@vrs-soft/wecom-aibot-mcp 2.4.26 → 3.0.0-rc.0

package/dist/bin.js

@@ -182,23 +182,36 @@ function isServerRunning() {
         return false;
     }
 }
-// 通过端口查找进程 PID（fallback，当 PID 文件不存在时）
+// 通过端口查找进程 PID（fallback，当 PID 文件不存在时）。
+// Windows 用 netstat -ano；Unix 优先 lsof，回退 ss。
 function findPidByPort(port) {
-    try {
-        // Linux: ss -tlnp | grep :18963
-        const output = execSync(`ss -tlnp 2>/dev/null | grep ':${port}'`, { encoding: 'utf-8' });
-        const match = output.match(/pid=(\d+)/);
-        if (match)
-            return parseInt(match[1]);
+    if (process.platform === 'win32') {
+        try {
+            const output = execSync(`netstat -ano -p TCP`, { encoding: 'utf-8' });
+            // 行形如: "  TCP    127.0.0.1:18963   0.0.0.0:0   LISTENING   1234"
+            const re = new RegExp(`^\\s*TCP\\s+\\S+:${port}\\s+\\S+\\s+LISTENING\\s+(\\d+)`, 'm');
+            const m = output.match(re);
+            if (m)
+                return parseInt(m[1], 10);
+        }
+        catch { /* ignore */ }
+        return null;
     }
-    catch { /* ignore */ }
     try {
-        // macOS: lsof -ti :18963
+        // macOS / Linux 都装了 lsof
         const output = execSync(`lsof -ti :${port} 2>/dev/null`, { encoding: 'utf-8' }).trim();
         if (output)
             return parseInt(output.split('\n')[0]);
     }
     catch { /* ignore */ }
+    try {
+        // Linux 备选：ss -tlnp
+        const output = execSync(`ss -tlnp 2>/dev/null | grep ':${port}'`, { encoding: 'utf-8' });
+        const match = output.match(/pid=(\d+)/);
+        if (match)
+            return parseInt(match[1]);
+    }
+    catch { /* ignore */ }
     return null;
 }
 // 停止服务
@@ -433,7 +446,13 @@ async function main() {
         const CLAUDE_CONFIG_FILE = path.join(os.homedir(), '.claude.json');
         const CLAUDE_SETTINGS_FILE = path.join(os.homedir(), '.claude', 'settings.local.json');
         const VERSION_FILE = path.join(os.homedir(), '.wecom-aibot-mcp', 'version.json');
-        const HOOK_SCRIPT = path.join(os.homedir(), '.wecom-aibot-mcp', 'permission-hook.sh');
+        const HOOK_SCRIPTS = [
+            path.join(os.homedir(), '.wecom-aibot-mcp', 'permission-hook.js'),
+            path.join(os.homedir(), '.wecom-aibot-mcp', 'stop-hook.js'),
+            // 旧版 .sh 残留
+            path.join(os.homedir(), '.wecom-aibot-mcp', 'permission-hook.sh'),
+            path.join(os.homedir(), '.wecom-aibot-mcp', 'stop-hook.sh'),
+        ];
         // 1. 删除 ~/.claude.json 中的 wecom-aibot 配置
         if (fs.existsSync(CLAUDE_CONFIG_FILE)) {
             const content = fs.readFileSync(CLAUDE_CONFIG_FILE, 'utf-8');
@@ -466,10 +485,12 @@ async function main() {
             fs.unlinkSync(VERSION_FILE);
             console.log('[mcp] 已删除 ~/.wecom-aibot-mcp/version.json');
         }
-        // 4. 删除 hook 脚本
-        if (fs.existsSync(HOOK_SCRIPT)) {
-            fs.unlinkSync(HOOK_SCRIPT);
-            console.log('[mcp] 已删除 ~/.wecom-aibot-mcp/permission-hook.sh');
+        // 4. 删除 hook 脚本（含旧版 .sh）
+        for (const p of HOOK_SCRIPTS) {
+            if (fs.existsSync(p)) {
+                fs.unlinkSync(p);
+                console.log(`[mcp] 已删除 ${p}`);
+            }
         }
         // 5. 重新安装全局配置
         logger.log('\n[mcp] 正在重新安装...');

package/dist/channel-server.js

@@ -12,50 +12,10 @@
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
 import { z } from 'zod';
-import { execSync } from 'child_process';
 import { VERSION, installSkill } from './config-wizard.js';
 import { addPermissionHook, registerActiveProject, unregisterActiveProject, updateWechatModeConfig } from './project-config.js';
 import { logger } from './logger.js';
-/**
- * 沿进程树向上查找 Claude Code TUI 的 PID。
- *
- * 背景：本地 dev (`command: "node"`) 时 channel-server 是 Claude TUI 的直接子进程，
- *   process.ppid = Claude TUI ✓
- * 但 npx 部署 (`command: "npx"`) 时多了一层 npx：
- *   Claude TUI → npx → node bin.js (channel-server)
- *   process.ppid = npx ❌
- * permission-hook.sh 从 hook 自身向上查 active-projects.json 时只能命中 Claude TUI
- * 这条祖先链。如果注册的是 npx 的 PID，hook 永远找不到 → 静默 exit 0 → 跳过审批。
- *
- * 此函数从 startPid 起向上遍历，找到第一个命令名为 "claude" 的进程，返回其 PID。
- * 找不到时回退到 startPid（保持旧行为，至少 dev 场景不退化）。
- */
-function findClaudePid(startPid) {
-    let pid = startPid;
-    for (let i = 0; i < 8; i++) {
-        if (!pid || pid <= 1)
-            break;
-        try {
-            const comm = execSync(`ps -p ${pid} -o comm=`, { stdio: ['ignore', 'pipe', 'ignore'] })
-                .toString()
-                .trim();
-            // ps comm= 返回执行文件 basename。Claude Code TUI 安装名就是 "claude"
-            if (comm === 'claude' || comm.endsWith('/claude'))
-                return pid;
-            const ppidStr = execSync(`ps -p ${pid} -o ppid=`, { stdio: ['ignore', 'pipe', 'ignore'] })
-                .toString()
-                .trim();
-            const ppid = parseInt(ppidStr, 10);
-            if (!ppid || ppid === pid)
-                break;
-            pid = ppid;
-        }
-        catch {
-            break;
-        }
-    }
-    return startPid;
-}
+import { findClaudePid } from './platform.js';
 const MCP_URL = process.env.MCP_URL || 'http://127.0.0.1:18963';
 const MCP_AUTH_TOKEN = process.env.MCP_AUTH_TOKEN;
 // 构建带 auth 的 fetch headers

package/dist/config-wizard.js

@@ -18,8 +18,11 @@ const VERSION_FILE = path.join(CONFIG_DIR, 'version.json');
 const SERVER_CONFIG_FILE = path.join(CONFIG_DIR, 'server.json'); // HTTP Server 配置（auth token 等）
 const CLAUDE_CONFIG_FILE = path.join(os.homedir(), '.claude.json');
 const CLAUDE_SETTINGS_FILE = path.join(os.homedir(), '.claude', 'settings.local.json');
-const HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'permission-hook.sh');
-const STOP_HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'stop-hook.sh');
+// v3.0+：hook 改用 Node.js（跨平台）。旧路径仅用于 --upgrade / --uninstall 清理。
+const HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'permission-hook.js');
+const STOP_HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'stop-hook.js');
+const LEGACY_HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'permission-hook.sh');
+const LEGACY_STOP_HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'stop-hook.sh');
 // Skill 模板路径（包内）- 使用 fileURLToPath 确保跨平台兼容
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
@@ -225,10 +228,12 @@ export function deleteHook() {
             if (changed) {
                 fs.writeFileSync(CLAUDE_SETTINGS_FILE, JSON.stringify(settings, null, 2));
             }
-            // 删除 hook 脚本文件
-            if (fs.existsSync(HOOK_SCRIPT_PATH)) {
-                fs.unlinkSync(HOOK_SCRIPT_PATH);
-                console.log('[config] 已删除 hook 脚本文件');
+            // 删除 hook 脚本文件（含旧版 .sh 残留）
+            for (const p of [HOOK_SCRIPT_PATH, STOP_HOOK_SCRIPT_PATH, LEGACY_HOOK_SCRIPT_PATH, LEGACY_STOP_HOOK_SCRIPT_PATH]) {
+                if (fs.existsSync(p)) {
+                    fs.unlinkSync(p);
+                    console.log(`[config] 已删除 hook 文件: ${path.basename(p)}`);
+                }
             }
         }
     }
@@ -428,385 +433,29 @@ export function uninstall() {
     console.log('\n[config] 卸载完成');
     console.log('[config] 如需重新安装，请运行: npx @vrs-soft/wecom-aibot-mcp\n');
 }
-// 生成并写入 hook 脚本（HTTP Transport 版本）
-function writeHookScript() {
-    const script = `#!/bin/bash
-# wecom-aibot-mcp PermissionRequest hook
-# HTTP Transport 版本
-#
-# 固定端口: 18963
-# 通过 PID 树查 ~/.wecom-aibot-mcp/active-projects.json 匹配项目，读 wechatMode 开关
-
-MCP_PORT=18963
-
-# 先保存输入（只能读一次）
-INPUT=$(cat)
-
-# 日志输出：--debug 模式下输出到 stderr，否则静默
-DEBUG_FILE="$HOME/.wecom-aibot-mcp/debug"
-log_debug() {
-  if [[ -f "$DEBUG_FILE" ]]; then
-    echo "$1" >&2
-  fi
-}
-
-log_debug "[$(date)] Hook called. TOOL_NAME: $(echo "$INPUT" | jq -r '.tool_name')"
-
-TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // empty')
-
-# MCP 工具本身不需要拦截
-if [[ "$TOOL_NAME" == mcp__* ]]; then
-  log_debug "[$(date)] Allowed: MCP tool"
-  printf '%s\\n' '{"hookSpecificOutput":{"hookEventName":"PermissionRequest","decision":{"behavior":"allow"}}}'
-  exit 0
-fi
-
-# 只读工具不需要拦截
-case "$TOOL_NAME" in
-  Read|Glob|Grep|LS|TaskList|TaskGet|TaskOutput|TaskStop|CronList|CronCreate|CronDelete|AskUserQuestion|Skill|ListMcpResourcesTool|EnterPlanMode|ExitPlanMode|WebSearch|WebFetch|NotebookEdit)
-    log_debug "[$(date)] Allowed: read-only tool"
-    printf '%s\\n' '{"hookSpecificOutput":{"hookEventName":"PermissionRequest","decision":{"behavior":"allow"}}}'
-    exit 0
-    ;;
-esac
-
-# 通过进程树匹配活跃项目（以 Claude 进程为准，不依赖 pwd）
-ACTIVE_INDEX="$HOME/.wecom-aibot-mcp/active-projects.json"
-log_debug "[$(date)] Checking active-projects index via PID tree (pid=$$, ppid=$PPID)"
-
-if [[ ! -f "$ACTIVE_INDEX" ]]; then
-  log_debug "[$(date)] No active-projects index, exit 0"
-  exit 0
-fi
-
-# 沿进程树向上查找，深度 8 层
-PROJECT_DIR=""
-SEARCH_PID=$PPID
-for i in {1..8}; do
-  if [[ -z "$SEARCH_PID" ]] || [[ "$SEARCH_PID" -le 1 ]]; then
-    break
-  fi
-  MATCH=$(jq -r --argjson p "$SEARCH_PID" '.[] | select(.pid==$p) | .projectDir' "$ACTIVE_INDEX" 2>/dev/null)
-  if [[ -n "$MATCH" ]]; then
-    PROJECT_DIR="$MATCH"
-    log_debug "[$(date)] Found project via PID $SEARCH_PID (depth $i): $PROJECT_DIR"
-    break
-  fi
-  SEARCH_PID=$(ps -o ppid= -p "$SEARCH_PID" 2>/dev/null | tr -d ' ')
-done
-
-if [[ -z "$PROJECT_DIR" ]]; then
-  log_debug "[$(date)] No PID match in process tree, exit 0"
-  exit 0
-fi
-
-CONFIG_FILE="$PROJECT_DIR/.claude/wecom-aibot.json"
-log_debug "[$(date)] Found project: $PROJECT_DIR"
-
-# 配置文件不存在，不在微信模式
-if [[ ! -f "$CONFIG_FILE" ]]; then
-  log_debug "[$(date)] No wecom-aibot.json config, exit 0"
-  exit 0
-fi
-
-# 检查 wechatMode 是否为 true（微信模式开关）
-WECHAT_MODE=$(jq -r '.wechatMode // false' "$CONFIG_FILE" 2>/dev/null)
-log_debug "[$(date)] wechatMode: $WECHAT_MODE"
-if [[ "$WECHAT_MODE" != "true" ]]; then
-  log_debug "[$(date)] wechatMode not true, exit 0"
-  exit 0
-fi
-
-# 确定 MCP Server 地址
-# channel 模式直接使用远程地址，http 模式先试本地再回退远程
-MODE=$(jq -r '.mode // "http"' "$CONFIG_FILE" 2>/dev/null)
-MCP_BASE_URL="http://127.0.0.1:$MCP_PORT"
-AUTH_ARGS=()
-
-_try_remote() {
-  CLAUDE_JSON="$HOME/.claude.json"
-  if [[ ! -f "$CLAUDE_JSON" ]]; then
-    log_debug "[$(date)] No ~/.claude.json found, exit 0"
-    exit 0
-  fi
-  REMOTE_URL=$(jq -r '.mcpServers["wecom-aibot-channel"].env.MCP_URL // empty' "$CLAUDE_JSON" 2>/dev/null)
-  REMOTE_TOKEN=$(jq -r '.mcpServers["wecom-aibot-channel"].env.MCP_AUTH_TOKEN // empty' "$CLAUDE_JSON" 2>/dev/null)
-  if [[ -z "$REMOTE_URL" ]]; then
-    log_debug "[$(date)] No remote URL configured, exit 0"
-    exit 0
-  fi
-  REMOTE_HEALTH=$(curl -s -m 5 \${REMOTE_TOKEN:+-H "Authorization: Bearer $REMOTE_TOKEN"} "$REMOTE_URL/health" 2>/dev/null)
-  log_debug "[$(date)] Remote health check ($REMOTE_URL): $REMOTE_HEALTH"
-  if echo "$REMOTE_HEALTH" | jq -e '.status == "ok"' > /dev/null 2>&1; then
-    MCP_BASE_URL="$REMOTE_URL"
-    [[ -n "$REMOTE_TOKEN" ]] && AUTH_ARGS=(-H "Authorization: Bearer $REMOTE_TOKEN")
-    log_debug "[$(date)] Using remote server: $MCP_BASE_URL"
-  else
-    log_debug "[$(date)] Remote health check failed, exit 0"
-    exit 0
-  fi
-}
-
-if [[ "$MODE" == "channel" ]]; then
-  # channel 模式：直接使用远程地址，跳过本地检查
-  log_debug "[$(date)] Channel mode, using remote server directly"
-  _try_remote
-else
-  # http 模式：本地优先，失败则尝试远程
-  HEALTH=$(curl -s -m 2 "$MCP_BASE_URL/health" 2>/dev/null)
-  log_debug "[$(date)] Local health check: $HEALTH"
-  if ! echo "$HEALTH" | jq -e '.status == "ok"' > /dev/null 2>&1; then
-    log_debug "[$(date)] Local server not available, trying remote channel config..."
-    _try_remote
-  fi
-fi
-
-# 读取当前项目使用的机器人名称和 ccId
-ROBOT_NAME=$(jq -r '.robotName // empty' "$CONFIG_FILE" 2>/dev/null)
-CC_ID=$(jq -r '.ccId // empty' "$CONFIG_FILE" 2>/dev/null)
-
-# 发送审批请求（使用 pwd 作为 projectDir）
-TOOL_INPUT=$(echo "$INPUT" | jq -c '.tool_input // {}')
-BODY=$(jq -n --arg tool_name "$TOOL_NAME" --argjson tool_input "$TOOL_INPUT" --arg project_dir "$PROJECT_DIR" --arg robot_name "$ROBOT_NAME" --arg cc_id "$CC_ID" \\
-  '{"tool_name":$tool_name,"tool_input":$tool_input,"projectDir":$project_dir,"robotName":$robot_name,"ccId":$cc_id}')
-
-log_debug "[$(date)] Sending approval request..."
-RESPONSE=$(curl -s -m 10 -X POST "$MCP_BASE_URL/approve" \\
-  "\${AUTH_ARGS[@]}" \\
-  -H "Content-Type: application/json" \\
-  -d "$BODY")
-
-log_debug "[$(date)] Approval response: $RESPONSE"
-TASK_ID=$(echo "$RESPONSE" | jq -r '.taskId // empty')
-if [[ -z "$TASK_ID" ]]; then
-  log_debug "[$(date)] No taskId, exit 0"
-  exit 0
-fi
-
-log_debug "[$(date)] Waiting for approval, taskId: $TASK_ID"
-
-# 轮询审批结果（带超时：从配置读取）
-AUTO_APPROVE_TIMEOUT=$(jq -r '.autoApproveTimeout // 300' "$CONFIG_FILE" 2>/dev/null)
-# 超时时间（秒），转换为轮询次数（每次 sleep 2秒）
-# 使用向上取整补偿整数截断：MAX_POLL = ceil(timeout/2) = (timeout+1)/2
-MAX_POLL=$(( (AUTO_APPROVE_TIMEOUT + 1) / 2 ))
-if [[ $MAX_POLL -lt 1 ]]; then
-  MAX_POLL=1
-fi
-POLL_COUNT=0
-
-log_debug "[$(date)] autoApproveTimeout: $AUTO_APPROVE_TIMEOUT seconds, MAX_POLL: $MAX_POLL (actual wait: ~$((MAX_POLL * 2))s)"
-
-while [[ $POLL_COUNT -lt $MAX_POLL ]]; do
-  sleep 2
-  POLL_COUNT=$((POLL_COUNT + 1))
-
-  STATUS=$(curl -s -m 3 "\${AUTH_ARGS[@]}" "$MCP_BASE_URL/approval_status/$TASK_ID" 2>/dev/null)
-  RESULT=$(echo "$STATUS" | jq -r '.result // empty')
-  log_debug "[$(date)] Poll $POLL_COUNT/$MAX_POLL: result=$RESULT"
-
-  if [[ "$RESULT" == "allow-once" || "$RESULT" == "allow-always" ]]; then
-    log_debug "[$(date)] Approved by user"
-    printf '%s\\n' '{"hookSpecificOutput":{"hookEventName":"PermissionRequest","decision":{"behavior":"allow"}}}'
-    exit 0
-  elif [[ "$RESULT" == "deny" ]]; then
-    log_debug "[$(date)] Denied by user"
-    printf '%s\\n' '{"hookSpecificOutput":{"hookEventName":"PermissionRequest","decision":{"behavior":"deny","message":"用户拒绝"}}}'
-    exit 0
-  fi
-done
-
-log_debug "[$(date)] Timeout reached, executing smart auto-approval"
-
-# 超时处理：必须立即决策，Claude Code 的 hook timeout 会杀掉阻塞进程。
-# 规则：删除命令→拒绝，项目内操作→允许，项目外操作→拒绝
-
-# 检查是否是删除命令（仅匹配命令行本身，不匹配 heredoc 内容）
-IS_DELETE=0
-if [[ "$TOOL_NAME" == "Bash" ]]; then
-  # 只取命令的第一行（避免 heredoc 内容干扰）
-  FIRST_LINE=$(echo "$TOOL_INPUT" | jq -r '.command // empty' | head -1)
-  log_debug "[$(date)] Checking delete: FIRST_LINE=$FIRST_LINE"
-  if [[ "$FIRST_LINE" == rm\\ * ]] || [[ "$FIRST_LINE" == rm ]] \\
-     || echo "$FIRST_LINE" | grep -qE '(^|[;&|(] *)(rm |rmdir )'; then
-    IS_DELETE=1
-  fi
-fi
-
-log_debug "[$(date)] IS_DELETE: $IS_DELETE"
-
-# 删除操作 → 永远拒绝
-if [[ $IS_DELETE -eq 1 ]]; then
-  log_debug "[$(date)] Auto-deny: delete operation"
-  # 通知 MCP Server 发送微信消息
-  curl -s -m 5 -X POST "$MCP_BASE_URL/approval_timeout/$TASK_ID" "\${AUTH_ARGS[@]}" -H "Content-Type: application/json" -d '{"result":"deny","reason":"超时自动拒绝：删除操作需人工确认"}' > /dev/null 2>&1 &
-  printf '%s\\n' '{"hookSpecificOutput":{"hookEventName":"PermissionRequest","decision":{"behavior":"deny","message":"超时自动拒绝：删除操作需人工确认"}}}'
-  exit 0
-fi
-
-# 检查操作路径是否在项目内
-IS_IN_PROJECT=0
-
-case "$TOOL_NAME" in
-  Bash)
-    CMD=$(echo "$TOOL_INPUT" | jq -r '.command // empty')
-    EXEC_CWD=$(pwd)
-    log_debug "[$(date)] Bash CMD=$CMD, EXEC_CWD=$EXEC_CWD"
-    if [[ "$CMD" == *"$PROJECT_DIR"* ]]; then
-      # 明确包含项目路径 → 项目内
-      IS_IN_PROJECT=1
-    elif echo "$CMD" | grep -qE '(^|[ \t])/[a-zA-Z0-9]'; then
-      # 含有绝对路径：过滤掉项目路径和安全系统目录，看是否还有真正的项目外路径
-      OUTSIDE=$(echo "$CMD" | grep -oE '(^| )/[a-zA-Z0-9][^ \t>|;&]*' | tr -d ' ' \
-        | grep -v "^$PROJECT_DIR" \
-        | grep -vE '^(/tmp/|/var/tmp/|/dev/null|/dev/stdin|/dev/stdout|/dev/stderr|/dev/fd/)')
-      if [[ -z "$OUTSIDE" ]]; then
-        # 绝对路径全是项目内或安全临时目录 → 以执行位置为准
-        log_debug "[$(date)] Only safe abs paths, checking EXEC_CWD: $EXEC_CWD"
-        if [[ "$EXEC_CWD" == "$PROJECT_DIR"* ]]; then
-          IS_IN_PROJECT=1
-        fi
-      else
-        log_debug "[$(date)] Outside abs path detected: $OUTSIDE"
-        IS_IN_PROJECT=0
-      fi
-    else
-      # 无绝对路径（相对路径或纯命令如 npm/git）→ 以执行位置为准
-      log_debug "[$(date)] No absolute path, checking EXEC_CWD: $EXEC_CWD"
-      if [[ "$EXEC_CWD" == "$PROJECT_DIR"* ]]; then
-        IS_IN_PROJECT=1
-      fi
-    fi
-    ;;
-  Write|Edit)
-    FILE_PATH=$(echo "$TOOL_INPUT" | jq -r '.file_path // empty')
-    if [[ "$FILE_PATH" == "$PROJECT_DIR"* ]] || [[ "$FILE_PATH" != /* ]]; then
-      IS_IN_PROJECT=1
-    fi
-    ;;
-  *)
-    FILE_PATH=$(echo "$TOOL_INPUT" | jq -r '.file_path // .path // .directory // empty')
-    if [[ -n "$FILE_PATH" ]]; then
-      if [[ "$FILE_PATH" == "$PROJECT_DIR"* ]] || [[ "$FILE_PATH" != /* ]]; then
-        IS_IN_PROJECT=1
-      fi
-    fi
-    ;;
-esac
-
-log_debug "[$(date)] IS_IN_PROJECT: $IS_IN_PROJECT"
-
-# 根据项目内/外决策
-if [[ $IS_IN_PROJECT -eq 1 ]]; then
-  log_debug "[$(date)] Auto-allow: project operation"
-  # 通知 MCP Server 发送微信消息
-  curl -s -m 5 -X POST "$MCP_BASE_URL/approval_timeout/$TASK_ID" "\${AUTH_ARGS[@]}" -H "Content-Type: application/json" -d '{"result":"allow-once","reason":"超时自动允许：项目内操作"}' > /dev/null 2>&1 &
-  printf '%s\\n' '{"hookSpecificOutput":{"hookEventName":"PermissionRequest","decision":{"behavior":"allow","message":"超时自动允许：项目内操作"}}}'
-else
-  log_debug "[$(date)] Auto-deny: outside project"
-  # 通知 MCP Server 发送微信消息
-  curl -s -m 5 -X POST "$MCP_BASE_URL/approval_timeout/$TASK_ID" "\${AUTH_ARGS[@]}" -H "Content-Type: application/json" -d '{"result":"deny","reason":"超时自动拒绝：项目外操作需人工确认"}' > /dev/null 2>&1 &
-  printf '%s\\n' '{"hookSpecificOutput":{"hookEventName":"PermissionRequest","decision":{"behavior":"deny","message":"超时自动拒绝：项目外操作需人工确认"}}}'
-fi
-`;
+// 拷贝包内编译后的 hook 脚本到 ~/.wecom-aibot-mcp/permission-hook.js
+function copyHook(srcRelative, dest, label) {
+    const src = path.join(__dirname, srcRelative);
+    if (!fs.existsSync(src)) {
+        logger.error(`[config] hook 源文件不存在: ${src}`);
+        return false;
+    }
     ensureConfigDir();
-    fs.writeFileSync(HOOK_SCRIPT_PATH, script, { mode: 0o755 });
-    console.log(`[config] Hook 脚本已写入: ${HOOK_SCRIPT_PATH}`);
+    fs.copyFileSync(src, dest);
+    console.log(`[config] ${label} 已写入: ${dest}`);
+    return true;
 }
-// 生成并写入 Stop hook 脚本
-// HTTP 模式使用：阻止 Claude 停止，提示调用 get_pending_messages 恢复轮询
-function writeStopHookScript() {
-    const script = `#!/bin/bash
-# wecom-aibot-mcp Stop hook
-# HTTP 模式使用：阻止 Claude 停止，提示调用 get_pending_messages 恢复轮询
-#
-# 固定端口: 18963
-# 只检查 $(pwd)/.claude/wecom-aibot.json 的 wechatMode 字段
-
-MCP_PORT=18963
-
-# 先保存输入（Stop 事件数据）
-INPUT=$(cat)
-
-# 日志输出：--debug 模式下输出到 stderr，否则静默
-DEBUG_FILE="$HOME/.wecom-aibot-mcp/debug"
-log_debug() {
-  if [[ -f "$DEBUG_FILE" ]]; then
-    echo "$1" >&2
-  fi
+// 安装 hook 脚本（v3.0+ 改用 Node.js，跨平台）
+//
+// 升级期同时保留旧 .sh：仍在使用 v2.4.x 项目级 settings.json（hook 命令指向 .sh）
+// 的 CC 在 enter_headless_mode 重新被调用前还得跑 .sh，删早了会让那些 CC 立刻失审批。
+// .sh 真正清理的时机统一放在 --uninstall（deleteHook）。
+function writeHookScript() {
+    copyHook(path.join('hooks', 'permission-hook.js'), HOOK_SCRIPT_PATH, 'PermissionRequest hook');
 }
-
-log_debug "[$(date)] Stop hook called. INPUT: \${INPUT:0:200}"
-
-# 检查项目目录的微信模式配置文件
-PROJECT_DIR=$(pwd)
-CONFIG_FILE="$PROJECT_DIR/.claude/wecom-aibot.json"
-
-log_debug "[$(date)] Checking config: $CONFIG_FILE"
-
-# 配置文件不存在，不在微信模式，允许停止
-if [[ ! -f "$CONFIG_FILE" ]]; then
-  log_debug "[$(date)] No config file, exit 0 (allow stop)"
-  exit 0
-fi
-
-# 检查 wechatMode 是否为 true（微信模式开关）
-WECHAT_MODE=$(jq -r '.wechatMode // false' "$CONFIG_FILE" 2>/dev/null)
-log_debug "[$(date)] wechatMode: $WECHAT_MODE"
-if [[ "$WECHAT_MODE" != "true" ]]; then
-  log_debug "[$(date)] wechatMode not true, exit 0 (allow stop)"
-  exit 0
-fi
-
-# 确定 MCP Server 地址（本地优先，失败则尝试远程 channel 配置）
-MCP_BASE_URL="http://127.0.0.1:$MCP_PORT"
-AUTH_ARGS=()
-
-HEALTH=$(curl -s -m 2 "$MCP_BASE_URL/health" 2>/dev/null)
-log_debug "[$(date)] Local health check: $HEALTH"
-if ! echo "$HEALTH" | jq -e '.status == "ok"' > /dev/null 2>&1; then
-  CLAUDE_JSON="$HOME/.claude.json"
-  if [[ -f "$CLAUDE_JSON" ]]; then
-    REMOTE_URL=$(jq -r '.mcpServers["wecom-aibot-channel"].env.MCP_URL // empty' "$CLAUDE_JSON" 2>/dev/null)
-    REMOTE_TOKEN=$(jq -r '.mcpServers["wecom-aibot-channel"].env.MCP_AUTH_TOKEN // empty' "$CLAUDE_JSON" 2>/dev/null)
-    if [[ -n "$REMOTE_URL" ]]; then
-      REMOTE_HEALTH=$(curl -s -m 5 \${REMOTE_TOKEN:+-H "Authorization: Bearer $REMOTE_TOKEN"} "$REMOTE_URL/health" 2>/dev/null)
-      if echo "$REMOTE_HEALTH" | jq -e '.status == "ok"' > /dev/null 2>&1; then
-        MCP_BASE_URL="$REMOTE_URL"
-        [[ -n "$REMOTE_TOKEN" ]] && AUTH_ARGS=(-H "Authorization: Bearer $REMOTE_TOKEN")
-        log_debug "[$(date)] Using remote server: $MCP_BASE_URL"
-      else
-        log_debug "[$(date)] MCP Server offline, exit 0 (allow stop)"
-        exit 0
-      fi
-    else
-      log_debug "[$(date)] MCP Server offline, exit 0 (allow stop)"
-      exit 0
-    fi
-  else
-    log_debug "[$(date)] MCP Server offline, exit 0 (allow stop)"
-    exit 0
-  fi
-fi
-
-# 获取 ccId
-CC_ID=$(jq -r '.ccId // empty' "$CONFIG_FILE" 2>/dev/null)
-log_debug "[$(date)] ccId: $CC_ID"
-if [[ -z "$CC_ID" ]]; then
-  log_debug "[$(date)] No ccId in config, exit 0 (allow stop)"
-  exit 0
-fi
-
-# 处于微信模式，需要恢复轮询
-# 使用 exit code 2 阻止停止，并提示 Claude 调用 MCP 工具
-log_debug "[$(date)] ✅ WeChat mode active, blocking stop to resume polling"
-log_debug "[$(date)] ccId=$CC_ID, will prompt Claude to call get_pending_messages"
-echo "任务已完成，请调用 mcp__wecom-aibot__get_pending_messages(cc_id=\"$CC_ID\", timeout_ms=30000) 恢复微信消息轮询" >&2
-exit 2
-`;
-    ensureConfigDir();
-    fs.writeFileSync(STOP_HOOK_SCRIPT_PATH, script, { mode: 0o755 });
-    console.log(`[config] Stop Hook 脚本已写入: ${STOP_HOOK_SCRIPT_PATH}`);
+// 安装 Stop hook 脚本（v3.0+ Node.js）；旧 .sh 同上策略，--uninstall 时清理
+function writeStopHookScript() {
+    copyHook(path.join('hooks', 'stop-hook.js'), STOP_HOOK_SCRIPT_PATH, 'Stop hook');
 }
 // 写入 MCP Server 配置到 ~/.claude.json
 function writeMcpServerConfig(config, instanceName) {

package/dist/hooks/permission-hook.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/hooks/permission-hook.js

@@ -0,0 +1,325 @@
+#!/usr/bin/env node
+/**
+ * wecom-aibot-mcp PermissionRequest hook (Node.js, 跨平台)
+ *
+ * 由 Claude Code 在工具调用前 stdin 喂入 JSON：
+ *   { tool_name, tool_input, ... }
+ * 我们 stdout 输出：
+ *   { hookSpecificOutput: { hookEventName, decision: { behavior, message? } } }
+ *
+ * 决策逻辑：
+ *   1. MCP 工具 / 只读工具 → 直接 allow
+ *   2. 沿进程树向上查 active-projects.json，未匹配 → exit 0（不拦截）
+ *   3. 项目无 .claude/wecom-aibot.json 或 wechatMode!=true → exit 0
+ *   4. 探测本地 daemon /health；channel 模式或本地不通则尝试远程
+ *   5. POST /approve 拿 taskId，轮询 /approval_status/:taskId
+ *   6. 超时（autoApproveTimeout）→ 智能策略：
+ *      - rm 命令 → 拒
+ *      - 项目内 → 允许，项目外 → 拒
+ */
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+import { execSync } from 'child_process';
+const MCP_PORT = 18963;
+const HOME = os.homedir();
+const ACTIVE_INDEX = path.join(HOME, '.wecom-aibot-mcp', 'active-projects.json');
+const DEBUG_FILE = path.join(HOME, '.wecom-aibot-mcp', 'debug');
+const CLAUDE_JSON = path.join(HOME, '.claude.json');
+const IS_WIN = process.platform === 'win32';
+function log(msg) {
+    if (fs.existsSync(DEBUG_FILE)) {
+        process.stderr.write(`[${new Date().toISOString()}] ${msg}\n`);
+    }
+}
+function emit(decision) {
+    const out = {
+        hookSpecificOutput: {
+            hookEventName: 'PermissionRequest',
+            decision,
+        },
+    };
+    process.stdout.write(JSON.stringify(out) + '\n');
+    // 显式退出，避免事件循环里残留的 timer / fetch 让进程多挂几秒
+    process.exit(0);
+}
+function readStdinSync() {
+    // hook 进程很短命，同步读 stdin 完整内容
+    const chunks = [];
+    try {
+        const buf = Buffer.alloc(65536);
+        while (true) {
+            const n = fs.readSync(0, buf, 0, buf.length, null);
+            if (!n)
+                break;
+            chunks.push(Buffer.from(buf.subarray(0, n)));
+        }
+    }
+    catch {
+        // EAGAIN / closed
+    }
+    return Buffer.concat(chunks).toString('utf-8');
+}
+function getParentPid(pid) {
+    if (!pid || pid <= 1)
+        return 0;
+    try {
+        if (IS_WIN) {
+            const out = execSync(`wmic process where ProcessId=${pid} get ParentProcessId /value`, {
+                stdio: ['ignore', 'pipe', 'ignore'],
+            }).toString();
+            const m = out.match(/ParentProcessId=(\d+)/);
+            return m ? parseInt(m[1], 10) : 0;
+        }
+        return parseInt(execSync(`ps -o ppid= -p ${pid}`, {
+            stdio: ['ignore', 'pipe', 'ignore'],
+        }).toString().trim(), 10) || 0;
+    }
+    catch {
+        return 0;
+    }
+}
+function findProjectFromActiveIndex(startPid) {
+    if (!fs.existsSync(ACTIVE_INDEX)) {
+        log('No active-projects index');
+        return null;
+    }
+    let entries = [];
+    try {
+        entries = JSON.parse(fs.readFileSync(ACTIVE_INDEX, 'utf-8'));
+        if (!Array.isArray(entries))
+            return null;
+    }
+    catch {
+        return null;
+    }
+    let pid = startPid;
+    for (let i = 0; i < 8; i++) {
+        if (!pid || pid <= 1)
+            break;
+        const hit = entries.find((e) => e?.pid === pid);
+        if (hit?.projectDir) {
+            log(`Matched PID ${pid} -> ${hit.projectDir}`);
+            return hit.projectDir;
+        }
+        const parent = getParentPid(pid);
+        if (!parent || parent === pid)
+            break;
+        pid = parent;
+    }
+    return null;
+}
+async function fetchJson(url, init) {
+    const ctrl = new AbortController();
+    const t = setTimeout(() => ctrl.abort(), init?.timeoutMs ?? 5000);
+    try {
+        const res = await fetch(url, { ...init, signal: ctrl.signal });
+        if (!res.ok)
+            return null;
+        return await res.json().catch(() => null);
+    }
+    catch {
+        return null;
+    }
+    finally {
+        clearTimeout(t);
+    }
+}
+async function probeLocal() {
+    const baseUrl = `http://127.0.0.1:${MCP_PORT}`;
+    const data = await fetchJson(`${baseUrl}/health`, { timeoutMs: 2000 });
+    return data?.status === 'ok' ? { baseUrl } : null;
+}
+async function probeRemote() {
+    if (!fs.existsSync(CLAUDE_JSON))
+        return null;
+    let claudeConfig;
+    try {
+        claudeConfig = JSON.parse(fs.readFileSync(CLAUDE_JSON, 'utf-8'));
+    }
+    catch {
+        return null;
+    }
+    const channel = claudeConfig?.mcpServers?.['wecom-aibot-channel'];
+    const remoteUrl = channel?.env?.MCP_URL;
+    const remoteToken = channel?.env?.MCP_AUTH_TOKEN;
+    if (!remoteUrl)
+        return null;
+    const baseUrl = remoteUrl.replace(/\/+$/, '');
+    const headers = {};
+    if (remoteToken)
+        headers['Authorization'] = `Bearer ${remoteToken}`;
+    const data = await fetchJson(`${baseUrl}/health`, { timeoutMs: 5000, headers });
+    if (data?.status !== 'ok')
+        return null;
+    return remoteToken ? { baseUrl, authHeader: `Bearer ${remoteToken}` } : { baseUrl };
+}
+function authedHeaders(ep, extra) {
+    const h = { ...(extra || {}) };
+    if (ep.authHeader)
+        h['Authorization'] = ep.authHeader;
+    return h;
+}
+function extractStringField(obj, ...keys) {
+    for (const k of keys) {
+        if (typeof obj?.[k] === 'string' && obj[k])
+            return obj[k];
+    }
+    return '';
+}
+function isInProject(toolName, toolInput, projectDir) {
+    if (toolName === 'Bash') {
+        const cmd = toolInput?.command || '';
+        if (cmd.includes(projectDir))
+            return true;
+        const absPaths = cmd.match(/(^|[ \t])(\/[A-Za-z0-9][^ \t>|;&]*|[A-Za-z]:\\[^ \t>|;&]+)/g) || [];
+        const safe = (p) => p.startsWith(projectDir) ||
+            /^(\/tmp\/|\/var\/tmp\/|\/dev\/null|\/dev\/std|\/dev\/fd\/)/.test(p) ||
+            /^[A-Za-z]:\\(Users\\[^\\]+\\AppData\\Local\\Temp\\|Windows\\Temp\\)/i.test(p);
+        const outside = absPaths.map(s => s.trim()).filter(p => !safe(p));
+        if (absPaths.length > 0 && outside.length > 0)
+            return false;
+        // 无可疑外部路径 → 以 cwd 为准
+        return process.cwd().startsWith(projectDir);
+    }
+    if (toolName === 'Write' || toolName === 'Edit') {
+        const fp = extractStringField(toolInput, 'file_path');
+        return !fp || fp.startsWith(projectDir) || !path.isAbsolute(fp);
+    }
+    const fp = extractStringField(toolInput, 'file_path', 'path', 'directory');
+    if (!fp)
+        return true; // 无路径信息时倾向放行
+    return fp.startsWith(projectDir) || !path.isAbsolute(fp);
+}
+function isDeleteCommand(toolName, toolInput) {
+    if (toolName !== 'Bash')
+        return false;
+    const cmd = (toolInput?.command || '').toString();
+    const firstLine = cmd.split('\n')[0] || '';
+    return /(^|[;&|(]\s*)(rm\s|rmdir\s|del\s|Remove-Item\s)/i.test(firstLine);
+}
+async function notifyTimeout(ep, taskId, result, reason) {
+    await fetchJson(`${ep.baseUrl}/approval_timeout/${taskId}`, {
+        method: 'POST',
+        timeoutMs: 5000,
+        headers: authedHeaders(ep, { 'Content-Type': 'application/json' }),
+        body: JSON.stringify({ result, reason }),
+    });
+}
+async function main() {
+    const raw = readStdinSync();
+    let input = {};
+    try {
+        input = raw ? JSON.parse(raw) : {};
+    }
+    catch {
+        log('stdin not JSON, exit 0');
+        process.exit(0);
+    }
+    const toolName = input?.tool_name || '';
+    log(`tool_name=${toolName}`);
+    // MCP 工具：放行
+    if (toolName.startsWith('mcp__')) {
+        emit({ behavior: 'allow' });
+        return;
+    }
+    // 只读工具：放行
+    const readOnly = new Set([
+        'Read', 'Glob', 'Grep', 'LS', 'TaskList', 'TaskGet', 'TaskOutput', 'TaskStop',
+        'CronList', 'CronCreate', 'CronDelete', 'AskUserQuestion', 'Skill',
+        'ListMcpResourcesTool', 'EnterPlanMode', 'ExitPlanMode',
+        'WebSearch', 'WebFetch', 'NotebookEdit',
+    ]);
+    if (readOnly.has(toolName)) {
+        emit({ behavior: 'allow' });
+        return;
+    }
+    // 沿进程树查 active-projects.json
+    const projectDir = findProjectFromActiveIndex(process.ppid || process.pid);
+    if (!projectDir) {
+        log('No active project match');
+        process.exit(0);
+    }
+    const configFile = path.join(projectDir, '.claude', 'wecom-aibot.json');
+    if (!fs.existsSync(configFile)) {
+        log('No wecom-aibot.json in project');
+        process.exit(0);
+    }
+    let cfg;
+    try {
+        cfg = JSON.parse(fs.readFileSync(configFile, 'utf-8'));
+    }
+    catch {
+        process.exit(0);
+    }
+    if (cfg?.wechatMode !== true) {
+        log('wechatMode not true');
+        process.exit(0);
+    }
+    const mode = cfg?.mode === 'channel' ? 'channel' : 'http';
+    const endpoint = mode === 'channel'
+        ? (await probeRemote())
+        : ((await probeLocal()) || (await probeRemote()));
+    if (!endpoint) {
+        log('No reachable MCP server');
+        process.exit(0);
+    }
+    // 提交审批
+    const body = {
+        tool_name: toolName,
+        tool_input: input?.tool_input ?? {},
+        projectDir,
+        robotName: cfg?.robotName || '',
+        ccId: cfg?.ccId || '',
+    };
+    const approveRes = await fetchJson(`${endpoint.baseUrl}/approve`, {
+        method: 'POST',
+        timeoutMs: 10000,
+        headers: authedHeaders(endpoint, { 'Content-Type': 'application/json' }),
+        body: JSON.stringify(body),
+    });
+    const taskId = approveRes?.taskId || '';
+    if (!taskId) {
+        log('No taskId returned');
+        process.exit(0);
+    }
+    // 轮询
+    const timeoutSec = Number(cfg?.autoApproveTimeout) || 300;
+    const maxPoll = Math.max(1, Math.ceil(timeoutSec / 2));
+    log(`Polling taskId=${taskId} maxPoll=${maxPoll}`);
+    for (let i = 0; i < maxPoll; i++) {
+        await new Promise(r => setTimeout(r, 2000));
+        const data = await fetchJson(`${endpoint.baseUrl}/approval_status/${taskId}`, {
+            timeoutMs: 3000,
+            headers: authedHeaders(endpoint),
+        });
+        const result = data?.result;
+        if (result === 'allow-once' || result === 'allow-always') {
+            emit({ behavior: 'allow' });
+            return;
+        }
+        if (result === 'deny') {
+            emit({ behavior: 'deny', message: '用户拒绝' });
+            return;
+        }
+    }
+    // 超时智能决策
+    const toolInput = input?.tool_input ?? {};
+    if (isDeleteCommand(toolName, toolInput)) {
+        await notifyTimeout(endpoint, taskId, 'deny', '超时自动拒绝：删除操作需人工确认');
+        emit({ behavior: 'deny', message: '超时自动拒绝：删除操作需人工确认' });
+        return;
+    }
+    if (isInProject(toolName, toolInput, projectDir)) {
+        await notifyTimeout(endpoint, taskId, 'allow-once', '超时自动允许：项目内操作');
+        emit({ behavior: 'allow', message: '超时自动允许：项目内操作' });
+        return;
+    }
+    await notifyTimeout(endpoint, taskId, 'deny', '超时自动拒绝：项目外操作需人工确认');
+    emit({ behavior: 'deny', message: '超时自动拒绝：项目外操作需人工确认' });
+}
+main().catch(err => {
+    log(`hook error: ${err?.message || err}`);
+    // 任何错误都让 Claude 继续（exit 0 表示不干预）
+    process.exit(0);
+});

package/dist/hooks/stop-hook.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/hooks/stop-hook.js

@@ -0,0 +1,101 @@
+#!/usr/bin/env node
+/**
+ * wecom-aibot-mcp Stop hook (Node.js, 跨平台)
+ *
+ * Claude 准备停止时触发。如果当前项目处于微信模式，输出 exit code 2 阻止停止，
+ * 同时通过 stderr 提示 Claude 调用 get_pending_messages 恢复轮询。
+ */
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+const MCP_PORT = 18963;
+const HOME = os.homedir();
+const DEBUG_FILE = path.join(HOME, '.wecom-aibot-mcp', 'debug');
+const CLAUDE_JSON = path.join(HOME, '.claude.json');
+function log(msg) {
+    if (fs.existsSync(DEBUG_FILE)) {
+        process.stderr.write(`[${new Date().toISOString()}] [stop] ${msg}\n`);
+    }
+}
+function readStdinSync() {
+    const chunks = [];
+    try {
+        const buf = Buffer.alloc(65536);
+        while (true) {
+            const n = fs.readSync(0, buf, 0, buf.length, null);
+            if (!n)
+                break;
+            chunks.push(Buffer.from(buf.subarray(0, n)));
+        }
+    }
+    catch { /* ignore */ }
+    return Buffer.concat(chunks).toString('utf-8');
+}
+async function fetchHealth(url, headers, timeoutMs = 2000) {
+    const ctrl = new AbortController();
+    const t = setTimeout(() => ctrl.abort(), timeoutMs);
+    try {
+        const res = await fetch(`${url}/health`, { signal: ctrl.signal, headers });
+        if (!res.ok)
+            return false;
+        const data = await res.json().catch(() => null);
+        return data?.status === 'ok';
+    }
+    catch {
+        return false;
+    }
+    finally {
+        clearTimeout(t);
+    }
+}
+async function main() {
+    // 消费 stdin（Claude 会传 stop 事件 JSON，我们不需要内容）
+    readStdinSync();
+    const projectDir = process.cwd();
+    const configFile = path.join(projectDir, '.claude', 'wecom-aibot.json');
+    if (!fs.existsSync(configFile)) {
+        log('no config, allow stop');
+        process.exit(0);
+    }
+    let cfg;
+    try {
+        cfg = JSON.parse(fs.readFileSync(configFile, 'utf-8'));
+    }
+    catch {
+        process.exit(0);
+    }
+    if (cfg?.wechatMode !== true) {
+        log('wechatMode not true, allow stop');
+        process.exit(0);
+    }
+    const ccId = cfg?.ccId || '';
+    if (!ccId) {
+        log('no ccId, allow stop');
+        process.exit(0);
+    }
+    // 探测 daemon 是否在线，离线就允许停止
+    let alive = await fetchHealth(`http://127.0.0.1:${MCP_PORT}`);
+    if (!alive && fs.existsSync(CLAUDE_JSON)) {
+        try {
+            const claudeConfig = JSON.parse(fs.readFileSync(CLAUDE_JSON, 'utf-8'));
+            const channel = claudeConfig?.mcpServers?.['wecom-aibot-channel'];
+            const remoteUrl = channel?.env?.MCP_URL;
+            const token = channel?.env?.MCP_AUTH_TOKEN;
+            if (remoteUrl) {
+                const headers = {};
+                if (token)
+                    headers['Authorization'] = `Bearer ${token}`;
+                alive = await fetchHealth(remoteUrl.replace(/\/+$/, ''), headers, 5000);
+            }
+        }
+        catch { /* ignore */ }
+    }
+    if (!alive) {
+        log('MCP server offline, allow stop');
+        process.exit(0);
+    }
+    log(`WeChat mode active, blocking stop for ccId=${ccId}`);
+    process.stderr.write(`任务已完成，请调用 mcp__wecom-aibot__get_pending_messages(cc_id="${ccId}", timeout_ms=30000) 恢复微信消息轮询\n`);
+    process.exit(2);
+}
+main().catch(() => process.exit(0));

package/dist/http-server.js

@@ -31,8 +31,8 @@ const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 // 固定端口
 export const HTTP_PORT = 18963;
-// Hook 脚本路径
-export const HOOK_SCRIPT_PATH = path.join(os.homedir(), '.wecom-aibot-mcp', 'permission-hook.sh');
+// Hook 脚本路径（v3.0+ 改用 Node.js 脚本，跨平台）
+export const HOOK_SCRIPT_PATH = path.join(os.homedir(), '.wecom-aibot-mcp', 'permission-hook.js');
 let httpServer = null;
 let startTime = 0;
 // Session ID 生成器（MCP SSE 使用）

package/dist/platform.d.ts

@@ -0,0 +1,14 @@
+/** 通过 fetch /health 探测 daemon 是否在该端口监听（跨平台） */
+export declare function isDaemonAlive(port: number, timeoutMs?: number): Promise<boolean>;
+/** 取指定 PID 的父进程 PID；不存在返回 0 */
+export declare function getParentPid(pid: number): number;
+/** 取指定 PID 的可执行文件名（comm 字段，如 "claude" / "node") */
+export declare function getProcessName(pid: number): string;
+/**
+ * 沿进程树向上查找 Claude Code 进程的 PID。
+ * 用于 channel-server 注册 active-projects 时定位真正的 TUI 进程
+ * （npx 安装下 process.ppid 是 npx 不是 claude）。
+ */
+export declare function findClaudePid(startPid: number, maxDepth?: number): number;
+/** 进程是否还在（process.kill(pid, 0) 在 Win/Unix 都可用） */
+export declare function isProcessAlive(pid: number): boolean;

package/dist/platform.js

@@ -0,0 +1,107 @@
+/**
+ * 跨平台辅助函数（Windows / macOS / Linux）
+ *
+ * 用于替代 ps / lsof / ss / kill 等 Unix 专属命令，
+ * 让 daemon 启停、Claude 进程树查找在 Windows 也能工作。
+ */
+import { execSync } from 'child_process';
+const IS_WIN = process.platform === 'win32';
+/** 通过 fetch /health 探测 daemon 是否在该端口监听（跨平台） */
+export async function isDaemonAlive(port, timeoutMs = 1500) {
+    try {
+        const ctrl = new AbortController();
+        const t = setTimeout(() => ctrl.abort(), timeoutMs);
+        const res = await fetch(`http://127.0.0.1:${port}/health`, { signal: ctrl.signal });
+        clearTimeout(t);
+        if (!res.ok)
+            return false;
+        const data = await res.json().catch(() => ({}));
+        return data?.status === 'ok';
+    }
+    catch {
+        return false;
+    }
+}
+/** 取指定 PID 的父进程 PID；不存在返回 0 */
+export function getParentPid(pid) {
+    if (!pid || pid <= 1)
+        return 0;
+    try {
+        if (IS_WIN) {
+            // 输出形如:
+            //   ParentProcessId
+            //   1234
+            const out = execSync(`wmic process where ProcessId=${pid} get ParentProcessId /value`, {
+                stdio: ['ignore', 'pipe', 'ignore'],
+            }).toString();
+            const m = out.match(/ParentProcessId=(\d+)/);
+            return m ? parseInt(m[1], 10) : 0;
+        }
+        else {
+            const out = execSync(`ps -o ppid= -p ${pid}`, {
+                stdio: ['ignore', 'pipe', 'ignore'],
+            }).toString().trim();
+            return parseInt(out, 10) || 0;
+        }
+    }
+    catch {
+        return 0;
+    }
+}
+/** 取指定 PID 的可执行文件名（comm 字段，如 "claude" / "node") */
+export function getProcessName(pid) {
+    if (!pid || pid <= 1)
+        return '';
+    try {
+        if (IS_WIN) {
+            // wmic process where ProcessId=N get Name /value -> Name=node.exe
+            const out = execSync(`wmic process where ProcessId=${pid} get Name /value`, {
+                stdio: ['ignore', 'pipe', 'ignore'],
+            }).toString();
+            const m = out.match(/Name=(.+?)\s*$/m);
+            return (m ? m[1] : '').trim();
+        }
+        else {
+            return execSync(`ps -p ${pid} -o comm=`, {
+                stdio: ['ignore', 'pipe', 'ignore'],
+            }).toString().trim();
+        }
+    }
+    catch {
+        return '';
+    }
+}
+/**
+ * 沿进程树向上查找 Claude Code 进程的 PID。
+ * 用于 channel-server 注册 active-projects 时定位真正的 TUI 进程
+ * （npx 安装下 process.ppid 是 npx 不是 claude）。
+ */
+export function findClaudePid(startPid, maxDepth = 8) {
+    let pid = startPid;
+    for (let i = 0; i < maxDepth; i++) {
+        if (!pid || pid <= 1)
+            break;
+        const name = getProcessName(pid).toLowerCase();
+        // Win 上是 "claude.exe"；Unix 上可能是 "claude" 或绝对路径末尾 "/claude"
+        if (name === 'claude' || name === 'claude.exe' || name.endsWith('/claude') || name.endsWith('\\claude.exe')) {
+            return pid;
+        }
+        const parent = getParentPid(pid);
+        if (!parent || parent === pid)
+            break;
+        pid = parent;
+    }
+    return startPid;
+}
+/** 进程是否还在（process.kill(pid, 0) 在 Win/Unix 都可用） */
+export function isProcessAlive(pid) {
+    if (!pid)
+        return false;
+    try {
+        process.kill(pid, 0);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}

package/dist/project-config.js

@@ -253,14 +253,19 @@ export function getProjectSettingsPath(projectDir) {
 // Hook 脚本路径（统一定义）
 // ============================================
 const CONFIG_DIR = path.join(os.homedir(), '.wecom-aibot-mcp');
-export const PERMISSION_HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'permission-hook.sh');
-export const STOP_HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'stop-hook.sh');
+// v3.0+：hook 改用 Node.js 脚本，跨平台运行
+export const PERMISSION_HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'permission-hook.js');
+export const STOP_HOOK_SCRIPT_PATH = path.join(CONFIG_DIR, 'stop-hook.js');
+// settings.json 中 hook 命令格式：node "path"（路径 quote 兼容含空格的 Windows 路径）
+function nodeHookCommand(scriptPath) {
+    return `node "${scriptPath}"`;
+}
 /**
  * PermissionRequest hook 配置
  */
 const PERMISSION_HOOK = {
     matcher: '',
-    hooks: [{ type: 'command', command: PERMISSION_HOOK_SCRIPT_PATH, timeout: 3600 }],
+    hooks: [{ type: 'command', command: nodeHookCommand(PERMISSION_HOOK_SCRIPT_PATH), timeout: 3600 }],
 };
 /**
  * Stop hook 配置
@@ -268,7 +273,7 @@ const PERMISSION_HOOK = {
  */
 const STOP_HOOK = {
     matcher: '',
-    hooks: [{ type: 'command', command: STOP_HOOK_SCRIPT_PATH }],
+    hooks: [{ type: 'command', command: nodeHookCommand(STOP_HOOK_SCRIPT_PATH) }],
 };
 /**
  * 进入微信模式时默认预批的 MCP 工具通配（避免每次都走 hook 增加延迟）

package/dist/tools/index.js

@@ -253,7 +253,7 @@ npx @vrs-soft/wecom-aibot-mcp
                             hooks: {
                                 file: '~/.claude/settings.local.json',
                                 PermissionRequest: {
-                                    script: '~/.wecom-aibot-mcp/permission-hook.sh',
+                                    script: '~/.wecom-aibot-mcp/permission-hook.js',
                                     description: '审批请求通过微信发送',
                                 },
                             },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vrs-soft/wecom-aibot-mcp",
-  "version": "2.4.26",
+  "version": "3.0.0-rc.0",
   "description": "企业微信智能机器人 MCP 服务 - Claude Code 审批通道",
   "type": "module",
   "main": "dist/index.js",