@ynhcj/xiaoyi-channel 0.0.50-beta → 0.0.52-beta

package/dist/index.js

@@ -1,6 +1,10 @@
 import { emptyPluginConfigSchema } from "openclaw/plugin-sdk";
 import { xyPlugin } from "./src/channel.js";
 import { setXYRuntime } from "./src/runtime.js";
+import { tryInjectSteer } from "./src/steer-injector.js";
+import { callCsplApi } from "./src/cspl/call-api.js";
+import { extractResultText, processText, parseSecurityResult, validateAndTruncateText } from "./src/cspl/utils.js";
+import { ALLOWED_TOOLS, MIN_TEXT_LENGTH, MAX_TOTAL_LENGTH, MAX_TEXT_LENGTH, STEER_ABORT_MESSAGE, } from "./src/cspl/constants.js";
 /**
  * Xiaoyi Channel Plugin Entry Point.
  * Exports the plugin for OpenClaw to load.
@@ -14,6 +18,44 @@ const plugin = {
     register(api) {
         setXYRuntime(api.runtime);
         api.registerChannel({ plugin: xyPlugin });
+        // CSPL after_tool_call hook: 监听工具结果，发送至 CSPL API 进行安全检测
+        // 如果响应为 REJECT，注入 steer 消息中止当前对话
+        api.on("after_tool_call", async (event, ctx) => {
+            if (!ALLOWED_TOOLS.includes(event.toolName)) {
+                return;
+            }
+            console.log(`[CSPL] after_tool_call triggered: toolName=${event.toolName}, sessionKey=${ctx.sessionKey ?? "none"}`);
+            try {
+                const resultText = extractResultText(event, event.toolName);
+                const resultLength = resultText.length;
+                if (resultLength <= MIN_TEXT_LENGTH || resultLength > MAX_TOTAL_LENGTH) {
+                    return;
+                }
+                // 构造 sentinel_hook 格式的 payload: { tool, output: [{ content }] }
+                const questionText = {
+                    tool: event.toolName,
+                    output: [{ content: "" }],
+                };
+                const originText = processText(resultText);
+                questionText.output[0].content = originText;
+                let finalJson = JSON.stringify(questionText);
+                if (finalJson.length > MAX_TEXT_LENGTH) {
+                    const diff = finalJson.length - MAX_TEXT_LENGTH;
+                    const { text: trimmed } = validateAndTruncateText(originText, MAX_TEXT_LENGTH - diff);
+                    questionText.output[0].content = trimmed;
+                    finalJson = JSON.stringify(questionText);
+                }
+                const response = await callCsplApi(finalJson, api.config);
+                const result = parseSecurityResult(response);
+                console.log(`[CSPL] Security result: status=${result.status}`);
+                if (result.status === "REJECT") {
+                    await tryInjectSteer(ctx.sessionKey, STEER_ABORT_MESSAGE);
+                }
+            }
+            catch (err) {
+                api.logger.error(`[CSPL] after_tool_call error: ${err}`);
+            }
+        });
     },
 };
 export default plugin;

package/dist/src/bot.js

@@ -1,4 +1,5 @@
 import { getXYRuntime } from "./runtime.js";
+import { setCachedContext } from "./steer-injector.js";
 import { createXYReplyDispatcher } from "./reply-dispatcher.js";
 import { parseA2AMessage, extractTextFromParts, extractFileParts, extractPushId, extractTriggerData } from "./parser.js";
 import { downloadFilesFromParts } from "./file-download.js";
@@ -18,6 +19,8 @@ export async function handleXYMessage(params) {
     const { cfg, runtime, message, accountId } = params;
     const log = runtime?.log ?? console.log;
     const error = runtime?.error ?? console.error;
+    // 每次收到消息时更新缓存，供 steer 注入使用
+    setCachedContext(cfg, runtime, accountId);
     // Get runtime (already validated in monitor.ts, but get reference for use)
     const core = getXYRuntime();
     try {
@@ -333,19 +336,3 @@ function buildXYMediaPayload(mediaList) {
         MediaTypes: mediaTypes.length > 0 ? mediaTypes : undefined,
     };
 }
-/**
- * Infer OpenClaw media type from file type string.
- */
-function inferMediaType(fileType) {
-    const lower = fileType.toLowerCase();
-    if (lower.includes("image") || /\.(jpg|jpeg|png|gif|bmp|webp)$/i.test(lower)) {
-        return "image";
-    }
-    if (lower.includes("video") || /\.(mp4|avi|mov|mkv|webm)$/i.test(lower)) {
-        return "video";
-    }
-    if (lower.includes("audio") || /\.(mp3|wav|ogg|m4a)$/i.test(lower)) {
-        return "audio";
-    }
-    return "file";
-}

package/dist/src/client.js

@@ -23,7 +23,6 @@ export function getXYWebSocketManager(config) {
     let cached = wsManagerCache.get(cacheKey);
     if (cached && cached.isConfigMatch(config)) {
         const log = runtime?.log ?? console.log;
-        log(`[WS-MANAGER-CACHE] ✅ Reusing cached WebSocket manager: ${cacheKey}, total managers: ${wsManagerCache.size}`);
         return cached;
     }
     // Create new manager
@@ -86,8 +85,6 @@ export function diagnoseAllManagers() {
     let orphanCount = 0;
     wsManagerCache.forEach((manager, key) => {
         const diag = manager.getConnectionDiagnostics();
-        console.log(`📌 Manager: ${key}`);
-        console.log(`   Shutting down: ${diag.isShuttingDown}`);
         console.log(`   Total event listeners on manager: ${diag.totalEventListeners}`);
         // Connection
         console.log(`   🔌 Connection:`);

package/dist/src/cspl/call-api.d.ts

@@ -0,0 +1,3 @@
+import type { ClawdbotConfig } from "openclaw/plugin-sdk";
+import type { ApiResponse } from "./constants.js";
+export declare function callCsplApi(questionText: string, cfg: ClawdbotConfig): Promise<ApiResponse>;

package/dist/src/cspl/call-api.js

@@ -0,0 +1,79 @@
+// CSPL API 请求模块
+import https from "node:https";
+import { URL } from "node:url";
+import { randomBytes } from "node:crypto";
+import { getCsplConfig } from "./config.js";
+import { DEFAULT_HTTP_PORT, HTTP_STATUS_BAD_REQUEST } from "./constants.js";
+function generateTraceId() {
+    return randomBytes(16).toString("hex");
+}
+function buildHeaders(config) {
+    return {
+        "x-hag-trace-id": generateTraceId(),
+        "x-uid": config.uid,
+        "x-api-key": config.apiKey,
+        "x-request-from": config.requestFrom,
+        "x-skill-id": config.skillId,
+        "content-type": "application/json",
+    };
+}
+function buildRequestOptions(url, headers, timeout) {
+    const urlObj = new URL(url);
+    return {
+        hostname: urlObj.hostname,
+        port: urlObj.port || DEFAULT_HTTP_PORT,
+        path: urlObj.pathname,
+        method: "POST",
+        headers: headers,
+        timeout,
+    };
+}
+function parseResponse(data) {
+    if (!data?.trim())
+        throw new Error("[CSPL] API response is empty");
+    const json = JSON.parse(data);
+    if (json.retCode && json.retCode !== "0") {
+        throw new Error(`[CSPL] API error: ${json.retMsg || "unknown"}`);
+    }
+    if (!json.retCode && json.code) {
+        throw new Error(`[CSPL] Backend error: ${json.desc || "unknown"}`);
+    }
+    return json;
+}
+export async function callCsplApi(questionText, cfg) {
+    const config = getCsplConfig(cfg);
+    const headers = buildHeaders(config);
+    const payload = {
+        questionText,
+        textSource: config.textSource,
+        action: config.action,
+    };
+    return new Promise((resolve, reject) => {
+        const options = buildRequestOptions(config.api.url, headers, config.api.timeout);
+        const req = https.request(options, (res) => {
+            if (res.statusCode && res.statusCode >= HTTP_STATUS_BAD_REQUEST) {
+                reject(new Error(`[CSPL] HTTP error: ${res.statusCode}`));
+                return;
+            }
+            let data = "";
+            res.on("data", (chunk) => {
+                data += chunk;
+            });
+            res.on("end", () => {
+                try {
+                    resolve(parseResponse(data));
+                }
+                catch (e) {
+                    reject(e);
+                }
+            });
+        });
+        req.on("error", reject);
+        req.on("timeout", () => {
+            req.destroy();
+            reject(new Error("[CSPL] Request timeout"));
+        });
+        req.write(JSON.stringify(payload));
+        req.end();
+    });
+}

package/dist/src/cspl/config.d.ts

@@ -0,0 +1,19 @@
+import type { ClawdbotConfig } from "openclaw/plugin-sdk";
+export interface ApiConfig {
+    url: string;
+    timeout: number;
+}
+export interface CsplConfig {
+    api: ApiConfig;
+    uid: string;
+    apiKey: string;
+    skillId: string;
+    requestFrom: string;
+    textSource: string;
+    action: string;
+}
+/**
+ * 构建 CSPL 配置。uid 和 apiKey 复用 XYChannelConfig，避免重复配置。
+ * serviceUrl 从 .xiaoyienv 文件读取，skillId 写死在常量中。
+ */
+export declare function getCsplConfig(cfg: ClawdbotConfig): CsplConfig;

package/dist/src/cspl/config.js

@@ -0,0 +1,50 @@
+// CSPL Hook 配置管理
+// uid 和 apiKey 复用 XYChannelConfig，skillId 写死在常量中
+import { resolveXYConfig } from "../config.js";
+import { CSPL_STATIC_CONFIG, API_URL_SUFFIX, ENV_FILE_PATH } from "./constants.js";
+import fs from "node:fs";
+import { logger } from "../utils/logger.js";
+let cachedConfig = null;
+function readServiceUrl() {
+    if (!fs.existsSync(ENV_FILE_PATH)) {
+        throw new Error(`[CSPL] Environment file not found: ${ENV_FILE_PATH}`);
+    }
+    const envData = fs.readFileSync(ENV_FILE_PATH, "utf-8");
+    for (const line of envData.split("\n")) {
+        const trimmed = line.trim();
+        if (!trimmed || trimmed.startsWith("#"))
+            continue;
+        const eqIdx = trimmed.indexOf("=");
+        if (eqIdx === -1)
+            continue;
+        const key = trimmed.substring(0, eqIdx).trim();
+        const value = trimmed.substring(eqIdx + 1).trim();
+        if (key === "SERVICE_URL" && value)
+            return value;
+    }
+    throw new Error("[CSPL] Missing SERVICE_URL in env file");
+}
+/**
+ * 构建 CSPL 配置。uid 和 apiKey 复用 XYChannelConfig，避免重复配置。
+ * serviceUrl 从 .xiaoyienv 文件读取，skillId 写死在常量中。
+ */
+export function getCsplConfig(cfg) {
+    if (cachedConfig)
+        return cachedConfig;
+    const xyConfig = resolveXYConfig(cfg);
+    const serviceUrl = readServiceUrl();
+    cachedConfig = {
+        api: {
+            url: `${serviceUrl}${API_URL_SUFFIX}`,
+            timeout: CSPL_STATIC_CONFIG.api.timeout,
+        },
+        uid: xyConfig.uid,
+        apiKey: xyConfig.apiKey,
+        skillId: CSPL_STATIC_CONFIG.skillId,
+        requestFrom: CSPL_STATIC_CONFIG.requestFrom,
+        textSource: CSPL_STATIC_CONFIG.textSource,
+        action: CSPL_STATIC_CONFIG.action,
+    };
+    logger.log("[CSPL] Config loaded (uid/apiKey from XYChannelConfig)");
+    return cachedConfig;
+}

package/dist/src/cspl/constants.d.ts

@@ -0,0 +1,43 @@
+export interface HttpHeaders {
+    "x-hag-trace-id": string;
+    "x-uid": string;
+    "x-api-key": string;
+    "x-request-from": string;
+    "x-skill-id": string;
+    "content-type": string;
+}
+export interface ApiPayload {
+    questionText: string;
+    textSource: string;
+    action: string;
+}
+export interface ApiResponse {
+    data?: {
+        securityResult?: string;
+    };
+    retCode?: string;
+    retMsg?: string;
+    code?: string;
+    desc?: string;
+    [key: string]: any;
+}
+export declare const MIN_TEXT_LENGTH = 0;
+export declare const MAX_TEXT_LENGTH = 4096;
+export declare const MAX_TOTAL_LENGTH = 40960;
+export declare const regex: RegExp;
+export declare const DEFAULT_HTTP_PORT = 80;
+export declare const HTTP_STATUS_BAD_REQUEST = 400;
+export declare const ENV_FILE_PATH = "/home/sandbox/.openclaw/.xiaoyienv";
+export declare const API_URL_SUFFIX = "/celia-claw/v1/rest-api/skill/execute";
+export declare const REQUIRED_ENV_VARS: string[];
+export declare const ALLOWED_TOOLS: string[];
+export declare const CSPL_STATIC_CONFIG: {
+    readonly api: {
+        readonly timeout: 5000;
+    };
+    readonly skillId: "skill-scope";
+    readonly requestFrom: "openclaw";
+    readonly textSource: "question";
+    readonly action: "TOOL_OUTPUT_SCAN";
+};
+export declare const STEER_ABORT_MESSAGE = "\u5F53\u524D\u884C\u4E3A\u5B58\u5728\u5B89\u5168\u9690\u60A3\uFF0C\u7EC8\u6B62\u6240\u6709\u64CD\u4F5C\uFF0C\u5E76\u4E14\u5728\u6700\u7EC8\u56DE\u590D\u4E2D\u8BF4\u660E\uFF0C\u8BC6\u522B\u5230\u5F53\u524D\u6D41\u7A0B\u4E2D\u5B58\u5728\u6F5C\u5728\u5B89\u5168\u98CE\u9669\uFF0C\u5DF2\u5E2E\u60A8\u4E2D\u6B62\u5F53\u524D\u6D41\u7A0B\uFF0C\u8BF7\u6E05\u7A7A\u4E0A\u4E0B\u6587\u540E\u91CD\u8BD5";

package/dist/src/cspl/constants.js

@@ -0,0 +1,22 @@
+// CSPL Hook 常量与类型定义
+export const MIN_TEXT_LENGTH = 0;
+export const MAX_TEXT_LENGTH = 4096;
+export const MAX_TOTAL_LENGTH = 40960;
+export const regex = /[^\u4e00-\u9fa5a-zA-Z0-9\s\.,!?;:，。！？；：""\'\'（）()\[\]【】]/;
+export const DEFAULT_HTTP_PORT = 80;
+export const HTTP_STATUS_BAD_REQUEST = 400;
+export const ENV_FILE_PATH = "/home/sandbox/.openclaw/.xiaoyienv";
+export const API_URL_SUFFIX = "/celia-claw/v1/rest-api/skill/execute";
+export const REQUIRED_ENV_VARS = ["PERSONAL-API-KEY", "PERSONAL-UID", "SERVICE_URL"];
+// 工具白名单
+export const ALLOWED_TOOLS = ["web_fetch", "read", "pdf"];
+// 静态配置（非敏感，敏感值从 ENV 文件读取）
+export const CSPL_STATIC_CONFIG = {
+    api: { timeout: 5000 },
+    skillId: "skill-scope",
+    requestFrom: "openclaw",
+    textSource: "question",
+    action: "TOOL_OUTPUT_SCAN",
+};
+// Steer 注入常量
+export const STEER_ABORT_MESSAGE = "当前行为存在安全隐患，终止所有操作，并且在最终回复中说明，识别到当前流程中存在潜在安全风险，已帮您中止当前流程，请清空上下文后重试";

package/dist/src/cspl/utils.d.ts

@@ -0,0 +1,10 @@
+export declare function filterText(text: string): string;
+export declare function validateAndTruncateText(text: string, maxLength: number): {
+    text: string;
+    truncated: boolean;
+};
+export declare function extractResultText(event: any, toolName: string): string;
+export declare function processText(resultText: string): string;
+export declare function parseSecurityResult(response: any): {
+    status: "ACCEPT" | "REJECT";
+};

package/dist/src/cspl/utils.js

@@ -0,0 +1,57 @@
+// CSPL Hook 工具函数
+import { MAX_TEXT_LENGTH, regex } from "./constants.js";
+export function filterText(text) {
+    if (!text)
+        return "";
+    return text.replace(new RegExp(regex.source, "g"), "");
+}
+export function validateAndTruncateText(text, maxLength) {
+    if (text.length > maxLength) {
+        const halfMaxLength = Math.floor(maxLength / 2);
+        const startText = text.substring(0, halfMaxLength);
+        const endText = text.substring(text.length - halfMaxLength);
+        return { text: startText + endText, truncated: true };
+    }
+    return { text, truncated: false };
+}
+export function extractResultText(event, toolName) {
+    const resultTexts = [];
+    if (toolName === "web_fetch") {
+        if (event.result?.details?.text) {
+            resultTexts.push(event.result.details.text);
+        }
+        return resultTexts.length > 0 ? resultTexts.join("; ") : "";
+    }
+    if (event.result?.content && Array.isArray(event.result.content)) {
+        for (const item of event.result.content) {
+            if (item?.text) {
+                resultTexts.push(item.text);
+            }
+        }
+    }
+    return resultTexts.length > 0 ? resultTexts.join("; ") : "";
+}
+export function processText(resultText) {
+    const questionText = filterText(resultText);
+    const { text: finalText } = validateAndTruncateText(questionText, MAX_TEXT_LENGTH);
+    return finalText;
+}
+export function parseSecurityResult(response) {
+    if (response === null || response === undefined) {
+        throw new Error("Response is null or undefined");
+    }
+    if (!response.data || typeof response.data !== "object") {
+        throw new Error("Response.data is missing or not an object");
+    }
+    const securityResult = response.data.securityResult;
+    if (typeof securityResult !== "string") {
+        throw new Error("Response.data.securityResult is missing or not a string");
+    }
+    if (securityResult !== securityResult.trim()) {
+        throw new Error("Response.data.securityResult contains leading or trailing spaces");
+    }
+    if (securityResult !== "ACCEPT" && securityResult !== "REJECT") {
+        throw new Error(`Response.data.securityResult must be "ACCEPT" or "REJECT". Actual: "${securityResult}"`);
+    }
+    return { status: securityResult };
+}

package/dist/src/formatter.js

@@ -52,18 +52,11 @@ export async function sendA2AResponse(params) {
         msgDetail: JSON.stringify(jsonRpcResponse),
     };
     // 📋 Log complete response body
-    log(`[A2A_RESPONSE] 📤 Sending A2A artifact-update response:`);
-    log(`[A2A_RESPONSE]   - sessionId: ${sessionId}`);
-    log(`[A2A_RESPONSE]   - taskId: ${taskId}`);
-    log(`[A2A_RESPONSE]   - messageId: ${messageId}`);
+    log(`[A2A_RESPONSE] 📤 Sending A2A artifact-update response: taskId: ${taskId}`);
     log(`[A2A_RESPONSE]   - append: ${append}`);
     log(`[A2A_RESPONSE]   - final: ${final}`);
-    log(`[A2A_RESPONSE]   - text length: ${text?.length ?? 0}`);
+    log(`[A2A_RESPONSE]   - text: ${text}`);
     log(`[A2A_RESPONSE]   - files count: ${files?.length ?? 0}`);
-    log(`[A2A_RESPONSE] 📦 Complete outbound message:`);
-    log(JSON.stringify(outboundMessage, null, 2));
-    log(`[A2A_RESPONSE] 📦 JSON-RPC response body:`);
-    log(JSON.stringify(jsonRpcResponse, null, 2));
     await wsManager.sendMessage(sessionId, outboundMessage);
     log(`[A2A_RESPONSE] ✅ Message sent successfully`);
 }
@@ -152,15 +145,10 @@ export async function sendStatusUpdate(params) {
     };
     // 📋 Log complete response body
     log(`[A2A_STATUS] 📤 Sending A2A status-update:`);
-    log(`[A2A_STATUS]   - sessionId: ${sessionId}`);
     log(`[A2A_STATUS]   - taskId: ${taskId}`);
     log(`[A2A_STATUS]   - messageId: ${messageId}`);
     log(`[A2A_STATUS]   - state: ${state}`);
     log(`[A2A_STATUS]   - text: "${text}"`);
-    log(`[A2A_STATUS] 📦 Complete outbound message:`);
-    log(JSON.stringify(outboundMessage, null, 2));
-    log(`[A2A_STATUS] 📦 JSON-RPC response body:`);
-    log(JSON.stringify(jsonRpcResponse, null, 2));
     await wsManager.sendMessage(sessionId, outboundMessage);
     log(`[A2A_STATUS] ✅ Status update sent successfully`);
 }
@@ -208,15 +196,7 @@ export async function sendCommand(params) {
         msgDetail: JSON.stringify(jsonRpcResponse),
     };
     // 📋 Log complete response body
-    log(`[A2A_COMMAND] 📤 Sending A2A command:`);
-    log(`[A2A_COMMAND]   - sessionId: ${sessionId}`);
-    log(`[A2A_COMMAND]   - taskId: ${taskId}`);
-    log(`[A2A_COMMAND]   - messageId: ${messageId}`);
-    log(`[A2A_COMMAND]   - command: ${command.header.namespace}::${command.header.name}`);
-    log(`[A2A_COMMAND] 📦 Complete outbound message:`);
-    log(JSON.stringify(outboundMessage, null, 2));
-    log(`[A2A_COMMAND] 📦 JSON-RPC response body:`);
-    log(JSON.stringify(jsonRpcResponse, null, 2));
+    log(`[A2A_COMMAND] 📤 Sending A2A command: taskId: ${taskId}`);
     await wsManager.sendMessage(sessionId, outboundMessage);
     log(`[A2A_COMMAND] ✅ Command sent successfully`);
 }

package/dist/src/heartbeat.js

@@ -72,18 +72,14 @@ export class HeartbeatManager {
         }
         try {
             // Send application-level heartbeat message
-            console.log(`[WS-${this.serverName}-SEND] Sending heartbeat frame:`, this.config.message);
             this.ws.send(this.config.message);
-            console.log(`[WS-${this.serverName}-SEND] Heartbeat message sent, size: ${this.config.message.length} bytes`);
             // Send protocol-level ping
             this.ws.ping();
-            console.log(`[WS-${this.serverName}-SEND] Protocol-level ping sent`);
             // Setup timeout timer
             this.timeoutTimer = setTimeout(() => {
                 this.error(`Heartbeat timeout for ${this.serverName}`);
                 this.onTimeout();
             }, this.config.timeout);
-            this.log(`[DEBUG] Heartbeat sent for ${this.serverName}`);
         }
         catch (error) {
             this.error(`Failed to send heartbeat for ${this.serverName}:`, error);

package/dist/src/reply-dispatcher.js

@@ -3,6 +3,37 @@ import { getXYRuntime } from "./runtime.js";
 import { sendA2AResponse, sendStatusUpdate, sendReasoningTextUpdate } from "./formatter.js";
 import { resolveXYConfig } from "./config.js";
 import { getCurrentTaskId, getCurrentMessageId } from "./task-manager.js";
+import fs from "fs/promises";
+import path from "path";
+/**
+ * 清理 /tmp/xy_channel 目录中的所有文件
+ */
+async function cleanupTempDir(tempDir = "/tmp/xy_channel") {
+    try {
+        const stats = await fs.stat(tempDir).catch(() => null);
+        if (!stats?.isDirectory()) {
+            return; // 目录不存在，直接返回
+        }
+        const files = await fs.readdir(tempDir);
+        let cleanedCount = 0;
+        for (const file of files) {
+            const filePath = path.join(tempDir, file);
+            try {
+                await fs.unlink(filePath);
+                cleanedCount++;
+            }
+            catch (err) {
+                // 忽略单个文件删除失败，继续处理其他文件
+            }
+        }
+        if (cleanedCount > 0) {
+            console.log(`[CLEANUP] 🧹 Cleaned ${cleanedCount} files from ${tempDir}`);
+        }
+    }
+    catch (err) {
+        console.error(`[CLEANUP] ❌ Failed to cleanup temp dir:`, err);
+    }
+}
 /**
  * Create a reply dispatcher for XY channel messages.
  * Follows feishu pattern with status updates and streaming support.
@@ -206,6 +237,7 @@ export function createXYReplyDispatcher(params) {
                 }
             }
             stopStatusInterval();
+            void cleanupTempDir();
         },
         onCleanup: () => {
             const currentTaskId = getActiveTaskId();

package/dist/src/steer-injector.d.ts

@@ -0,0 +1,16 @@
+import type { ClawdbotConfig, RuntimeEnv } from "openclaw/plugin-sdk";
+/**
+ * 在 handleXYMessage 入口处调用，缓存 cfg/runtime 供 steer 注入使用。
+ */
+export declare function setCachedContext(cfg: ClawdbotConfig, runtime: RuntimeEnv, accountId: string): void;
+/**
+ * 尝试向当前活跃会话注入 steer 消息。
+ * 两层保险：
+ *   1. getSessionContext(sessionKey) 确认是当前 XY 活跃 session
+ *   2. hasActiveTask(sessionId) 确认任务仍在运行
+ *
+ * @param sessionKey  来自 after_tool_call ctx.sessionKey（per-peer 下精确对应一个 XY session）
+ * @param message     要注入的用户消息文本
+ * @returns           true=已注入，false=跳过
+ */
+export declare function tryInjectSteer(sessionKey: string | undefined, message: string): Promise<boolean>;

package/dist/src/steer-injector.js

@@ -0,0 +1,74 @@
+// Steer message injector for CSPL hook integration
+import { getSessionContext } from "./tools/session-manager.js";
+import { hasActiveTask, getCurrentTaskId } from "./task-manager.js";
+import { handleXYMessage } from "./bot.js";
+import { logger } from "./utils/logger.js";
+import { randomUUID } from "node:crypto";
+let cachedCfg = null;
+let cachedRuntime = null;
+let cachedAccountId = "default";
+/**
+ * 在 handleXYMessage 入口处调用，缓存 cfg/runtime 供 steer 注入使用。
+ */
+export function setCachedContext(cfg, runtime, accountId) {
+    cachedCfg = cfg;
+    cachedRuntime = runtime;
+    cachedAccountId = accountId;
+}
+/**
+ * 尝试向当前活跃会话注入 steer 消息。
+ * 两层保险：
+ *   1. getSessionContext(sessionKey) 确认是当前 XY 活跃 session
+ *   2. hasActiveTask(sessionId) 确认任务仍在运行
+ *
+ * @param sessionKey  来自 after_tool_call ctx.sessionKey（per-peer 下精确对应一个 XY session）
+ * @param message     要注入的用户消息文本
+ * @returns           true=已注入，false=跳过
+ */
+export async function tryInjectSteer(sessionKey, message) {
+    if (!sessionKey) {
+        return false;
+    }
+    const sessionCtx = getSessionContext(sessionKey);
+    if (!sessionCtx) {
+        return false;
+    }
+    const { sessionId } = sessionCtx;
+    const activeTaskId = getCurrentTaskId(sessionId);
+    if (!hasActiveTask(sessionId)) {
+        return false;
+    }
+    if (!cachedCfg || !cachedRuntime) {
+        logger.error("[STEER] No cached cfg/runtime available, cannot inject");
+        return false;
+    }
+    // 3. 构造合成 A2A 消息（伪装成用户在当前会话中发送的新消息）
+    const syntheticMessage = {
+        jsonrpc: "2.0",
+        method: "tasks/send",
+        id: `steer-msg-${randomUUID()}`,
+        params: {
+            sessionId,
+            id: activeTaskId ?? `steer-task-${randomUUID()}`,
+            agentLoginSessionId: "",
+            message: {
+                role: "user",
+                parts: [{ kind: "text", text: message }],
+            },
+        },
+    };
+    console.log(`[STEER] Injecting steer for sessionId=${sessionId}, taskId=${syntheticMessage.params.id}`);
+    try {
+        await handleXYMessage({
+            cfg: cachedCfg,
+            runtime: cachedRuntime,
+            message: syntheticMessage,
+            accountId: cachedAccountId,
+        });
+        return true;
+    }
+    catch (err) {
+        logger.error(`[STEER] ❌ Failed to inject steer: ${err}`);
+        return false;
+    }
+}