@ynhcj/xiaoyi-channel 0.0.155-beta → 0.0.155-next

package/dist/src/bot.js

@@ -1,6 +1,6 @@
 import { getXYRuntime } from "./runtime.js";
 import { createXYReplyDispatcher } from "./reply-dispatcher.js";
-import { parseA2AMessage, extractTextFromParts, extractFileParts, extractPushId, extractDeviceType, extractTriggerData, extractRunCrossTaskContext } from "./parser.js";
+import { parseA2AMessage, extractTextFromParts, extractFileParts, extractPushId, extractDeviceType, extractModelName, extractTriggerData, extractRunCrossTaskContext } from "./parser.js";
 import { downloadFilesFromParts } from "./file-download.js";
 import { resolveXYConfig } from "./config.js";
 import { sendStatusUpdate, sendClearContextResponse, sendTasksCancelResponse, sendA2AResponse } from "./formatter.js";
@@ -32,9 +32,10 @@ export async function handleXYMessage(params) {
     try {
         // Check for special messages BEFORE parsing (these have different param structures)
         const messageMethod = message.method;
-        // Handle clearContext messages (params only has sessionId)
+        logger.log(`[BOT] Received A2A message: ${JSON.stringify(message)}`);
+        // Handle clearContext messages (sessionId at top level, no params)
         if (messageMethod === "clearContext" || messageMethod === "clear_context") {
-            const sessionId = message.params?.sessionId;
+            const sessionId = message.sessionId ?? message.params?.sessionId;
             if (!sessionId) {
                 throw new Error("clearContext request missing sessionId in params");
             }
@@ -48,9 +49,9 @@ export async function handleXYMessage(params) {
             });
             return;
         }
-        // Handle tasks/cancel messages
+        // Handle tasks/cancel messages (sessionId at top level, no params)
         if (messageMethod === "tasks/cancel" || messageMethod === "tasks_cancel") {
-            const sessionId = message.params?.sessionId;
+            const sessionId = message.sessionId ?? message.params?.sessionId;
             const taskId = message.params?.id || message.id;
             if (!sessionId) {
                 throw new Error("tasks/cancel request missing sessionId in params");
@@ -138,6 +139,11 @@ export async function handleXYMessage(params) {
         if (deviceType) {
             log.log(`[BOT] Extracted deviceType: ${deviceType}`);
         }
+        // Extract modelName if present (used by provider.ts to override model.id)
+        const modelName = extractModelName(parsed.parts);
+        if (modelName) {
+            log.log(`[BOT] Extracted modelName: ${modelName}`);
+        }
         const runCrossTaskContext = extractRunCrossTaskContext(parsed.parts);
         // Resolve configuration (needed for status updates)
         const config = resolveXYConfig(cfg);
@@ -164,6 +170,7 @@ export async function handleXYMessage(params) {
                 messageId: parsed.messageId,
                 agentId: route.accountId,
                 deviceType,
+                modelName,
                 runCrossTaskContext: runCrossTaskContext ?? undefined,
             });
             // 🔑 发送初始状态更新
@@ -311,6 +318,7 @@ export async function handleXYMessage(params) {
             messageId: parsed.messageId,
             agentId: route.accountId,
             deviceType,
+            modelName,
             runCrossTaskContext: runCrossTaskContext ?? undefined,
         };
         log.log(`[BOT-DISPATCH] withReplyDispatcher starting, sessionKey=${route.sessionKey}`);

package/dist/src/cron-query-handler.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Handle a cron-query-event.
+ *
+ * Calls the Gateway cron RPC and sends the result back through sendCommand
+ * as a System.CronQuery command with the full result object in payload.ans.
+ */
+export declare function handleCronQueryEvent(context: any, cfg: any): Promise<void>;

package/dist/src/cron-query-handler.js

@@ -0,0 +1,188 @@
+// Cron query event handler.
+// Listens for cron-query-event from the WebSocket manager,
+// calls Gateway cron RPC via callGatewayTool, and sends the
+// result back to the client via sendCommand as a System.CronQuery
+// command with the result in payload.ans.
+import { callGatewayTool } from "openclaw/plugin-sdk/agent-harness-runtime";
+import * as os from "os";
+import { sendCommand } from "./formatter.js";
+import { resolveXYConfig } from "./config.js";
+import { logger } from "./utils/logger.js";
+import { readFileSync, readdirSync } from "fs";
+import { join } from "path";
+const GATEWAY_TIMEOUT_MS = 60_000;
+/**
+ * Handle a cron-query-event.
+ *
+ * Calls the Gateway cron RPC and sends the result back through sendCommand
+ * as a System.CronQuery command with the full result object in payload.ans.
+ */
+export async function handleCronQueryEvent(context, cfg) {
+    const { action, jobId, params, sessionId, taskId, messageId } = context;
+    logger.log(`[CRON-QUERY] Received event: action=${action}, jobId=${jobId ?? "(none)"}`);
+    let result;
+    let error;
+    try {
+        switch (action) {
+            case "list":
+                result = await callGatewayTool("cron.list", { timeoutMs: GATEWAY_TIMEOUT_MS }, params ?? {});
+                break;
+            case "status":
+                result = await callGatewayTool("cron.status", { timeoutMs: GATEWAY_TIMEOUT_MS }, {});
+                break;
+            case "runs":
+                result = await callGatewayTool("cron.runs", { timeoutMs: GATEWAY_TIMEOUT_MS }, {
+                    jobId,
+                    ...params,
+                });
+                break;
+            case "add":
+                result = await callGatewayTool("cron.add", { timeoutMs: GATEWAY_TIMEOUT_MS }, params ?? {});
+                break;
+            case "update":
+                result = await callGatewayTool("cron.update", { timeoutMs: GATEWAY_TIMEOUT_MS }, {
+                    jobId,
+                    ...params,
+                });
+                break;
+            case "remove":
+                result = await callGatewayTool("cron.remove", { timeoutMs: GATEWAY_TIMEOUT_MS }, {
+                    jobId,
+                });
+                break;
+            case "run":
+                result = await callGatewayTool("cron.run", { timeoutMs: GATEWAY_TIMEOUT_MS }, {
+                    jobId,
+                    mode: "force",
+                    ...params,
+                });
+                break;
+            case "queryTimeList":
+                result = await queryTimeListLocal();
+                break;
+            default:
+                error = `Unknown action: ${context.action}`;
+                logger.error(`[CRON-QUERY] ${error}`);
+                result = { error };
+        }
+    }
+    catch (err) {
+        error = err instanceof Error ? err.message : String(err);
+        logger.error(`[CRON-QUERY] RPC call failed for action=${action}:`, err);
+        result = { error };
+    }
+    // Log the result
+    logger.log(`[CRON-QUERY] RPC result for action=${action}: ${JSON.stringify(result, null, 2)}`);
+    // Send result back via sendCommand as System.CronQuery with payload.ans
+    if (cfg && sessionId && taskId && messageId) {
+        try {
+            const config = resolveXYConfig(cfg);
+            const command = {
+                header: {
+                    namespace: "AgentEvent",
+                    name: "CronQuery",
+                },
+                payload: {
+                    action,
+                    ans: result,
+                },
+            };
+            await sendCommand({
+                config,
+                sessionId,
+                taskId,
+                messageId,
+                command,
+                final: true,
+            });
+            logger.log(`[CRON-QUERY] Sent response via sendCommand, action=${action}`);
+        }
+        catch (sendErr) {
+            logger.error(`[CRON-QUERY] Failed to send response via sendCommand:`, sendErr);
+        }
+    }
+    else {
+        logger.warn(`[CRON-QUERY] Missing cfg/sessionId/taskId/messageId, skipping sendCommand`);
+    }
+}
+/**
+ * Read local cron folder directly (bypassing openclaw RPC) and return
+ * run records from the last 7 days, grouped by date and sorted by time.
+ *
+ * Data sources:
+ *   - state/cron/jobs.json   → job id → name mapping
+ *   - state/cron/runs/*.jsonl → run records (one JSON per line)
+ *
+ * Return format:
+ *   [ { "YYYY-MM-DD": [ { run record with .name }, ... ] }, ... ]
+ */
+async function queryTimeListLocal() {
+    const cronDir = join(os.homedir(), ".openclaw", "cron");
+    const jobsPath = join(cronDir, "jobs.json");
+    const runsDir = join(cronDir, "runs");
+    // 1. Build jobId → name map from jobs.json
+    const jobNameMap = {};
+    try {
+        const jobsRaw = readFileSync(jobsPath, "utf-8");
+        const jobsData = JSON.parse(jobsRaw);
+        for (const job of jobsData.jobs || []) {
+            jobNameMap[job.id] = job.name || job.id;
+        }
+    }
+    catch (err) {
+        logger.error(`[CRON-QUERY] Failed to read jobs.json: ${err.message}`);
+    }
+    // 2. Read all run files, collect runs within last 7 days
+    const sevenDaysAgo = Date.now() - 7 * 24 * 60 * 60 * 1000;
+    const allRuns = [];
+    let files = [];
+    try {
+        files = readdirSync(runsDir);
+    }
+    catch {
+        files = [];
+    }
+    for (const file of files) {
+        if (!file.endsWith(".jsonl"))
+            continue;
+        try {
+            const content = readFileSync(join(runsDir, file), "utf-8");
+            const lines = content.trim().split("\n");
+            for (const line of lines) {
+                if (!line.trim())
+                    continue;
+                try {
+                    const run = JSON.parse(line);
+                    if (run.ts && run.ts >= sevenDaysAgo) {
+                        run.name = jobNameMap[run.jobId] || run.jobId || "";
+                        allRuns.push(run);
+                    }
+                }
+                catch {
+                    // skip malformed line
+                }
+            }
+        }
+        catch (err) {
+            logger.error(`[CRON-QUERY] Failed to read run file ${file}: ${err.message}`);
+        }
+    }
+    // 3. Sort by ts ascending
+    allRuns.sort((a, b) => a.ts - b.ts);
+    // 4. Group by date (YYYY-MM-DD in local time)
+    const grouped = new Map();
+    for (const run of allRuns) {
+        const d = new Date(run.ts);
+        const label = `${d.getFullYear()}-${String(d.getMonth() + 1).padStart(2, "0")}-${String(d.getDate()).padStart(2, "0")}`;
+        if (!grouped.has(label)) {
+            grouped.set(label, []);
+        }
+        grouped.get(label).push(run);
+    }
+    // 5. Convert to ordered array of single-key objects
+    const result = [];
+    for (const [date, runs] of grouped) {
+        result.push({ [date]: runs });
+    }
+    return result;
+}

package/dist/src/cspl/call_api.d.ts

@@ -1,2 +1,2 @@
 import { ApiResponse } from './constants.js';
-export declare function callApi(questionText: string, api: any, sessionId: string): Promise<ApiResponse>;
+export declare function callApi(questionText: string, api: any, sessionId: string, action: string): Promise<ApiResponse>;

package/dist/src/cspl/call_api.js

@@ -78,13 +78,13 @@ function handleResponse(res, resolve, reject) {
         }
     });
 }
-export async function callApi(questionText, api, sessionId) {
+export async function callApi(questionText, api, sessionId, action) {
     const config = getConfig(api);
     const headersForCelia = buildHeadersForCelia(config, sessionId);
     const payload = {
         questionText: questionText,
         textSource: config.textSource,
-        action: config.action,
+        action: action,
         extra: `${JSON.stringify({ userId: config.uid })}`
     };
     const httpBody = JSON.stringify(payload);

package/dist/src/cspl/config.js

@@ -2,9 +2,9 @@
  * 版权所有 (c) 华为技术有限公司 2026-2026
  */
 import fs from 'fs';
-import { ENV_FILE_PATH, REQUIRED_ENV_VARS } from './constants.js';
+import path from 'path';
+import { CONFIG_FILE_NAME, ENV_FILE_PATH, REQUIRED_ENV_VARS } from './constants.js';
 import { logger } from '../utils/logger.js';
-import defaultConfig from './configs.json' with { type: 'json' };
 let cachedConfig = null;
 function readEnvFile() {
     if (!fs.existsSync(ENV_FILE_PATH)) {
@@ -41,25 +41,45 @@ export function getConfig(api) {
     if (cachedConfig) {
         return cachedConfig;
     }
-    // Use imported JSON (bundled at compile time, no runtime file read needed)
-    const config = { ...defaultConfig };
+    const configPath = path.join(__dirname, CONFIG_FILE_NAME);
+    if (!fs.existsSync(configPath)) {
+        throw new Error(`Config file not found: ${CONFIG_FILE_NAME}`);
+    }
+    let configData;
+    try {
+        configData = fs.readFileSync(configPath, 'utf-8');
+    }
+    catch (error) {
+        throw new Error(`Failed to read config file: ${CONFIG_FILE_NAME}.`);
+    }
+    let parsedConfig;
+    try {
+        parsedConfig = JSON.parse(configData);
+    }
+    catch (error) {
+        throw new Error(`Failed to parse config file: ${CONFIG_FILE_NAME}.`);
+    }
+    if (!parsedConfig || typeof parsedConfig !== 'object') {
+        throw new Error(`Invalid config structure: ${CONFIG_FILE_NAME}. Expected an object.`);
+    }
+    const config = parsedConfig;
     if (!config.api || typeof config.api !== 'object') {
-        throw new Error(`Invalid config: missing or invalid 'api' section`);
+        throw new Error(`Invalid config: missing or invalid 'api' section in ${CONFIG_FILE_NAME}`);
     }
     if (!config.api.timeout || typeof config.api.timeout !== 'number') {
-        throw new Error(`Invalid config: missing or invalid 'api.timeout'`);
+        throw new Error(`Invalid config: missing or invalid 'api.timeout' in ${CONFIG_FILE_NAME}`);
     }
     if (!config.skillId || typeof config.skillId !== 'string') {
-        throw new Error(`Invalid config: missing or invalid 'skillId'`);
+        throw new Error(`Invalid config: missing or invalid 'skillId' in ${CONFIG_FILE_NAME}`);
     }
     if (!config.requestFrom || typeof config.requestFrom !== 'string') {
-        throw new Error(`Invalid config: missing or invalid 'requestFrom'`);
+        throw new Error(`Invalid config: missing or invalid 'requestFrom' in ${CONFIG_FILE_NAME}`);
     }
     if (!config.textSource || typeof config.textSource !== 'string') {
-        throw new Error(`Invalid config: missing or invalid 'textSource'`);
+        throw new Error(`Invalid config: missing or invalid 'textSource' in ${CONFIG_FILE_NAME}`);
     }
     if (!config.action || typeof config.action !== 'string') {
-        throw new Error(`Invalid config: missing or invalid 'action'`);
+        throw new Error(`Invalid config: missing or invalid 'action' in ${CONFIG_FILE_NAME}`);
     }
     let env;
     try {

package/dist/src/cspl/constants.d.ts

@@ -29,6 +29,7 @@ export declare const ENV_FILE_PATH = "/home/sandbox/.openclaw/.xiaoyienv";
 export declare const API_URL_SUFFIX = "/celia-claw/v1/rest-api/skill/execute";
 export declare const REQUIRED_ENV_VARS: string[];
 export declare const ALLOWED_TOOLS: string[];
+export declare const STEER_ABORT_MESSAGE = "\u5F53\u524D\u884C\u4E3A\u5B58\u5728\u5B89\u5168\u9690\u60A3\uFF0C\u7EC8\u6B62\u6240\u6709\u64CD\u4F5C\uFF0C\u5E76\u4E14\u5728\u6700\u7EC8\u56DE\u590D\u4E2D\u8BF4\u660E\uFF0C\u8BC6\u522B\u5230\u5F53\u524D\u6D41\u7A0B\u4E2D\u5B58\u5728\u6F5C\u5728\u5B89\u5168\u98CE\u9669\uFF0C\u5DF2\u5E2E\u60A8\u4E2D\u6B62\u5F53\u524D\u6D41\u7A0B\uFF0C\u8BF7\u6E05\u7A7A\u4E0A\u4E0B\u6587\u540E\u91CD\u8BD5";
 export declare const MAX_FILE_COUNT = 10;
 export declare const MAX_COMMAND_LENGTH = 1024;
 export declare const CODE_FILE_EXTENSIONS: string[];
@@ -42,6 +43,8 @@ export declare const TOOL_INPUT_DEFAULT: {
     readonly source: "";
     readonly content: "";
 };
+export declare const TOOL_INPUT_ACTION = "TOOL_INPUT_SCAN";
+export declare const TOOL_OUTPUT_ACTION = "TOOL_OUTPUT_SCAN";
 export declare const MAX_TIMES = 3;
 export declare const CONNECT_TIMEOUT = 15000;
 export declare const READ_TIMEOUT = 300000;

package/dist/src/cspl/constants.js

@@ -28,6 +28,8 @@ export const API_URL_SUFFIX = '/celia-claw/v1/rest-api/skill/execute';
 export const REQUIRED_ENV_VARS = ['PERSONAL-API-KEY', 'PERSONAL-UID', 'SERVICE_URL'];
 // 工具白名单：除了web_fetch特殊处理外，只有这些工具才处理result文本
 export const ALLOWED_TOOLS = ['web_fetch', 'read', 'pdf', 'exec', 'message'];
+// Steer 注入话术：CSPL REJECT 时通过 steer 插话打断模型
+export const STEER_ABORT_MESSAGE = '当前行为存在安全隐患，终止所有操作，并且在最终回复中说明，识别到当前流程中存在潜在安全风险，已帮您中止当前流程，请清空上下文后重试';
 // 文件数量限制
 export const MAX_FILE_COUNT = 10;
 // 命令字符串截断长度（字节）
@@ -45,6 +47,9 @@ export const TOOL_INPUT_DEFAULT = {
     source: '',
     content: ''
 };
+// 安全扫描 action 常量
+export const TOOL_INPUT_ACTION = 'TOOL_INPUT_SCAN';
+export const TOOL_OUTPUT_ACTION = 'TOOL_OUTPUT_SCAN';
 // OBS上传相关常量
 export const MAX_TIMES = 3;
 export const CONNECT_TIMEOUT = 15000;

package/dist/src/cspl/sentinel_hook.js

@@ -4,8 +4,10 @@
 import crypto from 'crypto';
 import { callApi } from './call_api.js';
 import { processText, extractResultText, validateAndTruncateText, parseSecurityResult, handleExecToolInput, handleMessageToolInput, handleOtherToolInput } from './utils.js';
-import { ALLOWED_TOOLS, MAX_TEXT_LENGTH, MAX_TOTAL_LENGTH, MIN_TEXT_LENGTH } from './constants.js';
+import { ALLOWED_TOOLS, MAX_TEXT_LENGTH, MAX_TOTAL_LENGTH, MIN_TEXT_LENGTH, STEER_ABORT_MESSAGE, TOOL_OUTPUT_ACTION } from './constants.js';
 import { logger } from '../utils/logger.js';
+import { getSessionContext } from '../tools/session-manager.js';
+import { tryInjectSteer } from './steer-context.js';
 // 主入口模块
 export default function register(api) {
     api.on("before_tool_call", async (event, ctx) => {
@@ -13,16 +15,21 @@ export default function register(api) {
         // 生成sessionID
         const sessionId = (event.runId?.replace(/-/g, '') || crypto.randomBytes(16).toString('hex'));
         logger.log(`[SENTINEL HOOK] Generated Session ID: ${sessionId}`);
-        // 处理 TOOL_INPUT 数据采集、发送数据
+        // 处理 TOOL_INPUT 数据采集、发送数据，根据扫描结果决定是否阻塞
         try {
+            let scanResult = null;
             if (event.toolName === 'exec') {
-                await handleExecToolInput(event, api, sessionId);
+                scanResult = await handleExecToolInput(event, api, sessionId);
             }
             else if (event.toolName === 'message') {
-                await handleMessageToolInput(event, api, sessionId);
+                scanResult = await handleMessageToolInput(event, api, sessionId);
             }
             else {
-                await handleOtherToolInput(event, api, sessionId);
+                scanResult = await handleOtherToolInput(event, api, sessionId);
+            }
+            if (scanResult?.status === 'REJECT') {
+                logger.warn(`[SENTINEL HOOK] TOOL_INPUT REJECT, blocking tool call: ${event.toolName}`);
+                return { block: true, blockReason: `安全扫描检测到风险，已阻止工具调用: ${event.toolName}` };
             }
         }
         catch (error) {
@@ -66,11 +73,23 @@ export default function register(api) {
             const postText = JSON.stringify(questionText);
             logger.log(`[SENTINEL HOOK] Content extracted successfully. Length: ${postText.length}`);
             try {
-                const response = await callApi(postText, api, sessionId);
+                const response = await callApi(postText, api, sessionId, TOOL_OUTPUT_ACTION);
                 const result = parseSecurityResult(response);
                 logger.log(`[SENTINEL HOOK] TOOL_OUTPUT response: status=${result.status}.`);
                 if (result.status === 'REJECT') {
-                    logger.warn('[SENTINEL HOOK] Interrupt handler');
+                    logger.warn('[SENTINEL HOOK] REJECT detected, attempting steer injection');
+                    const sessionCtx = ctx.sessionKey ? getSessionContext(ctx.sessionKey) : null;
+                    if (sessionCtx?.sessionId && sessionCtx?.taskId) {
+                        await tryInjectSteer({
+                            sessionId: sessionCtx.sessionId,
+                            taskId: sessionCtx.taskId,
+                            message: STEER_ABORT_MESSAGE,
+                            source: 'cspl',
+                        });
+                    }
+                    else {
+                        logger.warn(`[SENTINEL HOOK] Cannot inject steer: sessionKey=${ctx.sessionKey}, sessionCtx found=${!!sessionCtx}`);
+                    }
                 }
             }
             catch (error) {

package/dist/src/cspl/utils.d.ts

@@ -14,6 +14,12 @@ export declare function extractFilePathsFromCommand(command: string): string[];
 export declare function calculateContentHash(content: string): string;
 export declare function getFileSizeInKB(filePath: string): number;
 export declare function adjustContentLength(data: any, api: OpenClawPluginApi, fields: string[]): any;
-export declare function handleExecToolInput(event: any, api: OpenClawPluginApi, sessionId: string): Promise<string | null>;
-export declare function handleMessageToolInput(event: any, api: OpenClawPluginApi, sessionId: string): Promise<string | null>;
-export declare function handleOtherToolInput(event: any, api: OpenClawPluginApi, sessionId: string): Promise<void>;
+export declare function handleExecToolInput(event: any, api: OpenClawPluginApi, sessionId: string): Promise<{
+    status: 'ACCEPT' | 'REJECT';
+} | null>;
+export declare function handleMessageToolInput(event: any, api: OpenClawPluginApi, sessionId: string): Promise<{
+    status: 'ACCEPT' | 'REJECT';
+} | null>;
+export declare function handleOtherToolInput(event: any, api: OpenClawPluginApi, sessionId: string): Promise<{
+    status: 'ACCEPT' | 'REJECT';
+} | null>;

package/dist/src/cspl/utils.js

@@ -1,7 +1,7 @@
 /*
  * 版权所有 (c) 华为技术有限公司 2026-2026
  */
-import { MAX_TEXT_LENGTH, regex, SECURITY_NOTICE, MAX_FILE_COUNT, MAX_COMMAND_LENGTH, CODE_FILE_EXTENSIONS, TOOL_INPUT_DEFAULT, FILE_EXTENSION_REGEX } from './constants.js';
+import { MAX_TEXT_LENGTH, regex, SECURITY_NOTICE, MAX_FILE_COUNT, MAX_COMMAND_LENGTH, CODE_FILE_EXTENSIONS, TOOL_INPUT_DEFAULT, FILE_EXTENSION_REGEX, TOOL_INPUT_ACTION } from './constants.js';
 import crypto from 'crypto';
 import fs from 'fs';
 import path from 'path';
@@ -213,13 +213,14 @@ export function adjustContentLength(data, api, fields) {
     }
     return adjusted;
 }
-// 发送TOOL_INPUT请求并处理响应
+// 发送TOOL_INPUT请求并处理响应，返回扫描结果
 async function sendToolInputRequest(postText, api, sessionId) {
-    const response = await callApi(postText, api, sessionId);
+    const response = await callApi(postText, api, sessionId, TOOL_INPUT_ACTION);
     const result = parseSecurityResult(response);
     logger.log(`[SENTINEL HOOK] TOOL_INPUT response: status=${result.status}`);
+    return result;
 }
-// 处理exec工具的TOOL_INPUT数据采集
+// 处理exec工具的TOOL_INPUT数据采集，返回最终扫描结果
 export async function handleExecToolInput(event, api, sessionId) {
     const command = extractInputParams(event, 'exec');
     if (!command) {
@@ -232,6 +233,7 @@ export async function handleExecToolInput(event, api, sessionId) {
         // 场景1：执行代码文件
         logger.log(`[SENTINEL HOOK] Found ${filePaths.length} file(s) in command`);
         const nonExistingFiles = [];
+        let lastResult = null;
         for (const filePath of filePaths) {
             if (!fs.existsSync(filePath)) {
                 nonExistingFiles.push(filePath);
@@ -247,7 +249,10 @@ export async function handleExecToolInput(event, api, sessionId) {
             const postText = JSON.stringify(adjustedData);
             logger.log(`[SENTINEL HOOK] Sending TOOL_INPUT for file: ${path.basename(filePath)}, body length: ${postText.length}`);
             try {
-                await sendToolInputRequest(postText, api, sessionId);
+                lastResult = await sendToolInputRequest(postText, api, sessionId);
+                if (lastResult.status === 'REJECT') {
+                    return lastResult;
+                }
             }
             catch (e) {
                 logger.error(`[SENTINEL HOOK] Sending TOOL_INPUT Failed: ${e}`);
@@ -258,6 +263,7 @@ export async function handleExecToolInput(event, api, sessionId) {
             const fileNames = nonExistingFiles.map(f => path.basename(f)).join(', ');
             logger.log(`[SENTINEL HOOK] Non-existing files: ${fileNames}`);
         }
+        return lastResult;
     }
     else {
         // 场景2：直接执行代码（heredoc场景）
@@ -268,10 +274,10 @@ export async function handleExecToolInput(event, api, sessionId) {
         const adjustedData = adjustContentLength(toolInputData, api, ['source']);
         const postText = JSON.stringify(adjustedData);
         logger.log(`[SENTINEL HOOK] Sending TOOL_INPUT for direct code execution, body length: ${postText.length}`);
-        await sendToolInputRequest(postText, api, sessionId);
+        return await sendToolInputRequest(postText, api, sessionId);
     }
 }
-// 处理message工具的TOOL_INPUT数据采集
+// 处理message工具的TOOL_INPUT数据采集，返回扫描结果
 export async function handleMessageToolInput(event, api, sessionId) {
     const message = extractInputParams(event, 'message');
     if (!message) {
@@ -285,14 +291,14 @@ export async function handleMessageToolInput(event, api, sessionId) {
     const adjustedData = adjustContentLength(toolInputData, api, ['content']);
     const postText = JSON.stringify(adjustedData);
     logger.log(`[SENTINEL HOOK] Sending TOOL_INPUT for message, body length: ${postText.length}`);
-    await sendToolInputRequest(postText, api, sessionId);
+    return await sendToolInputRequest(postText, api, sessionId);
 }
-// 处理其他工具（非 exec 和非 message）的 TOOL_INPUT 数据采集
+// 处理其他工具（非 exec 和非 message）的 TOOL_INPUT 数据采集，返回扫描结果
 export async function handleOtherToolInput(event, api, sessionId) {
     const params = event.params;
     if (!params) {
         logger.log('[SENTINEL HOOK] No params found for tool');
-        return;
+        return null;
     }
     logger.log(`[SENTINEL HOOK] Processing other tool input, toolName: ${event.toolName}`);
     // 将 params 序列化为 JSON 字符串
@@ -305,5 +311,5 @@ export async function handleOtherToolInput(event, api, sessionId) {
     const adjustedData = adjustContentLength(toolInputData, api, ['content']);
     const postText = JSON.stringify(adjustedData);
     logger.log(`[SENTINEL HOOK] Sending TOOL_INPUT for ${event.toolName}, body length: ${postText.length}`);
-    await sendToolInputRequest(postText, api, sessionId);
+    return await sendToolInputRequest(postText, api, sessionId);
 }

package/dist/src/file-upload.d.ts

@@ -17,6 +17,11 @@ export declare class XYFileUploadService {
      * Uses completeAndQuery endpoint to get the file URL directly.
      */
     uploadFileAndGetUrl(filePath: string, objectType?: string): Promise<string>;
+    /**
+     * Upload a file and return a preview-able URL (needPreview=true).
+     * Same as uploadFileAndGetUrl but adds needPreview flag to get a directly viewable URL.
+     */
+    uploadFileAndGetPreviewUrl(filePath: string, objectType?: string): Promise<string>;
     /**
      * Upload multiple files and return their file IDs.
      */