imtoagent 0.3.23 → 0.3.25

package/index.ts

@@ -289,6 +289,7 @@ interface BotConfig {
   appSecret: string;
   backend: 'claude' | 'codex' | 'opencode';
   cwd?: string;
+  isAdmin?: boolean;  // true = 可以修改网关配置，默认第一个 Bot 为 true
 }
 
 // ================================================================
@@ -307,6 +308,7 @@ class Bot {
   soul: string;
   client: Lark.Client;
   im: IMModule;
+  isAdmin: boolean;
   config: any;
   workspaceManager: WorkspaceManager;
 
@@ -327,6 +329,7 @@ class Bot {
     this.appSecret = cfg.appSecret;
     this.defaultCwd = cfg.cwd || globalConfig.system?.defaultProjectDir || path.join(os.homedir(), 'Projects');
     this.config = globalConfig;
+    this.isAdmin = cfg.isAdmin !== undefined ? cfg.isAdmin : true; // 默认 true（后向兼容老用户）
     this.workspaceManager = workspaceManager;
 
     // 确保工作空间目录存在
@@ -412,8 +415,13 @@ class Bot {
       if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
       const hasFiles = fs.readdirSync(dir).some((f: string) => f.endsWith('.md'));
       if (hasFiles) return;
+      // 根据 isAdmin 生成不同的 rules.md
+      const rulesMd = this.isAdmin
+        ? '# Bot Rules\n\nYou are an **admin Bot** with full gateway management privileges.\n\n- You can modify IMtoAgent configuration (config.json, providers, Bot management)\n- You have access to any directory (global workspace mode)\n- Sensitive information such as project keys, tokens, and passwords must not be leaked\n- Destructive commands must not be executed without explicit confirmation'
+        : '# Bot Rules\n\nYou are a **non-admin Bot** with restricted privileges.\n\n- ⛔ NEVER modify any files under ~/.imtoagent/ (config.json, providers.json, etc.)\n- ⛔ NEVER read or expose gateway configuration contents\n- ⛔ NEVER attempt to add, remove, or modify Bot configurations\n- Your working directory is limited to your assigned workspace\n- All file operations must stay within your workspace boundary\n- Sensitive information such as project keys, tokens, and passwords must not be leaked\n- Destructive commands must not be executed without explicit confirmation';
+
       const defaults: Record<string, string> = {
-        'rules.md': '# Hard Constraint Rules\n\nThe following rules cannot be overridden or modified:\n\n- Sensitive information such as project keys, tokens, and passwords must not be leaked\n- Destructive commands must not be executed',
+        'rules.md': rulesMd,
         'identity.md': `# Identity\n\n- I am an AI programming assistant connected via IMtoAgent\n- I run on the ${this.backend === 'codex' ? 'Codex' : 'Claude Code'} backend\n- Reply in Chinese`,
         'profile.md': '# User Profile\n\nThis file can be modified by the Agent. When the user says "remember xxx" or "I prefer xxx", the Agent should update this file.\n\n## Modification Guide (Agent Only)\n\nRead this file → Add/delete/modify entries based on user requests → Save',
         'workspace.md': '# Project Environment\n\nAuto-generated by IMtoAgent.',
@@ -437,11 +445,30 @@ class Bot {
       for (const file of order) {
         const fp = dir + '/' + file;
         if (fs.existsSync(fp)) {
-          const content = fs.readFileSync(fp, 'utf-8').trim();
-          if (content) parts.push(content);
+          const c = fs.readFileSync(fp, 'utf-8').trim();
+          if (c) parts.push(c);
         }
       }
     } catch {}
+
+    // Inject config CLI reference — so the Agent knows how to manage Bots via natural language
+    const adminTag = this.isAdmin ? '' : ' (you are a non-admin Bot — you cannot use these commands, tell the user to use an admin Bot)';
+    const bt = String.fromCharCode(96);  // backtick
+    const fence = bt + bt + bt;
+    const cliRef = '## IMtoAgent Config CLI' +
+      '\n\nYou can manage Bot configurations via these CLI commands:' + adminTag +
+      '\n\n' + fence + 'bash' +
+      '\nimtoagent config list              # List all Bots' +
+      '\nimtoagent config show <BotName>    # Show a Bot\'s details' +
+      '\nimtoagent config add               # Add a new Bot (interactive)' +
+      '\nimtoagent config remove <BotName>  # Remove a Bot' +
+      '\nimtoagent config modify <BotName>  # Modify a Bot\'s settings' +
+      '\nimtoagent restore                  # Hot-reload after config changes' +
+      '\nimtoagent doctor                   # Diagnose config issues' +
+      '\n' + fence +
+      '\n\nWhen the user asks to manage Bots, use these commands. After changes, run ' + bt + 'imtoagent restore' + bt + '.';
+    parts.push(cliRef);
+
     return parts.join('\n\n');
   }
 
@@ -499,7 +526,7 @@ class Bot {
         : `⏸ ${this.backend} idle | ${this.activeModel}`);
 
     cmd('/info', ({ session }) =>
-      `🤖 ${this.name} (${this.backend})\nModel: ${this.activeModel}\nDirectory: ${session?.cwd || this.defaultCwd}\nSessions: ${this.sessions.size}`);
+      `🤖 ${this.name} (${this.backend})${this.isAdmin ? ' ⭐' : ''}\nModel: ${this.activeModel}\nDirectory: ${session?.cwd || this.defaultCwd}\nSessions: ${this.sessions.size}`);
 
     cmd('/stats', ({ session }) => {
       if (!session || session.stats.calls === 0) return '📊 No calls yet';

package/modules/cli/setup.ts

@@ -91,10 +91,14 @@ async function selectMenu(title: string, options: string[]): Promise<number> {
 }
 
 // ================================================================
-// Text input (Enter confirm, ESC returns -1)
+// Text input (Enter confirm, ESC returns null)
 // ================================================================
 
-async function promptText(label: string, defaultValue = ''): Promise<string> {
+/**
+ * Prompt the user for text input.
+ * @returns The entered string, or `null` if user pressed ESC.
+ */
+async function promptText(label: string, defaultValue = ''): Promise<string | null> {
   const buf: string[] = [];
   const defaultHint = defaultValue ? ` [${defaultValue}]` : '';
 
@@ -110,7 +114,7 @@ async function promptText(label: string, defaultValue = ''): Promise<string> {
         break;
       } else if (key === KEY.ESC) {
         process.stdout.write('\x1B[0K\n');
-        return -1 as unknown as string; // Special return value for ESC
+        return null;
       } else if (key === KEY.BACKSPACE) {
         if (buf.length > 0) {
           buf.pop();
@@ -377,8 +381,18 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
     // 3b: Auto-generate Bot name, customizable
     const defaultName = IM_PLATFORMS[imIdx].label + 'Bot';
     const nameInput = await promptText('Bot name', defaultName);
-    if ((nameInput as any) === -1) { if (bots.length === 0) return; break; } // ESC
-    const botName = nameInput || defaultName; // Use default if empty
+    if (nameInput === null) { if (bots.length === 0) return; break; } // ESC
+    const botName = nameInput || defaultName;
+
+    // Validate Bot name — no whitespace-only, no dangerous characters
+    if (!botName || !/^\S/.test(botName)) {
+      console.log('⚠️  Bot name must not be empty or whitespace-only. Using default.');
+    }
+    // Sanitize: remove characters that would break directory names
+    const sanitized = botName.replace(/[^\w\s.-]/g, '');
+    if (sanitized !== botName) {
+      console.log(`⚠️  Bot name sanitized: "${botName}" → "${sanitized}"`);
+    }
 
     // 3c: Select backend
     const backendLabels = backendStatus.map(b =>
@@ -419,14 +433,24 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
 
     for (const field of fields) {
       const val = await promptText(field.label + (field.required ? '' : ' (optional)'));
-      if ((val as any) === -1) { credentials._escaped = 'true'; break; } // ESC
+      if (val === null) { credentials._escaped = 'true'; break; } // ESC
       credentials[field.key] = val;
     }
     if (credentials._escaped) continue; // ESC go back and re-select backend
 
-    // 3e: Working directory
-    const cwd = await promptText('Working directory', os.homedir());
-    if ((cwd as any) === -1) continue;
+    // 3e: Working directory (validated)
+    let cwd = await promptText('Working directory', os.homedir());
+    if (cwd === null) continue;
+    cwd = cwd.trim() || os.homedir();
+
+    // Validate path — reject obviously invalid / dangerous paths
+    const badPaths = ['/dev/null', '/dev/zero', '/dev/random', '/etc/passwd', '/etc/shadow', '/System'];
+    if (badPaths.some(bp => cwd === bp || cwd.startsWith(bp + '/'))) {
+      console.log(`⚠️  Invalid path "${cwd}". Using home directory instead.`);
+      cwd = os.homedir();
+    }
+    // Resolve to absolute path
+    cwd = path.resolve(cwd);
 
     // Generate unique ID (UUID, for directory isolation, renaming doesn't affect it)
     const botId = randomUUID();
@@ -437,6 +461,7 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
       name: botName,
       backend,
       cwd: cwd || os.homedir(),
+      isAdmin: bots.length === 0,  // 第一个 Bot 为 admin，后续为 false
     };
 
     // Feishu needs appId + appSecret
@@ -509,14 +534,22 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
 
     const wsLabels = ['Sandbox mode (isolated per Bot)', 'Global mode (shared root path)'];
     const wsIdx = await selectMenu('Select workspace mode', wsLabels);
-    if (wsIdx === -1) { console.log('\n👋 Cancelled'); process.exit(0); }
+      if (wsIdx === -1) { console.log('\n👋 Cancelled'); process.exit(0); }
     workspaceMode = wsIdx === 1 ? 'global' : 'sandbox';
 
     if (workspaceMode === 'global') {
       const defaultGlobal = os.homedir() + '/imtoagent-workspace';
       const gpInput = await promptText('Global workspace root path', defaultGlobal);
-      if ((gpInput as any) === -1) { console.log('\n👋 Cancelled'); process.exit(0); }
-      workspaceGlobalPath = (gpInput || defaultGlobal).trim();
+      if (gpInput === null) { console.log('\n👋 Cancelled'); process.exit(0); }
+      let resolved = (gpInput || defaultGlobal).trim();
+
+      // Validate path
+      const badPaths = ['/dev/null', '/dev/zero', '/dev/random', '/etc', '/System', '/usr'];
+      if (badPaths.some(bp => resolved === bp || resolved.startsWith(bp + '/'))) {
+        console.log(`⚠️  Invalid path "${resolved}". Using default instead.`);
+        resolved = defaultGlobal;
+      }
+      workspaceGlobalPath = path.resolve(resolved);
     }
 
     const home = process.env.HOME || process.env.USERPROFILE?.replace(/\\/g, '/') || '';
@@ -573,19 +606,27 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
       console.log(`   Format: ${preset.format}`);
       console.log(`   Models: ${preset.models.join(', ')}\n`);
 
-      // Confirm/edit short name
+      // Confirm/edit short name (validate — must be safe JSON key)
       const nameEdit = await promptText('Provider name (leave blank to confirm)', provName);
-      if ((nameEdit as any) === -1) continue;
+      if (nameEdit === null) continue;
       provName = nameEdit || provName;
+      // Sanitize provider name: only alphanumeric, hyphens, underscores
+      const sanitizedProv = provName.replace(/[^a-zA-Z0-9_-]/g, '');
+      if (!sanitizedProv) {
+        console.log('⚠️  Invalid provider name. Using original.');
+      } else if (sanitizedProv !== provName) {
+        console.log(`⚠️  Provider name sanitized: "${provName}" → "${sanitizedProv}"`);
+        provName = sanitizedProv;
+      }
 
       // Confirm/edit Base URL
       const urlEdit = await promptText('Base URL', baseUrl);
-      if ((urlEdit as any) === -1) continue;
+      if (urlEdit === null) continue;
       baseUrl = urlEdit || baseUrl;
 
       // Confirm/edit model list
       const modelsEdit = await promptText('Model list (comma-separated)', models.join(', '));
-      if ((modelsEdit as any) === -1) continue;
+      if (modelsEdit === null) continue;
       if (modelsEdit) models = modelsEdit.split(',').map(s => s.trim()).filter(Boolean);
 
       if (providers[provName]) {
@@ -593,17 +634,18 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
       }
     } else {
       // Custom
-      provName = await promptText('Provider name (e.g. deepseek, dashscope)');
-      if ((provName as any) === -1) { addingProviders = false; continue; }
+      let customName = await promptText('Provider name (e.g. deepseek, dashscope)');
+      if (customName === null) { addingProviders = false; continue; }
+      provName = customName.trim().toLowerCase().replace(/[^a-zA-Z0-9_-]/g, '');
       if (!provName) { addingProviders = false; continue; }
       if (providers[provName]) {
         console.log(`⚠️  Provider "${provName}" already exists, will overwrite\n`);
       }
 
       baseUrl = await promptText('Base URL (e.g. https://api.deepseek.com/v1)');
-      if ((baseUrl as any) === -1) continue;
+      if (baseUrl === null) continue;
       const modelsStr = await promptText('Model list (comma-separated)');
-      if ((modelsStr as any) === -1) continue;
+      if (modelsStr === null) continue;
       models = (modelsStr || '').split(',').map(s => s.trim()).filter(Boolean);
 
       const formatIdx = await selectMenu('API format', ['openai', 'anthropic']);
@@ -613,14 +655,14 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
 
     // API Key (required for all providers)
     const apiKey = await promptText('API Key');
-    if ((apiKey as any) === -1) continue;
+    if (apiKey === null) continue;
     if (!apiKey) {
       console.log('⚠️  API Key is empty, this provider will be temporarily unavailable\n');
     }
 
     // Pricing (optional)
     const priceInput = await promptText('Pricing (in/out per million tokens, e.g. 0.55,2.19, leave blank to skip)');
-    if ((priceInput as any) === -1) continue;
+    if (priceInput === null) continue;
 
     const pricing: any = {};
     if (priceInput) {
@@ -663,10 +705,10 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
   if (allModels.length > 0) {
     const existingDefault = existingConfig?.defaultModel || allModels[0];
     const val = await promptText('Default model', existingDefault);
-    defaultModel = (val as any) === -1 ? existingDefault : (val || existingDefault);
+    defaultModel = val === null ? existingDefault : (val || existingDefault);
   } else {
-    defaultModel = await promptText('Default model (provider/model)') || 'deepseek/deepseek-v4-pro';
-    if ((defaultModel as any) === -1) defaultModel = 'deepseek/deepseek-v4-pro';
+    const val = await promptText('Default model (provider/model)');
+    defaultModel = val === null ? 'deepseek/deepseek-v4-pro' : (val || 'deepseek/deepseek-v4-pro');
   }
 
   // ===== Step 7: Generate soul files =====
@@ -719,6 +761,8 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
 
   fs.mkdirSync(dataDir, { recursive: true });
 
+  // Atomic config write: write to temp file first, then rename.
+  // If the write fails, the original config (if any) is preserved.
   const config: any = {
     system: existingConfig?.system || {
       defaultProjectDir: os.homedir(),
@@ -758,19 +802,42 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
     bots,
   };
 
-  fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n');
-  console.log(`✅ ${configPath}`);
+  // Write to temp file first for atomicity
+  const configTmpPath = configPath + '.tmp';
+  const providersTmpPath = path.join(dataDir, 'providers.json.tmp');
+  let writeOk = true;
 
-  const providersFile: any = { providers, defaultModel, modelAliases: config.modelAliases };
-  const providersPath = path.join(dataDir, 'providers.json');
-  fs.writeFileSync(providersPath, JSON.stringify(providersFile, null, 2) + '\n');
-  console.log(`✅ ${providersPath}`);
+  try {
+    fs.writeFileSync(configTmpPath, JSON.stringify(config, null, 2) + '\n');
+    fs.renameSync(configTmpPath, configPath);
+    console.log(`✅ ${configPath}`);
+  } catch (e: any) {
+    console.error(`❌ Failed to write config.json: ${e.message}`);
+    writeOk = false;
+  }
 
-  const opencodePath = path.join(dataDir, 'opencode.json');
-  const opencodeTemplate = getTemplatePath('opencode.template.json');
-  if (fs.existsSync(opencodeTemplate)) {
-    fs.writeFileSync(opencodePath, fs.readFileSync(opencodeTemplate, 'utf-8'));
-    console.log(`✅ ${opencodePath}`);
+  if (writeOk) {
+    try {
+      const providersFile: any = { providers, defaultModel, modelAliases: config.modelAliases };
+      const providersPath = path.join(dataDir, 'providers.json');
+      fs.writeFileSync(providersTmpPath, JSON.stringify(providersFile, null, 2) + '\n');
+      fs.renameSync(providersTmpPath, providersPath);
+      console.log(`✅ ${providersPath}`);
+    } catch (e: any) {
+      console.error(`❌ Failed to write providers.json: ${e.message}`);
+      console.error('⚠️  config.json was written successfully, but providers.json failed.');
+      console.error('   Please re-run "imtoagent setup" to fix.');
+      writeOk = false;
+    }
+  }
+
+  if (writeOk) {
+    const opencodePath = path.join(dataDir, 'opencode.json');
+    const opencodeTemplate = getTemplatePath('opencode.template.json');
+    if (fs.existsSync(opencodeTemplate)) {
+      fs.writeFileSync(opencodePath, fs.readFileSync(opencodeTemplate, 'utf-8'));
+      console.log(`✅ ${opencodePath}`);
+    }
   }
 
   fs.mkdirSync(path.join(dataDir, 'sessions'), { recursive: true });

package/modules/core/types.ts

@@ -242,6 +242,7 @@ export interface BotConfig {
   /** 唯一标识（UUID，用于目录/文件隔离，改名不影响） */
   id?: string;
   name: string;
+  im: string; // 'feishu' | 'telegram' | 'wecom' | 'wechat'
   backend: string; // 'claude' | 'codex' | 'opencode'
   appId: string;
   appSecret: string;