agim-cli 1.0.14 → 1.1.1

package/dist/core/agent-cwd.js

@@ -1,7 +1,7 @@
 // Per-agent working directory resolution for the IM context.
 //
 // Both Claude Code and opencode key their per-project memory / history off
-// the spawned process's cwd. When im-hub runs as a systemd service, that cwd
+// the spawned process's cwd. When agim runs as a systemd service, that cwd
 // is "/" — so every IM thread, every direct-terminal session, and every
 // background scheduler tick all share the SAME global memory bucket. This
 // is the root cause of:
@@ -12,7 +12,7 @@
 //
 // Fix: when we detect we're in an IM call (threadId + platform both set),
 // pin the agent into a stable per-agent workspace under
-// `~/.im-hub-workspaces/<agent>/`. Non-IM calls (web UI, scheduler,
+// `~/.agim-workspaces/<agent>/`. Non-IM calls (web UI, scheduler,
 // intent-llm judge) keep the inherited cwd, preserving prior behavior.
 //
 // Override path: `IMHUB_<AGENT>_CWD` env var beats everything (e.g.
@@ -43,8 +43,8 @@ function envKeyFor(agentName) {
  * Decision order:
  *   1. Env override `IMHUB_<AGENT>_CWD` always wins.
  *   2. If we're in an IM context (threadId + platform both present), pin to
- *      `~/.im-hub-workspaces/<agent>/`.
- *   3. Otherwise return undefined → adapter inherits im-hub's cwd. This
+ *      `~/.agim-workspaces/<agent>/`.
+ *   3. Otherwise return undefined → adapter inherits agim's cwd. This
  *      keeps web/scheduler/intent-llm judge paths exactly as they were.
  */
 export function resolveAgentCwd(agentName, opts) {
@@ -94,7 +94,7 @@ export async function bootstrapAgentWorkspaces() {
     const result = [];
     const claudeSeed = `# Claude Code — IM 入口工作区
 
-> 这是 im-hub 通过 IM 唤起 Claude Code 时的专用工作目录。
+> 这是 agim 通过 IM 唤起 Claude Code 时的专用工作目录。
 > 与你直接在终端里跑 \`claude\` 时使用的全局配置 (~/.claude/CLAUDE.md) 隔离。
 >
 > 文件位置：${defaultAgentCwd('claude-code')}/CLAUDE.md
@@ -113,7 +113,7 @@ export async function bootstrapAgentWorkspaces() {
 ## 注意
 
 - 当前 cwd 不是真正的代码仓库；要查代码请去 /root/workspace/...
-- IM 单条消息的硬超时是 30 分钟（im-hub 层），长任务必须走 bgjob
+- IM 单条消息的硬超时是 30 分钟（agim 层），长任务必须走 bgjob
 `;
     result.push({
         agent: 'claude-code',
@@ -121,7 +121,7 @@ export async function bootstrapAgentWorkspaces() {
     });
     const opencodeSeed = `# OpenCode — IM 入口工作区
 
-> 这是 im-hub 通过 IM 唤起 opencode 时的专用工作目录。
+> 这是 agim 通过 IM 唤起 opencode 时的专用工作目录。
 > 与你直接在终端里跑 \`opencode\` 时使用的全局配置 (~/.config/opencode/AGENTS.md) 隔离。
 >
 > 文件位置：${defaultAgentCwd('opencode')}/AGENTS.md
@@ -139,7 +139,7 @@ export async function bootstrapAgentWorkspaces() {
 ## 注意
 
 - 当前 cwd 不是真正的代码仓库；要查代码请去 /root/workspace/...
-- IM 单条消息的硬超时是 30 分钟（im-hub 层），长任务必须走 bgjob
+- IM 单条消息的硬超时是 30 分钟（agim 层），长任务必须走 bgjob
 `;
     result.push({
         agent: 'opencode',
@@ -147,7 +147,7 @@ export async function bootstrapAgentWorkspaces() {
     });
     const codexSeed = `# Codex — IM 入口工作区
 
-> 这是 im-hub 通过 IM 唤起 OpenAI Codex CLI 时的专用工作目录。
+> 这是 agim 通过 IM 唤起 OpenAI Codex CLI 时的专用工作目录。
 > 与你直接在终端里跑 \`codex\` 时使用的全局配置 (~/.codex/config.toml) 隔离。
 >
 > 文件位置：${defaultAgentCwd('codex')}/AGENTS.md
@@ -166,11 +166,11 @@ export async function bootstrapAgentWorkspaces() {
 ## 注意
 
 - 当前 cwd 不是真正的代码仓库；要查代码请去 /root/workspace/...
-- IM 单条消息的硬超时是 30 分钟（im-hub 层），长任务必须走 bgjob
+- IM 单条消息的硬超时是 30 分钟（agim 层），长任务必须走 bgjob
 - bgjob 数据目录：~/.codex/bgjobs/（与 claude / opencode 隔离）
   使用方式：\`/root/.codex/scripts/bgjob start <name> -- <cmd...>\`
 - AGENTS.md 与 opencode 同名但工作区分离 —— codex 只读本目录的 AGENTS.md，
-  不会读 ~/.im-hub-workspaces/opencode/AGENTS.md
+  不会读 ~/.agim-workspaces/opencode/AGENTS.md
 `;
     result.push({
         agent: 'codex',

package/dist/core/agent-cwd.js.map

@@ -1 +1 @@
-{"version":3,"file":"agent-cwd.js","sourceRoot":"","sources":["../../src/core/agent-cwd.ts"],"names":[],"mappings":"AAAA,6DAA6D;AAC7D,EAAE;AACF,2EAA2E;AAC3E,6EAA6E;AAC7E,wEAAwE;AACxE,0EAA0E;AAC1E,wBAAwB;AACxB,EAAE;AACF,2EAA2E;AAC3E,sEAAsE;AACtE,0EAA0E;AAC1E,EAAE;AACF,0EAA0E;AAC1E,wDAAwD;AACxD,oEAAoE;AACpE,uEAAuE;AACvE,EAAE;AACF,oEAAoE;AACpE,wEAAwE;AACxE,iCAAiC;AAEjC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAChC,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AAE3D,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAA;AAEjD;;;wEAGwE;AACxE,MAAM,UAAU,mBAAmB;IACjC,OAAO,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,eAAe,CAAA;AAC7D,CAAC;AAED,+DAA+D;AAC/D,MAAM,UAAU,eAAe,CAAC,SAAiB;IAC/C,OAAO,IAAI,CAAC,mBAAmB,EAAE,EAAE,SAAS,CAAC,CAAA;AAC/C,CAAC;AAED,8DAA8D;AAC9D,SAAS,SAAS,CAAC,SAAiB;IAClC,uCAAuC;IACvC,OAAO,SAAS,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,MAAM,CAAA;AAClE,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,eAAe,CAAC,SAAiB,EAAE,IAAmB;IACpE,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAA;IAClD,IAAI,QAAQ;QAAE,OAAO,QAAQ,CAAA;IAE7B,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QACnC,OAAO,eAAe,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,SAAiB,EACjB,IAA2C;IAE3C,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAA;IAClD,MAAM,GAAG,GAAG,QAAQ,IAAI,eAAe,CAAC,SAAS,CAAC,CAAA;IAClD,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IAErC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IACzC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAA;QACtB,yDAAyD;IAC3D,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IACjD,CAAC;IAED,OAAO,GAAG,CAAA;AACZ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB;IAC5C,MAAM,MAAM,GAA0C,EAAE,CAAA;IAExD,MAAM,UAAU,GAAG;;;;;SAKZ,eAAe,CAAC,aAAa,CAAC;;;;;;;;;;;;;;;;;CAiBtC,CAAA;IAEC,MAAM,CAAC,IAAI,CAAC;QACV,KAAK,EAAE,aAAa;QACpB,GAAG,EAAE,MAAM,oBAAoB,CAAC,aAAa,EAAE,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;KAC/F,CAAC,CAAA;IAEF,MAAM,YAAY,GAAG;;;;;SAKd,eAAe,CAAC,UAAU,CAAC;;;;;;;;;;;;;;;;CAgBnC,CAAA;IAEC,MAAM,CAAC,IAAI,CAAC;QACV,KAAK,EAAE,UAAU;QACjB,GAAG,EAAE,MAAM,oBAAoB,CAAC,UAAU,EAAE,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;KAC9F,CAAC,CAAA;IAEF,MAAM,SAAS,GAAG;;;;;SAKX,eAAe,CAAC,OAAO,CAAC;;;;;;;;;;;;;;;;;;;;;CAqBhC,CAAA;IAEC,MAAM,CAAC,IAAI,CAAC;QACV,KAAK,EAAE,OAAO;QACd,GAAG,EAAE,MAAM,oBAAoB,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;KACxF,CAAC,CAAA;IAEF,OAAO,MAAM,CAAA;AACf,CAAC"}
+{"version":3,"file":"agent-cwd.js","sourceRoot":"","sources":["../../src/core/agent-cwd.ts"],"names":[],"mappings":"AAAA,6DAA6D;AAC7D,EAAE;AACF,2EAA2E;AAC3E,2EAA2E;AAC3E,wEAAwE;AACxE,0EAA0E;AAC1E,wBAAwB;AACxB,EAAE;AACF,2EAA2E;AAC3E,sEAAsE;AACtE,0EAA0E;AAC1E,EAAE;AACF,0EAA0E;AAC1E,wDAAwD;AACxD,kEAAkE;AAClE,uEAAuE;AACvE,EAAE;AACF,oEAAoE;AACpE,wEAAwE;AACxE,iCAAiC;AAEjC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAChC,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AAE3D,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAA;AAEjD;;;wEAGwE;AACxE,MAAM,UAAU,mBAAmB;IACjC,OAAO,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,eAAe,CAAA;AAC7D,CAAC;AAED,+DAA+D;AAC/D,MAAM,UAAU,eAAe,CAAC,SAAiB;IAC/C,OAAO,IAAI,CAAC,mBAAmB,EAAE,EAAE,SAAS,CAAC,CAAA;AAC/C,CAAC;AAED,8DAA8D;AAC9D,SAAS,SAAS,CAAC,SAAiB;IAClC,uCAAuC;IACvC,OAAO,SAAS,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,MAAM,CAAA;AAClE,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,eAAe,CAAC,SAAiB,EAAE,IAAmB;IACpE,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAA;IAClD,IAAI,QAAQ;QAAE,OAAO,QAAQ,CAAA;IAE7B,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QACnC,OAAO,eAAe,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,SAAiB,EACjB,IAA2C;IAE3C,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAA;IAClD,MAAM,GAAG,GAAG,QAAQ,IAAI,eAAe,CAAC,SAAS,CAAC,CAAA;IAClD,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IAErC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IACzC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAA;QACtB,yDAAyD;IAC3D,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IACjD,CAAC;IAED,OAAO,GAAG,CAAA;AACZ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB;IAC5C,MAAM,MAAM,GAA0C,EAAE,CAAA;IAExD,MAAM,UAAU,GAAG;;;;;SAKZ,eAAe,CAAC,aAAa,CAAC;;;;;;;;;;;;;;;;;CAiBtC,CAAA;IAEC,MAAM,CAAC,IAAI,CAAC;QACV,KAAK,EAAE,aAAa;QACpB,GAAG,EAAE,MAAM,oBAAoB,CAAC,aAAa,EAAE,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;KAC/F,CAAC,CAAA;IAEF,MAAM,YAAY,GAAG;;;;;SAKd,eAAe,CAAC,UAAU,CAAC;;;;;;;;;;;;;;;;CAgBnC,CAAA;IAEC,MAAM,CAAC,IAAI,CAAC;QACV,KAAK,EAAE,UAAU;QACjB,GAAG,EAAE,MAAM,oBAAoB,CAAC,UAAU,EAAE,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;KAC9F,CAAC,CAAA;IAEF,MAAM,SAAS,GAAG;;;;;SAKX,eAAe,CAAC,OAAO,CAAC;;;;;;;;;;;;;;;;;;;;;CAqBhC,CAAA;IAEC,MAAM,CAAC,IAAI,CAAC;QACV,KAAK,EAAE,OAAO;QACd,GAAG,EAAE,MAAM,oBAAoB,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;KACxF,CAAC,CAAA;IAEF,OAAO,MAAM,CAAA;AACf,CAAC"}

package/dist/core/agent-helper.js

@@ -2,7 +2,7 @@
 //
 // Why this layer exists: features that want a small LLM judgement
 // (reminder text polish, reminder-intent detection, etc.) MUST NOT bake in
-// a specific provider (DeepSeek, OpenAI, …). im-hub is shipped as a
+// a specific provider (DeepSeek, OpenAI, …). agim is shipped as a
 // pluggable framework — every user's LLM access goes through the agent
 // they've already registered (claude-code / codex / opencode / copilot /
 // any future ACP-discovered remote). So all helper calls funnel through

package/dist/core/agent-helper.js.map

@@ -1 +1 @@
-{"version":3,"file":"agent-helper.js","sourceRoot":"","sources":["../../src/core/agent-helper.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,EAAE;AACF,kEAAkE;AAClE,2EAA2E;AAC3E,oEAAoE;AACpE,uEAAuE;AACvE,yEAAyE;AACzE,wEAAwE;AACxE,qDAAqD;AACrD,EAAE;AACF,6BAA6B;AAC7B,wDAAwD;AACxD,6EAA6E;AAC7E,6DAA6D;AAC7D,4EAA4E;AAC5E,EAAE;AACF,sEAAsE;AACtE,2EAA2E;AAC3E,4CAA4C;AAE5C,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,aAAa,CAAA;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AACxC,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAE7C,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,cAAc,EAAE,CAAC,CAAA;AAE3D,MAAM,kBAAkB,GAAG,MAAM,CAAA;AACjC,MAAM,wBAAwB,GAAG,KAAK,CAAA;AAsBtC;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,QAAgB,EAChB,SAAiB,EACjB,QAAgB,EAChB,OAGI,EAAE;IAEN,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,IAAI,cAAc,CAAC,kBAAkB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACpG,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAA;IAEnE,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAA;QAC/D,IAAI,OAAO,EAAE,KAAK;YAAE,OAAO,OAAO,CAAC,KAAK,CAAA;IAC1C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EACjE,+CAA+C,CAAC,CAAA;IACpD,CAAC;IACD,MAAM,GAAG,GAAG,UAAU,EAAE,CAAA;IACxB,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAA;AACvB,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,mBAAmB,CACjC,OAAwC,EAAE;IAE1C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,CAAA;IAChE,MAAM,SAAS,GAAG,CAAC,UAAU,EAAE,aAAa,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;IACjE,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAA;IACrC,CAAC;IACD,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAA;AACvB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,IAAoB;IACxD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,MAAM,kBAAkB,CAC1D,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,CAC7C,CAAA;IACD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,EACtF,4CAA4C,CAAC,CAAA;QAC/C,OAAO,IAAI,CAAA;IACb,CAAC;IACD,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;IAC5C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,SAAS,EAAE,EACnD,0DAA0D,CAAC,CAAA;QAC7D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,kBAAkB,CAAA;IACtD,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,IAAI,wBAAwB,CAAA;IAChE,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,EAAE,CAAA;IAElF,IAAI,GAAG,GAAG,EAAE,CAAA;IACZ,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IACxB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,YAAY,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAChE,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;YAC1B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;gBACpC,GAAG,IAAI,KAAK,CAAA;gBACZ,IAAI,GAAG,CAAC,MAAM,IAAI,QAAQ;oBAAE,MAAK;YACnC,CAAC;QACH,CAAC,CAAC,EAAE,CAAA;QACJ,MAAM,OAAO,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAC/C,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,SAAS,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAA;QAC5F,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAA;QACtC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,EAAE,CAAA;QACvB,GAAG,CAAC,KAAK,CAAC;YACR,KAAK,EAAE,WAAW;YAClB,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM;SACpE,EAAE,uBAAuB,CAAC,CAAA;QAC3B,OAAO,IAAI,IAAI,IAAI,CAAA;IACrB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,IAAI,CAAC;YACP,KAAK,EAAE,eAAe;YACtB,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC/C,GAAG,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACtD,EAAE,kDAAkD,CAAC,CAAA;QACtD,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,IAAoB;IAEpB,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,IAAI,CAAC,CAAA;IACvC,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA;IACrB,sEAAsE;IACtE,8CAA8C;IAC9C,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;IACtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,GAAG,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,EAAE,mCAAmC,CAAC,CAAA;QACrG,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAM,CAAA;IAClC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,KAAK,CAAC;YACR,KAAK,EAAE,0BAA0B;YACjC,GAAG,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;YACrD,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;SAChC,EAAE,0BAA0B,CAAC,CAAA;QAC9B,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC"}
+{"version":3,"file":"agent-helper.js","sourceRoot":"","sources":["../../src/core/agent-helper.ts"],"names":[],"mappings":"AAAA,yDAAyD;AACzD,EAAE;AACF,kEAAkE;AAClE,2EAA2E;AAC3E,kEAAkE;AAClE,uEAAuE;AACvE,yEAAyE;AACzE,wEAAwE;AACxE,qDAAqD;AACrD,EAAE;AACF,6BAA6B;AAC7B,wDAAwD;AACxD,6EAA6E;AAC7E,6DAA6D;AAC7D,4EAA4E;AAC5E,EAAE;AACF,sEAAsE;AACtE,2EAA2E;AAC3E,4CAA4C;AAE5C,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,aAAa,CAAA;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AACxC,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAE7C,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,cAAc,EAAE,CAAC,CAAA;AAE3D,MAAM,kBAAkB,GAAG,MAAM,CAAA;AACjC,MAAM,wBAAwB,GAAG,KAAK,CAAA;AAsBtC;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,QAAgB,EAChB,SAAiB,EACjB,QAAgB,EAChB,OAGI,EAAE;IAEN,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,IAAI,cAAc,CAAC,kBAAkB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACpG,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAA;IAEnE,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAA;QAC/D,IAAI,OAAO,EAAE,KAAK;YAAE,OAAO,OAAO,CAAC,KAAK,CAAA;IAC1C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EACjE,+CAA+C,CAAC,CAAA;IACpD,CAAC;IACD,MAAM,GAAG,GAAG,UAAU,EAAE,CAAA;IACxB,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAA;AACvB,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,mBAAmB,CACjC,OAAwC,EAAE;IAE1C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,CAAA;IAChE,MAAM,SAAS,GAAG,CAAC,UAAU,EAAE,aAAa,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;IACjE,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAA;IACrC,CAAC;IACD,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAA;AACvB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,IAAoB;IACxD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,MAAM,kBAAkB,CAC1D,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,CAC7C,CAAA;IACD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,EACtF,4CAA4C,CAAC,CAAA;QAC/C,OAAO,IAAI,CAAA;IACb,CAAC;IACD,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;IAC5C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,SAAS,EAAE,EACnD,0DAA0D,CAAC,CAAA;QAC7D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,kBAAkB,CAAA;IACtD,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,IAAI,wBAAwB,CAAA;IAChE,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,EAAE,CAAA;IAElF,IAAI,GAAG,GAAG,EAAE,CAAA;IACZ,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IACxB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,YAAY,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAChE,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;YAC1B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;gBACpC,GAAG,IAAI,KAAK,CAAA;gBACZ,IAAI,GAAG,CAAC,MAAM,IAAI,QAAQ;oBAAE,MAAK;YACnC,CAAC;QACH,CAAC,CAAC,EAAE,CAAA;QACJ,MAAM,OAAO,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAC/C,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,SAAS,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAA;QAC5F,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAA;QACtC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,EAAE,CAAA;QACvB,GAAG,CAAC,KAAK,CAAC;YACR,KAAK,EAAE,WAAW;YAClB,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM;SACpE,EAAE,uBAAuB,CAAC,CAAA;QAC3B,OAAO,IAAI,IAAI,IAAI,CAAA;IACrB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,IAAI,CAAC;YACP,KAAK,EAAE,eAAe;YACtB,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC/C,GAAG,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACtD,EAAE,kDAAkD,CAAC,CAAA;QACtD,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,IAAoB;IAEpB,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,IAAI,CAAC,CAAA;IACvC,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA;IACrB,sEAAsE;IACtE,8CAA8C;IAC9C,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;IACtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,GAAG,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,EAAE,mCAAmC,CAAC,CAAA;QACrG,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAM,CAAA;IAClC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,KAAK,CAAC;YACR,KAAK,EAAE,0BAA0B;YACjC,GAAG,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;YACrD,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;SAChC,EAAE,0BAA0B,CAAC,CAAA;QAC9B,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC"}

package/dist/core/approval-bus.d.ts

@@ -1,3 +1,4 @@
+export declare function isTimeoutDefaultAllow(): boolean;
 export interface RunContext {
     threadId: string;
     platform: string;
@@ -80,8 +81,10 @@ export interface ApprovalBusOptions {
 export declare class ApprovalBus {
     private server;
     private socketPath;
-    private readonly approvalTimeoutMs;
-    private readonly autoAllowGraceMs;
+    /** Public so renderers (approval-router plain-text prompt, future card
+     *  variants) can show the actual budget instead of hardcoded "5 分钟". */
+    readonly approvalTimeoutMs: number;
+    readonly autoAllowGraceMs: number;
     private runContexts;
     private pendingById;
     private pendingByThread;
@@ -295,6 +298,42 @@ export declare class ApprovalBus {
     private removePending;
     private sendDecision;
 }
-/** 进程级单例。im-hub 启动时 await approvalBus.start() 一次。 */
+/**
+ * Translate a raw fingerprint string (e.g. `cmd:git+status`) into the
+ * human-readable form shown in IM receipts and `/approval` listings
+ * (e.g. `命令 git status`). The inverse of inputFingerprint()'s internal
+ * encoding — keep the scheme list in sync if you add new fingerprint
+ * variants.
+ *
+ * Unknown / legacy schemes pass through unchanged so the function is
+ * forward-compatible with future fingerprint additions and backward-
+ * compatible with rules created before the semantic split (no scheme).
+ */
+export declare function humanizeFingerprint(fingerprint: string): string;
+/**
+ * Compute the auto-allow fingerprint — the "kind" of call that, when
+ * approved with `all`, covers future similar calls.
+ *
+ * Semantic per tool (rather than a uniform prefix slice) — fixes two
+ * footguns of the old prefix-based approach:
+ *   1. `Bash git status` and `git stash` collided at 5 chars but split at
+ *      10 — neither setting matched user intuition. We extract the first
+ *      two tokens (`cmd:git+status` vs `cmd:git+stash`) so the family is
+ *      narrow and predictable.
+ *   2. `Read /tmp/a.txt` and `Read /tmp/b.txt` got distinct fingerprints
+ *      at any prefix length below the filename, forcing users to re-`all`
+ *      every file. We key on dirname (`dir:/tmp`) so one approval covers
+ *      the whole directory.
+ *
+ * Prefixes (`cmd:` / `dir:` / `host:` / `path:` / `pat:` / `query:` /
+ * `url:` / `raw:`) keep the key space disambiguated — rules from
+ * different schemes can never accidentally alias each other, and `raw:`
+ * preserves backward compatibility for unknown tools.
+ *
+ * EXPORTED for unit tests. Not part of the bus's public API; production
+ * call sites all live inside this module.
+ */
+export declare function inputFingerprint(toolName: string, input: Record<string, unknown>): string;
+/** 进程级单例。agim 启动时 await approvalBus.start() 一次。 */
 export declare const approvalBus: ApprovalBus;
 //# sourceMappingURL=approval-bus.d.ts.map

package/dist/core/approval-bus.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"approval-bus.d.ts","sourceRoot":"","sources":["../../src/core/approval-bus.ts"],"names":[],"mappings":"AAwFA,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB;AAED;mEACmE;AACnE,MAAM,MAAM,QAAQ,GAChB;IAAE,QAAQ,EAAE,OAAO,CAAC;IAAC,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAAC,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAAE,GACzF;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE,CAAA;AAE1C,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC9B,SAAS,EAAE,MAAM,CAAA;IACjB,GAAG,EAAE,UAAU,CAAA;IACf;;;iDAG6C;IAC7C,SAAS,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAA;CAChC;AAED,+DAA+D;AAC/D,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,EAAE,oBAAoB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;AAEzE;;2DAE2D;AAC3D,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,iEAAiE;IACjE,WAAW,EAAE,MAAM,CAAA;IACnB;;;0CAGsC;IACtC,YAAY,EAAE,OAAO,CAAA;CACtB;AAED;;;mEAGmE;AACnE,MAAM,MAAM,eAAe,GACvB,MAAM,GACN,SAAS,GACT,oBAAoB,GACpB,gBAAgB,GAChB,UAAU,GACV,gBAAgB,CAAA;AAEpB;;;0EAG0E;AAC1E,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,QAAQ,EAAE,QAAQ,CAAA;IAClB,YAAY,EAAE,OAAO,CAAA;IACrB,KAAK,EAAE,eAAe,CAAA;CACvB;AAED,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,EAAE,eAAe,KAAK,IAAI,CAAA;AAE7D,4EAA4E;AAC5E,wBAAgB,SAAS,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,CAEvF;AA0CD,MAAM,WAAW,kBAAkB;IACjC,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B;uEACmE;IACnE,gBAAgB,CAAC,EAAE,MAAM,CAAA;CAC1B;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAsB;IACpC,OAAO,CAAC,UAAU,CAAsB;IACxC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAQ;IAC1C,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAQ;IAEzC,OAAO,CAAC,WAAW,CAAgC;IACnD,OAAO,CAAC,WAAW,CAAqC;IACxD,OAAO,CAAC,eAAe,CAAuC;IAC9D,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,QAAQ,CAAgC;IAChD,OAAO,CAAC,kBAAkB,CAAkC;IAC5D;;;8EAG0E;IAC1E,OAAO,CAAC,iBAAiB,CAAiC;IAE1D;;;wCAGoC;IACpC,OAAO,CAAC,gCAAgC,CAAoB;IAE5D;;;;;OAKG;IACH,OAAO,CAAC,eAAe,CAOtB;gBAEW,IAAI,GAAE,kBAAuB;IAKzC,yCAAyC;IACzC,WAAW,CAAC,CAAC,EAAE,gBAAgB,GAAG,IAAI,GAAG,IAAI;IAI7C;;;;+EAI2E;IAC3E,qBAAqB,CAAC,CAAC,EAAE,kBAAkB,GAAG,IAAI,GAAG,IAAI;IAIzD,2CAA2C;IACrC,KAAK,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAqC3C,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAqC3B,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,GAAG,IAAI;IAIjD,2CAA2C;IAC3C,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IASlC;;;8CAG0C;IAC1C,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAInC;;;;8CAI0C;IAC1C,WAAW,IAAI,OAAO;IAItB;;;;;;;;;;;OAWG;IACH;;;uEAGmE;IACnE,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,YAAY,GAAG,IAAI;IAOpE;;;;OAIG;IACH,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,YAAY,GAAG,IAAI;IAM7E,OAAO,CAAC,cAAc;IAkBtB;;qFAEiF;IACjF,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAI1C,+DAA+D;IAC/D,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE;IAIvC;mFAC+E;IAC/E,0BAA0B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAKhD;;uBAEmB;IACnB,2BAA2B,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO;IAMnE;qDACiD;IACjD,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAIzC;yCACqC;IACrC,gBAAgB,IAAI,MAAM,EAAE;IAI5B,wBAAwB;IACxB,aAAa,IAAI,MAAM,GAAG,IAAI;IAE9B;;;;;;;OAOG;IACH,UAAU,IAAI;QACZ,OAAO,EAAE,MAAM,CAAA;QACf,aAAa,EAAE,MAAM,CAAA;QACrB,aAAa,EAAE,MAAM,CAAA;QACrB,YAAY,EAAE,MAAM,CAAA;QACpB,WAAW,EAAE,MAAM,CAAA;QACnB,aAAa,EAAE,MAAM,CAAA;QACrB,wBAAwB,EAAE,MAAM,CAAA;KACjC;IAYD;;;;;;;;;;OAUG;IACH,WAAW,IAAI,KAAK,CAAC;QACnB,KAAK,EAAE,MAAM,CAAA;QACb,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,QAAQ,EAAE,MAAM,CAAA;QAChB,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;QAC9B,WAAW,EAAE,MAAM,CAAA;QACnB,SAAS,EAAE,OAAO,CAAA;QAClB,YAAY,EAAE,MAAM,CAAA;QACpB,KAAK,EAAE,MAAM,CAAA;KACd,CAAC;IAwBF,OAAO,CAAC,gBAAgB;YAuDV,UAAU;IAgCxB;;;;;;;;;;;;;;;OAeG;YACW,cAAc;IA4D5B,OAAO,CAAC,kBAAkB;IAa1B;;;;;;;;OAQG;YACW,UAAU;IAoDxB,OAAO,CAAC,cAAc;YAaR,cAAc;IAsC5B;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACG,wBAAwB,CAAC,KAAK,EAAE;QACpC,KAAK,EAAE,MAAM,CAAA;QACb,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;QAC9B,0EAA0E;QAC1E,SAAS,CAAC,EAAE,MAAM,CAAA;QAClB,GAAG,EAAE,UAAU,CAAA;QACf,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,KAAK,IAAI,CAAA;KACvC,GAAG,OAAO,CAAC,IAAI,CAAC;IA2BjB;;;;OAIG;YACW,gBAAgB;IAuG9B,OAAO,CAAC,aAAa;IAqFrB,OAAO,CAAC,gBAAgB;IAQxB,OAAO,CAAC,mBAAmB;IAQ3B,OAAO,CAAC,aAAa;IASrB,OAAO,CAAC,YAAY;CAerB;AAqCD,qDAAqD;AACrD,eAAO,MAAM,WAAW,aAAoB,CAAA"}
+{"version":3,"file":"approval-bus.d.ts","sourceRoot":"","sources":["../../src/core/approval-bus.ts"],"names":[],"mappings":"AAkDA,wBAAgB,qBAAqB,IAAI,OAAO,CAE/C;AA8CD,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB;AAED;mEACmE;AACnE,MAAM,MAAM,QAAQ,GAChB;IAAE,QAAQ,EAAE,OAAO,CAAC;IAAC,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAAC,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAAE,GACzF;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE,CAAA;AAE1C,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC9B,SAAS,EAAE,MAAM,CAAA;IACjB,GAAG,EAAE,UAAU,CAAA;IACf;;;iDAG6C;IAC7C,SAAS,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAA;CAChC;AAED,+DAA+D;AAC/D,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,EAAE,oBAAoB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;AAEzE;;2DAE2D;AAC3D,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,iEAAiE;IACjE,WAAW,EAAE,MAAM,CAAA;IACnB;;;0CAGsC;IACtC,YAAY,EAAE,OAAO,CAAA;CACtB;AAED;;;mEAGmE;AACnE,MAAM,MAAM,eAAe,GACvB,MAAM,GACN,SAAS,GACT,oBAAoB,GACpB,gBAAgB,GAChB,UAAU,GACV,gBAAgB,CAAA;AAEpB;;;0EAG0E;AAC1E,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,QAAQ,EAAE,QAAQ,CAAA;IAClB,YAAY,EAAE,OAAO,CAAA;IACrB,KAAK,EAAE,eAAe,CAAA;CACvB;AAED,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,EAAE,eAAe,KAAK,IAAI,CAAA;AAE7D,4EAA4E;AAC5E,wBAAgB,SAAS,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,CAEvF;AA0CD,MAAM,WAAW,kBAAkB;IACjC,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B;uEACmE;IACnE,gBAAgB,CAAC,EAAE,MAAM,CAAA;CAC1B;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAsB;IACpC,OAAO,CAAC,UAAU,CAAsB;IACxC;4EACwE;IACxE,SAAgB,iBAAiB,EAAE,MAAM,CAAA;IACzC,SAAgB,gBAAgB,EAAE,MAAM,CAAA;IAExC,OAAO,CAAC,WAAW,CAAgC;IACnD,OAAO,CAAC,WAAW,CAAqC;IACxD,OAAO,CAAC,eAAe,CAAuC;IAC9D,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,QAAQ,CAAgC;IAChD,OAAO,CAAC,kBAAkB,CAAkC;IAC5D;;;8EAG0E;IAC1E,OAAO,CAAC,iBAAiB,CAAiC;IAE1D;;;wCAGoC;IACpC,OAAO,CAAC,gCAAgC,CAAoB;IAE5D;;;;;OAKG;IACH,OAAO,CAAC,eAAe,CAOtB;gBAEW,IAAI,GAAE,kBAAuB;IAKzC,yCAAyC;IACzC,WAAW,CAAC,CAAC,EAAE,gBAAgB,GAAG,IAAI,GAAG,IAAI;IAI7C;;;;+EAI2E;IAC3E,qBAAqB,CAAC,CAAC,EAAE,kBAAkB,GAAG,IAAI,GAAG,IAAI;IAIzD,2CAA2C;IACrC,KAAK,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAqC3C,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAqC3B,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,GAAG,IAAI;IAIjD,2CAA2C;IAC3C,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IASlC;;;8CAG0C;IAC1C,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAInC;;;;8CAI0C;IAC1C,WAAW,IAAI,OAAO;IAItB;;;;;;;;;;;OAWG;IACH;;;uEAGmE;IACnE,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,YAAY,GAAG,IAAI;IAOpE;;;;OAIG;IACH,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,YAAY,GAAG,IAAI;IAM7E,OAAO,CAAC,cAAc;IAkBtB;;qFAEiF;IACjF,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAI1C,+DAA+D;IAC/D,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE;IAIvC;mFAC+E;IAC/E,0BAA0B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAKhD;;uBAEmB;IACnB,2BAA2B,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO;IAMnE;qDACiD;IACjD,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAIzC;yCACqC;IACrC,gBAAgB,IAAI,MAAM,EAAE;IAI5B,wBAAwB;IACxB,aAAa,IAAI,MAAM,GAAG,IAAI;IAE9B;;;;;;;OAOG;IACH,UAAU,IAAI;QACZ,OAAO,EAAE,MAAM,CAAA;QACf,aAAa,EAAE,MAAM,CAAA;QACrB,aAAa,EAAE,MAAM,CAAA;QACrB,YAAY,EAAE,MAAM,CAAA;QACpB,WAAW,EAAE,MAAM,CAAA;QACnB,aAAa,EAAE,MAAM,CAAA;QACrB,wBAAwB,EAAE,MAAM,CAAA;KACjC;IAYD;;;;;;;;;;OAUG;IACH,WAAW,IAAI,KAAK,CAAC;QACnB,KAAK,EAAE,MAAM,CAAA;QACb,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,QAAQ,EAAE,MAAM,CAAA;QAChB,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;QAC9B,WAAW,EAAE,MAAM,CAAA;QACnB,SAAS,EAAE,OAAO,CAAA;QAClB,YAAY,EAAE,MAAM,CAAA;QACpB,KAAK,EAAE,MAAM,CAAA;KACd,CAAC;IAwBF,OAAO,CAAC,gBAAgB;YAuDV,UAAU;IAgCxB;;;;;;;;;;;;;;;OAeG;YACW,cAAc;IA4D5B,OAAO,CAAC,kBAAkB;IAa1B;;;;;;;;OAQG;YACW,UAAU;IAoDxB,OAAO,CAAC,cAAc;YAaR,cAAc;IAsC5B;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACG,wBAAwB,CAAC,KAAK,EAAE;QACpC,KAAK,EAAE,MAAM,CAAA;QACb,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;QAC9B,0EAA0E;QAC1E,SAAS,CAAC,EAAE,MAAM,CAAA;QAClB,GAAG,EAAE,UAAU,CAAA;QACf,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,KAAK,IAAI,CAAA;KACvC,GAAG,OAAO,CAAC,IAAI,CAAC;IA2BjB;;;;OAIG;YACW,gBAAgB;IA8G9B,OAAO,CAAC,aAAa;IAqFrB,OAAO,CAAC,gBAAgB;IAQxB,OAAO,CAAC,mBAAmB;IAQ3B,OAAO,CAAC,aAAa;IASrB,OAAO,CAAC,YAAY;CA8BrB;AAMD;;;;;;;;;;GAUG;AACH,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAgB/D;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CA0DzF;AAWD,mDAAmD;AACnD,eAAO,MAAM,WAAW,aAAoB,CAAA"}

package/dist/core/approval-bus.js

@@ -1,6 +1,6 @@
 // approval-bus — IM 端人工审批的进程内总线
 //
-// 角色：在 im-hub 主进程里跑一个 unix socket 服务，等 claude 子进程的
+// 角色：在 agim 主进程里跑一个 unix socket 服务，等 claude 子进程的
 // MCP "approval sidecar" 通过 socket 连进来发审批请求。bus 自己不决策，
 // 只做三件事：
 //   1. 把请求转给 notifier（由 messenger 层注入：负责推 IM 卡片）
@@ -15,17 +15,35 @@
 import { createServer } from 'node:net';
 import { unlink, stat as fsStat, chmod } from 'node:fs/promises';
 import { tmpdir } from 'node:os';
-import { join } from 'node:path';
+import { dirname, join } from 'node:path';
 import { randomBytes } from 'node:crypto';
 import { logger as rootLogger } from './logger.js';
 import { eventBus } from './event-bus.js';
 const log = rootLogger.child({ component: 'approval-bus' });
-// Bumped from 5 min to 30 min so slower IM channels (e.g. Telegram, where
-// notifications can land minutes after the bot.api.sendMessage logs success)
-// have time to round-trip a y/n reply. Aligned with Claude's own 30 min hard
-// timeout so we never outlive the underlying agent process.
-const DEFAULT_APPROVAL_TIMEOUT_MS = parseEnvMs(process.env.IMHUB_APPROVAL_TIMEOUT_MS, 30 * 60 * 1000);
+// Default 15 min — long enough for slower IM channels (Telegram, where
+// notifications can land minutes after bot.api.sendMessage logs success) to
+// round-trip a y/n reply, short enough not to block downstream tools for
+// hours. agent-base.ts now uses an idle-based timer (resets on every stdout
+// chunk) instead of a fixed total-time cap, so this approval timeout is no
+// longer constrained to "outlive the agent process" — the agent only dies
+// after IMHUB_AGENT_IDLE_TIMEOUT_MS of complete silence.
+const DEFAULT_APPROVAL_TIMEOUT_MS = parseEnvMs(process.env.IMHUB_APPROVAL_TIMEOUT_MS, 15 * 60 * 1000);
 const DEFAULT_AUTO_ALLOW_GRACE_MS = 5 * 1000;
+// IMHUB_TIMEOUT_DEFAULT=allow | deny (default deny). Decides what the bus
+// returns when a normal-mode approval times out without a user response.
+// Auto-allow grace expiry is unaffected — it always resolves to allow.
+// Setting this to 'allow' is "user away" mode: the agent keeps moving even
+// when nobody's at the IM, at the cost of weaker human oversight on
+// write-side tool calls (Bash/Edit/Write/etc). Default deny preserves the
+// original strict behavior.
+//
+// Read at every timer fire (not captured at module load) so the Web Settings
+// "Approval Policy" card can hot-toggle the value — handlePutEnv mutates
+// process.env after updating ~/.agim/env, and the next timer that expires
+// picks up the new value with no restart.
+export function isTimeoutDefaultAllow() {
+    return (process.env.IMHUB_TIMEOUT_DEFAULT ?? 'deny').toLowerCase() === 'allow';
+}
 /**
  * Tools whose contract is "read filesystem state, return it" — no writes,
  * no shell exec, no network. These short-circuit the approval flow with an
@@ -61,20 +79,11 @@ function parseEnvMs(raw, fallback) {
 }
 const MAX_LINE_BYTES = 256 * 1024;
 const MAX_BUFFER_BYTES = MAX_LINE_BYTES * 4;
-/** Length of the input prefix used to fingerprint an auto-allow rule.
- *  `(toolName, input-prefix)` is the dedup key.
- *
- *  Bumped from 5 → 10 (M13). 5 collapsed `bash::git s` so the rule
- *  matched `git status` AND `git stash` AND `git submodule update` — far
- *  broader than users meant when they OK'd a single command. 10 keeps
- *  the three common families distinct (`git status` ≠ `git stash` ≠
- *  `git submo`) while still grouping benign variations of the same
- *  operation (e.g. `git status` ≈ `git status -s`).
- *
- *  Why not longer? Most realistic commands are 6–14 chars, and pushing
- *  past 10 means even `git status` vs `git status -s` are treated as
- *  distinct, defeating the "approve once for variants" UX. 10 is the
- *  sweet spot per CR-2026-05-06. */
+/** Fallback prefix length for tools without a semantic key (Glob/Grep
+ *  patterns, WebSearch queries, unknown tools). The mainline path uses
+ *  per-tool semantic fingerprints — see inputFingerprint() — so this only
+ *  governs the long tail. Kept at 10 for parity with the pre-semantic
+ *  behavior. */
 const AUTO_ALLOW_PREFIX_LEN = 10;
 /** Composite key that prevents cross-platform/channel thread collisions. */
 export function threadKey(platform, channelId, threadId) {
@@ -83,6 +92,8 @@ export function threadKey(platform, channelId, threadId) {
 export class ApprovalBus {
     server = null;
     socketPath = null;
+    /** Public so renderers (approval-router plain-text prompt, future card
+     *  variants) can show the actual budget instead of hardcoded "5 分钟". */
     approvalTimeoutMs;
     autoAllowGraceMs;
     runContexts = new Map();
@@ -721,7 +732,7 @@ export class ApprovalBus {
      * notifier, and ensures the timer is cleared if the notifier itself throws.
      */
     async _registerPending(args) {
-        const fingerprint = inputFingerprint(args.input);
+        const fingerprint = inputFingerprint(args.toolName, args.input);
         const cKey = threadKey(args.ctx.platform, args.ctx.channelId, args.ctx.threadId);
         // Readonly auto-allow short-circuit. Must come BEFORE pending registration
         // / notifier so it costs zero IM round-trips. Counts toward totals so the
@@ -775,6 +786,9 @@ export class ApprovalBus {
                 if (isAutoAllow) {
                     this.cancelPending(pending, { behavior: 'allow' }, 'timeout');
                 }
+                else if (isTimeoutDefaultAllow()) {
+                    this.cancelPending(pending, { behavior: 'allow' }, 'timeout');
+                }
                 else {
                     this.cancelPending(pending, { behavior: 'deny', message: 'approval timeout' }, 'timeout');
                 }
@@ -811,7 +825,12 @@ export class ApprovalBus {
         }
         catch (err) {
             log.error({ event: 'approval.bus.notifier_error', reqId: args.reqId, err: String(err) });
-            this.cancelPending(pending, { behavior: 'deny', message: 'notifier error' }, 'notifier-error');
+            // Forward the actual error message to the agent so users see meaningful
+            // text — most notably self-protect's "🛑 检测到尝试…请改用 /restart"
+            // redirect, which was previously swallowed and replaced with a useless
+            // "notifier error". For non-Error throws we keep the old fallback.
+            const errMsg = err instanceof Error && err.message ? err.message : 'notifier error';
+            this.cancelPending(pending, { behavior: 'deny', message: errMsg }, 'notifier-error');
         }
     }
     cancelPending(p, decision, cause = 'sidecar-disconnect') {
@@ -930,8 +949,22 @@ export class ApprovalBus {
             this.pendingByThread.delete(p.compositeKey);
     }
     sendDecision(socket, reqId, decision) {
-        if (!socket.writable)
+        if (!socket.writable) {
+            // Silent drop — agent never gets the decision and hangs until its own
+            // MCP-side timeout. Log loudly so users diagnosing "auto-allow showed
+            // the card but didn't fire" (and similar "approval landed but tool
+            // didn't run" reports) have a breadcrumb. Most often happens when the
+            // sidecar socket entered half-closed state between timer fire and
+            // write (e.g. claude process exited a few ms before grace timer
+            // expiry).
+            log.warn({
+                event: 'approval.bus.send_dropped',
+                reqId,
+                decision: decision.behavior,
+                reason: 'socket-not-writable',
+            }, 'cannot deliver decision: sidecar socket no longer writable');
             return;
+        }
         // Strip internal-only flags (e.g. autoAllowFurther) — sidecar only
         // understands the wire schema.
         const wire = { v: 1, type: 'decision', reqId, behavior: decision.behavior };
@@ -952,22 +985,120 @@ function autoAllowRuleKey(toolName, fingerprint) {
     return `${toolName}::${fingerprint}`;
 }
 /**
- * Pick a stable, short prefix of the input as the auto-allow fingerprint.
+ * Translate a raw fingerprint string (e.g. `cmd:git+status`) into the
+ * human-readable form shown in IM receipts and `/approval` listings
+ * (e.g. `命令 git status`). The inverse of inputFingerprint()'s internal
+ * encoding — keep the scheme list in sync if you add new fingerprint
+ * variants.
  *
- * Strategy: try the field most users mean when they say "this kind of
- * call" for the common Claude tools (Bash → command, Write/Edit/Read →
- * file_path, etc.); fall back to a stringified snapshot. Always truncated
- * to AUTO_ALLOW_PREFIX_LEN so the rule covers small variations of the
- * same operation but not unrelated ones.
+ * Unknown / legacy schemes pass through unchanged so the function is
+ * forward-compatible with future fingerprint additions and backward-
+ * compatible with rules created before the semantic split (no scheme).
  */
-function inputFingerprint(input) {
-    const FIELDS = ['command', 'file_path', 'path', 'url', 'pattern', 'query'];
-    for (const f of FIELDS) {
-        const v = input[f];
-        if (typeof v === 'string' && v.length > 0) {
-            return v.slice(0, AUTO_ALLOW_PREFIX_LEN);
+export function humanizeFingerprint(fingerprint) {
+    const sep = fingerprint.indexOf(':');
+    if (sep < 0)
+        return fingerprint;
+    const scheme = fingerprint.slice(0, sep);
+    const rest = fingerprint.slice(sep + 1);
+    switch (scheme) {
+        case 'cmd': return `命令 ${rest.replace(/\+/g, ' ')}`;
+        case 'dir': return `目录 ${rest}`;
+        case 'host': return `主机 ${rest}`;
+        case 'path': return `路径 ${rest}`;
+        case 'pat': return `模式 ${rest}`;
+        case 'query': return `查询 ${rest}`;
+        case 'url': return `URL ${rest}`;
+        case 'raw': return `入参 ${rest}`;
+        default: return fingerprint;
+    }
+}
+/**
+ * Compute the auto-allow fingerprint — the "kind" of call that, when
+ * approved with `all`, covers future similar calls.
+ *
+ * Semantic per tool (rather than a uniform prefix slice) — fixes two
+ * footguns of the old prefix-based approach:
+ *   1. `Bash git status` and `git stash` collided at 5 chars but split at
+ *      10 — neither setting matched user intuition. We extract the first
+ *      two tokens (`cmd:git+status` vs `cmd:git+stash`) so the family is
+ *      narrow and predictable.
+ *   2. `Read /tmp/a.txt` and `Read /tmp/b.txt` got distinct fingerprints
+ *      at any prefix length below the filename, forcing users to re-`all`
+ *      every file. We key on dirname (`dir:/tmp`) so one approval covers
+ *      the whole directory.
+ *
+ * Prefixes (`cmd:` / `dir:` / `host:` / `path:` / `pat:` / `query:` /
+ * `url:` / `raw:`) keep the key space disambiguated — rules from
+ * different schemes can never accidentally alias each other, and `raw:`
+ * preserves backward compatibility for unknown tools.
+ *
+ * EXPORTED for unit tests. Not part of the bus's public API; production
+ * call sites all live inside this module.
+ */
+export function inputFingerprint(toolName, input) {
+    const getStr = (k) => {
+        const v = input[k];
+        return typeof v === 'string' && v.length > 0 ? v : null;
+    };
+    switch (toolName) {
+        case 'Bash': {
+            const cmd = getStr('command');
+            if (!cmd)
+                break;
+            // First 1–2 whitespace-separated tokens. Quoted strings aren't
+            // unwrapped — we want `bash -c "..."` to fingerprint as `bash+-c`,
+            // not whatever's inside the quotes (the user is approving "running
+            // bash -c", a meta-pattern).
+            const tokens = cmd.trim().split(/\s+/).slice(0, 2);
+            return `cmd:${tokens.join('+')}`;
+        }
+        case 'Read':
+        case 'Write':
+        case 'Edit':
+        case 'NotebookEdit':
+        case 'NotebookRead':
+        case 'LS': {
+            const fp = getStr('file_path') ?? getStr('path');
+            if (!fp)
+                break;
+            // dirname('/tmp/x.txt') → '/tmp'  (group all files in dir)
+            // dirname('file.txt')   → '.'     (no dir — fall back to the path
+            //                                  itself so we don't lump every
+            //                                  relative-path call together)
+            const d = dirname(fp);
+            return d === '.' || d === '' ? `path:${fp.slice(0, AUTO_ALLOW_PREFIX_LEN)}` : `dir:${d}`;
+        }
+        case 'WebFetch': {
+            const u = getStr('url');
+            if (!u)
+                break;
+            // Hostname captures "calls to this API"; path / query string are
+            // intentionally dropped — they vary per call but the user means
+            // "trust this host" when they say `all`.
+            try {
+                return `host:${new URL(u).hostname}`;
+            }
+            catch {
+                return `url:${u.slice(0, AUTO_ALLOW_PREFIX_LEN)}`;
+            }
+        }
+        case 'WebSearch': {
+            const q = getStr('query');
+            if (!q)
+                break;
+            return `query:${q.slice(0, AUTO_ALLOW_PREFIX_LEN)}`;
+        }
+        case 'Glob':
+        case 'Grep': {
+            const p = getStr('pattern');
+            if (!p)
+                break;
+            return `pat:${p.slice(0, AUTO_ALLOW_PREFIX_LEN)}`;
         }
     }
+    // Unknown tool or known tool whose primary field was missing — fall
+    // back to a stringified prefix so the dedup key remains stable.
     let s;
     try {
         s = JSON.stringify(input);
@@ -975,7 +1106,7 @@ function inputFingerprint(input) {
     catch {
         s = '';
     }
-    return s.slice(0, AUTO_ALLOW_PREFIX_LEN);
+    return `raw:${s.slice(0, AUTO_ALLOW_PREFIX_LEN)}`;
 }
 function defaultSocketPath() {
     // 16 random bytes (32 hex chars) — defeats path prediction attacks that the
@@ -985,6 +1116,6 @@ function defaultSocketPath() {
     // statistically infeasible.
     return join(tmpdir(), `imhub-approval-${randomBytes(16).toString('hex')}.sock`);
 }
-/** 进程级单例。im-hub 启动时 await approvalBus.start() 一次。 */
+/** 进程级单例。agim 启动时 await approvalBus.start() 一次。 */
 export const approvalBus = new ApprovalBus();
 //# sourceMappingURL=approval-bus.js.map