cicy-desktop 2.1.78 → 2.1.80

package/src/utils/window-thumbnails.js

@@ -0,0 +1,126 @@
+// window-thumbnails.js
+// Periodically writes a small JPEG thumbnail of every open BrowserWindow to a
+// folder — like Chrome's tab thumbnails. On-disk so the homepage / agents can
+// read a recent preview of a window without an RPC + capturePage round-trip
+// each time.
+//
+// Reuses the same capture path as `GET /ui/snapshot` (capturePage → resize →
+// toJPEG), just driven on a timer and scaled to a small rect.
+//
+// Layout (<dir> default ~/cicy-files/window-thumbs, override CICY_THUMB_DIR):
+//   <dir>/win-<id>.jpg   one small JPEG per live window (overwritten each tick)
+//   <dir>/index.json     manifest: [{ id, title, url, accountIdx, w, h, file, bytes, updatedAt }]
+// Thumbnails for closed windows are pruned each tick.
+
+const fs = require("fs");
+const path = require("path");
+const os = require("os");
+const { BrowserWindow } = require("electron");
+
+let timer = null;
+let kickTimer = null;
+let running = false; // a tick may outlast the interval — don't overlap captures
+
+function thumbDir() {
+  const fromEnv = (process.env.CICY_THUMB_DIR || "").trim();
+  return fromEnv || path.join(os.homedir(), "cicy-files", "window-thumbs");
+}
+
+function accountIdxOf(win) {
+  // Windows tagged at creation expose cicyAccountIdx; otherwise the default
+  // session (homepage / system windows) maps to 0.
+  if (typeof win.cicyAccountIdx === "number") return win.cicyAccountIdx;
+  try {
+    const p = win.webContents.session.partition || "";
+    const m = /^persist:sandbox-(\d+)$/.exec(p);
+    if (m) return parseInt(m[1], 10);
+  } catch (_) {}
+  return 0;
+}
+
+async function captureOne(win, dir, { maxWidth, quality }) {
+  if (win.isDestroyed()) return null;
+  const wc = win.webContents;
+  if (!wc || wc.isDestroyed() || wc.isCrashed()) return null;
+  const image = await wc.capturePage();
+  if (image.isEmpty()) return null;
+  const { width, height } = image.getSize();
+  if (!width || !height) return null;
+  const scale = Math.min(1, maxWidth / width);
+  const tw = Math.max(1, Math.round(width * scale));
+  const th = Math.max(1, Math.round(height * scale));
+  const scaled = scale < 1 ? image.resize({ width: tw, height: th, quality: "good" }) : image;
+  const buf = scaled.toJPEG(quality);
+  const file = path.join(dir, `win-${win.id}.jpg`);
+  fs.writeFileSync(file, buf);
+  return {
+    id: win.id,
+    title: win.getTitle(),
+    url: wc.getURL(),
+    accountIdx: accountIdxOf(win),
+    w: tw,
+    h: th,
+    file,
+    bytes: buf.length,
+    updatedAt: new Date().toISOString(),
+  };
+}
+
+async function tick(opts) {
+  if (running) return;
+  running = true;
+  try {
+    const dir = thumbDir();
+    fs.mkdirSync(dir, { recursive: true });
+    const wins = BrowserWindow.getAllWindows().filter((w) => !w.isDestroyed());
+    const liveIds = new Set(wins.map((w) => w.id));
+
+    // Prune thumbnails whose window is gone.
+    try {
+      for (const f of fs.readdirSync(dir)) {
+        const m = /^win-(\d+)\.jpg$/.exec(f);
+        if (m && !liveIds.has(parseInt(m[1], 10))) {
+          try { fs.unlinkSync(path.join(dir, f)); } catch (_) {}
+        }
+      }
+    } catch (_) {}
+
+    const manifest = [];
+    for (const win of wins) {
+      try {
+        const entry = await captureOne(win, dir, opts);
+        if (entry) manifest.push(entry);
+      } catch (_) {
+        // one window failing must never stop the rest
+      }
+    }
+    try {
+      fs.writeFileSync(path.join(dir, "index.json"), JSON.stringify(manifest, null, 2));
+    } catch (_) {}
+  } finally {
+    running = false;
+  }
+}
+
+function startWindowThumbnails(options = {}) {
+  const opts = {
+    intervalMs: options.intervalMs || 4000,
+    maxWidth: options.maxWidth || 320, // small rect, chrome-ish
+    quality: options.quality || 60,
+  };
+  stopWindowThumbnails();
+  const kick = () => { tick(opts).catch(() => {}); };
+  timer = setInterval(kick, opts.intervalMs);
+  if (timer.unref) timer.unref();
+  // First pass shortly after launch (let windows paint at least one frame).
+  kickTimer = setTimeout(kick, 1500);
+  if (kickTimer.unref) kickTimer.unref();
+  return { dir: thumbDir(), ...opts };
+}
+
+function stopWindowThumbnails() {
+  if (timer) { clearInterval(timer); timer = null; }
+  if (kickTimer) { clearTimeout(kickTimer); kickTimer = null; }
+}
+
+module.exports = { startWindowThumbnails, stopWindowThumbnails, thumbDir };

package/src/utils/window-utils.js

@@ -1,4 +1,6 @@
 const { app, BrowserWindow, Menu, dialog, shell } = require("electron");
+const { default: contextMenu } = require("electron-context-menu");
+const contextMenuOptions = require("./context-menu-options");
 const path = require("path");
 const fs = require("fs");
 const os = require("os");
@@ -31,8 +33,11 @@ function setupWindowHandlers(win) {
           icon: require("./app-icon").appIconPath(),
           webPreferences: {
             webviewTag: true, // embedded <webview> (ttyd/artifact) must render
-            nodeIntegration: isTrustedUrl(url),
-            contextIsolation: !isTrustedUrl(url),
+            // hole #4: trusted pages no longer get raw Node. Their electronRPC
+            // bridge comes from webview-preload via contextBridge, so a trusted-origin
+            // XSS can't `require('child_process')` to bypass the rpc:guarded gate.
+            nodeIntegration: false,
+            contextIsolation: true,
             preload: path.join(__dirname, "../backends/webview-preload.js"),
             webSecurity: false,
             enableClipboard: true,
@@ -55,8 +60,22 @@ function setupWindowHandlers(win) {
   // homepage is a persistent window; everything created here is disposable and
   // re-openable from the homepage. (Previously these preventDefault()+hide()'d,
   // so "closed" windows lingered hidden forever.)
+  const _registryId = win.id;
   win.on("close", () => {
-    log.info(`[Window ${win.id}] Close → destroy: ${win.getTitle()}`);
+    log.info(`[Window ${_registryId}] Close → destroy: ${win.getTitle()}`);
+  });
+  // Persistent window registry: a USER/agent close keeps the record (status
+  // "closed", re-openable). A close during app QUIT leaves it "open" so it
+  // auto-reopens next launch. No-op for unregistered windows (e.g. homepage).
+  // "closed" fires for both win.close() and win.destroy().
+  win.on("closed", () => {
+    try {
+      if (!app || !app.isQuitting) {
+        require("./window-registry").markClosed(_registryId);
+      }
+    } catch (e) {
+      log.error("[WindowRegistry] markClosed failed:", e.message);
+    }
   });
 
   // 🔥 全局下载处理 - 自动保存到 ~/Downloads/electron/
@@ -78,70 +97,10 @@ function setupWindowHandlers(win) {
   }
 
   win.webContents.on("dom-ready", async () => {
-    // Auto-inject electronRPC for trusted URLs. Trust comes from
-    // isTrustedUrl(), which includes built-in dev hosts AND any backend the
-    // user explicitly added to the registry (they opt in by adding the URL,
-    // and the auth token is required to reach the cicy-code there anyway).
-    const pageUrl = win.webContents.getURL();
-    try {
-      if (isTrustedUrl(pageUrl)) {
-        const rpcCode = `
-          if (!window.electronRPC) {
-            try {
-              const { ipcRenderer } = require('electron');
-              window.electronRPC = (tool, args) => ipcRenderer.invoke('rpc', tool, args || {});
-              console.log('[RPC] electronRPC ready');
-            } catch(e) {}
-          }
-          // window.cicy.artifact — remote control of the 产物 (artifact) <webview>
-          // guest webContents for cicy-code's artifactBridge.ts. Targets the
-          // element id 'cicy-artifact-webview'; round-trips to artifact-ipc.js.
-          (function(){
-            try {
-              if (window.cicy && window.cicy.artifact) return;
-              const { ipcRenderer } = require('electron');
-              window.cicy = window.cicy || {};
-              const guestId = () => {
-                const el = document.getElementById('cicy-artifact-webview');
-                if (!el || typeof el.getWebContentsId !== 'function')
-                  throw new Error('artifact webview not mounted (open the 产物 tab once)');
-                return el.getWebContentsId();
-              };
-              let _attached = false;
-              window.cicy.artifact = {
-                invoke: (method, args) =>
-                  ipcRenderer.invoke('artifact:invoke', { guestId: guestId(), method, args: args || [] }),
-                cdp: {
-                  attach: (protocolVersion) =>
-                    ipcRenderer.invoke('artifact:cdp-attach', { guestId: guestId(), protocolVersion })
-                      .then((r) => { _attached = true; return r; }),
-                  detach: () =>
-                    ipcRenderer.invoke('artifact:cdp-detach', { guestId: guestId() })
-                      .then((r) => { _attached = false; return r; }),
-                  isAttached: () => _attached,
-                  send: (method, params) =>
-                    ipcRenderer.invoke('artifact:cdp-send', { guestId: guestId(), method, params: params || {} }),
-                },
-              };
-              try { ipcRenderer.removeAllListeners('artifact:event'); } catch(e) {}
-              ipcRenderer.on('artifact:event', (_e, detail) => {
-                if (detail && detail.source === 'cdp' && detail.method === '__detached') _attached = false;
-                try { window.dispatchEvent(new CustomEvent('cicy-artifact-event', { detail: detail })); } catch(e) {}
-              });
-              console.log('[artifact] window.cicy.artifact ready');
-            } catch(e) { console.error('[artifact] bridge inject failed', e && e.message); }
-          })();
-        `;
-        if (win.webContents.debugger.isAttached()) {
-          await win.webContents.debugger.sendCommand("Runtime.evaluate", { expression: rpcCode });
-        } else {
-          await win.webContents.executeJavaScript(rpcCode);
-        }
-      }
-    } catch (e) {
-      log.error("[RPC inject]", e.message);
-    }
-
+    // (Removed: the 产物/artifact bridge injection. electronRPC for trusted pages
+    // is provided by webview-preload.js via contextBridge; the artifact webview
+    // remote-control feature was deleted — superseded by the electron tab + chrome
+    // profile browsers.)
     try {
       // 1. 获取当前页面的根域名
       const currentURL = win.webContents.getURL();
@@ -203,23 +162,17 @@ function setupWindowHandlers(win) {
 // registry.remove call refreshTrustedOrigins() — wired in registry.js).
 let _trustedOriginsCache = null;
 function loadTrustedOrigins() {
-  // Built-in always-trusted hosts (dev + reserved internal domain).
-  const set = new Set(["localhost", "127.0.0.1"]);
+  // The trusted set = the user-managed allowlist in
+  // ~/cicy-ai/db/trusted-origins.json (built-ins localhost/127.0.0.1 included by
+  // the store). Backends / teams are NO LONGER auto-trusted: "add a server" must
+  // never implicitly grant a remote origin the right to run commands locally.
+  // Users (incl. self-hosted) add their own domain explicitly in settings.
   try {
-    // Lazy require to avoid a cycle (registry.js requires electron.app which
-    // isn't ready when this module is first loaded by main.js).
-    const registry = require("../backends/registry");
-    for (const b of registry.list()) {
-      if (!b || !b.url) continue;
-      try {
-        const h = new URL(b.url).hostname;
-        if (h) set.add(h);
-      } catch {}
-    }
+    const store = require("../profiles/trusted-origins-store");
+    return new Set(store.listAll());
   } catch (e) {
-    // Registry not ready yet — fall back to built-ins.
+    return new Set(["localhost", "127.0.0.1"]);
   }
-  return set;
 }
 function trustedOrigins() {
   if (!_trustedOriginsCache) _trustedOriginsCache = loadTrustedOrigins();
@@ -233,14 +186,20 @@ function isTrustedUrl(url) {
   if (!url) return false;
   try {
     const u = new URL(url);
-    if (u.hostname.endsWith(".de5.net")) return true;
+    // Exact-hostname match against the user allowlist ONLY. No domain-suffix
+    // wildcard — a public-upload host under a trusted suffix (e.g.
+    // r2.deepfetch.de5.net, which can serve attacker HTML) must never count as a
+    // trusted RPC origin.
     return trustedOrigins().has(u.hostname);
   } catch {
     return false;
   }
 }
 
-function createWindow(options = {}, accountIdx = 0, forceNew = false) {
+// accountIdx default = 1 (user profile space). Account 0 is reserved for the
+// platform's own/system windows; callers that want the system slot pass 0
+// explicitly (e.g. local-teams). Agents opening windows should use >0.
+function createWindow(options = {}, accountIdx = 1, forceNew = false) {
   const { width = 1200, height = 800, url, webPreferences = {}, x, y } = options;
   console.log("[createWindow] url:", url, "isTrusted:", isTrustedUrl(url));
 
@@ -310,13 +269,16 @@ function createWindow(options = {}, accountIdx = 0, forceNew = false) {
     autoHideMenuBar: true,
     webPreferences: {
       offscreen: false, // 确保不是离屏渲染
-      nodeIntegration: isTrustedUrl(url),
-      contextIsolation: !isTrustedUrl(url),
-      // electronRPC + window.cicy for EVERY window open_window creates — without
-      // this, untrusted (contextIsolation:true) pages had no electronRPC and the
+      // hole #4: trusted pages run with NO raw Node (was nodeIntegration:
+      // isTrustedUrl). electronRPC + window.cicy come from webview-preload via
+      // contextBridge, so a trusted-origin XSS can't `require('child_process')`
+      // past the rpc:guarded gate.
+      nodeIntegration: false,
+      contextIsolation: true,
+      // webview-preload exposes electronRPC + window.cicy for EVERY window
+      // open_window creates (contextBridge under isolation). Without it the
       // agent-desktop/agent-electron skills' `desktop_event rpc_call` failed with
-      // 'electronRPC not available'. webview-preload self-adapts to the isolation
-      // mode (contextBridge when isolated, direct window assign when not).
+      // 'electronRPC not available'.
       preload: path.join(__dirname, "../backends/webview-preload.js"),
       partition: `persist:sandbox-${accountIdx}`,
       // 启用剪贴板权限
@@ -337,16 +299,29 @@ function createWindow(options = {}, accountIdx = 0, forceNew = false) {
   // ✅ 核心修正：获取当前窗口真正使用的那个 session
   const ses = win.webContents.session;
 
-  // 设置代理（如果全局配置了）
-  if (config.proxy) {
-    const proxyConfig = {
-      proxyRules: config.proxy,
-      // proxyBypassRules removed
-    };
+  // 设置代理：优先用该 profile 持久化的 proxy（account-N.json），否则回退全局 config.proxy。
+  // 这样新开窗口会自动套用账号自己保存的代理，无需手动 set_account_proxy。
+  let proxyRules = "";
+  let proxySource = "";
+  try {
+    const profileStore = require("../profiles/profile-store");
+    const persisted = profileStore.proxyRules(profileStore.getProfile("electron", accountIdx)?.proxy);
+    if (persisted) {
+      proxyRules = persisted;
+      proxySource = "profile";
+    }
+  } catch (err) {
+    log.error(`[Proxy] Account ${accountIdx} 读取持久化代理失败:`, err);
+  }
+  if (!proxyRules && config.proxy) {
+    proxyRules = config.proxy;
+    proxySource = "global";
+  }
+  if (proxyRules) {
     ses
-      .setProxy(proxyConfig)
+      .setProxy({ proxyRules })
       .then(() => {
-        log.info(`[Proxy] Account ${accountIdx} 已设置代理: ${config.proxy}`);
+        log.info(`[Proxy] Account ${accountIdx} 已设置代理 (${proxySource}): ${proxyRules}`);
       })
       .catch((err) => {
         log.error(`[Proxy] Account ${accountIdx} 设置代理失败:`, err);
@@ -385,6 +360,43 @@ function createWindow(options = {}, accountIdx = 0, forceNew = false) {
 
   setupWindowHandlers(win);
 
+  // Persistent window registry: record this window (dedup by accountIdx+url),
+  // then keep its url/title/bounds fresh so a restart can restore it. The
+  // "closed" handler in setupWindowHandlers flips status when it's closed.
+  try {
+    const registry = require("./window-registry");
+    registry.registerOpen({
+      accountIdx,
+      url: url || "",
+      title: win.getTitle(),
+      bounds: win.getBounds(),
+      liveId: win.id,
+    });
+    let boundsTimer = null;
+    const touchBounds = () => {
+      if (boundsTimer) clearTimeout(boundsTimer);
+      boundsTimer = setTimeout(() => {
+        if (!win.isDestroyed()) registry.touch({ liveId: win.id, bounds: win.getBounds() });
+      }, 500);
+    };
+    win.on("resize", touchBounds);
+    win.on("move", touchBounds);
+    win.webContents.on("page-title-updated", () => {
+      if (!win.isDestroyed())
+        registry.touch({
+          liveId: win.id,
+          title: win.getTitle(),
+          url: win.webContents.getURL(),
+        });
+    });
+    win.webContents.on("did-navigate", () => {
+      if (!win.isDestroyed())
+        registry.touch({ liveId: win.id, url: win.webContents.getURL() });
+    });
+  } catch (e) {
+    log.error("[WindowRegistry] register failed:", e.message);
+  }
+
   if (url) {
     win.loadURL(url);
   }
@@ -397,6 +409,9 @@ function getWindowInfo(win) {
     const wc = win.webContents;
     if (!wc || !wc.session) return null;
     const partition = wc.session.partition || "";
+    // persist:sandbox-N → account N (N>=1 are user profiles). Anything on the
+    // default session (homepage / platform system windows, partition "") maps
+    // to account 0 — the reserved system slot.
     const accountIdx = partition.startsWith("persist:sandbox-")
       ? parseInt(partition.replace("persist:sandbox-", ""), 10)
       : 0;
@@ -442,19 +457,40 @@ if (app) {
   app.on("web-contents-created", (_e, contents) => {
     try {
       if (contents.getType && contents.getType() === "webview") {
-        contents.setWindowOpenHandler(({ url }) => ({
-          action: "allow",
-          overrideBrowserWindowOptions: {
-            autoHideMenuBar: true,
-            webPreferences: {
-              webviewTag: true,
-              contextIsolation: !isTrustedUrl(url),
-              nodeIntegration: isTrustedUrl(url),
-              webSecurity: false,
-              enableClipboard: true,
+        // NOTE: do NOT attach contextMenu here — the global contextMenu() in
+        // main.js now also auto-attaches to <webview> guests, so an explicit
+        // attach made them get TWO right-click menus (双重弹窗). Global covers it.
+        contents.setWindowOpenHandler(({ url }) => {
+          // External (cross-origin http/https) links opened from a <webview> guest
+          // — e.g. the gotty terminal's "打开链接" confirm button — go to the user's
+          // SYSTEM browser instead of a new in-app window. Same-origin popups (a
+          // team app opening its own sub-page) keep the in-app window so embedded
+          // app flows aren't disturbed. (master: gotty open link 用系统 browser 打开)
+          try {
+            if (/^https?:\/\//i.test(url)) {
+              let guestOrigin = "";
+              try { guestOrigin = new URL(contents.getURL()).origin; } catch (_e) {}
+              if (new URL(url).origin !== guestOrigin) {
+                shell.openExternal(url);
+                return { action: "deny" };
+              }
+            }
+          } catch (_e) {}
+          return {
+            action: "allow",
+            overrideBrowserWindowOptions: {
+              autoHideMenuBar: true,
+              webPreferences: {
+                webviewTag: true,
+                // hole #4: no raw Node for trusted pages (see createWindow above).
+                contextIsolation: true,
+                nodeIntegration: false,
+                webSecurity: false,
+                enableClipboard: true,
+              },
             },
-          },
-        }));
+          };
+        });
       }
     } catch (e) {
       log.warn(`[web-contents-created] guest open-handler failed: ${e.message}`);
@@ -491,4 +527,5 @@ module.exports = {
   setupWindowHandlers,
   getWindowInfo,
   refreshTrustedOrigins,
+  isTrustedUrl,
 };

package/workers/render/package-lock.json

@@ -353,9 +353,9 @@
       }
     },
     "node_modules/@emnapi/runtime": {
-      "version": "1.11.0",
-      "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.11.0.tgz",
-      "integrity": "sha512-55coeOFKHv1ywEcUXJtWU5f+Jr/W5tZDvZig8DLKSwUN1JpROQ4rk/SNOQiFWmaR/VKF4zuFyW1B8JduOSv6Pg==",
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.11.1.tgz",
+      "integrity": "sha512-vgj7R3y3Wgx24IQaGPA/R6YFXLHVMOZ0uVEyIQPaWs+rd1AzfEMXlAC22FYwO1XkKR6NPsq7mUandH8oIRdZFw==",
       "dev": true,
       "license": "MIT",
       "optional": true,
@@ -730,9 +730,9 @@
       }
     },
     "node_modules/browserslist/node_modules/caniuse-lite": {
-      "version": "1.0.30001797",
-      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001797.tgz",
-      "integrity": "sha512-l8xKG+gwAIExZGl9FrF7KUwuOmk6wbEPC9Xoy/RtnWv1XG0Q4LFlagaLpUv3Kiza3W/wm27zy0yWJEieYKAP6w==",
+      "version": "1.0.30001799",
+      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001799.tgz",
+      "integrity": "sha512-hG1bReV+OUU+MOqK4t/ZWI0tZOyz3rqS9XuhOUz1cIcbwBKjOyJEJuw9ER5JuNyqxNk8u/JUVbGibBOL1yrjFw==",
       "dev": true,
       "funding": [
         {

package/workers/render/src/App.css

@@ -16,6 +16,9 @@
 }
 * { box-sizing: border-box; }
 html, body, #root { margin: 0; height: 100%; }
+/* Fixed-size window (930*640): the page itself never scrolls — only .main
+   scrolls (overflow-y auto, custom scrollbar). 主人令. */
+html, body { overflow: hidden; }
 body {
   font-family: -apple-system, BlinkMacSystemFont, "PingFang SC",
                "Segoe UI", Roboto, "Helvetica Neue", sans-serif;
@@ -41,7 +44,7 @@ body {
   flex: 1 1 auto;
   min-width: 0;                 /* allow shrink, prevent grid blow-out */
   display: flex; flex-direction: column;
-  overflow: auto;
+  overflow: hidden;             /* topbar fixed; only .main scrolls */
 }
 .helper-aside {
   flex: 0 0 auto;
@@ -141,7 +144,7 @@ body {
 /* ── App shell (logged in) ── */
 .topbar {
   -webkit-app-region: drag;
-  position: sticky; top: 0; z-index: 10;
+  position: relative; flex: 0 0 auto; z-index: 10;  /* pinned: .main scrolls under it */
   display: flex; align-items: center; justify-content: space-between;
   padding: 14px 24px 12px;
   background: rgba(8,9,14,.6);
@@ -267,7 +270,19 @@ body {
   padding: 22px 32px 48px;
   width: 100%;
   display: flex; flex-direction: column; gap: 16px;
+  flex: 1 1 auto; min-height: 0;
+  overflow-y: auto;             /* the ONLY scroll container of the page */
+}
+/* Custom scrollbar for .main */
+.main::-webkit-scrollbar { width: 8px; }
+.main::-webkit-scrollbar-track { background: transparent; }
+.main::-webkit-scrollbar-thumb {
+  background: rgba(125,135,150,.30);
+  border-radius: 999px;
+  border: 2px solid transparent;
+  background-clip: padding-box;
 }
+.main::-webkit-scrollbar-thumb:hover { background-color: rgba(125,135,150,.55); }
 
 /* ── Tabs row ── */
 .app__tabs {
@@ -312,6 +327,20 @@ body {
   text-align: center;
 }
 .app__tab.is-active .app__tab-count { background: rgba(91,141,247,.3); color: #fff; }
+/* 整行:tab 药丸在左,「新加团队」顶到行尾 */
+.app__tabsrow { display: flex; align-items: center; justify-content: space-between; gap: 12px; width: 100%; }
+/* 行尾"新加团队"动作按钮:独立强调色按钮,跟 tab 药丸区分开 */
+.app__add-team {
+  -webkit-app-region: no-drag;
+  appearance: none; cursor: pointer;
+  flex: none;
+  color: #5b8df7; font-weight: 600; font-size: 12.5px;
+  background: rgba(91,141,247,.10);
+  border: 1px solid rgba(91,141,247,.35);
+  border-radius: 9px; padding: 7px 14px;
+  transition: color 120ms ease, background 120ms ease, border-color 120ms ease;
+}
+.app__add-team:hover { color: #fff; background: rgba(91,141,247,.22); border-color: rgba(91,141,247,.65); }
 
 /* ── Card grid ── */
 .app__grid {
@@ -776,6 +805,11 @@ body {
 .bcard__menu-item.is-accent:hover { background: var(--accent-soft); color: #c7dbff; }
 .bcard__menu-item.is-danger { color: #f7a3a3; }
 .bcard__menu-item.is-danger:hover { background: rgba(239,68,68,.16); color: #fff; }
+/* Portaled to document.body to escape .bcard's overflow:hidden (which clipped the
+   dropdown). Inline top/left position it under the kebab; here just a high
+   stacking order (below toast/drawer) + word-wrapping items so nothing overflows. */
+.bcard__menu--portal { z-index: 9990; }
+.bcard__menu--portal .bcard__menu-item { white-space: normal; word-break: break-word; }
 /* ---- Windows Docker 一键安装/启动卡 (DockerSetup) ---- */
 .docker-setup {
   margin-bottom: 14px;