@vrs-soft/wecom-aibot-mcp 2.4.10 → 2.4.12

package/dist/bin.js

@@ -9,7 +9,7 @@
  * - robotName 作为连接索引
  * - 不再使用 projectDir
  */
-import { spawn } from 'child_process';
+import { spawn, execSync } from 'child_process';
 import * as fs from 'fs';
 import * as path from 'path';
 import * as os from 'os';
@@ -164,43 +164,81 @@ function isServerRunning() {
         return false;
     }
 }
+// 通过端口查找进程 PID（fallback，当 PID 文件不存在时）
+function findPidByPort(port) {
+    try {
+        // Linux: ss -tlnp | grep :18963
+        const output = execSync(`ss -tlnp 2>/dev/null | grep ':${port}'`, { encoding: 'utf-8' });
+        const match = output.match(/pid=(\d+)/);
+        if (match)
+            return parseInt(match[1]);
+    }
+    catch { /* ignore */ }
+    try {
+        // macOS: lsof -ti :18963
+        const output = execSync(`lsof -ti :${port} 2>/dev/null`, { encoding: 'utf-8' }).trim();
+        if (output)
+            return parseInt(output.split('\n')[0]);
+    }
+    catch { /* ignore */ }
+    return null;
+}
 // 停止服务
 function stopServer() {
-    if (!fs.existsSync(PID_FILE)) {
-        console.log('[mcp] 服务未运行');
-        return false;
+    let pid = null;
+    // 优先从 PID 文件获取
+    if (fs.existsSync(PID_FILE)) {
+        pid = parseInt(fs.readFileSync(PID_FILE, 'utf-8').trim());
+        // 检查进程是否存在
+        try {
+            process.kill(pid, 0);
+        }
+        catch {
+            // PID 文件残留但进程已死，清理 PID 文件
+            console.log('[mcp] PID 文件残留，进程已退出，清理中...');
+            fs.unlinkSync(PID_FILE);
+            pid = null;
+        }
+    }
+    // PID 文件不存在或残留：通过端口查找
+    if (pid === null) {
+        pid = findPidByPort(HTTP_PORT);
+        if (pid === null) {
+            console.log('[mcp] 服务未运行');
+            return false;
+        }
+        console.log(`[mcp] 通过端口 ${HTTP_PORT} 找到进程 PID: ${pid}`);
     }
+    // 发送 SIGTERM
     try {
-        const pid = parseInt(fs.readFileSync(PID_FILE, 'utf-8').trim());
         process.kill(pid, 'SIGTERM');
-        // 等待进程退出
-        let attempts = 0;
-        while (attempts < 10) {
-            try {
-                process.kill(pid, 0);
-                // 进程还存在，等待
-                setTimeout(() => { }, 500);
-                attempts++;
-            }
-            catch {
-                // 进程已退出
-                break;
-            }
-        }
-        // 进程退出后删除 PID 文件（如果还存在）
-        if (fs.existsSync(PID_FILE)) {
+    }
+    catch {
+        // ESRCH: 进程不存在，清理即可
+        if (fs.existsSync(PID_FILE))
             fs.unlinkSync(PID_FILE);
-        }
         console.log('[mcp] 服务已停止');
         return true;
     }
-    catch (err) {
-        logger.error('[mcp] 停止服务失败:', err);
-        if (fs.existsSync(PID_FILE)) {
-            fs.unlinkSync(PID_FILE);
+    // 等待进程退出（最多 5 秒）
+    const deadline = Date.now() + 5000;
+    while (Date.now() < deadline) {
+        try {
+            process.kill(pid, 0);
+            // 进程还在，同步等待 100ms
+            const waitUntil = Date.now() + 100;
+            while (Date.now() < waitUntil) { /* busy wait */ }
         }
-        return false;
+        catch {
+            break;
+        }
+    }
+    // 清理 PID 文件
+    if (fs.existsSync(PID_FILE)) {
+        fs.unlinkSync(PID_FILE);
     }
+    console.log('[mcp] 服务已停止');
+    return true;
 }
 // 等待连接验证（用于配置向导验证凭证）
 async function waitForConnection(client, timeoutMs = 10000) {
@@ -318,10 +356,13 @@ async function main() {
     // --channel: 作为 Channel MCP 代理运行，不应改写全局配置
     // --reinstall / --http-only: 有自己的处理逻辑
     // --version / -v: 只查版本，不写配置
+    // --stop / --status / --list / --clean-cache / --set-token / --config: 管理命令，不应改写配置
     const skipEnsure = args.includes('--reinstall') || args.includes('--http-only') ||
         args.includes('--setup') || args.includes('--channel') ||
         args.includes('--version') || args.includes('-v') ||
-        args.includes('--start') || args.includes('--debug');
+        args.includes('--start') || args.includes('--debug') ||
+        args.includes('--stop') || args.includes('--status') || args.includes('--list') ||
+        args.includes('--clean-cache') || args.includes('--set-token') || args.includes('--config');
     if (!skipEnsure) {
         // 强制覆盖所有全局配置（不依赖智能体）
         ensureGlobalConfigs(installMode);

package/dist/channel-server.js

@@ -16,7 +16,7 @@ import * as fs from 'fs';
 import * as path from 'path';
 import * as os from 'os';
 import { VERSION } from './config-wizard.js';
-import { addPermissionHook } from './project-config.js';
+import { addPermissionHook, registerActiveProject, unregisterActiveProject } from './project-config.js';
 const MCP_URL = process.env.MCP_URL || 'http://127.0.0.1:18963';
 const MCP_AUTH_TOKEN = process.env.MCP_AUTH_TOKEN;
 // 构建带 auth 的 fetch headers
@@ -399,9 +399,8 @@ function registerChannelTools(server) {
         project_dir: z.string().optional().describe('项目目录路径（用于写入配置文件）'),
         mode: z.enum(['channel', 'http']).optional().default('http')
             .describe('运行模式：channel=SSE推送(推荐)，http=轮询(兼容)'),
-        auto_approve: z.boolean().optional().default(true).describe('超时自动审批（默认 true）'),
-        auto_approve_timeout: z.number().optional().default(600).describe('自动审批超时时间（秒，默认 600 即 10 分钟）'),
-    }, async ({ agent_name, cc_id, robot_id, project_dir, mode, auto_approve, auto_approve_timeout }) => {
+        auto_approve_timeout: z.number().optional().default(600).describe('超时自动决策等待时间（秒，默认 600 即 10 分钟）'),
+    }, async ({ agent_name, cc_id, robot_id, project_dir, mode, auto_approve_timeout }) => {
         // 转发请求
         const result = await forwardToHttpMcp('enter_headless_mode', {
             agent_name,
@@ -409,7 +408,6 @@ function registerChannelTools(server) {
             robot_id,
             project_dir: project_dir || process.cwd(),
             mode,
-            auto_approve,
             auto_approve_timeout,
         });
         // 拦截响应，提取 ccId，建立 SSE 连接
@@ -425,6 +423,9 @@ function registerChannelTools(server) {
                         const localProjectDir = project_dir || process.cwd();
                         const hookResult = addPermissionHook(localProjectDir);
                         logChannel('本地 PermissionRequest hook 已写入', { path: hookResult.path, success: hookResult.success });
+                        // 注册本地 PID → projectDir（供本地 permission-hook.sh 通过进程树匹配项目）
+                        registerActiveProject(process.ppid ?? process.pid, localProjectDir);
+                        logChannel('本地 active-projects 已注册', { pid: process.ppid ?? process.pid, projectDir: localProjectDir });
                         // Channel 模式：过滤 heartbeat 信息，简化消息
                         if (mode === 'channel' || parsed.mode === 'channel') {
                             delete parsed.heartbeat; // Channel 模式不需要 heartbeat loop
@@ -448,6 +449,7 @@ function registerChannelTools(server) {
         cc_id: z.string().describe('CC 唯一标识（enter_headless_mode 返回的 ccId）'),
         project_dir: z.string().optional().describe('项目目录路径（用于更新配置文件）'),
     }, async ({ cc_id, project_dir }) => {
+        const localProjectDir = project_dir || process.cwd();
         // 断开 SSE 连接（abort 后重连逻辑不会触发）
         if (sseAbortController) {
             sseAbortController.abort();
@@ -456,7 +458,10 @@ function registerChannelTools(server) {
             sseCurrentCcId = undefined;
             logChannel('SSE disconnected', { cc_id });
         }
-        return forwardToHttpMcp('exit_headless_mode', { cc_id, project_dir: project_dir || process.cwd() });
+        // 注销本地 active-projects 记录
+        unregisterActiveProject(localProjectDir);
+        logChannel('本地 active-projects 已注销', { projectDir: localProjectDir });
+        return forwardToHttpMcp('exit_headless_mode', { cc_id, project_dir: localProjectDir });
     });
     // ============================================
     // 工具 11: 从消息识别用户
@@ -605,7 +610,7 @@ export async function startChannelServer() {
             tools: {},
         },
         // 告知 Claude 如何处理 channel 事件
-        instructions: '企业微信消息通过 <channel> 标签推送。属性说明：from=发送者userid, chatid=会话ID(单聊=用户ID,群聊=群ID), chattype=single|group, cc_id=当前会话标识。收到消息后：1) 发送确认 send_message(cc_id, "收到...", target_user=chatid)；2) 处理任务；3) 发送结果 send_message(cc_id, "【完成】...", target_user=chatid)。',
+        instructions: '企业微信消息通过 <channel> 标签推送。属性说明：from=发送者userid, chatid=会话ID(单聊=用户ID,群聊=群ID), chattype=single|group, cc_id=当前会话标识。【强制规则】收到任何用户消息后，必须先执行步骤1再执行步骤2，禁止跳过：1) 立即发送确认 send_message(cc_id, "收到，正在处理...", target_user=chatid)；2) 处理任务；3) 发送结果 send_message(cc_id, "【完成】...", target_user=chatid)。',
     });
     // 注册工具
     registerChannelTools(mcpServer);

package/dist/client.d.ts

@@ -14,6 +14,7 @@ interface ApprovalRecord {
     operationHash?: string;
     consumed?: boolean;
     ccId?: string;
+    detailUrl?: string;
 }
 interface MessageRecord {
     seq: number;
@@ -61,7 +62,8 @@ declare class WecomClient extends EventEmitter {
     }>;
     sendText(content: string, targetUser?: string): Promise<boolean>;
     sendApprovalRequest(title: string, description: string, requestId: string, targetUser?: string, toolInput?: Record<string, unknown>, // v3.0: 用于去重
-    ccId?: string): Promise<string>;
+    ccId?: string, // v3.0: 参与哈希，防止跨 CC 复用审批
+    detailUrlBase?: string): Promise<string>;
     sendQueuedApproval(taskId: string, title: string, description: string, targetUser?: string): Promise<boolean>;
     getApprovalResult(taskId: string): 'pending' | 'allow-once' | 'allow-always' | 'deny';
     setApprovalResult(taskId: string, result: 'allow-once' | 'deny', reason?: string): boolean;

package/dist/client.js

@@ -19,6 +19,30 @@ import { logger } from './logger.js';
 const MAX_PENDING_MESSAGES = 100;
 // 全局消息序号计数器
 let globalMessageSeq = 0;
+// 审批卡片正文长度上限；超过则截断，余下由详情链接承接
+const APPROVAL_DESC_MAX = 200;
+// 构建审批卡片 payload（发首次审批 + 排队重发共用）
+function buildApprovalCard(title, description, taskId, detailUrl) {
+    const truncated = description.length > APPROVAL_DESC_MAX
+        ? description.slice(0, APPROVAL_DESC_MAX) + '…（已截断，点击「详情」查看完整内容）'
+        : description;
+    const subTitle = truncated + `\n\n📋 TaskID: ${taskId}`;
+    const card = {
+        card_type: 'button_interaction',
+        main_title: { title },
+        sub_title_text: subTitle,
+        button_list: [
+            { text: '允许', key: 'allow-once', style: 1 },
+            { text: '默认', key: 'allow-always', style: 1 },
+            { text: '拒绝', key: 'deny', style: 2 },
+        ],
+        task_id: taskId,
+        ...(detailUrl
+            ? { horizontal_content_list: [{ keyname: '详情', value: '查看完整命令', type: 1, url: detailUrl }] }
+            : {}),
+    };
+    return { msgtype: 'template_card', template_card: card };
+}
 class WecomClient extends EventEmitter {
     wsClient;
     approvals = new Map();
@@ -344,7 +368,8 @@ class WecomClient extends EventEmitter {
     }
     // 发送审批请求（带按钮的模板卡片）
     async sendApprovalRequest(title, description, requestId, targetUser, toolInput, // v3.0: 用于去重
-    ccId // v3.0: 参与哈希，防止跨 CC 复用审批
+    ccId, // v3.0: 参与哈希，防止跨 CC 复用审批
+    detailUrlBase // 详情页 h5 链接的 base（最终 URL = base/taskId）
     ) {
         const userId = targetUser || this.targetUserId;
         // 从 title 中提取工具名称（格式: 【待审批】Bash）
@@ -360,6 +385,7 @@ class WecomClient extends EventEmitter {
         }
         const taskId = `approval_${requestId}_${Date.now()}`;
         const operationHash = toolInput && toolName ? hashOperation(ccId ?? '', toolName, toolInput) : undefined;
+        const detailUrl = detailUrlBase ? `${detailUrlBase}/${taskId}` : undefined;
         // 始终存储审批记录（断线时也需要，让 Hook 能轮询到）
         this.approvals.set(taskId, {
             taskId,
@@ -370,6 +396,7 @@ class WecomClient extends EventEmitter {
             description, // 保存审批请求原文
             operationHash,
             ccId, // 保存 ccId，用于 SSE 推送审批结果
+            detailUrl, // 供排队重发时复用
         });
         // 断线时将审批请求加入队列，等待重连后发送
         if (!this.connected) {
@@ -383,22 +410,7 @@ class WecomClient extends EventEmitter {
             // 返回 taskId，审批记录已创建，等待重连后发送
             return taskId;
         }
-        // 发送模板卡片（在 description 中显示 taskId 便于用户识别）
-        const displayDesc = description + `\n\n📋 TaskID: ${taskId}`;
-        await this.wsClient.sendMessage(userId, {
-            msgtype: 'template_card',
-            template_card: {
-                card_type: 'button_interaction',
-                main_title: { title },
-                sub_title_text: displayDesc,
-                button_list: [
-                    { text: '允许', key: 'allow-once', style: 1 },
-                    { text: '默认', key: 'allow-always', style: 1 },
-                    { text: '拒绝', key: 'deny', style: 2 },
-                ],
-                task_id: taskId,
-            },
-        });
+        await this.wsClient.sendMessage(userId, buildApprovalCard(title, description, taskId, detailUrl));
         logger.log(`[wecom] 已发送审批请求到 ${userId}: ${taskId}`);
         return taskId;
     }
@@ -415,22 +427,7 @@ class WecomClient extends EventEmitter {
             return false;
         }
         const userId = targetUser || this.targetUserId;
-        // 发送模板卡片（在 description 中显示 taskId 便于用户识别）
-        const displayDesc = description + `\n\n📋 TaskID: ${taskId}`;
-        await this.wsClient.sendMessage(userId, {
-            msgtype: 'template_card',
-            template_card: {
-                card_type: 'button_interaction',
-                main_title: { title },
-                sub_title_text: displayDesc,
-                button_list: [
-                    { text: '允许', key: 'allow-once', style: 1 },
-                    { text: '默认', key: 'allow-always', style: 1 },
-                    { text: '拒绝', key: 'deny', style: 2 },
-                ],
-                task_id: taskId,
-            },
-        });
+        await this.wsClient.sendMessage(userId, buildApprovalCard(title, description, taskId, approval.detailUrl));
         logger.log(`[wecom] 已发送排队审批请求到 ${userId}: ${taskId}`);
         return true;
     }

package/dist/config-wizard.js

@@ -413,7 +413,7 @@ function writeHookScript() {
 # HTTP Transport 版本
 #
 # 固定端口: 18963
-# 检查 $(pwd)/.claude/wecom-aibot.json 的 wechatMode 和 autoApprove 字段
+# 通过 PID 树查 ~/.wecom-aibot-mcp/active-projects.json 匹配项目，读 wechatMode 开关
 
 MCP_PORT=18963
 
@@ -594,37 +594,10 @@ while [[ $POLL_COUNT -lt $MAX_POLL ]]; do
   fi
 done
 
-log_debug "[$(date)] Timeout reached, checking autoApprove setting"
+log_debug "[$(date)] Timeout reached, executing smart auto-approval"
 
-# 超时处理：根据 autoApprove 决定行为
-# autoApprove: false → 继续等待（无限轮询）
-# autoApprove: true → 智能代批
-
-AUTO_APPROVE=$(jq -r '.autoApprove // false' "$CONFIG_FILE" 2>/dev/null)
-log_debug "[$(date)] autoApprove: $AUTO_APPROVE"
-if [[ "$AUTO_APPROVE" != "true" ]]; then
-  log_debug "[$(date)] autoApprove off, entering infinite wait"
-  # autoApprove 关闭，继续无限等待用户响应
-  while true; do
-    sleep 2
-    STATUS=$(curl -s -m 3 "\${AUTH_ARGS[@]}" "$MCP_BASE_URL/approval_status/$TASK_ID" 2>/dev/null)
-    RESULT=$(echo "$STATUS" | jq -r '.result // empty')
-
-    if [[ "$RESULT" == "allow-once" || "$RESULT" == "allow-always" ]]; then
-      log_debug "[$(date)] Approved by user (infinite wait)"
-      printf '%s\\n' '{"hookSpecificOutput":{"hookEventName":"PermissionRequest","decision":{"behavior":"allow"}}}'
-      exit 0
-    elif [[ "$RESULT" == "deny" ]]; then
-      log_debug "[$(date)] Denied by user (infinite wait)"
-      printf '%s\\n' '{"hookSpecificOutput":{"hookEventName":"PermissionRequest","decision":{"behavior":"deny","message":"用户拒绝"}}}'
-      exit 0
-    fi
-  done
-fi
-
-# autoApprove: true，执行智能代批
+# 超时处理：必须立即决策，Claude Code 的 hook timeout 会杀掉阻塞进程。
 # 规则：删除命令→拒绝，项目内操作→允许，项目外操作→拒绝
-log_debug "[$(date)] Executing smart auto-approval"
 
 # 检查是否是删除命令（仅匹配命令行本身，不匹配 heredoc 内容）
 IS_DELETE=0
@@ -726,7 +699,7 @@ function writeStopHookScript() {
 # HTTP 模式使用：阻止 Claude 停止，提示调用 get_pending_messages 恢复轮询
 #
 # 固定端口: 18963
-# 检查 $(pwd)/.claude/wecom-aibot.json 的 wechatMode 和 autoApprove 字段
+# 只检查 $(pwd)/.claude/wecom-aibot.json 的 wechatMode 字段
 
 MCP_PORT=18963
 
@@ -763,14 +736,6 @@ if [[ "$WECHAT_MODE" != "true" ]]; then
   exit 0
 fi
 
-# 检查 autoApprove 是否为 true（需要恢复轮询的模式）
-AUTO_APPROVE=$(jq -r '.autoApprove // false' "$CONFIG_FILE" 2>/dev/null)
-log_debug "[$(date)] autoApprove: $AUTO_APPROVE"
-if [[ "$AUTO_APPROVE" != "true" ]]; then
-  log_debug "[$(date)] autoApprove not true, exit 0 (allow stop)"
-  exit 0
-fi
-
 # 确定 MCP Server 地址（本地优先，失败则尝试远程 channel 配置）
 MCP_BASE_URL="http://127.0.0.1:$MCP_PORT"
 AUTH_ARGS=()
@@ -810,7 +775,7 @@ if [[ -z "$CC_ID" ]]; then
   exit 0
 fi
 
-# 处于微信模式且 autoApprove 为 true，需要恢复轮询
+# 处于微信模式，需要恢复轮询
 # 使用 exit code 2 阻止停止，并提示 Claude 调用 MCP 工具
 log_debug "[$(date)] ✅ WeChat mode active, blocking stop to resume polling"
 log_debug "[$(date)] ccId=$CC_ID, will prompt Claude to call get_pending_messages"

package/dist/http-server.js

@@ -622,6 +622,10 @@ export async function startHttpServer(_server, port = HTTP_PORT, httpsConfig) {
                 handleApprovalStatus(req, res, url);
                 return;
             }
+            if (req.method === 'GET' && url.startsWith('/approval/')) {
+                handleApprovalDetail(req, res, url);
+                return;
+            }
             if (req.method === 'POST' && url.startsWith('/approval_timeout/')) {
                 await handleApprovalTimeout(req, res, url);
                 return;
@@ -877,7 +881,7 @@ async function handleApprovalRequest(req, res) {
             res.end(JSON.stringify({ error: '未连接机器人，请先进入微信模式' }));
             return;
         }
-        const { tool_name, tool_input } = request;
+        const { tool_name, tool_input, projectDir } = request;
         let description = '';
         if (tool_name === 'Bash') {
             description = `执行命令: ${tool_input?.command || '(unknown)'}`;
@@ -890,8 +894,12 @@ async function handleApprovalRequest(req, res) {
         }
         const title = `【待审批】${tool_name}`;
         const requestId = `hook_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
-        const taskId = await client.sendApprovalRequest(title, description, requestId, undefined, tool_input, ccId);
-        logger.log(`[http] 审批请求已发送: ${taskId} (机器人: ${robotName})`);
+        // 构建卡片"详情"链接的 base（同源，从本请求的 Host/scheme 推断）
+        const scheme = req.socket.encrypted ? 'https' : 'http';
+        const host = req.headers.host || `127.0.0.1:${HTTP_PORT}`;
+        const detailUrlBase = `${scheme}://${host}/approval`;
+        const taskId = await client.sendApprovalRequest(title, description, requestId, undefined, tool_input, ccId, detailUrlBase);
+        logger.log(`[http] 审批请求已发送: ${taskId} (机器人: ${robotName}) 详情页: ${detailUrlBase}/${taskId}`);
         // 存储审批并启动超时计时器
         const entry = {
             taskId,
@@ -902,6 +910,8 @@ async function handleApprovalRequest(req, res) {
             tool_input,
             description,
             robotName,
+            ccId,
+            projectDir,
         };
         pendingApprovals.set(taskId, entry);
         res.writeHead(200, { 'Content-Type': 'application/json' });
@@ -913,6 +923,84 @@ async function handleApprovalRequest(req, res) {
         res.end(JSON.stringify({ error: err.message }));
     }
 }
+function escapeHtml(raw) {
+    return raw
+        .replace(/&/g, '&')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#39;');
+}
+function handleApprovalDetail(_req, res, url) {
+    const taskId = url.replace('/approval/', '');
+    const entry = pendingApprovals.get(taskId);
+    const respondHtml = (status, body) => {
+        res.writeHead(status, { 'Content-Type': 'text/html; charset=utf-8' });
+        res.end(body);
+    };
+    if (!entry) {
+        respondHtml(404, `<!doctype html><meta charset="utf-8"><title>审批不存在</title>
+<body style="font-family:-apple-system,system-ui,sans-serif;padding:24px;color:#333">
+<h2>审批已过期或不存在</h2>
+<p>TaskID: <code>${escapeHtml(taskId)}</code></p>
+<p>此条记录可能已被清理（用户已决策或超时）。</p>
+</body>`);
+        return;
+    }
+    const inputPretty = (() => {
+        try {
+            return JSON.stringify(entry.tool_input ?? {}, null, 2);
+        }
+        catch {
+            return String(entry.tool_input);
+        }
+    })();
+    const statusLabel = {
+        'pending': '⏳ 待审批',
+        'allow-once': '✅ 已允许',
+        'deny': '❌ 已拒绝',
+    }[entry.status] ?? entry.status;
+    const html = `<!doctype html>
+<html>
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<title>审批详情 · ${escapeHtml(entry.tool_name)}</title>
+<style>
+  body { font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", system-ui, sans-serif;
+         max-width: 780px; margin: 0 auto; padding: 16px; color: #222; background: #f7f7f9; }
+  h1 { font-size: 20px; margin: 8px 0 16px; }
+  .meta { background: #fff; border-radius: 8px; padding: 12px 16px; margin-bottom: 12px;
+          box-shadow: 0 1px 2px rgba(0,0,0,.04); }
+  .meta .row { display: flex; padding: 4px 0; border-bottom: 1px dashed #eee; }
+  .meta .row:last-child { border-bottom: none; }
+  .meta .k { width: 96px; color: #888; flex-shrink: 0; }
+  .meta .v { flex: 1; word-break: break-all; }
+  pre { background: #fff; border-radius: 8px; padding: 12px 16px;
+        overflow-x: auto; font-size: 13px; line-height: 1.5;
+        box-shadow: 0 1px 2px rgba(0,0,0,.04); white-space: pre-wrap; word-break: break-all; }
+  .tag { display: inline-block; padding: 2px 8px; border-radius: 4px; font-size: 12px;
+         background: #eef; color: #446; }
+  footer { color: #aaa; font-size: 12px; text-align: center; margin-top: 16px; }
+</style>
+</head>
+<body>
+<h1>审批详情</h1>
+<div class="meta">
+  <div class="row"><div class="k">状态</div><div class="v">${statusLabel}</div></div>
+  <div class="row"><div class="k">工具</div><div class="v"><span class="tag">${escapeHtml(entry.tool_name)}</span></div></div>
+  <div class="row"><div class="k">概要</div><div class="v">${escapeHtml(entry.description)}</div></div>
+  ${entry.projectDir ? `<div class="row"><div class="k">项目目录</div><div class="v">${escapeHtml(entry.projectDir)}</div></div>` : ''}
+  ${entry.ccId ? `<div class="row"><div class="k">CC</div><div class="v">${escapeHtml(entry.ccId)}</div></div>` : ''}
+  <div class="row"><div class="k">TaskID</div><div class="v"><code>${escapeHtml(taskId)}</code></div></div>
+</div>
+<h3>完整参数</h3>
+<pre>${escapeHtml(inputPretty)}</pre>
+<footer>此页面随审批记录自动过期清理 · 请回到企业微信卡片点击审批按钮</footer>
+</body>
+</html>`;
+    respondHtml(200, html);
+}
 function handleApprovalStatus(_req, res, url) {
     const taskId = url.replace('/approval_status/', '');
     const entry = pendingApprovals.get(taskId);

package/dist/project-config.d.ts

@@ -17,7 +17,6 @@ export interface WechatModeConfig {
     robotName?: string;
     wechatMode: boolean;
     ccId?: string;
-    autoApprove?: boolean;
     autoApproveTimeout?: number;
     heartbeatJobId?: string;
     mode?: 'channel' | 'http';

package/dist/project-config.js

@@ -270,6 +270,14 @@ const STOP_HOOK = {
     matcher: '',
     hooks: [{ type: 'command', command: STOP_HOOK_SCRIPT_PATH }],
 };
+/**
+ * 进入微信模式时默认预批的 MCP 工具通配（避免每次都走 hook 增加延迟）
+ * hook 本身对 mcp__* 也会放行，加入 allow 只是让 Claude Code 跳过 hook。
+ */
+const DEFAULT_MCP_ALLOW = [
+    'mcp__wecom-aibot__*',
+    'mcp__wecom-aibot-channel__*',
+];
 /**
  * 添加 PermissionRequest hook 到项目 settings.json
  */
@@ -296,6 +304,16 @@ export function addPermissionHook(projectDir) {
         settings.hooks = {};
     }
     settings.hooks.PermissionRequest = [PERMISSION_HOOK];
+    // 合并默认 MCP 通配到 permissions.allow（去重保序）
+    const perms = settings.permissions ?? {};
+    const existingAllow = Array.isArray(perms.allow) ? perms.allow : [];
+    const merged = [...existingAllow];
+    for (const entry of DEFAULT_MCP_ALLOW) {
+        if (!merged.includes(entry))
+            merged.push(entry);
+    }
+    perms.allow = merged;
+    settings.permissions = perms;
     // 写入配置
     try {
         fs.writeFileSync(settingsPath, JSON.stringify(settings, null, 2));

package/dist/tools/index.d.ts

@@ -1,23 +1,2 @@
-/**
- * MCP 工具注册入口
- *
- * 注册以下工具：
- * - send_message: 发送消息
- * - send_approval_request: 发送审批请求
- * - get_approval_result: 获取审批结果
- * - check_connection: 检查连接状态
- * - get_pending_messages: 获取待处理消息
- * - get_setup_guide: 获取安装指南
- * - add_robot_config: 添加机器人配置
- * - list_robots: 列出所有机器人
- * - get_robot_status: 获取机器人状态
- * - enter_headless_mode: 进入微信模式
- * - exit_headless_mode: 退出微信模式
- * - detect_user_from_message: 从消息识别用户
- *
- * v2.0 架构变更：
- * - 不再使用 projectDir 参数
- * - 从 Session 自动获取 robotName
- */
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
 export declare function registerTools(server: McpServer): void;

package/dist/tools/index.js

@@ -1,24 +1,4 @@
-/**
- * MCP 工具注册入口
- *
- * 注册以下工具：
- * - send_message: 发送消息
- * - send_approval_request: 发送审批请求
- * - get_approval_result: 获取审批结果
- * - check_connection: 检查连接状态
- * - get_pending_messages: 获取待处理消息
- * - get_setup_guide: 获取安装指南
- * - add_robot_config: 添加机器人配置
- * - list_robots: 列出所有机器人
- * - get_robot_status: 获取机器人状态
- * - enter_headless_mode: 进入微信模式
- * - exit_headless_mode: 退出微信模式
- * - detect_user_from_message: 从消息识别用户
- *
- * v2.0 架构变更：
- * - 不再使用 projectDir 参数
- * - 从 Session 自动获取 robotName
- */
+// MCP 工具注册入口。完整工具清单见 design/tools-api.md。
 import { z } from 'zod';
 import { listAllRobots, getDocMcpUrl, installSkill, VERSION } from '../config-wizard.js';
 import { callDocTool } from '../doc-proxy.js';
@@ -356,9 +336,8 @@ npx @vrs-soft/wecom-aibot-mcp
         project_dir: z.string().optional().describe('项目目录路径（用于写入配置文件）'),
         mode: z.enum(['channel', 'http']).optional().default('http')
             .describe('运行模式：channel=SSE推送(推荐)，http=轮询(兼容)'),
-        auto_approve: z.boolean().optional().default(true).describe('超时自动审批（默认 true）'),
-        auto_approve_timeout: z.number().optional().default(300).describe('自动审批超时时间（秒，默认 300 即 5 分钟）'),
-    }, async ({ agent_name, cc_id, robot_id, project_dir, mode, auto_approve, auto_approve_timeout }, extra) => {
+        auto_approve_timeout: z.number().optional().default(300).describe('超时自动决策等待时间（秒，默认 300 即 5 分钟）'),
+    }, async ({ agent_name, cc_id, robot_id, project_dir, mode, auto_approve_timeout }, extra) => {
         // 获取项目目录
         const projectDir = project_dir || process.cwd();
         // 智能体名称（用于生成 ccId）
@@ -429,7 +408,6 @@ npx @vrs-soft/wecom-aibot-mcp
             wechatMode: true,
             robotName: selectedRobot.name,
             ccId: finalCcId,
-            autoApprove: auto_approve,
             autoApproveTimeout: auto_approve_timeout,
             mode,
         });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vrs-soft/wecom-aibot-mcp",
-  "version": "2.4.10",
+  "version": "2.4.12",
   "description": "企业微信智能机器人 MCP 服务 - Claude Code 审批通道",
   "type": "module",
   "main": "dist/index.js",