId: () => true,
+      hint: "<user|openclaw-baiduapp:userId>"
+    }
+  },
   configSchema: BaiduAppConfigJsonSchema,
   reload: { configPrefixes: ["channels.openclaw-baiduapp"] },
   config: {
@@ -5113,7 +6108,7 @@ var baiduAppPlugin = {
           channels: {
             ...params.cfg.channels,
             "openclaw-baiduapp": {
-              ...params.cfg.channels?.["openclaw-baiduapp"] ?? {},
+              ...params.cfg.channels?.["openclaw-baiduapp"],
               enabled: params.enabled
             }
           }
@@ -5124,11 +6119,11 @@ var baiduAppPlugin = {
         channels: {
           ...params.cfg.channels,
           "openclaw-baiduapp": {
-            ...params.cfg.channels?.["openclaw-baiduapp"] ?? {},
+            ...params.cfg.channels?.["openclaw-baiduapp"],
             accounts: {
-              ...params.cfg.channels?.["openclaw-baiduapp"]?.accounts ?? {},
+              ...params.cfg.channels?.["openclaw-baiduapp"]?.accounts,
               [accountId]: {
-                ...params.cfg.channels?.["openclaw-baiduapp"]?.accounts?.[accountId] ?? {},
+                ...params.cfg.channels?.["openclaw-baiduapp"]?.accounts?.[accountId],
                 enabled: params.enabled
               }
             }
@@ -5151,7 +6146,7 @@ var baiduAppPlugin = {
         };
         return next;
       }
-      const accounts = { ...current.accounts ?? {} };
+      const accounts = { ...current.accounts };
       delete accounts[accountId];
       next.channels = {
         ...next.channels,
@@ -5239,6 +6234,10 @@ var baiduAppPlugin = {
   },
   outbound: {
     deliveryMode: "direct",
+    resolveTarget: (params) => {
+      return { ok: true, to: params.to?.trim() || "default" };
+    },
+    sendPayload: async (params) => sendBaiduAppPayload(params),
     sendText: async (params) => {
       const account = resolveBaiduAppAccount({ cfg: params.cfg, accountId: params.accountId });
       if (!account.canSendActive) {
@@ -5267,6 +6266,7 @@ var baiduAppPlugin = {
       }
     },
     sendMedia: async (params) => {
+      logger2.info(`sendMedia start ${params.mediaUrl}`);
       const account = resolveBaiduAppAccount({ cfg: params.cfg, accountId: params.accountId ?? void 0 });
       if (!account.canSendActive) {
         return {
@@ -5276,29 +6276,84 @@ var baiduAppPlugin = {
           error: new Error("Account not configured for active sending (missing appKey or appSecret)")
         };
       }
-      const content = params.text?.trim() || params.mediaUrl || "";
-      if (!content) {
+      const localMediaPath = resolveOutboundLocalMediaPath(params.mediaUrl);
+      if (!localMediaPath) {
+        const remoteUrl = params.mediaUrl?.trim() ?? "";
+        if (!remoteUrl) {
+          return {
+            channel: "openclaw-baiduapp",
+            ok: false,
+            messageId: "",
+            error: new Error("Outbound media requires a URL or local file path")
+          };
+        }
+        try {
+          const result = await sendBaiduAppMessage(
+            account,
+            buildOutboundMediaPayload({
+              caption: params.text,
+              uploadedUrl: remoteUrl,
+              fileType: inferBaiduOutboundFileType({ mediaPath: remoteUrl })
+            })
+          );
+          return {
+            channel: "openclaw-baiduapp",
+            ok: true,
+            messageId: result.msgid ?? ""
+          };
+        } catch (err) {
+          return {
+            channel: "openclaw-baiduapp",
+            ok: false,
+            messageId: "",
+            error: err instanceof Error ? err : new Error(String(err))
+          };
+        }
+      }
+      let uploaded;
+      try {
+        uploaded = await uploadLocalFileToBos({
+          account,
+          filePath: localMediaPath,
+          contentType: params.mimeType
+        });
+      } catch (err) {
         return {
           channel: "openclaw-baiduapp",
           ok: false,
           messageId: "",
-          error: new Error("No content to send (media not supported, text is empty)")
+          error: new Error(
+            `Failed to upload outbound media: ${err instanceof Error ? err.message : String(err)}`
+          )
         };
       }
       try {
-        const result = await sendBaiduAppMessage(account, content);
+        const result = await sendBaiduAppMessage(
+          account,
+          buildOutboundMediaPayload({
+            caption: params.text,
+            uploadedUrl: uploaded.url,
+            fileType: inferBaiduOutboundFileType({
+              mediaPath: uploaded.fileName || localMediaPath
+            })
+          })
+        );
         return {
           channel: "openclaw-baiduapp",
           ok: result.ok,
           messageId: result.msgid ?? "",
-          error: result.ok ? void 0 : new Error(result.errmsg ?? "send failed")
+          error: result.ok ? void 0 : new Error(result.errmsg ?? "send failed"),
+          fileName: uploaded.fileName,
+          fileSize: uploaded.fileSize
         };
       } catch (err) {
         return {
           channel: "openclaw-baiduapp",
           ok: false,
           messageId: "",
-          error: err instanceof Error ? err : new Error(String(err))
+          error: new Error(
+            `Failed to send media message: ${err instanceof Error ? err.message : String(err)}`
+          )
         };
       }
     }
@@ -5318,35 +6373,66 @@ var baiduAppPlugin = {
         ctx.setStatus?.({ accountId: ctx.accountId, running: false, configured: false });
         return;
       }
-      const path = (account.config.webhookPath ?? "/openclaw-baiduapp").trim();
+      const path4 = (account.config.webhookPath ?? "/openclaw-baiduapp").trim();
+      const runtime2 = {
+        log: ctx.log?.info ?? console.log,
+        error: ctx.log?.error ?? console.error
+      };
       const unregister = registerBaiduAppWebhookTarget({
         account,
         config: ctx.cfg ?? {},
-        runtime: {
-          log: ctx.log?.info ?? console.log,
-          error: ctx.log?.error ?? console.error
-        },
-        path,
+        runtime: runtime2,
+        path: path4,
         statusSink: (patch) => ctx.setStatus?.({ accountId: ctx.accountId, ...patch })
       });
+      try {
+        triggerBestEffortTempPrune({ runtime: runtime2, reason: "startup" });
+      } catch (error) {
+        runtime2.error(`[openclaw-baiduapp] temp prune failed during startup: ${String(error)}`);
+      }
       const existing = unregisterHooks.get(ctx.accountId);
       if (existing) {
         existing();
       }
       unregisterHooks.set(ctx.accountId, unregister);
+      if (account.config.pollingEnabled === true) {
+        startAccountPolling({
+          account,
+          dispatchTarget: {
+            account,
+            config: ctx.cfg ?? {},
+            runtime: runtime2,
+            statusSink: (patch) => ctx.setStatus?.({ accountId: ctx.accountId, ...patch })
+          },
+          onError: (error) => {
+            const message = error instanceof Error ? error.message : String(error);
+            ctx.log?.error(`[openclaw-baiduapp] polling failed for account ${ctx.accountId}: ${message}`);
+          }
+        });
+      }
       ctx.log?.info(
-        `[openclaw-baiduapp] webhook registered at ${path} for account ${ctx.accountId} (canSendActive=${account.canSendActive})`
+        `[openclaw-baiduapp] webhook registered at ${path4} for account ${ctx.accountId} (canSendActive=${account.canSendActive})`
       );
       ctx.setStatus?.({
         accountId: ctx.accountId,
         running: true,
         configured: true,
         canSendActive: account.canSendActive,
-        webhookPath: path,
+        webhookPath: path4,
         lastStartAt: Date.now()
       });
+      if (ctx.abortSignal) {
+        await new Promise((resolve) => {
+          if (ctx.abortSignal?.aborted) {
+            resolve();
+            return;
+          }
+          ctx.abortSignal?.addEventListener("abort", () => resolve(), { once: true });
+        });
+      }
     },
     stopAccount: async (ctx) => {
+      stopAccountPolling(ctx.accountId);
       const unregister = unregisterHooks.get(ctx.accountId);
       if (unregister) {
         unregister();
@@ -5413,7 +6499,14 @@ var plugin = {
       setBaiduAppRuntime(api.runtime);
     }
     api.registerChannel({ plugin: baiduAppPlugin });
-    if (api.registerHttpHandler) {
+    if (api.registerHttpRoute) {
+      api.registerHttpRoute({
+        path: "/openclaw-baiduapp",
+        auth: "plugin",
+        match: "prefix",
+        handler: handleBaiduAppWebhookRequest
+      });
+    } else if (api.registerHttpHandler) {
       api.registerHttpHandler(handleBaiduAppWebhookRequest);
     }
   }