evolclaw 2.2.0 → 2.4.0

package/dist/core/{message-queue.js → message/message-queue.js}

@@ -1,5 +1,5 @@
 import path from 'path';
-import { logger } from '../utils/logger.js';
+import { logger } from '../../utils/logger.js';
 export class MessageQueue {
     queues = new Map();
     processing = new Set();

package/dist/{utils → core/message}/stream-debouncer.js

@@ -1,4 +1,4 @@
-import { logger } from './logger.js';
+import { logger } from '../../utils/logger.js';
 /**
  * 入站消息去抖器
  *

package/dist/{utils → core/message}/stream-flusher.js

@@ -1,6 +1,7 @@
+import { logger } from '../../utils/logger.js';
 import fs from 'fs';
 import path from 'path';
-import { resolvePaths } from '../paths.js';
+import { resolvePaths } from '../../paths.js';
 // 诊断日志（按需启用，通过 config.debug.flusherDiag 控制）
 let diagStream = null;
 function getDiagStream() {
@@ -32,7 +33,7 @@ export class StreamFlusher {
     send;
     interval;
     buffer = '';
-    activities = [];
+    queue = []; // 按入队顺序记录 activity 和 text 段
     timer;
     lastFlush = Date.now();
     allText = '';
@@ -43,6 +44,7 @@ export class StreamFlusher {
     instanceId;
     createTime = Date.now();
     diagEnabled;
+    sendChain = Promise.resolve(); // 串行发送队列，保证消息按序到达
     constructor(send, interval = 4000, fileMarkerPattern, diagEnabled = false) {
         this.send = send;
         this.interval = interval;
@@ -53,11 +55,14 @@ export class StreamFlusher {
             diag(this.instanceId, 'created', { interval });
     }
     addText(text) {
+        if (this.buffer.length === 0 && text.length > 0) {
+            this.queue.push({ kind: 'text' });
+        }
         this.buffer += text;
         this.allText += text;
         this.messageTimestamps.push(Date.now());
         if (this.diagEnabled)
-            diag(this.instanceId, 'addText', { len: text.length, preview: text.substring(0, 60), bufLen: this.buffer.length, actCount: this.activities.length });
+            diag(this.instanceId, 'addText', { len: text.length, preview: text.substring(0, 60), bufLen: this.buffer.length, queueLen: this.queue.length });
         this.scheduleFlush();
     }
     addTextBlock(text) {
@@ -67,20 +72,21 @@ export class StreamFlusher {
         }
         this.buffer += text;
         this.allText += text;
+        this.queue.push({ kind: 'text' });
         this.messageTimestamps.push(Date.now());
         if (this.diagEnabled)
             diag(this.instanceId, 'addTextBlock', { len: text.length, preview: text.substring(0, 60), bufLen: this.buffer.length });
         this.scheduleFlush();
     }
     addActivity(desc) {
-        this.activities.push(desc);
+        this.queue.push({ kind: 'activity', text: desc });
         this.messageTimestamps.push(Date.now());
         if (this.diagEnabled)
-            diag(this.instanceId, 'addActivity', { desc: desc.substring(0, 80), actCount: this.activities.length });
+            diag(this.instanceId, 'addActivity', { desc: desc.substring(0, 80), queueLen: this.queue.length });
         this.scheduleFlush();
     }
     hasContent() {
-        return this.buffer.length > 0 || this.activities.length > 0;
+        return this.buffer.length > 0 || this.queue.some(e => e.kind === 'activity');
     }
     hasSentContent() {
         return this.sentContent;
@@ -102,7 +108,7 @@ export class StreamFlusher {
         }
         let targetDelay;
         if (this.flushCount === 0) {
-            targetDelay = 0;
+            targetDelay = 500;
         }
         else if (this.flushCount <= 3) {
             targetDelay = Math.ceil(this.interval / 2);
@@ -133,27 +139,81 @@ export class StreamFlusher {
         const maxDelay = this.interval * 2.5;
         return Math.max(minDelay, Math.min(maxDelay, dynamicDelay));
     }
+    /**
+     * 只 flush activities，保留 text buffer 不动
+     * 用于 complete 事件前清空 pending activities，让最终文本留给 flush(true) 发送
+     */
+    async flushActivitiesOnly() {
+        const hasActivities = this.queue.some(e => e.kind === 'activity');
+        if (!hasActivities)
+            return;
+        if (this.timer) {
+            clearTimeout(this.timer);
+            this.timer = undefined;
+        }
+        // 只取 activity 条目，保留 text 条目在 queue 中
+        const activities = this.queue.filter(e => e.kind === 'activity');
+        this.queue = this.queue.filter(e => e.kind === 'text');
+        let output = activities.map(e => e.text).join('\n') + '\n\n';
+        if (output && this.fileMarkerPattern) {
+            output = output.replace(this.fileMarkerPattern, '').trim();
+        }
+        if (this.diagEnabled)
+            diag(this.instanceId, 'flushActivitiesOnly', { outputLen: output.length });
+        if (output) {
+            const text = output;
+            // chain 保持不断裂：单条失败不阻塞后续（catch → resolve）
+            this.sendChain = this.sendChain
+                .then(() => this.send(text, false, false))
+                .catch(e => { logger.warn('[StreamFlusher] send failed:', e); });
+            await this.sendChain;
+            this.sentContent = true;
+            this.lastFlush = Date.now();
+            this.flushCount++;
+        }
+    }
     async flush(isFinal) {
         if (this.timer) {
             clearTimeout(this.timer);
             this.timer = undefined;
         }
         let output = '';
-        if (this.activities.length > 0) {
-            output += this.activities.join('\n') + '\n\n';
-            this.activities = [];
+        const hasText = this.buffer.length > 0;
+        // 按入队顺序合并：遇到 text 条目时插入 buffer 内容，遇到 activity 直接追加
+        let textInserted = false;
+        for (const entry of this.queue) {
+            if (entry.kind === 'activity') {
+                // 确保 activity 前有换行分隔（text 末尾可能没有换行）
+                if (output && !output.endsWith('\n'))
+                    output += '\n';
+                output += entry.text + '\n';
+            }
+            else if (!textInserted) {
+                if (output)
+                    output += output.endsWith('\n') ? '\n' : '\n\n';
+                output += this.buffer;
+                textInserted = true;
+            }
         }
-        if (this.buffer) {
+        // 如果 queue 为空但有 buffer（纯文本情况）
+        if (!textInserted && hasText) {
             output += this.buffer;
-            this.buffer = '';
         }
+        this.queue = [];
+        this.buffer = '';
         if (output && this.fileMarkerPattern) {
             output = output.replace(this.fileMarkerPattern, '').trim();
         }
         if (this.diagEnabled)
             diag(this.instanceId, 'flush', { isFinal, outputLen: output.length, flushCount: this.flushCount, sinceLastFlush: Date.now() - this.lastFlush, preview: output.substring(0, 80) });
         if (output) {
-            await this.send(output, isFinal);
+            const text = output;
+            const final = isFinal;
+            const ht = hasText;
+            this.sendChain = this.sendChain
+                .then(() => this.send(text, final, ht))
+                .catch(e => { logger.warn('[StreamFlusher] send failed:', e); });
+            await this.sendChain;
             this.sentContent = true;
             this.lastFlush = Date.now();
             this.flushCount++;

package/dist/core/permission.js

@@ -1,38 +1,239 @@
-import { summarizeToolInput } from '../utils/permission-utils.js';
+import path from 'path';
+// 危险命令黑名单（正则表达式）
+const DANGEROUS_PATTERNS = [
+    // Unix
+    /\brm\s+-\w*r\w*f/, // rm -rf
+    /\bsudo\b/, // sudo
+    /\bmkfs\b/, // mkfs (格式化文件系统)
+    /\bdd\s+if=/, // dd (磁盘操作)
+    /\bchmod\s+777/, // chmod 777 (危险权限)
+    />\s*\/dev\/(?!null\b)/, // 重定向到设备文件（排除 /dev/null）
+    /\bshutdown\b/, // 关机
+    /\breboot\b/, // 重启
+    // Windows
+    /\bformat\s+[a-zA-Z]:/i, // format C: (格式化磁盘)
+    /\brd\s+\/s/i, // rd /s (递归删除目录)
+    /\bdel\s+\/[sfq]/i, // del /f, /s, /q (强制删除)
+    /\breg\s+delete/i, // reg delete (删除注册表)
+    /\bnet\s+stop/i, // net stop (停止服务)
+];
+// 只读模式写入命令黑名单
+const READONLY_WRITE_PATTERNS = [
+    /\bmkdir\b/, /\btouch\b/, /\btee\b/, /\bcp\b/, /\bmv\b/,
+    /\brm\b/, /\brmdir\b/, /\bchmod\b/, /\bchown\b/, /\bln\b/,
+    />>?\s/,
+    /\bgit\s+(commit|push|merge|rebase|reset|stash|checkout|cherry-pick|revert|tag|branch\s+-[dDmM])/,
+    /\bgit\s+am\b/,
+    /\bnpm\s+(install|ci|uninstall|update|link|publish|run|exec|init)\b/,
+    /\bnpx\b/, /\byarn\b/, /\bpnpm\b/, /\bpip\s+install\b/,
+    /\bsed\s+-i\b/, /\bawk\s+-i\b/, /\bpatch\b/,
+];
+/**
+ * 只读模式检查（用于 PreToolUse hook 和 canUseTool callback）
+ * Write/Edit/NotebookEdit 仅允许写入 {projectPath}/.evolclaw/tmp/
+ * Bash 拦截所有写入意图命令
+ */
+export function checkReadonly(toolName, input, projectPath) {
+    if (toolName === 'Write' || toolName === 'Edit' || toolName === 'NotebookEdit') {
+        const filePath = (input.file_path || input.notebook_path);
+        if (!filePath)
+            return { behavior: 'allow' };
+        const tmpDir = path.join(projectPath, '.evolclaw', 'tmp') + path.sep;
+        const resolved = path.resolve(projectPath, filePath) + (filePath.endsWith(path.sep) ? path.sep : '');
+        if (!resolved.startsWith(tmpDir) && resolved !== tmpDir.slice(0, -1)) {
+            return { behavior: 'deny', message: '🔒 只读模式：禁止修改项目文件。如需生成文件请写入 .evolclaw/tmp/ 目录' };
+        }
+    }
+    if (toolName === 'Bash') {
+        const cmd = input.command || '';
+        for (const pattern of READONLY_WRITE_PATTERNS) {
+            if (pattern.test(cmd)) {
+                return { behavior: 'deny', message: '🔒 只读模式：禁止执行写入操作' };
+            }
+        }
+    }
+    return { behavior: 'allow' };
+}
+/**
+ * 黑名单检查（用于 PreToolUse hook）
+ * 检查危险命令模式，非黑名单一律放行
+ */
+export async function checkBlacklist(toolName, input) {
+    // 只检查 Bash 工具，其余工具全部放行
+    if (toolName === 'Bash') {
+        const cmd = input.command || '';
+        // 空命令直接放行
+        if (!cmd || cmd.trim() === '') {
+            return { behavior: 'allow', updatedInput: input };
+        }
+        // 检查黑名单
+        for (const pattern of DANGEROUS_PATTERNS) {
+            if (pattern.test(cmd)) {
+                return {
+                    behavior: 'deny',
+                    message: `⛔ 危险命令被拦截: ${cmd.substring(0, 80)}`
+                };
+            }
+        }
+    }
+    // 默认允许
+    return { behavior: 'allow', updatedInput: input };
+}
+/**
+ * 工具输入摘要（提取工具调用的可读描述，供权限审批和消息展示使用）
+ */
+export function summarizeToolInput(toolName, input) {
+    if (!input)
+        return '';
+    const extractors = {
+        'Read': (i) => i.file_path,
+        'Edit': (i) => i.file_path,
+        'Write': (i) => i.file_path,
+        'Bash': (i) => i.command?.substring(0, 80),
+        'Grep': (i) => `pattern: ${i.pattern}`,
+        'Glob': (i) => `pattern: ${i.pattern}`,
+        'Agent': (i) => i.description || i.prompt?.substring(0, 80),
+        'Skill': (i) => i.skill ? `${i.skill}${i.args ? ' ' + i.args : ''}` : undefined,
+        'TodoWrite': (i) => {
+            if (Array.isArray(i.todos)) {
+                return i.todos.map((t) => t.content || t.task || t.text).filter(Boolean).join(', ').substring(0, 80);
+            }
+            return undefined;
+        },
+        'TaskCreate': (i) => i.subject || i.description?.substring(0, 80),
+        'TaskUpdate': (i) => i.status ? `${i.taskId} → ${i.status}` : i.taskId,
+        'NotebookEdit': (i) => i.notebook_path,
+        'WebFetch': (i) => i.url,
+        'WebSearch': (i) => i.query?.substring(0, 80),
+    };
+    const extractor = extractors[toolName];
+    if (extractor) {
+        const result = extractor(input);
+        if (result)
+            return result;
+    }
+    return input.description
+        || input.subject
+        || input.file_path
+        || input.pattern
+        || input.command?.substring(0, 80)
+        || input.prompt?.substring(0, 80)
+        || input.query?.substring(0, 80)
+        || input.skill
+        || input.url
+        || '';
+}
 export class PermissionGateway {
     pending = new Map();
     timeout = 5 * 60 * 1000;
     eventBus;
+    /** 始终允许的工具缓存：toolName → Set<pattern> */
+    alwaysAllow = new Map();
     setEventBus(eventBus) {
         this.eventBus = eventBus;
     }
     /**
-     * 请求人工审批。调用方负责模式判断（仅 approve 模式调用此方法）。
-     * 黑名单检查由调用方（preToolUseHook）在调用此方法前完成。
+     * 检查工具是否已被标记为"始终允许"
+     */
+    isAlwaysAllowed(toolName) {
+        return this.alwaysAllow.has(toolName);
+    }
+    /**
+     * 将工具标记为"始终允许"
      */
-    async requestPermission(sessionId, toolName, toolInput, sendPrompt, summary, reason) {
+    addAlwaysAllow(toolName) {
+        if (!this.alwaysAllow.has(toolName)) {
+            this.alwaysAllow.set(toolName, new Set());
+        }
+    }
+    /**
+     * 清除所有"始终允许"缓存（用于切换权限模式时重置）
+     */
+    clearAlwaysAllow() {
+        this.alwaysAllow.clear();
+    }
+    /**
+     * 获取所有"始终允许"的工具列表
+     */
+    getAlwaysAllowList() {
+        return [...this.alwaysAllow.keys()];
+    }
+    /**
+     * 请求人工审批。返回三态决策。
+     */
+    async requestPermission(sessionId, toolName, toolInput, sendPrompt, context, summary, reason) {
+        // 如果已标记为始终允许，直接放行
+        if (this.isAlwaysAllowed(toolName)) {
+            return 'always';
+        }
         const requestId = `perm-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
         const displaySummary = summary || summarizeToolInput(toolName, toolInput);
         const reasonLine = reason ? `\n原因：${reason}` : '';
         this.eventBus?.publish({ type: 'permission:requested', sessionId, requestId, toolName, input: displaySummary });
-        await sendPrompt(`🔐 权限请求\n工具：${toolName}\n操作：${displaySummary}${reasonLine}\n\n回复 /perm allow 批准 或 /perm deny 拒绝`);
+        // 构造 ActionInteraction
+        const interaction = {
+            type: 'interaction',
+            id: requestId,
+            kind: {
+                kind: 'action',
+                title: '🔐 权限请求',
+                body: `工具：${toolName}\n操作：${displaySummary}${reasonLine}`,
+                buttons: [
+                    { key: 'allow', label: '✅ 允许', style: 'primary' },
+                    { key: 'always', label: '🔓 始终允许', style: 'default' },
+                    { key: 'deny', label: '❌ 拒绝', style: 'danger' },
+                ],
+            },
+            channelId: context?.channelId || '',
+            sessionId,
+            expiresAt: Date.now() + this.timeout,
+        };
+        // 尝试富交互
+        let interactionSent = false;
+        if (context?.adapter?.sendInteraction && context.channelId) {
+            try {
+                const result = await context.adapter.sendInteraction(context.channelId, interaction, context.replyContext);
+                interactionSent = !!result;
+            }
+            catch (err) {
+                // sendInteraction 失败，fallback 到文本
+            }
+        }
+        // fallback 到文本
+        if (!interactionSent) {
+            await sendPrompt(`🔐 权限请求\n工具：${toolName}\n操作：${displaySummary}${reasonLine}\n\n回复 /perm allow 本次允许 | always 始终允许 | deny 拒绝`);
+        }
         return new Promise((resolve) => {
             const timer = setTimeout(() => {
                 this.pending.delete(requestId);
+                // 清理 router 注册（仅删除本次请求，不影响其他交互）
+                if (interactionSent && context?.interactionRouter) {
+                    context.interactionRouter.cancel(requestId);
+                }
                 this.eventBus?.publish({ type: 'permission:timeout', sessionId, requestId });
-                resolve(false);
+                resolve('deny');
             }, this.timeout);
-            this.pending.set(requestId, { sessionId, resolve, timer });
+            this.pending.set(requestId, { sessionId, toolName, resolve, timer });
+            // 如果发了交互卡片，同时注册到 InteractionRouter
+            if (interactionSent && context?.interactionRouter) {
+                context.interactionRouter.register(requestId, sessionId, (action) => {
+                    this.resolvePermission(sessionId, requestId, action);
+                });
+            }
         });
     }
-    resolvePermission(sessionId, requestId, approved) {
+    resolvePermission(sessionId, requestId, decision) {
         const pending = this.pending.get(requestId);
         if (!pending || pending.sessionId !== sessionId)
             return false;
         clearTimeout(pending.timer);
-        pending.resolve(approved);
+        // 如果是 always，缓存该工具
+        if (decision === 'always') {
+            this.addAlwaysAllow(pending.toolName);
+        }
+        pending.resolve(decision);
         this.pending.delete(requestId);
-        this.eventBus?.publish({ type: 'permission:resolved', sessionId, requestId, approved });
+        this.eventBus?.publish({ type: 'permission:resolved', sessionId, requestId, approved: decision !== 'deny' });
         return true;
     }
     /** 中断时取消指定会话的所有 pending 权限请求 */
@@ -40,7 +241,7 @@ export class PermissionGateway {
         for (const [requestId, pending] of this.pending.entries()) {
             if (pending.sessionId === sessionId) {
                 clearTimeout(pending.timer);
-                pending.resolve(false);
+                pending.resolve('deny');
                 this.pending.delete(requestId);
             }
         }

package/dist/core/{adapters → session/adapters}/claude-session-file-adapter.js

@@ -5,8 +5,8 @@
  * and wraps sdkListSessions for name synchronization.
  */
 import { listSessions as sdkListSessions } from '@anthropic-ai/claude-agent-sdk';
-import { encodePath } from '../../utils/cross-platform.js';
-import { logger } from '../../utils/logger.js';
+import { encodePath } from '../../../utils/cross-platform.js';
+import { logger } from '../../../utils/logger.js';
 import path from 'path';
 import fs from 'fs';
 import os from 'os';

package/dist/core/{adapters → session/adapters}/codex-session-file-adapter.js

@@ -5,7 +5,7 @@
  * and Codex rollout JSONL files for detailed session info.
  */
 import { DatabaseSync } from 'node:sqlite';
-import { logger } from '../../utils/logger.js';
+import { logger } from '../../../utils/logger.js';
 import path from 'path';
 import fs from 'fs';
 import os from 'os';
@@ -53,78 +53,116 @@ export class CodexSessionFileAdapter {
         return this.db;
     }
     checkExists(projectPath, agentSessionId) {
+        // 1. 优先查 state_*.sqlite（覆盖 CLI 创建的线程）
         const db = this.getDb();
-        if (!db)
-            return false;
+        if (db) {
+            try {
+                const row = db.prepare('SELECT 1 FROM threads WHERE id = ? AND archived = 0').get(agentSessionId);
+                if (row)
+                    return true;
+            }
+            catch (error) {
+                logger.warn(`[CodexAdapter] checkExists DB query failed:`, error);
+            }
+        }
+        // 2. Fallback: 扫 ~/.codex/sessions/ 下的 rollout JSONL
+        //    SDK 创建的 thread 不写 state_*.sqlite，但会持久化到 sessions 目录
+        return !!this.findRolloutFile(agentSessionId);
+    }
+    /**
+     * 在 ~/.codex/sessions/ 下递归查找含 agentSessionId 的 rollout JSONL 文件
+     */
+    findRolloutFile(agentSessionId) {
+        const sessionsDir = path.join(os.homedir(), '.codex', 'sessions');
+        if (!fs.existsSync(sessionsDir))
+            return null;
         try {
-            const row = db.prepare('SELECT 1 FROM threads WHERE id = ? AND archived = 0').get(agentSessionId);
-            return !!row;
+            const search = (dir) => {
+                for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {
+                    if (entry.isDirectory()) {
+                        const found = search(path.join(dir, entry.name));
+                        if (found)
+                            return found;
+                    }
+                    else if (entry.name.endsWith('.jsonl') && entry.name.includes(agentSessionId)) {
+                        return path.join(dir, entry.name);
+                    }
+                }
+                return null;
+            };
+            return search(sessionsDir);
         }
-        catch (error) {
-            logger.warn(`[CodexAdapter] checkExists failed:`, error);
-            return false;
+        catch {
+            return null;
         }
     }
     getFileInfo(projectPath, agentSessionId) {
+        // 1. 优先查 state DB
         const db = this.getDb();
-        if (!db)
-            return { turns: 0 };
-        try {
-            const row = db.prepare('SELECT title, rollout_path FROM threads WHERE id = ?').get(agentSessionId);
-            if (!row)
-                return { turns: 0 };
-            const title = row.title || undefined;
-            const turns = this.countTurnsFromRollout(row.rollout_path);
-            return { turns, title };
+        if (db) {
+            try {
+                const row = db.prepare('SELECT title, rollout_path FROM threads WHERE id = ?').get(agentSessionId);
+                if (row) {
+                    return {
+                        turns: this.countTurnsFromRollout(row.rollout_path),
+                        title: row.title || undefined,
+                    };
+                }
+            }
+            catch (error) {
+                logger.warn(`[CodexAdapter] getFileInfo DB query failed:`, error);
+            }
         }
-        catch (error) {
-            logger.warn(`[CodexAdapter] getFileInfo failed:`, error);
-            return { turns: 0 };
+        // 2. Fallback: 从 sessions 目录查找 rollout 文件
+        const rolloutPath = this.findRolloutFile(agentSessionId);
+        if (rolloutPath) {
+            return { turns: this.countTurnsFromRollout(rolloutPath) };
         }
+        return { turns: 0 };
     }
     readFirstMessage(projectPath, agentSessionId) {
+        // 1. 优先查 state DB
         const db = this.getDb();
-        if (!db)
-            return null;
-        try {
-            const row = db.prepare('SELECT first_user_message FROM threads WHERE id = ?').get(agentSessionId);
-            if (!row?.first_user_message)
-                return null;
-            const text = row.first_user_message.trim().replace(/\s+/g, ' ');
-            return text.substring(0, 50) + (text.length > 50 ? '...' : '');
+        if (db) {
+            try {
+                const row = db.prepare('SELECT first_user_message FROM threads WHERE id = ?').get(agentSessionId);
+                if (row?.first_user_message) {
+                    const text = row.first_user_message.trim().replace(/\s+/g, ' ');
+                    return text.substring(0, 50) + (text.length > 50 ? '...' : '');
+                }
+            }
+            catch (error) {
+                logger.warn(`[CodexAdapter] readFirstMessage DB query failed:`, error);
+            }
         }
-        catch (error) {
-            logger.warn(`[CodexAdapter] readFirstMessage failed:`, error);
+        // 2. Fallback: 从 rollout JSONL 读取第一条 user_message
+        const rolloutPath = this.findRolloutFile(agentSessionId);
+        if (!rolloutPath)
             return null;
-        }
+        return this.readUserMessageFromRollout(rolloutPath, 'first');
     }
     readLastUserMessage(projectPath, agentSessionId) {
+        // 1. 优先查 state DB 获取 rollout_path
         const db = this.getDb();
-        if (!db)
-            return null;
-        try {
-            const row = db.prepare('SELECT rollout_path FROM threads WHERE id = ?').get(agentSessionId);
-            if (!row?.rollout_path || !fs.existsSync(row.rollout_path))
-                return null;
-            const content = fs.readFileSync(row.rollout_path, 'utf-8');
-            const lines = content.split('\n').filter(l => l.trim());
-            let lastMessage = null;
-            for (const line of lines) {
-                try {
-                    const event = JSON.parse(line);
-                    if (event.type === 'event_msg' && event.payload?.type === 'user_message' && event.payload.message) {
-                        const text = event.payload.message.trim().replace(/\s+/g, ' ');
-                        lastMessage = text.substring(0, 50) + (text.length > 50 ? '...' : '');
-                    }
+        let rolloutPath = null;
+        if (db) {
+            try {
+                const row = db.prepare('SELECT rollout_path FROM threads WHERE id = ?').get(agentSessionId);
+                if (row?.rollout_path && fs.existsSync(row.rollout_path)) {
+                    rolloutPath = row.rollout_path;
                 }
-                catch { /* skip malformed line */ }
             }
-            return lastMessage;
+            catch (error) {
+                logger.warn(`[CodexAdapter] readLastUserMessage DB query failed:`, error);
+            }
         }
-        catch (error) {
-            logger.warn(`[CodexAdapter] readLastUserMessage failed:`, error);
-            return null;
+        // 2. Fallback: 从 sessions 目录查找 rollout 文件
+        if (!rolloutPath) {
+            rolloutPath = this.findRolloutFile(agentSessionId);
         }
+        if (!rolloutPath)
+            return null;
+        return this.readUserMessageFromRollout(rolloutPath, 'last');
     }
     scanCliSessions(projectPath) {
         const db = this.getDb();
@@ -168,6 +206,33 @@ export class CodexSessionFileAdapter {
         }
         this.dbInitialized = false;
     }
+    /**
+     * 从 rollout JSONL 读取第一条或最后一条 user_message
+     */
+    readUserMessageFromRollout(rolloutPath, which) {
+        try {
+            const content = fs.readFileSync(rolloutPath, 'utf-8');
+            const lines = content.split('\n').filter(l => l.trim());
+            let result = null;
+            for (const line of lines) {
+                try {
+                    const event = JSON.parse(line);
+                    if (event.type === 'event_msg' && event.payload?.type === 'user_message' && event.payload.message) {
+                        const text = event.payload.message.trim().replace(/\s+/g, ' ');
+                        const truncated = text.substring(0, 50) + (text.length > 50 ? '...' : '');
+                        if (which === 'first')
+                            return truncated;
+                        result = truncated;
+                    }
+                }
+                catch { /* skip malformed line */ }
+            }
+            return result;
+        }
+        catch {
+            return null;
+        }
+    }
     /**
      * 从 rollout JSONL 文件计算轮数（数 turn_context 行）
      */