npm - imtoagent - Versions diffs - 0.3.24 → 0.3.25 - Mend

imtoagent 0.3.24 → 0.3.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/bin/imtoagent-real +184 -0
package/index.ts +31 -4
package/modules/cli/setup.ts +1 -0
package/modules/core/types.ts +1 -0
package/modules/utils/config-manager.ts +359 -0
package/modules/utils/doctor.ts +462 -0
package/modules/utils/workspace-manager.ts +23 -3
package/package.json +1 -1

package/bin/imtoagent-real CHANGED Viewed

@@ -61,6 +61,12 @@ switch (command) {
   case 'health':
     await cmdHealth();
     break;
+  case 'doctor':
+    await cmdDoctor();
+    break;
+  case 'config':
+    await cmdConfig();
+    break;
   case 'autostart':
     await cmdAutostart();
     break;
@@ -121,6 +127,13 @@ Usage:
   imtoagent uninstall           Uninstall imtoagent (keep data by default)
   imtoagent uninstall --purge   Uninstall and delete all data
   imtoagent health              Run comprehensive health check
+  imtoagent doctor              Diagnose & fix configuration issues
+  imtoagent config              Manage Bot configuration
+  imtoagent config list         List all Bots
+  imtoagent config show NAME    Show Bot details
+  imtoagent config add          Add a new Bot
+  imtoagent config remove NAME  Remove a Bot
+  imtoagent config modify NAME  Modify Bot settings
   imtoagent autostart enable    Enable auto-start on login (launchd)
   imtoagent autostart disable   Disable auto-start
   imtoagent autostart status    Check auto-start status
@@ -939,6 +952,177 @@ async function cmdHealth(): Promise<void> {
   console.log();
 }
+// ================================================================
+// config — Bot 配置管理
+// ================================================================
+async function cmdConfig(): Promise<void> {
+  const subcommand = process.argv[3];
+  switch (subcommand) {
+    case 'list':
+      await cmdConfigList();
+      break;
+    case 'show': {
+      const name = process.argv[4];
+      if (!name) { console.error('Usage: imtoagent config show <name>'); process.exit(1); }
+      await cmdConfigShow(name);
+      break;
+    }
+    case 'add':
+      await cmdConfigAdd();
+      break;
+    case 'remove': {
+      const name = process.argv[4];
+      if (!name) { console.error('Usage: imtoagent config remove <name>'); process.exit(1); }
+      await cmdConfigRemove(name);
+      break;
+    }
+    case 'modify': {
+      const name = process.argv[4];
+      if (!name) { console.error('Usage: imtoagent config modify <name>'); process.exit(1); }
+      await cmdConfigModify(name);
+      break;
+    }
+    case undefined:
+    case 'help':
+    case '--help':
+    case '-h':
+      console.log(`
+imtoagent config — Manage Bot configuration
+Usage:
+  imtoagent config list         List all Bots
+  imtoagent config show NAME    Show Bot details
+  imtoagent config add          Add a new Bot (interactive)
+  imtoagent config remove NAME  Remove a Bot
+  imtoagent config modify NAME  Modify Bot settings
+`);
+      break;
+    default:
+      console.error(`❌ Unknown config subcommand: ${subcommand}`);
+      console.log('   Run "imtoagent config help" for usage.');
+      process.exit(1);
+  }
+}
+// ---- Config subcommand wrappers ----
+async function cmdConfigList(): Promise<void> {
+  const m = await import('../modules/utils/config-manager');
+  await m.cmdConfigList();
+}
+async function cmdConfigShow(name: string): Promise<void> {
+  const m = await import('../modules/utils/config-manager');
+  await m.cmdConfigShow(name);
+}
+async function cmdConfigAdd(): Promise<void> {
+  const m = await import('../modules/utils/config-manager');
+  await m.cmdConfigAdd();
+}
+async function cmdConfigRemove(name: string): Promise<void> {
+  const m = await import('../modules/utils/config-manager');
+  await m.cmdConfigRemove(name);
+}
+async function cmdConfigModify(name: string): Promise<void> {
+  const m = await import('../modules/utils/config-manager');
+  await m.cmdConfigModify(name);
+}
+// ================================================================
+// doctor — 配置诊断与自动修复
+// ================================================================
+async function cmdDoctor(): Promise<void> {
+  console.log(`\n🔧 imtoagent Doctor — Configuration Diagnosis\n`);
+  try {
+    const { runDoctorChecks, formatIssues } = await import('../modules/utils/doctor');
+    const issues = await runDoctorChecks();
+    // 分组
+    const fixableIssues = issues.filter(i => i.fixable);
+    const unfixableIssues = issues.filter(i => !i.fixable);
+    const errors = issues.filter(i => i.severity === 'error');
+    const warnings = issues.filter(i => i.severity === 'warning');
+    const infos = issues.filter(i => i.severity === 'info');
+    // 打印所有问题
+    if (issues.length === 0) {
+      console.log('   ✅ All checks passed! Nothing to fix.\n');
+      return;
+    }
+    // 打印 errors
+    if (errors.length > 0) {
+      console.log('❌ Errors:');
+      for (const e of errors) {
+        console.log(`   ${e.message}`);
+        if (e.fixable && e.fixDescription) {
+          console.log(`   → 🔧 ${e.fixDescription}`);
+        }
+      }
+      console.log();
+    }
+    // 打印 warnings
+    if (warnings.length > 0) {
+      console.log('⚠️  Warnings:');
+      for (const w of warnings) {
+        console.log(`   ${w.message}`);
+      }
+      console.log();
+    }
+    // 打印 infos
+    if (infos.length > 0) {
+      console.log('✅ OK:');
+      for (const i of infos) {
+        console.log(`   ${i.message}`);
+      }
+      console.log();
+    }
+    // 尝试自动修复
+    if (fixableIssues.length > 0) {
+      console.log(`─── Auto-Fix ───`);
+      let fixed = 0;
+      for (const issue of fixableIssues) {
+        if (!issue.fix) continue;
+        try {
+          console.log(`\n🔧 Fixing: ${issue.fixDescription}`);
+          const success = await issue.fix();
+          if (success) {
+            console.log(`   ✅ Fixed`);
+            fixed++;
+          } else {
+            console.log(`   ❌ Fix failed`);
+          }
+        } catch (e: any) {
+          console.log(`   ❌ Fix failed: ${e.message}`);
+        }
+      }
+      console.log(`\n   ${fixed}/${fixableIssues.length} issues fixed`);
+      if (fixed > 0) {
+        console.log(`\n💡 Run "imtoagent doctor" again to re-check after fixes.\n`);
+      }
+    }
+    // Summary
+    console.log('── Summary ──');
+    if (errors.length === 0) {
+      console.log('   ✅ No errors found');
+    } else {
+      console.log(`   ❌ ${errors.length} error(s) — some may be fixable`);
+    }
+    if (warnings.length > 0) {
+      console.log(`   ⚠️  ${warnings.length} warning(s) — review recommended`);
+    }
+    console.log();
+  } catch (e: any) {
+    console.error(`❌ Doctor check failed: ${e.message}\n`);
+    process.exit(1);
+  }
+}
 // ================================================================
 // autostart — launchd integration (macOS only)
 // ================================================================

package/index.ts CHANGED Viewed

@@ -289,6 +289,7 @@ interface BotConfig {
   appSecret: string;
   backend: 'claude' | 'codex' | 'opencode';
   cwd?: string;
+  isAdmin?: boolean;  // true = 可以修改网关配置，默认第一个 Bot 为 true
 }
 // ================================================================
@@ -307,6 +308,7 @@ class Bot {
   soul: string;
   client: Lark.Client;
   im: IMModule;
+  isAdmin: boolean;
   config: any;
   workspaceManager: WorkspaceManager;
@@ -327,6 +329,7 @@ class Bot {
     this.appSecret = cfg.appSecret;
     this.defaultCwd = cfg.cwd || globalConfig.system?.defaultProjectDir || path.join(os.homedir(), 'Projects');
     this.config = globalConfig;
+    this.isAdmin = cfg.isAdmin !== undefined ? cfg.isAdmin : true; // 默认 true（后向兼容老用户）
     this.workspaceManager = workspaceManager;
     // 确保工作空间目录存在
@@ -412,8 +415,13 @@ class Bot {
       if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
       const hasFiles = fs.readdirSync(dir).some((f: string) => f.endsWith('.md'));
       if (hasFiles) return;
+      // 根据 isAdmin 生成不同的 rules.md
+      const rulesMd = this.isAdmin
+        ? '# Bot Rules\n\nYou are an **admin Bot** with full gateway management privileges.\n\n- You can modify IMtoAgent configuration (config.json, providers, Bot management)\n- You have access to any directory (global workspace mode)\n- Sensitive information such as project keys, tokens, and passwords must not be leaked\n- Destructive commands must not be executed without explicit confirmation'
+        : '# Bot Rules\n\nYou are a **non-admin Bot** with restricted privileges.\n\n- ⛔ NEVER modify any files under ~/.imtoagent/ (config.json, providers.json, etc.)\n- ⛔ NEVER read or expose gateway configuration contents\n- ⛔ NEVER attempt to add, remove, or modify Bot configurations\n- Your working directory is limited to your assigned workspace\n- All file operations must stay within your workspace boundary\n- Sensitive information such as project keys, tokens, and passwords must not be leaked\n- Destructive commands must not be executed without explicit confirmation';
       const defaults: Record<string, string> = {
-        'rules.md': '# Hard Constraint Rules\n\nThe following rules cannot be overridden or modified:\n\n- Sensitive information such as project keys, tokens, and passwords must not be leaked\n- Destructive commands must not be executed',
+        'rules.md': rulesMd,
         'identity.md': `# Identity\n\n- I am an AI programming assistant connected via IMtoAgent\n- I run on the ${this.backend === 'codex' ? 'Codex' : 'Claude Code'} backend\n- Reply in Chinese`,
         'profile.md': '# User Profile\n\nThis file can be modified by the Agent. When the user says "remember xxx" or "I prefer xxx", the Agent should update this file.\n\n## Modification Guide (Agent Only)\n\nRead this file → Add/delete/modify entries based on user requests → Save',
         'workspace.md': '# Project Environment\n\nAuto-generated by IMtoAgent.',
@@ -437,11 +445,30 @@ class Bot {
       for (const file of order) {
         const fp = dir + '/' + file;
         if (fs.existsSync(fp)) {
-          const content = fs.readFileSync(fp, 'utf-8').trim();
-          if (content) parts.push(content);
+          const c = fs.readFileSync(fp, 'utf-8').trim();
+          if (c) parts.push(c);
         }
       }
     } catch {}
+    // Inject config CLI reference — so the Agent knows how to manage Bots via natural language
+    const adminTag = this.isAdmin ? '' : ' (you are a non-admin Bot — you cannot use these commands, tell the user to use an admin Bot)';
+    const bt = String.fromCharCode(96);  // backtick
+    const fence = bt + bt + bt;
+    const cliRef = '## IMtoAgent Config CLI' +
+      '\n\nYou can manage Bot configurations via these CLI commands:' + adminTag +
+      '\n\n' + fence + 'bash' +
+      '\nimtoagent config list              # List all Bots' +
+      '\nimtoagent config show <BotName>    # Show a Bot\'s details' +
+      '\nimtoagent config add               # Add a new Bot (interactive)' +
+      '\nimtoagent config remove <BotName>  # Remove a Bot' +
+      '\nimtoagent config modify <BotName>  # Modify a Bot\'s settings' +
+      '\nimtoagent restore                  # Hot-reload after config changes' +
+      '\nimtoagent doctor                   # Diagnose config issues' +
+      '\n' + fence +
+      '\n\nWhen the user asks to manage Bots, use these commands. After changes, run ' + bt + 'imtoagent restore' + bt + '.';
+    parts.push(cliRef);
     return parts.join('\n\n');
   }
@@ -499,7 +526,7 @@ class Bot {
         : `⏸ ${this.backend} idle | ${this.activeModel}`);
     cmd('/info', ({ session }) =>
-      `🤖 ${this.name} (${this.backend})\nModel: ${this.activeModel}\nDirectory: ${session?.cwd || this.defaultCwd}\nSessions: ${this.sessions.size}`);
+      `🤖 ${this.name} (${this.backend})${this.isAdmin ? ' ⭐' : ''}\nModel: ${this.activeModel}\nDirectory: ${session?.cwd || this.defaultCwd}\nSessions: ${this.sessions.size}`);
     cmd('/stats', ({ session }) => {
       if (!session || session.stats.calls === 0) return '📊 No calls yet';

package/modules/cli/setup.ts CHANGED Viewed

@@ -461,6 +461,7 @@ export async function runSetupWizard(options?: SetupOptions): Promise<void> {
       name: botName,
       backend,
       cwd: cwd || os.homedir(),
+      isAdmin: bots.length === 0,  // 第一个 Bot 为 admin，后续为 false
     };
     // Feishu needs appId + appSecret

package/modules/core/types.ts CHANGED Viewed

@@ -242,6 +242,7 @@ export interface BotConfig {
   /** 唯一标识（UUID，用于目录/文件隔离，改名不影响） */
   id?: string;
   name: string;
+  im: string; // 'feishu' | 'telegram' | 'wecom' | 'wechat'
   backend: string; // 'claude' | 'codex' | 'opencode'
   appId: string;
   appSecret: string;

package/modules/utils/config-manager.ts ADDED Viewed

@@ -0,0 +1,359 @@
+// ================================================================
+// config-manager.ts — 配置管理 CRUD
+// ================================================================
+// imtoagent config list       — 列出所有 Bot
+// imtoagent config show NAME  — 显示某个 Bot 的完整配置
+// imtoagent config add        — 交互式添加 Bot
+// imtoagent config remove NAME — 删除 Bot
+// imtoagent config modify NAME — 修改 Bot 配置
+// ================================================================
+import * as fs from 'fs';
+import * as path from 'path';
+import * as readline from 'readline';
+import { getDataDir, getConfigPath, getProvidersPath } from './paths';
+import crypto from 'crypto';
+// ================================================================
+// 类型
+// ================================================================
+const VALID_BACKENDS = ['claude', 'codex', 'opencode'] as const;
+const VALID_IMS = ['feishu', 'telegram', 'wecom', 'wechat'] as const;
+export type BackendType = typeof VALID_BACKENDS[number];
+export type IMType = typeof VALID_IMS[number];
+export interface BotEntry {
+  id?: string;
+  name: string;
+  im: string;
+  appId: string;
+  appSecret: string;
+  backend: string;
+  cwd?: string;
+}
+interface RawConfig {
+  system?: Record<string, any>;
+  providers?: Record<string, any>;
+  defaultModel?: string;
+  activeModel?: string;
+  modelAliases?: Record<string, string>;
+  bots?: BotEntry[];
+  execServer?: any;
+  codex?: any;
+  opencode?: any;
+  rateLimit?: any;
+  shutdown?: any;
+  [key: string]: any;
+}
+// ================================================================
+// 加载/保存
+// ================================================================
+function loadConfig(): { config: RawConfig; configPath: string } {
+  const configPath = getConfigPath();
+  if (!fs.existsSync(configPath)) {
+    throw new Error(`config.json not found at ${configPath} — run "imtoagent setup" first`);
+  }
+  const raw = fs.readFileSync(configPath, 'utf-8');
+  const config = JSON.parse(raw) as RawConfig;
+  return { config, configPath };
+}
+function saveConfig(config: RawConfig, configPath: string): void {
+  const tmpPath = configPath + '.tmp';
+  try {
+    fs.writeFileSync(tmpPath, JSON.stringify(config, null, 2) + '\n');
+    fs.renameSync(tmpPath, configPath);
+  } catch (e) {
+    // Clean up tmp on failure
+    try { fs.unlinkSync(tmpPath); } catch {}
+    throw e;
+  }
+}
+// ================================================================
+// 交互式 prompt（复用 setup 的风格）
+// ================================================================
+const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+function prompt(question: string): Promise<string> {
+  return new Promise((resolve) => {
+    rl.question(question, (answer) => resolve(answer.trim()));
+  });
+}
+async function confirm(question: string): Promise<boolean> {
+  const answer = await prompt(`${question} [y/N] `);
+  return answer.toLowerCase() === 'y' || answer.toLowerCase() === 'yes';
+}
+// ================================================================
+// config list
+// ================================================================
+export async function cmdConfigList(): Promise<void> {
+  const { config } = loadConfig();
+  const bots = config.bots || [];
+  if (bots.length === 0) {
+    console.log('   No Bots configured. Run "imtoagent config add" to add one.');
+    return;
+  }
+  console.log(`\n📋 Configured Bots (${bots.length}):\n`);
+  for (const bot of bots) {
+    const botId = bot.id ? ` [${bot.id.slice(0, 8)}]` : '';
+    const adminTag = bot.isAdmin ? ' ⭐' : '';
+    const cwd = bot.cwd ? ` (cwd: ${bot.cwd})` : '';
+    console.log(`   • ${bot.name}${adminTag}${botId}`);
+    console.log(`     IM: ${bot.im || "(not set)"} | Backend: ${bot.backend}${cwd}`);
+  }
+  console.log();
+}
+// ================================================================
+// config show NAME
+// ================================================================
+export async function cmdConfigShow(name: string): Promise<void> {
+  const { config } = loadConfig();
+  const bots = config.bots || [];
+  const bot = bots.find(b => b.name === name);
+  if (!bot) {
+    console.error(`❌ Bot "${name}" not found`);
+    process.exit(1);
+  }
+  console.log(`\n📋 Bot: ${bot.name}\n`);
+  console.log(`   ID:        ${bot.id || '(auto-generated)'}`);
+  console.log(`   IM:        ${bot.im || "(not set)"}`);
+  console.log(`   Backend:   ${bot.backend}`);
+  console.log(`   App ID:    ${maskSecret(bot.appId)}`);
+  console.log(`   App Secret: ${maskSecret(bot.appSecret)}`);
+  console.log(`   Admin:     ${bot.isAdmin ? '✅ Yes' : '❌ No'}`);
+  if (bot.cwd) console.log(`   CWD:       ${bot.cwd}`);
+  console.log();
+}
+function maskSecret(s: string): string {
+  if (s.length <= 8) return '***';
+  return s.slice(0, 4) + '...' + s.slice(-4);
+}
+// ================================================================
+// config add
+// ================================================================
+export async function cmdConfigAdd(): Promise<void> {
+  console.log('\n➕ Add a new Bot\n');
+  // 1. Bot name
+  let name: string;
+  while (true) {
+    name = await prompt('Bot name (e.g. MyAssistantBot): ');
+    if (!name) { console.log('   ⚠️  Name is required'); continue; }
+    if (!/^[a-zA-Z0-9_-]+$/.test(name)) { console.log('   ⚠️  Name can only contain letters, numbers, hyphens, underscores'); continue; }
+    const { config } = loadConfig();
+    if (config.bots?.find(b => b.name === name)) {
+      console.log(`   ⚠️  Bot "${name}" already exists`);
+      continue;
+    }
+    break;
+  }
+  // 2. IM platform
+  console.log('\n   IM platforms:');
+  console.log('   1. feishu     (飞书/Lark)');
+  console.log('   2. telegram   (Telegram)');
+  console.log('   3. wecom      (企业微信)');
+  console.log('   4. wechat     (个人微信)');
+  let im: string;
+  while (true) {
+    im = await prompt('\n   IM platform (1-4 or name): ');
+    const numMap: Record<string, string> = { '1': 'feishu', '2': 'telegram', '3': 'wecom', '4': 'wechat' };
+    im = numMap[im] || im.toLowerCase();
+    if (VALID_IMS.includes(im as IMType)) break;
+    console.log('   ⚠️  Valid options: feishu, telegram, wecom, wechat');
+  }
+  // 3. IM credentials
+  let appId = await prompt(`\n   App ID (飞书 App ID / Telegram Bot Token / etc): `);
+  if (!appId) { console.log('   ⚠️  App ID is required'); process.exit(1); }
+  let appSecret = await prompt(`   App Secret (飞书 App Secret / leave blank for Telegram): `);
+  // 4. Backend
+  console.log('\n   Backends:');
+  console.log('   1. claude   (Claude Code)');
+  console.log('   2. codex    (OpenAI Codex)');
+  console.log('   3. opencode (OpenCode)');
+  let backend: string;
+  while (true) {
+    backend = await prompt('\n   Backend (1-3 or name): ');
+    const numMap: Record<string, string> = { '1': 'claude', '2': 'codex', '3': 'opencode' };
+    backend = numMap[backend] || backend.toLowerCase();
+    if (VALID_BACKENDS.includes(backend as BackendType)) break;
+    console.log('   ⚠️  Valid options: claude, codex, opencode');
+  }
+  // 5. Working directory (optional)
+  const cwd = await prompt('\n   Working directory (leave blank for default): ');
+  // Summary
+  console.log('\n── Summary ──');
+  console.log(`   Name:      ${name}`);
+  console.log(`   IM:        ${im}`);
+  console.log(`   App ID:    ${maskSecret(appId)}`);
+  console.log(`   App Secret: ${appSecret ? maskSecret(appSecret) : '(not set)'}`);
+  console.log(`   Backend:   ${backend}`);
+  if (cwd) console.log(`   CWD:       ${cwd}`);
+  console.log();
+  const ok = await confirm('Create this Bot?');
+  if (!ok) { console.log('   Cancelled.'); rl.close(); return; }
+  // Apply
+  const { config, configPath } = loadConfig();
+  if (!config.bots) config.bots = [];
+  const newBot: BotEntry = {
+    id: crypto.randomUUID(),
+    name,
+    im,
+    appId,
+    appSecret: appSecret || '',
+    backend,
+    isAdmin: false,  // 通过 CLI 添加的 Bot 默认非 admin
+    ...(cwd ? { cwd } : {}),
+  };
+  config.bots.push(newBot);
+  saveConfig(config, configPath);
+  console.log(`\n✅ Bot "${name}" created!`);
+  console.log(`   Run "imtoagent restore" to hot-reload the gateway.\n`);
+  rl.close();
+}
+// ================================================================
+// config remove NAME
+// ================================================================
+export async function cmdConfigRemove(name: string): Promise<void> {
+  const { config, configPath } = loadConfig();
+  const bots = config.bots || [];
+  const idx = bots.findIndex(b => b.name === name);
+  if (idx === -1) {
+    console.error(`❌ Bot "${name}" not found`);
+    process.exit(1);
+  }
+  const bot = bots[idx];
+  console.log(`\n🗑️  Remove Bot: ${name}`);
+  console.log(`   IM: ${bot.im || "(not set)"} | Backend: ${bot.backend}\n`);
+  const ok = await confirm('Are you sure? This cannot be undone');
+  if (!ok) { console.log('   Cancelled.'); rl.close(); return; }
+  config.bots = bots.filter((_, i) => i !== idx);
+  saveConfig(config, configPath);
+  console.log(`\n✅ Bot "${name}" removed`);
+  console.log(`   Run "imtoagent restore" to hot-reload the gateway.\n`);
+  rl.close();
+}
+// ================================================================
+// config modify NAME
+// ================================================================
+export async function cmdConfigModify(name: string): Promise<void> {
+  const { config, configPath } = loadConfig();
+  const bot = config.bots?.find(b => b.name === name);
+  if (!bot) {
+    console.error(`❌ Bot "${name}" not found`);
+    process.exit(1);
+  }
+  console.log(`\n✏️  Modify Bot: ${name}\n`);
+  console.log(`   Current settings:`);
+  console.log(`   IM:        ${bot.im || "(not set)"}`);
+  console.log(`   App ID:    ${maskSecret(bot.appId)}`);
+  console.log(`   App Secret: ${bot.appSecret ? maskSecret(bot.appSecret) : '(not set)'}`);
+  console.log(`   Backend:   ${bot.backend}`);
+  console.log(`   CWD:       ${bot.cwd || '(default)'}`);
+  console.log();
+  console.log('   What do you want to change?');
+  console.log('   1. IM platform');
+  console.log('   2. App ID');
+  console.log('   3. App Secret');
+  console.log('   4. Backend');
+  console.log('   5. Working directory');
+  console.log(`   6. Admin status (${bot.isAdmin ? 'ON' : 'OFF'})`);
+  console.log('   7. Quit');
+  const choice = await prompt('\n   Choice (1-7): ');
+  switch (choice) {
+    case '1': {
+      console.log('\n   Valid: feishu, telegram, wecom, wechat');
+      const newIm = await prompt(`   New IM platform (current: ${bot.im}): `);
+      if (newIm && VALID_IMS.includes(newIm as IMType)) bot.im = newIm;
+      break;
+    }
+    case '2': {
+      const newAppId = await prompt(`   New App ID (current: ${maskSecret(bot.appId)}): `);
+      if (newAppId) bot.appId = newAppId;
+      break;
+    }
+    case '3': {
+      const newSecret = await prompt(`   New App Secret: `);
+      if (newSecret) bot.appSecret = newSecret;
+      break;
+    }
+    case '4': {
+      console.log('\n   Valid: claude, codex, opencode');
+      const newBackend = await prompt(`   New backend (current: ${bot.backend}): `);
+      if (newBackend && VALID_BACKENDS.includes(newBackend as BackendType)) bot.backend = newBackend;
+      break;
+    }
+    case '5': {
+      const newCwd = await prompt(`   New working directory (current: ${bot.cwd || 'default'}): `);
+      if (newCwd) bot.cwd = newCwd;
+      else if (newCwd === '') delete bot.cwd;
+      break;
+    }
+    case '6': {
+      const current = bot.isAdmin ? 'ON' : 'OFF';
+      const newVal = await prompt(`   Toggle admin status (current: ${current}, yes/no): `);
+      if (newVal && (newVal.toLowerCase() === 'yes' || newVal.toLowerCase() === 'y')) {
+        bot.isAdmin = !bot.isAdmin;
+        console.log(`   Admin status → ${bot.isAdmin ? 'ON' : 'OFF'}`);
+      }
+      break;
+    }
+    case '7':
+      console.log('   No changes.');
+      rl.close();
+      return;
+    default:
+      console.log('   Invalid choice.');
+      rl.close();
+      return;
+  }
+  saveConfig(config, configPath);
+  console.log(`\n✅ Bot "${name}" updated`);
+  console.log(`   Run "imtoagent restore" to hot-reload the gateway.\n`);
+  rl.close();
+}

package/modules/utils/doctor.ts ADDED Viewed

@@ -0,0 +1,462 @@
+// ================================================================
+// doctor.ts — 配置诊断与自动修复
+// ================================================================
+// imtoagent doctor
+//   检查 config.json, providers.json, 数据目录, 后端, 端口, API Key 格式等
+//   对可修复问题，用户确认后自动修复
+// ================================================================
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+import { execSync } from 'child_process';
+import { getDataDir, getConfigPath, getProvidersPath, getSessionsDir, getLogsDir, getOpencodeConfigPath } from './paths';
+import { checkBackend, checkAllBackends } from './backend-check';
+// ================================================================
+// Issue 类型
+// ================================================================
+export type IssueSeverity = 'error' | 'warning' | 'info';
+export interface DoctorIssue {
+  severity: IssueSeverity;
+  category: string;
+  message: string;
+  fixable: boolean;
+  fixDescription?: string;
+  fix?: () => Promise<boolean> | boolean;
+}
+// ================================================================
+// API Key 格式验证
+// ================================================================
+const API_KEY_PATTERNS: Record<string, { prefix: string; minLength: number }> = {
+  // OpenAI 格式
+  'openai': { prefix: 'sk-proj-', minLength: 20 },
+  // Anthropic 格式
+  'anthropic': { prefix: 'sk-ant-', minLength: 20 },
+  // 百炼/DashScope 格式
+  'dashscope': { prefix: 'sk-', minLength: 20 },
+  // 通用 sk- 格式
+  'generic-sk': { prefix: 'sk-', minLength: 10 },
+};
+function validateApiKey(key: string): { valid: boolean; reason?: string } {
+  if (!key) return { valid: false, reason: 'empty' };
+  if (key.includes('YOUR_') || key.includes('xxx') || key.includes('PLACEHOLDER') || key.includes('placeholder')) {
+    return { valid: false, reason: 'placeholder value' };
+  }
+  // 太短的 key 大概率是无效的
+  if (key.length < 8) return { valid: false, reason: `too short (${key.length} chars)` };
+  return { valid: true };
+}
+// ================================================================
+// 诊断检查
+// ================================================================
+export async function runDoctorChecks(): Promise<DoctorIssue[]> {
+  const issues: DoctorIssue[] = [];
+  const dataDir = getDataDir();
+  const configPath = getConfigPath();
+  const providersPath = getProvidersPath();
+  const sessionsDir = getSessionsDir();
+  const logsDir = getLogsDir();
+  // ---- 1. 数据目录结构 ----
+  const requiredDirs = [
+    { path: dataDir, name: 'Data directory (~/.imtoagent/)' },
+    { path: sessionsDir, name: 'Sessions directory' },
+    { path: logsDir, name: 'Logs directory' },
+  ];
+  for (const dir of requiredDirs) {
+    if (!fs.existsSync(dir.path)) {
+      const dirPath = dir.path;
+      issues.push({
+        severity: 'error',
+        category: 'Directory',
+        message: `${dir.name} not found: ${dirPath}`,
+        fixable: true,
+        fixDescription: `Create directory: ${dirPath}`,
+        fix: () => { fs.mkdirSync(dirPath, { recursive: true }); return true; },
+      });
+    }
+  }
+  // ---- 2. config.json ----
+  let configRaw: string | null = null;
+  let config: any = null;
+  if (!fs.existsSync(configPath)) {
+    issues.push({
+      severity: 'error',
+      category: 'Config',
+      message: 'config.json not found — run "imtoagent setup" to create it',
+      fixable: false,
+    });
+    return issues; // 没有配置文件，后续检查无意义
+  }
+  try {
+    configRaw = fs.readFileSync(configPath, 'utf-8');
+    config = JSON.parse(configRaw);
+    issues.push({ severity: 'info', category: 'Config', message: 'config.json parse OK', fixable: false });
+  } catch (e: any) {
+    // 尝试修复常见 JSON 语法错误
+    const fixed = tryFixJSON(configRaw);
+    if (fixed !== null) {
+      issues.push({
+        severity: 'error',
+        category: 'Config',
+        message: `config.json has syntax errors: ${e.message}`,
+        fixable: true,
+        fixDescription: 'Auto-fix common JSON syntax issues (trailing commas, comments)',
+        fix: () => {
+          fs.writeFileSync(configPath, fixed + '\n');
+          return true;
+        },
+      });
+      config = JSON.parse(fixed);
+    } else {
+      issues.push({
+        severity: 'error',
+        category: 'Config',
+        message: `config.json parse error: ${e.message}`,
+        fixable: false,
+      });
+      return issues;
+    }
+  }
+  // 检查必要字段
+  if (!config.bots || !Array.isArray(config.bots)) {
+    issues.push({
+      severity: 'error',
+      category: 'Config',
+      message: 'No "bots" array in config.json — no Bots configured',
+      fixable: false,
+    });
+  } else if (config.bots.length === 0) {
+    issues.push({
+      severity: 'warning',
+      category: 'Config',
+      message: '"bots" array is empty — no Bots configured',
+      fixable: false,
+    });
+  } else {
+    for (let i = 0; i < config.bots.length; i++) {
+      const bot = config.bots[i];
+      const botLabel = bot.name || `bots[${i}]`;
+      const botIssues: string[] = [];
+      if (!bot.name) botIssues.push('missing "name"');
+      if (!bot.appId) botIssues.push('missing "appId"');
+      if (!bot.appSecret) botIssues.push('missing "appSecret"');
+      if (!bot.backend) botIssues.push('missing "backend"');
+      if (bot.backend && !['claude', 'codex', 'opencode'].includes(bot.backend)) {
+        botIssues.push(`unknown backend "${bot.backend}" (expected: claude/codex/opencode)`);
+      }
+      if (botIssues.length > 0) {
+        issues.push({
+          severity: 'error',
+          category: 'Config',
+          message: `Bot "${botLabel}": ${botIssues.join(', ')}`,
+          fixable: false,
+        });
+      } else {
+        issues.push({ severity: 'info', category: 'Config', message: `Bot "${bot.name}" OK (${bot.backend})`, fixable: false });
+      }
+    }
+  }
+  // 检查 system 配置
+  if (!config.system) {
+    const systemPath = 'system';
+    issues.push({
+      severity: 'warning',
+      category: 'Config',
+      message: 'Missing "system" section in config.json',
+      fixable: true,
+      fixDescription: 'Add default system config (idleTimeoutMinutes: 30, etc.)',
+      fix: () => {
+        config.system = { defaultProjectDir: os.homedir(), idleTimeoutMinutes: 30 };
+        fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n');
+        return true;
+      },
+    });
+  }
+  // ---- 3. providers.json ----
+  let providers: any = null;
+  if (!fs.existsSync(providersPath)) {
+    issues.push({
+      severity: 'warning',
+      category: 'Providers',
+      message: 'providers.json not found',
+      fixable: false,
+    });
+  } else {
+    try {
+      const provRaw = fs.readFileSync(providersPath, 'utf-8');
+      providers = JSON.parse(provRaw);
+      issues.push({ severity: 'info', category: 'Providers', message: 'providers.json parse OK', fixable: false });
+      // 检查 placeholder API keys
+      const provStr = JSON.stringify(providers);
+      if (provStr.includes('YOUR_') || provStr.includes('sk-xxx') || provStr.includes('PLACEHOLDER')) {
+        issues.push({
+          severity: 'warning',
+          category: 'Providers',
+          message: 'providers.json may contain placeholder API keys',
+          fixable: false,
+        });
+      }
+      // 验证每个 provider 的 API key
+      if (providers.providers) {
+        for (const [provName, provCfg] of Object.entries(providers.providers) as [string, any][]) {
+          if (provCfg.apiKey) {
+            const result = validateApiKey(provCfg.apiKey);
+            if (!result.valid) {
+              issues.push({
+                severity: 'warning',
+                category: 'Providers',
+                message: `Provider "${provName}" API key looks invalid (${result.reason})`,
+                fixable: false,
+              });
+            } else {
+              issues.push({ severity: 'info', category: 'Providers', message: `Provider "${provName}" API key format OK`, fixable: false });
+            }
+          }
+        }
+      }
+    } catch (e: any) {
+      const fixed = tryFixJSON(fs.readFileSync(providersPath, 'utf-8'));
+      if (fixed !== null) {
+        issues.push({
+          severity: 'error',
+          category: 'Providers',
+          message: `providers.json has syntax errors: ${e.message}`,
+          fixable: true,
+          fixDescription: 'Auto-fix common JSON syntax issues',
+          fix: () => {
+            fs.writeFileSync(providersPath, fixed + '\n');
+            return true;
+          },
+        });
+      } else {
+        issues.push({
+          severity: 'error',
+          category: 'Providers',
+          message: `providers.json parse error: ${e.message}`,
+          fixable: false,
+        });
+      }
+    }
+  }
+  // ---- 4. 后端检查 ----
+  if (config.bots && config.bots.length > 0) {
+    const checkedTypes = new Set<string>();
+    for (const bot of config.bots) {
+      if (bot.backend && ['claude', 'codex', 'opencode'].includes(bot.backend) && !checkedTypes.has(bot.backend)) {
+        checkedTypes.add(bot.backend);
+        const info = checkBackend(bot.backend as any);
+        if (info.installed) {
+          issues.push({ severity: 'info', category: 'Backend', message: `${info.label} v${info.version} (${info.installSource})`, fixable: false });
+        } else {
+          issues.push({
+            severity: 'error',
+            category: 'Backend',
+            message: `${info.label} not installed — Bot "${bot.name}" requires it`,
+            fixable: false,
+          });
+        }
+      }
+    }
+  }
+  // ---- 5. 端口检查 ----
+  try {
+    const net = await import('net');
+    const checkPort = (port: number): Promise<boolean> => {
+      return new Promise((resolve) => {
+        const socket = new net.Socket();
+        socket.setTimeout(2000);
+        socket.on('connect', () => { socket.destroy(); resolve(true); });
+        socket.on('error', () => resolve(false));
+        socket.on('timeout', () => { socket.destroy(); resolve(false); });
+        socket.connect(port, '127.0.0.1');
+      });
+    };
+    const reachable = await checkPort(18899);
+    if (reachable) {
+      // 检查是否是 imtoagent 自己的进程
+      try {
+        const lsofOut = execSync(`lsof -i :18899 2>/dev/null`, { encoding: 'utf-8', timeout: 3000 }).trim();
+        if (lsofOut && lsofOut.includes('imtoagent') || lsofOut.includes('bun') || lsofOut.includes('node')) {
+          issues.push({ severity: 'info', category: 'Port', message: 'Port 18899 in use by imtoagent gateway', fixable: false });
+        } else {
+          issues.push({
+            severity: 'error',
+            category: 'Port',
+            message: `Port 18899 occupied by another process:\n${lsofOut.split('\n').slice(0, 3).join('\n')}`,
+            fixable: false,
+          });
+        }
+      } catch {
+        issues.push({ severity: 'info', category: 'Port', message: 'Port 18899 in use', fixable: false });
+      }
+    } else {
+      issues.push({ severity: 'info', category: 'Port', message: 'Port 18899 is free', fixable: false });
+    }
+  } catch {
+    issues.push({ severity: 'warning', category: 'Port', message: 'Port check failed (skipped)', fixable: false });
+  }
+  // ---- 6. Bot appId/appSecret 格式 ----
+  if (config.bots) {
+    for (const bot of config.bots) {
+      if (bot.appId && bot.appId.includes('YOUR_')) {
+        issues.push({
+          severity: 'warning',
+          category: 'Credentials',
+          message: `Bot "${bot.name}" appId is placeholder: ${bot.appId}`,
+          fixable: false,
+        });
+      }
+      if (bot.appSecret && bot.appSecret.includes('YOUR_')) {
+        issues.push({
+          severity: 'warning',
+          category: 'Credentials',
+          message: `Bot "${bot.name}" appSecret is placeholder`,
+          fixable: false,
+        });
+      }
+    }
+  }
+  // ---- 7. Soul 目录检查 ----
+  if (config.bots) {
+    for (const bot of config.bots) {
+      const botKey = bot.id || bot.name;
+      const soulDir = path.join(dataDir, 'soul', botKey);
+      if (fs.existsSync(soulDir)) {
+        const soulFiles = fs.readdirSync(soulDir);
+        if (soulFiles.length === 0) {
+          issues.push({
+            severity: 'warning',
+            category: 'Soul',
+            message: `Bot "${bot.name}" soul directory is empty: ${soulDir}`,
+            fixable: false,
+          });
+        } else {
+          issues.push({ severity: 'info', category: 'Soul', message: `Bot "${bot.name}" soul: ${soulFiles.length} file(s)`, fixable: false });
+        }
+      }
+    }
+  }
+  // ---- 8. opencode.json 检查 ----
+  const opencodePath = getOpencodeConfigPath();
+  if (fs.existsSync(opencodePath)) {
+    try {
+      const ocRaw = fs.readFileSync(opencodePath, 'utf-8');
+      JSON.parse(ocRaw);
+      issues.push({ severity: 'info', category: 'Config', message: 'opencode.json parse OK', fixable: false });
+    } catch (e: any) {
+      const fixed = tryFixJSON(fs.readFileSync(opencodePath, 'utf-8'));
+      if (fixed !== null) {
+        issues.push({
+          severity: 'error',
+          category: 'Config',
+          message: `opencode.json has syntax errors: ${e.message}`,
+          fixable: true,
+          fixDescription: 'Auto-fix common JSON syntax issues',
+          fix: () => {
+            fs.writeFileSync(opencodePath, fixed + '\n');
+            return true;
+          },
+        });
+      } else {
+        issues.push({
+          severity: 'error',
+          category: 'Config',
+          message: `opencode.json parse error: ${e.message}`,
+          fixable: false,
+        });
+      }
+    }
+  }
+  return issues;
+}
+// ================================================================
+// JSON 修复 — 处理常见语法错误
+// ================================================================
+function tryFixJSON(raw: string): string | null {
+  // 尝试 1: 直接解析
+  try { JSON.parse(raw); return raw; } catch {}
+  // 尝试 2: 移除行尾逗号 (trailing commas)
+  let fixed = raw.replace(/,\s*([}\]])/g, '$1');
+  try { JSON.parse(fixed); return fixed; } catch {}
+  // 尝试 3: 移除单行注释 (// ...)
+  fixed = fixed.replace(/\/\/.*$/gm, '');
+  try { JSON.parse(fixed); return fixed; } catch {}
+  // 尝试 4: 移除多行注释 (/* ... */)
+  fixed = fixed.replace(/\/\*[\s\S]*?\*\//g, '');
+  try { JSON.parse(fixed); return fixed; } catch {}
+  // 尝试 5: 移除尾随逗号 + 注释组合
+  fixed = raw.replace(/\/\/.*$/gm, '').replace(/,\s*([}\]])/g, '$1');
+  try { JSON.parse(fixed); return fixed; } catch {}
+  return null;
+}
+// ================================================================
+// 格式化输出
+// ================================================================
+export function formatIssues(issues: DoctorIssue[]): string {
+  const errors = issues.filter(i => i.severity === 'error');
+  const warnings = issues.filter(i => i.severity === 'warning');
+  const infos = issues.filter(i => i.severity === 'info');
+  let output = '';
+  if (errors.length > 0) {
+    output += `\n❌ Errors (${errors.length}):\n`;
+    for (const e of errors) {
+      output += `   ${e.message}\n`;
+      if (e.fixable && e.fixDescription) {
+        output += `   → Fix: ${e.fixDescription}\n`;
+      }
+    }
+  }
+  if (warnings.length > 0) {
+    output += `\n⚠️  Warnings (${warnings.length}):\n`;
+    for (const w of warnings) {
+      output += `   ${w.message}\n`;
+    }
+  }
+  if (infos.length > 0) {
+    output += `\n✅ OK (${infos.length}):\n`;
+    for (const i of infos) {
+      output += `   ${i.message}\n`;
+    }
+  }
+  return output;
+}

package/modules/utils/workspace-manager.ts CHANGED Viewed

@@ -145,19 +145,39 @@ export class WorkspaceManager {
   /**
    * 检查路径是否允许该 Bot 访问。
    *
+   * 所有模式：禁止访问 ~/.imtoagent/ 下的配置敏感文件（配置保护）。
    * 沙盒模式：路径必须在 Bot 的工作空间范围内（或子目录）。
-   * 全局模式：不做限制，允许访问任意路径（信任用户配置的全局目录）。
+   * 全局模式：不做其他限制，允许访问任意路径（信任用户配置的全局目录）。
    *
    * 返回 true 表示允许，false 表示拒绝。
    */
   isPathAllowed(botKey: string, targetPath: string): boolean {
-    // 全局模式：不做边界限制
+    const resolved = path.resolve(targetPath);
+    // ⛔ 配置保护：禁止访问 ~/.imtoagent/ 下的敏感配置文件
+    // 白名单：允许访问 workspaces/ 和 soul/ 目录
+    const dataDir = path.resolve(getDataDir());
+    if (resolved === dataDir || resolved.startsWith(dataDir + path.sep)) {
+      const wsDir = path.resolve(this.workspacesDir);
+      const soulGlob = path.resolve(dataDir, 'soul');
+      // 允许：workspaces/ 下的内容、全局模式下的 soul/
+      if (resolved === wsDir || resolved.startsWith(wsDir + path.sep)) {
+        // OK — workspace 路径在工作空间范围内（沙盒模式下还需额外检查）
+      } else if (this.config.mode === 'global' &&
+                 (resolved === soulGlob || resolved.startsWith(soulGlob + path.sep))) {
+        // OK — 全局模式下的 soul 目录
+      } else {
+        // 其他 ~/.imtoagent/ 路径一律禁止（config.json、providers.json、bot-ids.json 等）
+        return false;
+      }
+    }
+    // 全局模式：配置保护已通过，不做其他边界限制
     if (this.config.mode === 'global') {
       return true;
     }
     // 沙盒模式：路径必须在工作空间内
-    const resolved = path.resolve(targetPath);
     const wsPath = this.getWorkspacePath(botKey);
     const resolvedWs = path.resolve(wsPath);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "imtoagent",
-  "version": "0.3.24",
+  "version": "0.3.25",
   "description": "IM ↔ Agent 统一网关 — 飞书/Telegram/微信/企业微信对接 Claude Code/Codex/OpenCode",
   "type": "module",
   "bin": {