liangzimixin 0.3.57 → 0.3.58

package/dist/index.cjs

@@ -4428,10 +4428,10 @@ function mergeDefs(...defs) {
 function cloneDef(schema) {
   return mergeDefs(schema._zod.def);
 }
-function getElementAtPath(obj, path2) {
-  if (!path2)
+function getElementAtPath(obj, path3) {
+  if (!path3)
     return obj;
-  return path2.reduce((acc, key) => acc?.[key], obj);
+  return path3.reduce((acc, key) => acc?.[key], obj);
 }
 function promiseAllObject(promisesObj) {
   const keys = Object.keys(promisesObj);
@@ -4814,11 +4814,11 @@ function aborted(x, startIndex = 0) {
   }
   return false;
 }
-function prefixIssues(path2, issues) {
+function prefixIssues(path3, issues) {
   return issues.map((iss) => {
     var _a2;
     (_a2 = iss).path ?? (_a2.path = []);
-    iss.path.unshift(path2);
+    iss.path.unshift(path3);
     return iss;
   });
 }
@@ -5001,7 +5001,7 @@ function formatError(error48, mapper = (issue2) => issue2.message) {
 }
 function treeifyError(error48, mapper = (issue2) => issue2.message) {
   const result = { errors: [] };
-  const processError = (error49, path2 = []) => {
+  const processError = (error49, path3 = []) => {
     var _a2, _b;
     for (const issue2 of error49.issues) {
       if (issue2.code === "invalid_union" && issue2.errors.length) {
@@ -5011,7 +5011,7 @@ function treeifyError(error48, mapper = (issue2) => issue2.message) {
       } else if (issue2.code === "invalid_element") {
         processError({ issues: issue2.issues }, issue2.path);
       } else {
-        const fullpath = [...path2, ...issue2.path];
+        const fullpath = [...path3, ...issue2.path];
         if (fullpath.length === 0) {
           result.errors.push(mapper(issue2));
           continue;
@@ -5043,8 +5043,8 @@ function treeifyError(error48, mapper = (issue2) => issue2.message) {
 }
 function toDotPath(_path) {
   const segs = [];
-  const path2 = _path.map((seg) => typeof seg === "object" ? seg.key : seg);
-  for (const seg of path2) {
+  const path3 = _path.map((seg) => typeof seg === "object" ? seg.key : seg);
+  for (const seg of path3) {
     if (typeof seg === "number")
       segs.push(`[${seg}]`);
     else if (typeof seg === "symbol")
@@ -17021,13 +17021,13 @@ function resolveRef(ref, ctx) {
   if (!ref.startsWith("#")) {
     throw new Error("External $ref is not supported, only local refs (#/...) are allowed");
   }
-  const path2 = ref.slice(1).split("/").filter(Boolean);
-  if (path2.length === 0) {
+  const path3 = ref.slice(1).split("/").filter(Boolean);
+  if (path3.length === 0) {
     return ctx.rootSchema;
   }
   const defsKey = ctx.version === "draft-2020-12" ? "$defs" : "definitions";
-  if (path2[0] === defsKey) {
-    const key = path2[1];
+  if (path3[0] === defsKey) {
+    const key = path3[1];
     if (!key || !ctx.defs[key]) {
       throw new Error(`Reference not found: ${ref}`);
     }
@@ -17525,7 +17525,9 @@ var DEFAULT_INTERNAL_CONFIG = {
     dedup: {
       ttlMs: 3e5,
       maxEntries: 5e3
-    }
+    },
+    maxInboundConcurrency: 5,
+    maxWaitingQueue: 15
   },
   auth: {
     serverUrl: process.env.LZMX_AUTH_URL || PRESET.apiBaseUrl,
@@ -17534,10 +17536,13 @@ var DEFAULT_INTERNAL_CONFIG = {
   crypto: {
     enabled: true,
     keySource: "env",
-    envKey: "QUANTUM_ENCRYPTION_KEY"
+    envKey: "QUANTUM_ENCRYPTION_KEY",
+    operationTimeoutMs: 1e4
   },
   message: {
-    messageServiceBaseUrl: process.env.LZMX_MSG_URL || PRESET.msgBaseUrl
+    messageServiceBaseUrl: process.env.LZMX_MSG_URL || PRESET.msgBaseUrl,
+    rateLimitPerSecond: 30,
+    rateLimitBurst: 60
   },
   file: {
     fileServiceBaseUrl: process.env.LZMX_FILE_URL || PRESET.fileBaseUrl,
@@ -17546,7 +17551,12 @@ var DEFAULT_INTERNAL_CONFIG = {
     allowedLocalRoots: ["/tmp/openclaw"],
     fetchTimeoutMs: 3e4,
     // staging 环境文件服务部署在内网 (10.x.x.x)，需要放行 SSRF 内网限制
-    allowPrivateNetwork: process.env.LZMX_ALLOW_PRIVATE_NETWORK ? process.env.LZMX_ALLOW_PRIVATE_NETWORK === "true" : CURRENT_ENV === "staging"
+    allowPrivateNetwork: process.env.LZMX_ALLOW_PRIVATE_NETWORK ? process.env.LZMX_ALLOW_PRIVATE_NETWORK === "true" : CURRENT_ENV === "staging",
+    maxUploadConcurrency: 3
+  },
+  metrics: {
+    enabled: true,
+    logIntervalMs: 6e4
   }
 };
 function buildPluginConfig(accountConfig, internalOverrides) {
@@ -17564,6 +17574,7 @@ function buildPluginConfig(accountConfig, internalOverrides) {
       serverUrl: process.env.LZMX_AUTH_URL || preset.apiBaseUrl
     },
     message: {
+      ...DEFAULT_INTERNAL_CONFIG.message,
       messageServiceBaseUrl: process.env.LZMX_MSG_URL || preset.msgBaseUrl
     },
     file: {
@@ -17582,7 +17593,7 @@ function buildPluginConfig(accountConfig, internalOverrides) {
 var import_plugin_sdk3 = require("openclaw/plugin-sdk");
 
 // src/file/media.ts
-var path = __toESM(require("path"), 1);
+var path2 = __toESM(require("path"), 1);
 var fs = __toESM(require("fs/promises"), 1);
 
 // src/types.ts
@@ -17639,9 +17650,9 @@ function createLogger(namespace, level = "info") {
 var log = createLogger("file/http-client");
 function createHttpClient(config2) {
   const { baseUrl, tokenManager, timeoutMs = 3e4 } = config2;
-  function buildUrl(path2) {
+  function buildUrl(path3) {
     const base = baseUrl.replace(/\/$/, "");
-    const p = path2.startsWith("/") ? path2 : `/${path2}`;
+    const p = path3.startsWith("/") ? path3 : `/${path3}`;
     return `${base}${p}`;
   }
   async function getHeaders(contentType) {
@@ -17683,8 +17694,8 @@ function createHttpClient(config2) {
   }
   return {
     /** GET 请求 — 获取资源 */
-    async apiGet(path2, operationContext) {
-      const url2 = buildUrl(path2);
+    async apiGet(path3, operationContext) {
+      const url2 = buildUrl(path3);
       log.debug("GET", { url: url2, operationContext });
       const response = await fetch(url2, {
         method: "GET",
@@ -17694,8 +17705,8 @@ function createHttpClient(config2) {
       return parseResponse(response, operationContext);
     },
     /** POST 请求 — 创建/提交资源 */
-    async apiPost(path2, body, operationContext) {
-      const url2 = buildUrl(path2);
+    async apiPost(path3, body, operationContext) {
+      const url2 = buildUrl(path3);
       log.debug("POST", { url: url2, operationContext });
       const response = await fetch(url2, {
         method: "POST",
@@ -17706,8 +17717,8 @@ function createHttpClient(config2) {
       return parseResponse(response, operationContext);
     },
     /** DELETE 请求 — 删除资源 */
-    async apiDelete(path2, operationContext) {
-      const url2 = buildUrl(path2);
+    async apiDelete(path3, operationContext) {
+      const url2 = buildUrl(path3);
       log.debug("DELETE", { url: url2, operationContext });
       const response = await fetch(url2, {
         method: "DELETE",
@@ -17750,8 +17761,8 @@ function createHttpClient(config2) {
      * GET 请求 (原始文本) — 用于非 JSON 响应 (如 HLS m3u8 manifest)。
      * 不经过 {code, msg, data} 解析，直接返回响应文本。
      */
-    async apiGetRaw(path2, operationContext) {
-      const url2 = buildUrl(path2);
+    async apiGetRaw(path3, operationContext) {
+      const url2 = buildUrl(path3);
       log.debug("GET (raw)", { url: url2, operationContext });
       const response = await fetch(url2, {
         method: "GET",
@@ -17806,7 +17817,227 @@ async function getDownloadUrl(client, fileId) {
 }
 
 // src/file/upload.ts
-var log2 = createLogger("file/upload");
+var path = __toESM(require("path"), 1);
+
+// src/utils/semaphore.ts
+var log2 = createLogger("transport/semaphore");
+var Semaphore = class {
+  /** 最大并发数 */
+  maxConcurrency;
+  /** 等待队列最大长度 */
+  maxWaiting;
+  /** 当前持有 slot 的数量 */
+  active = 0;
+  /** 等待队列 (FIFO) */
+  waiters = [];
+  // ── 统计指标 ──
+  /** 累计获取成功次数 */
+  acquiredCount = 0;
+  /** 累计拒绝次数 (队列溢出) */
+  rejectedCount = 0;
+  constructor(options) {
+    this.maxConcurrency = options.maxConcurrency;
+    this.maxWaiting = options.maxWaiting ?? 50;
+    log2.info("Semaphore initialized", {
+      maxConcurrency: this.maxConcurrency,
+      maxWaiting: this.maxWaiting
+    });
+  }
+  /**
+   * 获取一个并发 slot。
+   *
+   * - 有空闲 slot → 立即返回 'acquired'
+   * - 无空闲 slot 且等待队列未满 → 排队等待，返回 Promise<'acquired'>
+   * - 无空闲 slot 且等待队列已满 → 立即返回 'rejected'
+   */
+  async acquire() {
+    if (this.active < this.maxConcurrency) {
+      this.active++;
+      this.acquiredCount++;
+      return "acquired";
+    }
+    if (this.waiters.length >= this.maxWaiting) {
+      this.rejectedCount++;
+      log2.warn("semaphore:rejected", {
+        active: this.active,
+        waiting: this.waiters.length,
+        maxWaiting: this.maxWaiting
+      });
+      return "rejected";
+    }
+    return new Promise((resolve3) => {
+      this.waiters.push({ resolve: resolve3 });
+    });
+  }
+  /**
+   * 非阻塞尝试获取 slot。
+   * 有空闲 slot 返回 true，否则返回 false (不排队)。
+   */
+  tryAcquire() {
+    if (this.active < this.maxConcurrency) {
+      this.active++;
+      this.acquiredCount++;
+      return true;
+    }
+    return false;
+  }
+  /**
+   * 释放一个并发 slot。
+   * 如果等待队列非空，唤醒下一个 waiter。
+   */
+  release() {
+    if (this.active <= 0) {
+      log2.warn("semaphore:release called but no active slots");
+      return;
+    }
+    if (this.waiters.length > 0) {
+      const waiter = this.waiters.shift();
+      this.acquiredCount++;
+      waiter.resolve("acquired");
+      return;
+    }
+    this.active--;
+  }
+  /** 当前活跃 slot 数 */
+  get activeCount() {
+    return this.active;
+  }
+  /** 当前等待队列长度 */
+  get waitingCount() {
+    return this.waiters.length;
+  }
+  /** 累计获取成功次数 */
+  get totalAcquired() {
+    return this.acquiredCount;
+  }
+  /** 累计拒绝次数 */
+  get totalRejected() {
+    return this.rejectedCount;
+  }
+  /** 获取指标快照 */
+  getStats() {
+    return {
+      active: this.active,
+      waiting: this.waiters.length,
+      acquired: this.acquiredCount,
+      rejected: this.rejectedCount
+    };
+  }
+};
+
+// src/metrics.ts
+var log3 = createLogger("metrics");
+var HISTOGRAM_SAMPLE_SIZE = 1e3;
+var Metrics = class {
+  /** 计数器: name → count */
+  counters = /* @__PURE__ */ new Map();
+  /** 直方图: name → HistogramData */
+  histograms = /* @__PURE__ */ new Map();
+  /** 定期输出定时器 */
+  logTimer = null;
+  /** 是否已启动 */
+  started = false;
+  /** 递增计数器 */
+  increment(name, delta = 1) {
+    const current = this.counters.get(name) ?? 0;
+    this.counters.set(name, current + delta);
+  }
+  /** 记录延迟样本到直方图 */
+  recordLatency(name, durationMs) {
+    let hist = this.histograms.get(name);
+    if (!hist) {
+      hist = {
+        count: 0,
+        min: Infinity,
+        max: -Infinity,
+        sum: 0,
+        samples: new Array(HISTOGRAM_SAMPLE_SIZE),
+        writeIndex: 0,
+        sampleCount: 0
+      };
+      this.histograms.set(name, hist);
+    }
+    hist.count++;
+    hist.sum += durationMs;
+    hist.min = Math.min(hist.min, durationMs);
+    hist.max = Math.max(hist.max, durationMs);
+    hist.samples[hist.writeIndex] = durationMs;
+    hist.writeIndex = (hist.writeIndex + 1) % HISTOGRAM_SAMPLE_SIZE;
+    if (hist.sampleCount < HISTOGRAM_SAMPLE_SIZE) hist.sampleCount++;
+  }
+  /** 获取指标快照 */
+  snapshot() {
+    const counters = {};
+    for (const [name, count] of this.counters) {
+      counters[name] = count;
+    }
+    const histograms = {};
+    for (const [name, hist] of this.histograms) {
+      if (hist.count === 0) continue;
+      const validSamples = hist.sampleCount < HISTOGRAM_SAMPLE_SIZE ? hist.samples.slice(0, hist.sampleCount) : [...hist.samples];
+      const sorted = validSamples.sort((a, b) => a - b);
+      histograms[name] = {
+        count: hist.count,
+        min: hist.min === Infinity ? 0 : Math.round(hist.min),
+        max: hist.max === -Infinity ? 0 : Math.round(hist.max),
+        avg: Math.round(hist.sum / hist.count),
+        p50: percentile(sorted, 0.5),
+        p95: percentile(sorted, 0.95),
+        p99: percentile(sorted, 0.99)
+      };
+    }
+    return {
+      counters,
+      histograms,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+  }
+  /**
+   * 启动定期日志输出。
+   * @param intervalMs - 输出间隔 (ms)，默认 60000 (1 分钟)
+   */
+  startPeriodicLog(intervalMs = 6e4) {
+    if (this.started) return;
+    this.started = true;
+    this.logTimer = setInterval(() => {
+      const snap = this.snapshot();
+      if (Object.keys(snap.counters).length > 0 || Object.keys(snap.histograms).length > 0) {
+        log3.info("\u{1F4CA} metrics snapshot", snap);
+      }
+    }, intervalMs);
+    if (this.logTimer && typeof this.logTimer === "object" && "unref" in this.logTimer) {
+      this.logTimer.unref();
+    }
+    log3.info("Metrics periodic logging started", { intervalMs });
+  }
+  /** 停止定期日志输出 */
+  stop() {
+    if (this.logTimer) {
+      clearInterval(this.logTimer);
+      this.logTimer = null;
+    }
+    this.started = false;
+    log3.info("Metrics stopped");
+  }
+  /** 重置所有指标 (测试用) */
+  reset() {
+    this.counters.clear();
+    this.histograms.clear();
+  }
+};
+function percentile(sorted, p) {
+  if (sorted.length === 0) return 0;
+  const index = Math.ceil(sorted.length * p) - 1;
+  return Math.round(sorted[Math.max(0, index)]);
+}
+var metrics = new Metrics();
+
+// src/file/upload.ts
+var log4 = createLogger("file/upload");
+var uploadSemaphore = null;
+function initUploadSemaphore(maxConcurrency = 3) {
+  uploadSemaphore = new Semaphore({ maxConcurrency, maxWaiting: 20 });
+}
 function splitBuffer(buffer, chunkSize) {
   const chunks = [];
   for (let offset = 0; offset < buffer.length; offset += chunkSize) {
@@ -17814,11 +18045,19 @@ function splitBuffer(buffer, chunkSize) {
   }
   return chunks;
 }
+function sanitizeFileName(fileName) {
+  let sanitized = path.basename(fileName);
+  sanitized = sanitized.replace(/[^\p{L}\p{N}_.\- ()]/gu, "");
+  if (!sanitized) {
+    sanitized = `unnamed_${Date.now()}`;
+  }
+  return sanitized;
+}
 async function uploadChunk(client, url2, chunk, operationContext) {
   const response = await client.rawPut(url2, chunk, operationContext);
   const etag = response.headers.get("etag") || response.headers.get("ETag") || "";
   if (!etag) {
-    log2.warn("OSS PUT \u54CD\u5E94\u7F3A\u5C11 ETag header", { operationContext });
+    log4.warn("OSS PUT \u54CD\u5E94\u7F3A\u5C11 ETag header", { operationContext });
   }
   return { etag, size: chunk.length };
 }
@@ -17827,6 +18066,24 @@ function isPartExpired(part) {
   return Date.now() > expiresAt - 6e4;
 }
 async function uploadMedia(params) {
+  if (uploadSemaphore) {
+    const result = await uploadSemaphore.acquire();
+    if (result === "rejected") {
+      metrics.increment("upload.semaphore_rejected");
+      throw new FileServiceError({ message: "\u6587\u4EF6\u4E0A\u4F20\u961F\u5217\u5DF2\u6EE1\uFF0C\u8BF7\u7A0D\u540E\u91CD\u8BD5", code: 429 });
+    }
+  }
+  try {
+    return await uploadMediaInternal(params);
+  } finally {
+    if (uploadSemaphore) {
+      uploadSemaphore.release();
+    }
+    metrics.increment("upload.total");
+  }
+}
+async function uploadMediaInternal(params) {
+  const startMs = Date.now();
   const {
     file: file2,
     fileName,
@@ -17837,6 +18094,10 @@ async function uploadMedia(params) {
     chunkSizeMb = 5,
     timeoutMs
   } = params;
+  const safeFileName = sanitizeFileName(fileName);
+  if (safeFileName !== fileName) {
+    log4.warn("upload:fileName sanitized", { original: fileName, sanitized: safeFileName });
+  }
   let buffer;
   if (Buffer.isBuffer(file2)) {
     buffer = file2;
@@ -17846,19 +18107,19 @@ async function uploadMedia(params) {
   }
   const { createHash: createHash3 } = await import("crypto");
   const fileHash = createHash3("md5").update(buffer).digest("hex");
-  log2.debug("upload:fileHash", { fileName, fileHash });
+  log4.debug("upload:fileHash", { fileName: safeFileName, fileHash });
   const maxBytes = maxFileSizeMb * 1024 * 1024;
   if (buffer.length > maxBytes) {
     throw new FileServiceError({
       message: `\u6587\u4EF6\u5927\u5C0F ${(buffer.length / 1024 / 1024).toFixed(1)}MB \u8D85\u8FC7\u4E0A\u9650 ${maxFileSizeMb}MB`,
       code: -1,
-      operationContext: `uploadMedia(${fileName})`
+      operationContext: `uploadMedia(${safeFileName})`
     });
   }
   const client = createHttpClient({ baseUrl: serverUrl, tokenManager, timeoutMs });
-  log2.info("upload:init", { fileName, fileSize: buffer.length, mimeType });
+  log4.info("upload:init", { fileName: safeFileName, fileSize: buffer.length, mimeType });
   const initResult = await initUpload(client, {
-    fileName,
+    fileName: safeFileName,
     fileSize: buffer.length,
     mimeType,
     fileHash,
@@ -17866,8 +18127,8 @@ async function uploadMedia(params) {
     category: 1
   });
   if (initResult.deduplicatedHit && initResult.fileKey) {
-    log2.info("upload:dedup hit \u26A1", {
-      fileName,
+    log4.info("upload:dedup hit \u26A1", {
+      fileName: safeFileName,
       fileKey: initResult.fileKey,
       fileSize: initResult.fileSize
     });
@@ -17881,7 +18142,7 @@ async function uploadMedia(params) {
   const { uploadId } = initResult;
   let { parts } = initResult;
   const chunkSize = initResult.chunkSize;
-  log2.info("upload:init ok", { uploadId, totalChunks: initResult.totalChunks, chunkSize });
+  log4.info("upload:init ok", { uploadId, totalChunks: initResult.totalChunks, chunkSize });
   const chunks = splitBuffer(buffer, chunkSize);
   const completedParts = [];
   for (let i = 0; i < chunks.length; i++) {
@@ -17891,11 +18152,11 @@ async function uploadMedia(params) {
       throw new FileServiceError({
         message: `\u5206\u7247 ${partNumber} \u7684\u7B7E\u540D URL \u672A\u627E\u5230`,
         code: -1,
-        operationContext: `uploadMedia(${fileName}), chunk ${partNumber}/${chunks.length}`
+        operationContext: `uploadMedia(${safeFileName}), chunk ${partNumber}/${chunks.length}`
       });
     }
     if (isPartExpired(part)) {
-      log2.info("upload:refresh", { uploadId, partNumber });
+      log4.info("upload:refresh", { uploadId, partNumber });
       const remaining = Array.from(
         { length: chunks.length - i },
         (_, j) => partNumber + j
@@ -17906,19 +18167,19 @@ async function uploadMedia(params) {
         return refreshed || p;
       });
       part = parts.find((p) => p.partNumber === partNumber);
-      log2.info("upload:refresh ok", { uploadId, refreshedParts: refreshResult.parts.length });
+      log4.info("upload:refresh ok", { uploadId, refreshedParts: refreshResult.parts.length });
     }
-    const ctx = `uploadMedia(${fileName}), chunk ${partNumber}/${chunks.length}`;
+    const ctx = `uploadMedia(${safeFileName}), chunk ${partNumber}/${chunks.length}`;
     const { etag, size } = await uploadChunk(client, part.uploadUrl, chunks[i], ctx);
     completedParts.push({ partNumber, etag, size });
-    log2.debug("upload:chunk ok", { uploadId, partNumber, etag: etag.slice(0, 16) });
+    log4.debug("upload:chunk ok", { uploadId, partNumber, etag: etag.slice(0, 16) });
   }
-  log2.info("upload:complete", { uploadId, totalParts: completedParts.length });
+  log4.info("upload:complete", { uploadId, totalParts: completedParts.length });
   const result = await completeUpload(client, uploadId, {
     parts: completedParts,
     fileHash
   });
-  log2.info("upload:done", {
+  log4.info("upload:done", {
     uploadId,
     fileKey: result.fileKey,
     fileSize: result.fileSize
@@ -17927,7 +18188,7 @@ async function uploadMedia(params) {
 }
 
 // src/file/media.ts
-var log3 = createLogger("file/media");
+var log5 = createLogger("file/media");
 function validateLocalPath(filePath, allowedRoots) {
   if (!allowedRoots || allowedRoots.length === 0) {
     throw new FileServiceError({
@@ -17936,10 +18197,10 @@ function validateLocalPath(filePath, allowedRoots) {
       operationContext: `validateLocalPath(${filePath})`
     });
   }
-  const resolved = path.resolve(filePath);
+  const resolved = path2.resolve(filePath);
   const isAllowed = allowedRoots.some((root) => {
-    const resolvedRoot = path.resolve(root);
-    return resolved === resolvedRoot || resolved.startsWith(resolvedRoot + path.sep);
+    const resolvedRoot = path2.resolve(root);
+    return resolved === resolvedRoot || resolved.startsWith(resolvedRoot + path2.sep);
   });
   if (!isAllowed) {
     throw new FileServiceError({
@@ -17982,7 +18243,7 @@ var VIDEO_EXTS = /* @__PURE__ */ new Set([
   ".m4v"
 ]);
 function detectFileType(fileName) {
-  const ext = path.extname(fileName).toLowerCase();
+  const ext = path2.extname(fileName).toLowerCase();
   if (IMAGE_EXTS.has(ext)) return "image";
   if (AUDIO_EXTS.has(ext)) return "voice";
   if (VIDEO_EXTS.has(ext)) return "video";
@@ -18035,7 +18296,7 @@ var MIME_MAP = {
   ".gz": "application/gzip"
 };
 function inferMimeType(fileName) {
-  const ext = path.extname(fileName).toLowerCase();
+  const ext = path2.extname(fileName).toLowerCase();
   return MIME_MAP[ext] || "application/octet-stream";
 }
 function getImageDimensions(buffer) {
@@ -18114,13 +18375,13 @@ async function resolveAndUploadMedia(params) {
   } = params;
   try {
     let buffer;
-    let fileName = params.fileName || "unnamed_file";
+    let fileName = sanitizeFileName(params.fileName || "unnamed_file");
     if (mediaBuffer) {
       buffer = mediaBuffer;
-      log3.info("media:source=buffer", { fileName, size: buffer.length });
+      log5.info("media:source=buffer", { fileName, size: buffer.length });
     } else if (mediaUrl) {
       if (mediaUrl.startsWith("http://") || mediaUrl.startsWith("https://")) {
-        log3.info("media:source=remote", { url: mediaUrl.slice(0, 80) });
+        log5.info("media:source=remote", { url: mediaUrl.slice(0, 80) });
         const fetched = await sdkRuntime.channel.media.fetchRemoteMedia({
           url: mediaUrl,
           ssrfPolicy: { allowPrivateNetwork }
@@ -18131,11 +18392,11 @@ async function resolveAndUploadMedia(params) {
         }
       } else {
         const filePath = mediaUrl.startsWith("file://") ? mediaUrl.slice(7) : mediaUrl;
-        log3.info("media:source=local", { filePath });
+        log5.info("media:source=local", { filePath });
         validateLocalPath(filePath, allowedLocalRoots);
         buffer = await fs.readFile(filePath);
         if (!params.fileName) {
-          fileName = path.basename(filePath);
+          fileName = path2.basename(filePath);
         }
       }
     } else {
@@ -18147,13 +18408,13 @@ async function resolveAndUploadMedia(params) {
     }
     const fileType = detectFileType(fileName);
     const mimeType = inferMimeType(fileName);
-    const ext = path.extname(fileName).replace(".", "").toLowerCase();
+    const ext = path2.extname(fileName).replace(".", "").toLowerCase();
     let imageDimensions;
     if (fileType === "image") {
       imageDimensions = getImageDimensions(buffer);
-      log3.info("media:imageDimensions", { fileName, ...imageDimensions });
+      log5.info("media:imageDimensions", { fileName, ...imageDimensions });
     }
-    log3.info("media:fileType", { fileName, fileType, mimeType, ext });
+    log5.info("media:fileType", { fileName, fileType, mimeType, ext });
     const originalFileSize = buffer.length;
     let encryptionMeta;
     if (!params.skipEncrypt) {
@@ -18162,9 +18423,9 @@ async function resolveAndUploadMedia(params) {
         const result = await messagePipe.encryptFile(buffer);
         buffer = result.encryptedBuffer;
         encryptionMeta = { keyId: result.keyId, iv: result.iv };
-        log3.info("media:encrypted", { fileName, originalSize, encryptedSize: buffer.length });
+        log5.info("media:encrypted", { fileName, originalSize, encryptedSize: buffer.length });
       } catch (err) {
-        log3.error("media:encrypt failed", { fileName, error: err.message });
+        log5.error("media:encrypt failed", { fileName, error: err.message });
         throw err;
       }
     }
@@ -18181,7 +18442,7 @@ async function resolveAndUploadMedia(params) {
         timeoutMs
       });
     } catch (err) {
-      log3.warn("media:upload failed, \u964D\u7EA7\u5904\u7406", { error: err.message });
+      log5.warn("media:upload failed, \u964D\u7EA7\u5904\u7406", { error: err.message });
       return {
         channel: CHANNEL_ID,
         messageId: "",
@@ -18214,7 +18475,7 @@ async function resolveAndUploadMedia(params) {
       encryptionMeta
       // 文件加密的 keyId/iv → sendMessage 用于构建 extra
     });
-    log3.info("media:sent", {
+    log5.info("media:sent", {
       chatId,
       fileId: uploadResult.fileKey,
       msgType,
@@ -18237,17 +18498,134 @@ async function resolveAndUploadMedia(params) {
 function inferFileNameFromUrl(url2) {
   try {
     const pathname = new URL(url2).pathname;
-    const basename2 = path.basename(pathname);
-    return basename2 || "downloaded_file";
+    const basename3 = path2.basename(pathname);
+    return basename3 || "downloaded_file";
   } catch {
     return "downloaded_file";
   }
 }
 
+// src/utils/ttl-map.ts
+var log6 = createLogger("utils/ttl-map");
+var TTLMap = class {
+  store = /* @__PURE__ */ new Map();
+  maxSize;
+  ttlMs;
+  name;
+  sweepTimer = null;
+  evictedCount = 0;
+  expiredCount = 0;
+  constructor(options) {
+    this.maxSize = options.maxSize;
+    this.ttlMs = options.ttlMs;
+    this.name = options.name ?? "TTLMap";
+    const sweepMs = options.sweepIntervalMs ?? 6e4;
+    this.sweepTimer = setInterval(() => this.sweep(), sweepMs);
+    if (this.sweepTimer && typeof this.sweepTimer === "object" && "unref" in this.sweepTimer) {
+      this.sweepTimer.unref();
+    }
+  }
+  /** 设置键值对 */
+  set(key, value) {
+    if (this.store.has(key)) {
+      this.store.delete(key);
+    }
+    while (this.store.size >= this.maxSize) {
+      const firstKey = this.store.keys().next().value;
+      if (firstKey !== void 0) {
+        this.store.delete(firstKey);
+        this.evictedCount++;
+      } else {
+        break;
+      }
+    }
+    this.store.set(key, { value, createdAt: Date.now() });
+    return this;
+  }
+  /** 获取值 (懒清理: 过期的条目在访问时删除) */
+  get(key) {
+    const entry = this.store.get(key);
+    if (!entry) return void 0;
+    if (Date.now() - entry.createdAt > this.ttlMs) {
+      this.store.delete(key);
+      this.expiredCount++;
+      return void 0;
+    }
+    return entry.value;
+  }
+  /** 检查是否存在 (含过期检查) */
+  has(key) {
+    return this.get(key) !== void 0;
+  }
+  /** 删除条目 */
+  delete(key) {
+    return this.store.delete(key);
+  }
+  /** 当前有效条目数 */
+  get size() {
+    return this.store.size;
+  }
+  /** 清除所有条目 */
+  clear() {
+    this.store.clear();
+  }
+  /**
+   * 周期性扫描 — 从最旧的条目开始遍历，删除过期项。
+   * 利用 Map 的插入顺序特性：遇到第一个未过期的就停止。
+   */
+  sweep() {
+    const now = Date.now();
+    let swept = 0;
+    for (const [key, entry] of this.store) {
+      if (now - entry.createdAt > this.ttlMs) {
+        this.store.delete(key);
+        this.expiredCount++;
+        swept++;
+      } else {
+        break;
+      }
+    }
+    if (swept > 0) {
+      log6.debug(`${this.name}: swept ${swept} expired entries`, {
+        remaining: this.store.size,
+        totalEvicted: this.evictedCount,
+        totalExpired: this.expiredCount
+      });
+    }
+  }
+  /** 获取指标快照 */
+  getStats() {
+    return {
+      size: this.store.size,
+      evicted: this.evictedCount,
+      expired: this.expiredCount
+    };
+  }
+  /** 停止周期性清理 (销毁时调用) */
+  destroy() {
+    if (this.sweepTimer) {
+      clearInterval(this.sweepTimer);
+      this.sweepTimer = null;
+    }
+  }
+};
+
 // src/channel/outbound.ts
-var log4 = createLogger("channel/outbound");
-var messageEncryptionStatus = /* @__PURE__ */ new Map();
-var activeChatMessage = /* @__PURE__ */ new Map();
+var log7 = createLogger("channel/outbound");
+var messageEncryptionStatus = new TTLMap({
+  maxSize: 1e4,
+  ttlMs: 5 * 60 * 1e3,
+  // 5 分钟
+  sweepIntervalMs: 6e4,
+  // 每分钟清理
+  name: "messageEncryptionStatus"
+});
+var activeChatMessage = new TTLMap({
+  maxSize: 1e4,
+  ttlMs: 5 * 60 * 1e3,
+  sweepIntervalMs: 6e4,
+  name: "activeChatMessage"
+});
 function setInboundEncryptionStatus(chatId, messageId, isEncrypted) {
   messageEncryptionStatus.set(messageId, isEncrypted);
   activeChatMessage.set(chatId, messageId);
@@ -18258,6 +18636,10 @@ function clearInboundEncryptionStatus(chatId, messageId) {
     activeChatMessage.delete(chatId);
   }
 }
+function destroyEncryptionMaps() {
+  messageEncryptionStatus.destroy();
+  activeChatMessage.destroy();
+}
 function getOutboundEncryptionStatus(chatId) {
   const messageId = activeChatMessage.get(chatId);
   if (!messageId) return void 0;
@@ -18288,9 +18670,9 @@ var quantumImOutbound = {
   textChunkLimit: 1e4,
   /** 发送文本消息 — 通过 messagePipe 发送 */
   sendText: async ({ cfg, to, text, accountId }) => {
-    log4.info("sendText called", { to, textLength: text.length });
+    log7.info("sendText called", { to, textLength: text.length });
     if (!messagePipeGetter) {
-      log4.error("outbound:sendText failed, messagePipe not initialized");
+      log7.error("outbound:sendText failed, messagePipe not initialized");
       return { channel: CHANNEL_ID, messageId: "", chatId: to };
     }
     const messagePipe = messagePipeGetter();
@@ -18309,9 +18691,9 @@ var quantumImOutbound = {
   },
   /** 发送媒体消息 — SDK fetchRemoteMedia + 三步上传 + 发送 */
   sendMedia: async ({ cfg, to, text, mediaUrl, mediaLocalRoots, accountId }) => {
-    log4.info("sendMedia called", { to, mediaUrl });
+    log7.info("sendMedia called", { to, mediaUrl });
     if (!messagePipeGetter || !sdkRuntimeGetter || !tokenManagerGetter || !pluginConfigGetter) {
-      log4.error("outbound:sendMedia failed, dependencies not initialized");
+      log7.error("outbound:sendMedia failed, dependencies not initialized");
       return { channel: CHANNEL_ID, messageId: "", chatId: to };
     }
     const messagePipe = messagePipeGetter();
@@ -18336,14 +18718,14 @@ var quantumImOutbound = {
       skipEncrypt
     });
     if (result.warning) {
-      log4.warn("sendMedia:degraded", { chatId, warning: result.warning });
+      log7.warn("sendMedia:degraded", { chatId, warning: result.warning });
     }
     return { channel: CHANNEL_ID, messageId: result.messageId, chatId };
   }
 };
 
 // src/message-handler/parser.ts
-var log5 = createLogger("message-handler/parser");
+var log8 = createLogger("message-handler/parser");
 function safeParse3(raw) {
   try {
     const parsed = JSON.parse(raw);
@@ -18424,34 +18806,34 @@ ${body}` : body || raw.content;
 }
 
 // src/channel/gate.ts
-var log6 = createLogger("channel/gate");
+var log9 = createLogger("channel/gate");
 var DEFAULT_MESSAGE_EXPIRY_MS = 30 * 60 * 1e3;
 function checkMessageGate(msg, config2) {
   if (msg.senderId === config2.botUserId) {
-    log6.info("Gate: anti-loop, discarding self message", { messageId: msg.messageId });
+    log9.info("Gate: anti-loop, discarding self message", { messageId: msg.messageId });
     return { pass: false, reason: "anti-loop: message from self" };
   }
   const expiryMs = config2.messageExpiryMs ?? DEFAULT_MESSAGE_EXPIRY_MS;
   const age = Date.now() - msg.timestamp;
   if (age > expiryMs) {
-    log6.info("Gate: message expired", { messageId: msg.messageId, ageMs: age });
+    log9.info("Gate: message expired", { messageId: msg.messageId, ageMs: age });
     return { pass: false, reason: `message expired: age=${age}ms > ${expiryMs}ms` };
   }
   if (config2.allowFrom && config2.allowFrom.length > 0) {
     if (!config2.allowFrom.includes(msg.senderId)) {
-      log6.info("Gate: sender not in allowlist", { messageId: msg.messageId, senderId: msg.senderId });
+      log9.info("Gate: sender not in allowlist", { messageId: msg.messageId, senderId: msg.senderId });
       return { pass: false, reason: "sender not in allowlist" };
     }
   }
   if (msg.msgType === "system") {
-    log6.info("Gate: skipping system message", { messageId: msg.messageId });
+    log9.info("Gate: skipping system message", { messageId: msg.messageId });
     return { pass: false, reason: "system message skipped" };
   }
   return { pass: true };
 }
 
 // src/message-handler/abort-detect.ts
-var log7 = createLogger("message-handler/abort-detect");
+var log10 = createLogger("message-handler/abort-detect");
 var DEFAULT_ABORT_TRIGGERS = [
   "\u505C\u6B62",
   "\u53D6\u6D88",
@@ -18470,7 +18852,7 @@ function detectAbort(content, triggers) {
 }
 
 // src/file/download.ts
-var log8 = createLogger("file/download");
+var log11 = createLogger("file/download");
 function inferResourceType(mimeType) {
   if (mimeType.startsWith("image/")) return "image";
   if (mimeType.startsWith("audio/")) return "voice";
@@ -18488,7 +18870,7 @@ async function resolveMedia(params) {
     timeoutMs
   } = params;
   const client = createHttpClient({ baseUrl: serverUrl, tokenManager, timeoutMs });
-  log8.info("download:getUrl", { fileId });
+  log11.info("download:getUrl", { fileId });
   const downloadInfo = await getDownloadUrl(client, fileId);
   if (downloadInfo.fileSize > maxBytes) {
     throw new FileServiceError({
@@ -18497,7 +18879,7 @@ async function resolveMedia(params) {
       operationContext: `resolveMedia(${fileId})`
     });
   }
-  log8.info("download:fetch", { fileId, fileUrl: downloadInfo.fileUrl.slice(0, 80) });
+  log11.info("download:fetch", { fileId, fileUrl: downloadInfo.fileUrl.slice(0, 80) });
   const fetched = await sdkRuntime.channel.media.fetchRemoteMedia({
     url: downloadInfo.fileUrl,
     ssrfPolicy: { allowPrivateNetwork }
@@ -18511,7 +18893,7 @@ async function resolveMedia(params) {
     downloadInfo.fileName
   );
   const resourceType = inferResourceType(saved.contentType || contentType);
-  log8.info("download:done", {
+  log11.info("download:done", {
     fileId,
     localPath: saved.path,
     contentType: saved.contentType,
@@ -18528,7 +18910,7 @@ async function resolveMedia(params) {
 }
 
 // src/message-handler/content-resolver.ts
-var log9 = createLogger("message-handler/content-resolver");
+var log12 = createLogger("message-handler/content-resolver");
 async function resolveContent(context, deps) {
   if (!context.fileId) {
     return {
@@ -18537,7 +18919,7 @@ async function resolveContent(context, deps) {
     };
   }
   try {
-    log9.info("resolveContent:downloading", {
+    log12.info("resolveContent:downloading", {
       fileId: context.fileId,
       fileName: context.fileName
     });
@@ -18550,7 +18932,7 @@ async function resolveContent(context, deps) {
       allowPrivateNetwork: deps.allowPrivateNetwork,
       timeoutMs: deps.timeoutMs
     });
-    log9.info("resolveContent:downloaded", {
+    log12.info("resolveContent:downloaded", {
       fileId: context.fileId,
       localPath: resolved.localPath,
       resourceType: resolved.resourceType
@@ -18562,7 +18944,7 @@ async function resolveContent(context, deps) {
       mediaResourceType: resolved.resourceType
     };
   } catch (err) {
-    log9.warn("resolveContent:download failed", {
+    log12.warn("resolveContent:download failed", {
       fileId: context.fileId,
       error: err.message
     });
@@ -18574,7 +18956,7 @@ async function resolveContent(context, deps) {
 }
 
 // src/message-handler/envelope-builder.ts
-var log10 = createLogger("message-handler/envelope-builder");
+var log13 = createLogger("message-handler/envelope-builder");
 function buildInboundPayload(msg, resolvedContent, config2) {
   const text = resolvedContent.text;
   const payload = {
@@ -18610,7 +18992,7 @@ function buildInboundPayload(msg, resolvedContent, config2) {
   if (resolvedContent.mediaLocalPath) {
     payload.MediaPath = resolvedContent.mediaLocalPath;
   }
-  log10.debug("envelope:built", {
+  log13.debug("envelope:built", {
     messageId: msg.messageId,
     chatId: msg.chatId,
     sessionKey: msg.chatId
@@ -18619,7 +19001,7 @@ function buildInboundPayload(msg, resolvedContent, config2) {
 }
 
 // src/reply-dispatcher/dispatcher.ts
-var log11 = createLogger("reply-dispatcher/dispatcher");
+var log14 = createLogger("reply-dispatcher/dispatcher");
 function createQuantumImDeliverFn(deps) {
   const {
     messagePipe,
@@ -18657,7 +19039,7 @@ function createQuantumImDeliverFn(deps) {
         replyToMessageId,
         skipEncrypt: shouldSkipEncrypt
       });
-      log11.info("\u{1F4E4} AI \u6587\u672C\u56DE\u590D\u5DF2\u53D1\u9001", {
+      log14.info("\u{1F4E4} AI \u6587\u672C\u56DE\u590D\u5DF2\u53D1\u9001", {
         chatId,
         \u957F\u5EA6: payload.text.length,
         \u56DE\u590D\u9884\u89C8: payload.text.slice(0, 200)
@@ -18681,12 +19063,12 @@ function createQuantumImDeliverFn(deps) {
             skipEncrypt: shouldSkipEncrypt
           });
           if (result.warning) {
-            log11.warn("\u{1F4E4} \u5A92\u4F53\u53D1\u9001\u964D\u7EA7", { chatId, mediaUrl, warning: result.warning });
+            log14.warn("\u{1F4E4} \u5A92\u4F53\u53D1\u9001\u964D\u7EA7", { chatId, mediaUrl, warning: result.warning });
           } else {
-            log11.info("\u{1F4E4} \u5A92\u4F53\u6D88\u606F\u5DF2\u53D1\u9001", { chatId, mediaUrl });
+            log14.info("\u{1F4E4} \u5A92\u4F53\u6D88\u606F\u5DF2\u53D1\u9001", { chatId, mediaUrl });
           }
         } catch (err) {
-          log11.error("\u{1F4E4} \u5A92\u4F53\u53D1\u9001\u5931\u8D25\uFF0C\u964D\u7EA7\u4E3A\u6587\u672C\u94FE\u63A5", {
+          log14.error("\u{1F4E4} \u5A92\u4F53\u53D1\u9001\u5931\u8D25\uFF0C\u964D\u7EA7\u4E3A\u6587\u672C\u94FE\u63A5", {
             chatId,
             mediaUrl,
             error: err.message
@@ -18719,21 +19101,32 @@ function getPluginRuntime() {
 }
 
 // src/message-handler/handler.ts
-var log12 = createLogger("message-handler/handler");
+var log15 = createLogger("message-handler/handler");
 var InboundPipeline = class {
   deps;
   constructor(deps) {
     this.deps = deps;
-    log12.info("InboundPipeline initialized");
+    log15.info("InboundPipeline initialized");
   }
-  /** 处理单条入站消息 — 执行完整的处理流水线 */
+  /** 处理单条入站消息 — 获取 Semaphore slot 后执行完整的处理流水线 */
   async handle(msg) {
     const startMs = Date.now();
+    const semaphore = this.deps.messagePipe.semaphore;
+    const acquireResult = await semaphore.acquire();
+    if (acquireResult === "rejected") {
+      metrics.increment("inbound.semaphore_rejected");
+      log15.warn("\u{1F6AB} \u6D88\u606F\u88AB\u62D2\u7EDD (Semaphore \u6EA2\u51FA)", {
+        messageId: msg.messageId,
+        active: semaphore.activeCount,
+        waiting: semaphore.waitingCount
+      });
+      return;
+    }
     try {
       const context = parseMessage(msg);
       const gateResult = checkMessageGate(msg, this.deps.gateConfig);
       if (!gateResult.pass) {
-        log12.info("\u{1F6AB} \u6D88\u606F\u88AB\u62E6\u622A (gate)", {
+        log15.info("\u{1F6AB} \u6D88\u606F\u88AB\u62E6\u622A (gate)", {
           messageId: msg.messageId,
           reason: gateResult.reason
         });
@@ -18741,7 +19134,7 @@ var InboundPipeline = class {
       }
       setInboundEncryptionStatus(msg.chatId, msg.messageId, msg.isEncrypted ?? false);
       if (detectAbort(context.text)) {
-        log12.info("\u26D4 \u68C0\u6D4B\u5230\u4E2D\u6B62\u6307\u4EE4", {
+        log15.info("\u26D4 \u68C0\u6D4B\u5230\u4E2D\u6B62\u6307\u4EE4", {
           messageId: msg.messageId,
           chatId: msg.chatId
         });
@@ -18750,7 +19143,7 @@ var InboundPipeline = class {
       const core = getPluginRuntime();
       const isCommand = core.channel.commands?.isControlCommandMessage?.(context.text, this.deps.sdkConfig);
       if (isCommand) {
-        log12.info("\u{1F527} \u68C0\u6D4B\u5230\u7CFB\u7EDF\u547D\u4EE4", {
+        log15.info("\u{1F527} \u68C0\u6D4B\u5230\u7CFB\u7EDF\u547D\u4EE4", {
           messageId: msg.messageId,
           command: context.text.trim()
         });
@@ -18762,7 +19155,7 @@ var InboundPipeline = class {
           cfg: this.deps.sdkConfig,
           dispatcherOptions: {
             deliver: async (payload2) => {
-              log12.debug("\u{1F527} \u547D\u4EE4 deliver \u56DE\u8C03\u6536\u5230", {
+              log15.debug("\u{1F527} \u547D\u4EE4 deliver \u56DE\u8C03\u6536\u5230", {
                 messageId: msg.messageId,
                 hasText: Boolean(payload2.text),
                 textLength: payload2.text?.length ?? 0,
@@ -18780,14 +19173,14 @@ var InboundPipeline = class {
               });
             },
             onError: (err) => {
-              log12.error("\u274C \u547D\u4EE4\u56DE\u590D\u53D1\u9001\u5931\u8D25", { error: String(err) });
+              log15.error("\u274C \u547D\u4EE4\u56DE\u590D\u53D1\u9001\u5931\u8D25", { error: String(err) });
             }
           },
           replyOptions: {}
         });
         clearInboundEncryptionStatus(msg.chatId, msg.messageId);
         const durationMs2 = Date.now() - startMs;
-        log12.info("\u2705 \u7CFB\u7EDF\u547D\u4EE4\u5904\u7406\u5B8C\u6210", {
+        log15.info("\u2705 \u7CFB\u7EDF\u547D\u4EE4\u5904\u7406\u5B8C\u6210", {
           messageId: msg.messageId,
           command: context.text.trim(),
           \u8017\u65F6ms: durationMs2
@@ -18802,7 +19195,7 @@ var InboundPipeline = class {
         content: JSON.stringify({ content: "\u4EFB\u52A1\u5DF2\u6536\u5230\u{1F44C}\uFF0C\u6B63\u5728\u5904\u7406\u4E2D..." }),
         skipEncrypt: feedbackSkipEncrypt
       }).catch((err) => {
-        log12.warn("\u26A0\uFE0F \u5373\u65F6\u53CD\u9988\u53D1\u9001\u5931\u8D25", { error: err.message });
+        log15.warn("\u26A0\uFE0F \u5373\u65F6\u53CD\u9988\u53D1\u9001\u5931\u8D25", { error: err.message });
       });
       const resolvedContent = await resolveContent(context, {
         tokenManager: this.deps.tokenManager,
@@ -18834,7 +19227,7 @@ var InboundPipeline = class {
         deliver
         // TODO: 可选 typingCallbacks (打字指示器)
       });
-      log12.info("\u{1F4E5} \u6536\u5230\u6D88\u606F \u2192 \u53D1\u7ED9 AI", {
+      log15.info("\u{1F4E5} \u6536\u5230\u6D88\u606F \u2192 \u53D1\u7ED9 AI", {
         messageId: msg.messageId,
         chatId: msg.chatId,
         \u5185\u5BB9\u9884\u89C8: String(payload.Body ?? "").slice(0, 200)
@@ -18849,7 +19242,7 @@ var InboundPipeline = class {
         await dispatcher.waitForIdle();
       }
       const durationMs = Date.now() - startMs;
-      log12.info("\u2705 \u6D88\u606F\u5904\u7406\u5B8C\u6210", {
+      log15.info("\u2705 \u6D88\u606F\u5904\u7406\u5B8C\u6210", {
         messageId: msg.messageId,
         chatId: msg.chatId,
         \u56DE\u590D\u6570: counts?.final ?? 0,
@@ -18858,7 +19251,7 @@ var InboundPipeline = class {
       clearInboundEncryptionStatus(msg.chatId, msg.messageId);
     } catch (err) {
       const durationMs = Date.now() - startMs;
-      log12.error("\u274C \u6D88\u606F\u5904\u7406\u5931\u8D25", {
+      log15.error("\u274C \u6D88\u606F\u5904\u7406\u5931\u8D25", {
         messageId: msg.messageId,
         chatId: msg.chatId,
         step: "handle",
@@ -18867,6 +19260,10 @@ var InboundPipeline = class {
         durationMs
       });
       clearInboundEncryptionStatus(msg.chatId, msg.messageId);
+    } finally {
+      semaphore.release();
+      metrics.increment("inbound.total");
+      metrics.recordLatency("inbound.latency", Date.now() - startMs);
     }
   }
 };
@@ -19100,7 +19497,7 @@ var quantumImOnboarding = {
 };
 
 // src/channel/plugin.ts
-var log13 = createLogger("channel/plugin");
+var log16 = createLogger("channel/plugin");
 var meta3 = {
   id: CHANNEL_ID,
   label: "QuantumIM",
@@ -19268,7 +19665,7 @@ var quantumImPlugin = {
   gateway: {
     /** 启动账户 — 初始化所有模块并开始接收消息 */
     startAccount: async (ctx) => {
-      log13.info(`starting liangzimixin[${ctx.accountId}]`);
+      log16.info(`starting liangzimixin[${ctx.accountId}]`);
       try {
         const resolved = resolveAccount(ctx.cfg, ctx.accountId);
         if (!resolved.credentials) {
@@ -19298,16 +19695,16 @@ var quantumImPlugin = {
         setSdkRuntimeGetter(() => getPluginRuntime());
         setTokenManagerGetter(() => instance.tokenManager);
         setPluginConfigGetter(() => instance.config);
-        log13.info(`liangzimixin[${ctx.accountId}] started \u2713`);
+        log16.info(`liangzimixin[${ctx.accountId}] started \u2713`);
         await new Promise((resolve3) => {
           if (ctx.abortSignal?.aborted) {
             resolve3();
             return;
           }
           const onAbort = () => {
-            log13.info(`liangzimixin[${ctx.accountId}] received abort signal, shutting down`);
+            log16.info(`liangzimixin[${ctx.accountId}] received abort signal, shutting down`);
             ctx.abortSignal?.removeEventListener("abort", onAbort);
-            instance.shutdown().catch((err) => log13.error("Shutdown error", { error: err.message })).finally(() => {
+            instance.shutdown().catch((err) => log16.error("Shutdown error", { error: err.message })).finally(() => {
               activeInstance = null;
               resolve3();
             });
@@ -19315,7 +19712,7 @@ var quantumImPlugin = {
           ctx.abortSignal?.addEventListener("abort", onAbort);
         });
       } catch (err) {
-        log13.error(`liangzimixin[${ctx.accountId}] start failed`, {
+        log16.error(`liangzimixin[${ctx.accountId}] start failed`, {
           error: err.message
         });
         throw err;
@@ -19323,12 +19720,12 @@ var quantumImPlugin = {
     },
     /** 停止账户 — 优雅关闭所有模块 */
     stopAccount: async (ctx) => {
-      log13.info(`stopping liangzimixin[${ctx.accountId}]`);
+      log16.info(`stopping liangzimixin[${ctx.accountId}]`);
       if (activeInstance) {
         await activeInstance.shutdown();
         activeInstance = null;
       }
-      log13.info(`stopped liangzimixin[${ctx.accountId}]`);
+      log16.info(`stopped liangzimixin[${ctx.accountId}]`);
     }
   }
 };
@@ -19336,7 +19733,7 @@ var quantumImPlugin = {
 // src/crypto/quantum-plug.ts
 var import_node_fs = require("fs");
 var import_node_path = require("path");
-var log14 = createLogger("crypto/quantum-plug");
+var log17 = createLogger("crypto/quantum-plug");
 var KMS_URLS = {
   test: "http://223.244.14.238:8552",
   staging: "http://223.244.14.238:8552",
@@ -19350,7 +19747,7 @@ function writeQuantumConfig(config2) {
   const configPath = (0, import_node_path.join)(sdkDir, "quantum.json");
   (0, import_node_fs.mkdirSync)(sdkDir, { recursive: true });
   (0, import_node_fs.writeFileSync)(configPath, JSON.stringify(config2, null, 2), "utf-8");
-  log14.info("quantum.json written", { path: configPath });
+  log17.info("quantum.json written", { path: configPath });
 }
 function createQuantumPlug() {
   let sdk = null;
@@ -19359,11 +19756,11 @@ function createQuantumPlug() {
     try {
       const sdkPath = (0, import_node_path.resolve)(__dirname, "quantum-sdk", "index.cjs");
       sdk = require(sdkPath);
-      log14.info("Quantum SDK loaded \u2713");
+      log17.info("Quantum SDK loaded \u2713");
       return sdk;
     } catch (err) {
       const msg = err instanceof Error ? err.message : String(err);
-      log14.error("Failed to load quantum SDK", { error: msg });
+      log17.error("Failed to load quantum SDK", { error: msg });
       throw new Error(`Quantum SDK load failed: ${msg}`);
     }
   }
@@ -19371,7 +19768,7 @@ function createQuantumPlug() {
     async init() {
       const s = loadSdk();
       await s.init();
-      log14.info("Quantum SDK initialized \u2713");
+      log17.info("Quantum SDK initialized \u2713");
     },
     async encrypt(plaintext, iv, mode) {
       const s = loadSdk();
@@ -19406,12 +19803,31 @@ function getKmsUrl(env) {
 
 // src/crypto/crypto-engine.ts
 var import_node_crypto = require("crypto");
-var log15 = createLogger("crypto/crypto-engine");
+var log18 = createLogger("crypto/crypto-engine");
 var SM4_MODE = 4;
 var PASSTHROUGH_KEY_ID = "passthrough";
 var IV_LENGTH = 8;
 var FILE_CHUNK_SIZE = 10 * 1024 * 1024;
 var FILE_DECRYPT_CHUNK_SIZE = FILE_CHUNK_SIZE + 16;
+var DEFAULT_OPERATION_TIMEOUT_MS = 1e4;
+var CryptoTimeoutError = class extends Error {
+  constructor(operation, timeoutMs) {
+    super(`Crypto ${operation} timed out after ${timeoutMs}ms`);
+    this.name = "CryptoTimeoutError";
+  }
+};
+function withTimeout(promise2, timeoutMs, operation) {
+  let timer;
+  const timeoutPromise = new Promise((_, reject) => {
+    timer = setTimeout(() => {
+      reject(new CryptoTimeoutError(operation, timeoutMs));
+    }, timeoutMs);
+    if (typeof timer === "object" && "unref" in timer) timer.unref();
+  });
+  return Promise.race([promise2, timeoutPromise]).finally(() => {
+    clearTimeout(timer);
+  });
+}
 function generateIv() {
   try {
     return (0, import_node_crypto.randomBytes)(IV_LENGTH).toString("hex");
@@ -19433,18 +19849,21 @@ var CryptoEngine = class _CryptoEngine {
   credentials;
   /** 部署环境 */
   env;
+  /** 加密/解密操作超时 (ms) */
+  operationTimeoutMs;
   /**
    * 构造加密引擎 (加密模式)
    *
    * @param credentials - 量子 SDK 所需的凭据
    * @param env - 部署环境 ('test' | 'staging' | 'production')
    */
-  constructor(credentials, env = "production") {
+  constructor(credentials, env = "production", operationTimeoutMs) {
     this.plug = quantum_plug_default;
     this.passthrough = false;
     this.credentials = credentials;
     this.env = env;
-    log15.info("CryptoEngine created (quantum SDK mode)");
+    this.operationTimeoutMs = operationTimeoutMs ?? DEFAULT_OPERATION_TIMEOUT_MS;
+    log18.info("CryptoEngine created (quantum SDK mode)", { operationTimeoutMs: this.operationTimeoutMs });
   }
   /**
    * 创建透传模式的加密引擎 (静态工厂方法)
@@ -19464,7 +19883,8 @@ var CryptoEngine = class _CryptoEngine {
     instance.initialized = true;
     instance.credentials = null;
     instance.env = "production";
-    log15.info("CryptoEngine created (passthrough mode \u2014 crypto disabled)");
+    instance.operationTimeoutMs = DEFAULT_OPERATION_TIMEOUT_MS;
+    log18.info("CryptoEngine created (passthrough mode \u2014 crypto disabled)");
     return instance;
   }
   /**
@@ -19494,7 +19914,7 @@ var CryptoEngine = class _CryptoEngine {
     }
     await this.plug.init();
     this.initialized = true;
-    log15.info("CryptoEngine initialized \u2713");
+    log18.info("CryptoEngine initialized \u2713");
   }
   /**
    * 加密明文
@@ -19508,12 +19928,18 @@ var CryptoEngine = class _CryptoEngine {
   async encrypt(plaintext) {
     this.ensureInitialized();
     if (this.passthrough) {
-      log15.debug("Encrypt (passthrough)", { length: plaintext.length });
+      log18.debug("Encrypt (passthrough)", { length: plaintext.length });
       return { ciphertext: plaintext, keyId: PASSTHROUGH_KEY_ID, iv: "" };
     }
     const iv = generateIv();
-    const result = await this.plug.encrypt(plaintext, iv, SM4_MODE);
-    log15.debug("Encrypted", { length: plaintext.length, keyId: result.keyId });
+    const startMs = Date.now();
+    const result = await withTimeout(
+      this.plug.encrypt(plaintext, iv, SM4_MODE),
+      this.operationTimeoutMs,
+      "encrypt"
+    );
+    metrics.recordLatency("crypto.encrypt", Date.now() - startMs);
+    log18.debug("Encrypted", { length: plaintext.length, keyId: result.keyId });
     return { ...result, iv };
   }
   /**
@@ -19530,11 +19956,17 @@ var CryptoEngine = class _CryptoEngine {
   async decrypt(ciphertext, keyId, iv = "") {
     this.ensureInitialized();
     if (this.passthrough) {
-      log15.debug("Decrypt (passthrough)", { keyId });
+      log18.debug("Decrypt (passthrough)", { keyId });
       return ciphertext;
     }
-    const result = await this.plug.decrypt(ciphertext, keyId, iv, SM4_MODE);
-    log15.debug("Decrypted", { keyId });
+    const startMs = Date.now();
+    const result = await withTimeout(
+      this.plug.decrypt(ciphertext, keyId, iv, SM4_MODE),
+      this.operationTimeoutMs,
+      "decrypt"
+    );
+    metrics.recordLatency("crypto.decrypt", Date.now() - startMs);
+    log18.debug("Decrypted", { keyId });
     return result.plaintext;
   }
   /**
@@ -19614,7 +20046,7 @@ var CryptoEngine = class _CryptoEngine {
 };
 
 // src/auth/oauth-client.ts
-var log16 = createLogger("auth/oauth-client");
+var log19 = createLogger("auth/oauth-client");
 var ApiError = class extends Error {
   constructor(status, body, endpoint) {
     super(`API error: ${status} on ${endpoint}`);
@@ -19648,14 +20080,14 @@ var OAuthClient = class {
     this.baseUrl = config2.baseUrl.replace(/\/+$/, "");
     this.appId = config2.appId;
     this.appSecret = config2.appSecret;
-    log16.info("OAuthClient initialized", { baseUrl: this.baseUrl, appId: sanitize(this.appId) });
+    log19.info("OAuthClient initialized", { baseUrl: this.baseUrl, appId: sanitize(this.appId) });
   }
   // ── 通用 HTTP 请求 ──
   /**
    * 统一 HTTP 请求封装 — 含超时、日志脱敏和错误处理
    */
-  async request(method, path2, options = {}) {
-    const url2 = `${this.baseUrl}${path2}`;
+  async request(method, path3, options = {}) {
+    const url2 = `${this.baseUrl}${path3}`;
     const timeout = options.timeoutMs ?? DEFAULT_TIMEOUT_MS;
     const headers = { ...options.headers };
     let bodyStr;
@@ -19668,7 +20100,7 @@ var OAuthClient = class {
         bodyStr = JSON.stringify(options.body);
       }
     }
-    log16.debug("HTTP request", { method, url: url2 });
+    log19.debug("HTTP request", { method, url: url2 });
     const response = await fetch(url2, {
       method,
       headers,
@@ -19677,20 +20109,14 @@ var OAuthClient = class {
     });
     const responseBody = await response.text();
     if (!response.ok) {
-      let parsedBody;
-      try {
-        parsedBody = JSON.parse(responseBody);
-      } catch {
-        parsedBody = responseBody;
-      }
-      log16.error("HTTP error", { method, url: url2, status: response.status });
-      throw new ApiError(response.status, parsedBody, path2);
+      log19.error("HTTP error", { method, url: url2, status: response.status });
+      throw new ApiError(response.status, void 0, path3);
     }
-    log16.debug("HTTP response", { method, url: url2, status: response.status });
+    log19.debug("HTTP response", { method, url: url2, status: response.status });
     try {
       return JSON.parse(responseBody);
     } catch {
-      throw new ApiError(response.status, responseBody, path2);
+      throw new ApiError(response.status, responseBody, path3);
     }
   }
   // ── 公共方法 ──
@@ -19712,7 +20138,7 @@ var OAuthClient = class {
     params.set("client_id", this.appId);
     params.set("client_secret", this.appSecret);
     params.set("scope", SCOPE);
-    log16.info("Requesting access token", { appId: sanitize(this.appId) });
+    log19.info("Requesting access token", { appId: sanitize(this.appId) });
     const response = await this.request(
       "POST",
       "/auth/token",
@@ -19729,7 +20155,7 @@ var OAuthClient = class {
       grantedAt: now,
       expiresAt: now + expiresIn * 1e3
     };
-    log16.info("Access token acquired", {
+    log19.info("Access token acquired", {
       accessToken: sanitize(tokenData.accessToken),
       expiresIn: tokenData.expiresIn,
       scope: tokenData.scope
@@ -19747,7 +20173,7 @@ var import_promises = require("fs/promises");
 var import_node_fs2 = require("fs");
 var import_node_path2 = require("path");
 var import_node_crypto2 = require("crypto");
-var log17 = createLogger("auth/token-store");
+var log20 = createLogger("auth/token-store");
 var TokenStore = class {
   /** 存储目录路径 */
   storageDir;
@@ -19762,7 +20188,7 @@ var TokenStore = class {
   constructor(storageDir, crypto) {
     this.storageDir = storageDir;
     this.crypto = crypto;
-    log17.info("TokenStore initialized", { storageDir });
+    log20.info("TokenStore initialized", { storageDir });
   }
   /**
    * 确保存储目录存在并设置正确的权限。
@@ -19772,7 +20198,7 @@ var TokenStore = class {
     if (this.dirEnsured) return;
     if (!(0, import_node_fs2.existsSync)(this.storageDir)) {
       await (0, import_promises.mkdir)(this.storageDir, { recursive: true, mode: 448 });
-      log17.debug("Storage directory created", { dir: this.storageDir });
+      log20.debug("Storage directory created", { dir: this.storageDir });
     }
     this.dirEnsured = true;
   }
@@ -19799,7 +20225,8 @@ var TokenStore = class {
     await this.ensureDir();
     const json2 = JSON.stringify(data);
     const { ciphertext, keyId, iv } = await this.crypto.encrypt(json2);
-    const storage = { ciphertext, keyId, iv };
+    const hmac = (0, import_node_crypto2.createHmac)("sha256", keyId).update(ciphertext).digest("hex");
+    const storage = { ciphertext, keyId, iv, hmac };
     const storageJson = JSON.stringify(storage);
     const targetPath = this.filePath(key);
     const tmpSuffix = (0, import_node_crypto2.randomBytes)(4).toString("hex");
@@ -19807,7 +20234,7 @@ var TokenStore = class {
     try {
       await (0, import_promises.writeFile)(tmpPath, storageJson, { mode: 384 });
       await (0, import_promises.rename)(tmpPath, targetPath);
-      log17.debug("Token saved", { key, path: targetPath });
+      log20.debug("Token saved", { key, path: targetPath });
     } catch (err) {
       try {
         await (0, import_promises.unlink)(tmpPath);
@@ -19830,18 +20257,33 @@ var TokenStore = class {
   async load(key) {
     const filePath = this.filePath(key);
     if (!(0, import_node_fs2.existsSync)(filePath)) {
-      log17.debug("Token file not found", { key, path: filePath });
+      log20.debug("Token file not found", { key, path: filePath });
       return null;
     }
     try {
       const raw = await (0, import_promises.readFile)(filePath, "utf-8");
       const storage = JSON.parse(raw);
+      if (storage.hmac) {
+        const expectedHmac = (0, import_node_crypto2.createHmac)("sha256", storage.keyId).update(storage.ciphertext).digest("hex");
+        if (expectedHmac !== storage.hmac) {
+          log20.warn("SECURITY_AUDIT: token file integrity check failed", {
+            key,
+            path: filePath
+          });
+          return null;
+        }
+      } else {
+        log20.debug("Token file missing HMAC (legacy format), skipping integrity check", {
+          key,
+          path: filePath
+        });
+      }
       const json2 = await this.crypto.decrypt(storage.ciphertext, storage.keyId, storage.iv ?? "");
       const data = JSON.parse(json2);
-      log17.debug("Token loaded", { key, path: filePath });
+      log20.debug("Token loaded", { key, path: filePath });
       return data;
     } catch (err) {
-      log17.warn("Failed to load token (corrupted or key mismatch), treating as empty", {
+      log20.warn("Failed to load token (corrupted or key mismatch), treating as empty", {
         key,
         error: err instanceof Error ? err.message : String(err)
       });
@@ -19857,7 +20299,7 @@ var TokenStore = class {
     const filePath = this.filePath(key);
     try {
       await (0, import_promises.unlink)(filePath);
-      log17.debug("Token file cleared", { key, path: filePath });
+      log20.debug("Token file cleared", { key, path: filePath });
     } catch (err) {
       if (err.code !== "ENOENT") {
         throw err;
@@ -19867,7 +20309,7 @@ var TokenStore = class {
 };
 
 // src/auth/token-manager.ts
-var log18 = createLogger("auth/token-manager");
+var log21 = createLogger("auth/token-manager");
 var DEFAULT_REFRESH_AHEAD_MS = 5 * 60 * 1e3;
 var MAX_RETRIES = 3;
 var RETRY_BASE_MS = 1e3;
@@ -19892,7 +20334,7 @@ var TokenManager = class {
     this.oauthClient = deps.oauthClient;
     this.tokenStore = deps.tokenStore;
     this.refreshAheadMs = deps.refreshAheadMs ?? DEFAULT_REFRESH_AHEAD_MS;
-    log18.info("TokenManager initialized", { refreshAheadMs: this.refreshAheadMs });
+    log21.info("TokenManager initialized", { refreshAheadMs: this.refreshAheadMs });
   }
   // ── 核心方法 ──
   /**
@@ -19910,7 +20352,7 @@ var TokenManager = class {
       return this.cachedToken;
     }
     if (this.refreshLock) {
-      log18.debug("Waiting for concurrent token acquisition");
+      log21.debug("Waiting for concurrent token acquisition");
       return this.refreshLock;
     }
     this.refreshLock = this._acquireTokenWithRetry();
@@ -19936,13 +20378,13 @@ var TokenManager = class {
     this.cachedToken = null;
     this.cachedScope = null;
     this.currentTokenData = null;
-    log18.info("Token revoked and cleared");
+    log21.info("Token revoked and cleared");
   }
   /** 清理定时器和并发锁 — 优雅关闭时调用 */
   shutdown() {
     this.clearRefreshTimer();
     this.refreshLock = null;
-    log18.info("TokenManager shutdown");
+    log21.info("TokenManager shutdown");
   }
   // ── 内部方法 ──
   /**
@@ -19958,18 +20400,18 @@ var TokenManager = class {
         return await this._acquireToken();
       } catch (err) {
         if (err instanceof ApiError && (err.status === 401 || err.status === 403)) {
-          log18.error("Token acquire failed with auth error, not retrying", { status: err.status });
+          log21.error("Token acquire failed with auth error, not retrying", { status: err.status });
           throw err;
         }
         if (attempt === MAX_RETRIES) {
-          log18.error("Token acquire failed after all retries", { attempts: attempt + 1 });
+          log21.error("Token acquire failed after all retries", { attempts: attempt + 1 });
           throw new TokenAcquireError(
             `Token acquire failed after ${attempt + 1} attempts`,
             { cause: err instanceof Error ? err : void 0 }
           );
         }
         const delay = RETRY_BASE_MS * Math.pow(2, attempt);
-        log18.warn("Token acquire failed, retrying", {
+        log21.warn("Token acquire failed, retrying", {
           attempt: attempt + 1,
           maxRetries: MAX_RETRIES,
           retryInMs: delay,
@@ -19993,18 +20435,18 @@ var TokenManager = class {
     try {
       const stored = await this.tokenStore.load("token");
       if (stored && !this.isTokenHardExpired(stored)) {
-        log18.info("Token loaded from store (still valid)");
+        log21.info("Token loaded from store (still valid)");
         this.updateCache(stored);
         this.scheduleRefresh(stored);
         return stored.accessToken;
       }
       if (stored) {
-        log18.info("Stored token has expired, acquiring new one");
+        log21.info("Stored token has expired, acquiring new one");
       }
     } catch {
-      log18.warn("Failed to load token from store, acquiring new one");
+      log21.warn("Failed to load token from store, acquiring new one");
     }
-    log18.info("Acquiring new access token via POST /auth/token");
+    log21.info("Acquiring new access token via POST /auth/token");
     const tokenData = await this.oauthClient.getToken();
     this.updateCache(tokenData);
     await this.tokenStore.save("token", tokenData);
@@ -20035,22 +20477,22 @@ var TokenManager = class {
     this.clearRefreshTimer();
     const refreshInMs = tokenData.expiresAt - this.refreshAheadMs - Date.now();
     if (refreshInMs <= 0) {
-      log18.debug("Token already within refresh window, not scheduling timer");
+      log21.debug("Token already within refresh window, not scheduling timer");
       return;
     }
-    log18.debug("Scheduling token refresh", {
+    log21.debug("Scheduling token refresh", {
       refreshInMs,
       refreshAt: new Date(Date.now() + refreshInMs).toISOString()
     });
     this.refreshTimer = setTimeout(async () => {
       try {
-        log18.info("Scheduled token refresh triggered");
+        log21.info("Scheduled token refresh triggered");
         this.cachedToken = null;
         this.currentTokenData = null;
         await this.getValidToken();
-        log18.info("Scheduled token refresh completed");
+        log21.info("Scheduled token refresh completed");
       } catch (err) {
-        log18.error("Scheduled token refresh failed", {
+        log21.error("Scheduled token refresh failed", {
           error: err instanceof Error ? err.message : String(err)
         });
       }
@@ -20081,13 +20523,13 @@ var wrapper_default = import_websocket.default;
 
 // src/transport/ws-client.ts
 var import_node_events = require("events");
-var log19 = createLogger("transport/ws-client");
+var log22 = createLogger("transport/ws-client");
 var WSClient = class extends import_node_events.EventEmitter {
   /** 底层 WebSocket 实例 */
   ws = null;
   constructor() {
     super();
-    log19.info("WSClient initialized");
+    log22.info("WSClient initialized");
   }
   /**
    * 连接到 WebSocket 服务器并绑定事件。
@@ -20103,13 +20545,17 @@ var WSClient = class extends import_node_events.EventEmitter {
       this.ws = null;
     }
     const { url: url2, protocols, headers } = options;
-    log19.info("ws:connecting", { url: url2 });
+    log22.info("ws:connecting", { url: url2 });
     return new Promise((resolve3, reject) => {
-      const ws = new wrapper_default(url2, protocols, { headers });
+      const ws = new wrapper_default(url2, protocols, {
+        headers,
+        maxPayload: 5 * 1024 * 1024
+        // 5MB — 防止恶意超大帧导致内存耗尽
+      });
       let connected = false;
       ws.on("open", () => {
         connected = true;
-        log19.info("ws:connected", { url: url2 });
+        log22.info("ws:connected", { url: url2 });
         this.emit("open");
         resolve3();
       });
@@ -20120,11 +20566,11 @@ var WSClient = class extends import_node_events.EventEmitter {
         this.emit("pong");
       });
       ws.on("close", (code, reason) => {
-        log19.info("ws:closed", { code, reason: reason.toString() });
+        log22.info("ws:closed", { code, reason: reason.toString() });
         this.emit("close", code, reason.toString());
       });
       ws.on("error", (err) => {
-        log19.error("ws:error", { error: err.message });
+        log22.error("ws:error", { error: err.message });
         this.emit("error", err);
         if (!connected) {
           reject(err);
@@ -20136,7 +20582,7 @@ var WSClient = class extends import_node_events.EventEmitter {
   /** 发送数据到服务器 — 前置检查连接状态 */
   send(data) {
     if (!this.ws || this.ws.readyState !== wrapper_default.OPEN) {
-      log19.warn("ws:send skipped, not connected", { readyState: this.ws?.readyState });
+      log22.warn("ws:send skipped, not connected", { readyState: this.ws?.readyState });
       return;
     }
     this.ws.send(data);
@@ -20153,7 +20599,7 @@ var WSClient = class extends import_node_events.EventEmitter {
       this.ws.removeAllListeners();
       this.ws.close(code, reason);
       this.ws = null;
-      log19.info("ws:close requested", { code, reason });
+      log22.info("ws:close requested", { code, reason });
     }
   }
   /** 当前连接状态 (0=CONNECTING, 1=OPEN, 2=CLOSING, 3=CLOSED) */
@@ -20163,7 +20609,7 @@ var WSClient = class extends import_node_events.EventEmitter {
 };
 
 // src/transport/dedup.ts
-var log20 = createLogger("transport/dedup");
+var log23 = createLogger("transport/dedup");
 var MessageDedup = class {
   /** 去重缓存生存时间 (ms) */
   ttlMs;
@@ -20174,7 +20620,7 @@ var MessageDedup = class {
   constructor(config2) {
     this.ttlMs = config2?.ttlMs ?? 3e5;
     this.maxEntries = config2?.maxEntries ?? 5e3;
-    log20.info("MessageDedup initialized", { ttlMs: this.ttlMs, maxEntries: this.maxEntries });
+    log23.info("MessageDedup initialized", { ttlMs: this.ttlMs, maxEntries: this.maxEntries });
   }
   /**
    * 检查消息是否重复。
@@ -20210,7 +20656,121 @@ var MessageDedup = class {
 
 // src/transport/message-pipe.ts
 var import_node_crypto3 = require("crypto");
-var log21 = createLogger("transport/message-pipe");
+
+// src/transport/rate-limiter.ts
+var log24 = createLogger("transport/rate-limiter");
+var RateLimiter = class {
+  /** 每秒补充的 token 数 */
+  ratePerSecond;
+  /** token 上限 (突发容量) */
+  burst;
+  /** 最大等待时间 (ms) */
+  maxWaitMs;
+  /** 当前可用 token 数 (浮点数，支持部分补充) */
+  tokens;
+  /** 上次补充 token 的时间戳 (ms) */
+  lastRefillTime;
+  // ── 统计指标 ──
+  /** 累计允许的请求数 */
+  allowedCount = 0;
+  /** 累计被限流的请求数 */
+  throttledCount = 0;
+  constructor(options) {
+    this.ratePerSecond = options.ratePerSecond;
+    this.burst = options.burst ?? options.ratePerSecond * 2;
+    this.maxWaitMs = options.maxWaitMs ?? 5e3;
+    this.tokens = this.burst;
+    this.lastRefillTime = Date.now();
+    log24.info("RateLimiter initialized", {
+      ratePerSecond: this.ratePerSecond,
+      burst: this.burst,
+      maxWaitMs: this.maxWaitMs
+    });
+  }
+  /**
+   * 获取一个 token。
+   *
+   * - 有可用 token → 立即返回 'allowed'
+   * - 无 token 且等待时间 ≤ maxWaitMs → 等待补充后返回 'allowed'
+   * - 无 token 且等待时间 > maxWaitMs → 立即返回 'throttled'
+   */
+  async acquire() {
+    this.refill();
+    if (this.tokens >= 1) {
+      this.tokens -= 1;
+      this.allowedCount++;
+      return "allowed";
+    }
+    const waitMs = (1 - this.tokens) / this.ratePerSecond * 1e3;
+    if (waitMs > this.maxWaitMs) {
+      this.throttledCount++;
+      log24.warn("rate-limit:throttled", {
+        waitMs: Math.round(waitMs),
+        maxWaitMs: this.maxWaitMs,
+        availableTokens: this.tokens.toFixed(2)
+      });
+      return "throttled";
+    }
+    this.tokens -= 1;
+    await new Promise((resolve3) => setTimeout(resolve3, Math.ceil(waitMs)));
+    this.refill();
+    this.allowedCount++;
+    return "allowed";
+  }
+  /**
+   * 非阻塞尝试获取 token。
+   * 有可用 token 返回 true，否则返回 false (不等待)。
+   */
+  tryAcquire() {
+    this.refill();
+    if (this.tokens >= 1) {
+      this.tokens -= 1;
+      this.allowedCount++;
+      return true;
+    }
+    return false;
+  }
+  /**
+   * 补充 token — 根据时间经过量按比例补充。
+   * 利用时间差计算，不需要定时器。
+   */
+  refill() {
+    const now = Date.now();
+    const elapsed = now - this.lastRefillTime;
+    if (elapsed <= 0) return;
+    const newTokens = elapsed / 1e3 * this.ratePerSecond;
+    this.tokens = Math.min(this.tokens + newTokens, this.burst);
+    this.lastRefillTime = now;
+  }
+  /** 当前可用 token 数 */
+  get availableTokens() {
+    this.refill();
+    return Math.floor(this.tokens);
+  }
+  /** 获取指标快照 */
+  getStats() {
+    return {
+      available: Math.floor(this.tokens),
+      allowed: this.allowedCount,
+      throttled: this.throttledCount
+    };
+  }
+};
+
+// src/transport/message-pipe.ts
+var log25 = createLogger("transport/message-pipe");
+var CallbackDataSchema = external_exports.object({
+  appId: external_exports.number(),
+  loginId: external_exports.string().optional(),
+  eventType: external_exports.string(),
+  userId: external_exports.string(),
+  groupId: external_exports.string(),
+  toUserId: external_exports.string(),
+  msgUid: external_exports.string(),
+  type: external_exports.string(),
+  content: external_exports.record(external_exports.string(), external_exports.unknown()),
+  extra: external_exports.string().optional()
+});
 var MessagePipe = class _MessagePipe {
   wsClient;
   dedup;
@@ -20225,6 +20785,10 @@ var MessagePipe = class _MessagePipe {
   quantumAccount;
   /** 消息加密模式 */
   encryptionMode;
+  /** 入站并发控制信号量 */
+  inboundSemaphore;
+  /** 出站速率限制器 */
+  rateLimiter;
   constructor(deps) {
     this.wsClient = deps.wsClient;
     this.dedup = deps.dedup;
@@ -20233,17 +20797,37 @@ var MessagePipe = class _MessagePipe {
     this.messageServiceBaseUrl = deps.messageServiceBaseUrl;
     this.quantumAccount = deps.quantumAccount;
     this.encryptionMode = deps.encryptionMode;
+    this.inboundSemaphore = new Semaphore({
+      maxConcurrency: deps.maxInboundConcurrency ?? 5,
+      maxWaiting: deps.maxWaitingQueue ?? 15
+    });
+    this.rateLimiter = new RateLimiter({
+      ratePerSecond: deps.rateLimitPerSecond ?? 30,
+      burst: deps.rateLimitBurst ?? 60
+    });
     this.wsClient.on("message", (rawData) => {
+      if (this.inboundSemaphore.activeCount >= (deps.maxInboundConcurrency ?? 5) && this.inboundSemaphore.waitingCount >= (deps.maxWaitingQueue ?? 15)) {
+        metrics.increment("inbound.backpressure_rejected");
+        log25.warn("backpressure:rejected", {
+          active: this.inboundSemaphore.activeCount,
+          waiting: this.inboundSemaphore.waitingCount
+        });
+        return;
+      }
       this.handleInbound(rawData).catch((err) => {
-        log21.error("\u274C \u5165\u7AD9\u5904\u7406\u5F02\u5E38", { step: "handleInbound", error: err.message });
+        log25.error("\u274C \u5165\u7AD9\u5904\u7406\u5F02\u5E38", { step: "handleInbound", error: err.message });
       });
     });
-    log21.info("MessagePipe initialized");
+    log25.info("MessagePipe initialized");
+  }
+  /** 获取入站并发信号量 — 由 InboundPipeline 用于 acquire/release */
+  get semaphore() {
+    return this.inboundSemaphore;
   }
   /** 注册入站消息回调 — 解密后的消息会通过此回调传给 L4 层 */
   onMessage(callback) {
     this.messageCallback = callback;
-    log21.info("Inbound message callback registered");
+    log25.info("Inbound message callback registered");
   }
   /**
    * 🧪 DEBUG — 注入模拟 WS 原始帧，走完完整的 7 步入站流水线。
@@ -20280,7 +20864,7 @@ var MessagePipe = class _MessagePipe {
       keyId = result.keyId;
       sessionKey = result.sessionKey;
       fillKey = result.fillKey;
-      log21.debug("\u{1F512} \u6587\u4EF6\u5206\u7247\u52A0\u5BC6", {
+      log25.debug("\u{1F512} \u6587\u4EF6\u5206\u7247\u52A0\u5BC6", {
         chunk: `${i + 1}/${totalChunks}`,
         originalSize: chunk.length,
         encryptedSize: result.fileBuffer.length,
@@ -20288,7 +20872,7 @@ var MessagePipe = class _MessagePipe {
       });
     }
     const encryptedBuffer = Buffer.concat(encryptedChunks);
-    log21.info("\u{1F512} \u6587\u4EF6\u52A0\u5BC6\u5B8C\u6210", {
+    log25.info("\u{1F512} \u6587\u4EF6\u52A0\u5BC6\u5B8C\u6210", {
       originalSize: buffer.length,
       encryptedSize: encryptedBuffer.length,
       totalChunks,
@@ -20345,11 +20929,11 @@ var MessagePipe = class _MessagePipe {
       if (this.encryptionMode === "quantum_only") {
         if (isFileMessage && msg.encryptionMeta) {
           extra = _MessagePipe.buildFileEncryptExtra(msg.encryptionMeta.iv, msg.encryptionMeta.keyId);
-          log21.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_only)", { sessionId: msg.encryptionMeta.keyId, msgType: msg.msgType });
+          log25.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_only)", { sessionId: msg.encryptionMeta.keyId, msgType: msg.msgType });
         } else if (isFileMessage) {
           const { keyId, iv } = await this.crypto.encrypt(msg.content);
           extra = _MessagePipe.buildFileEncryptExtra(iv, keyId);
-          log21.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_only, fallback)", { sessionId: keyId, msgType: msg.msgType });
+          log25.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_only, fallback)", { sessionId: keyId, msgType: msg.msgType });
         } else {
           const { ciphertext, keyId, iv } = await this.crypto.encrypt(msg.content);
           extra = JSON.stringify({
@@ -20358,17 +20942,17 @@ var MessagePipe = class _MessagePipe {
             sessionId: keyId
           });
           content = JSON.stringify({ content: "" });
-          log21.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_only)", { sessionId: keyId });
+          log25.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_only)", { sessionId: keyId });
         }
       } else {
         try {
           if (isFileMessage && msg.encryptionMeta) {
             extra = _MessagePipe.buildFileEncryptExtra(msg.encryptionMeta.iv, msg.encryptionMeta.keyId);
-            log21.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_and_plain)", { sessionId: msg.encryptionMeta.keyId, msgType: msg.msgType });
+            log25.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_and_plain)", { sessionId: msg.encryptionMeta.keyId, msgType: msg.msgType });
           } else if (isFileMessage) {
             const { keyId, iv } = await this.crypto.encrypt(msg.content);
             extra = _MessagePipe.buildFileEncryptExtra(iv, keyId);
-            log21.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_and_plain, fallback)", { sessionId: keyId, msgType: msg.msgType });
+            log25.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_and_plain, fallback)", { sessionId: keyId, msgType: msg.msgType });
           } else {
             const { ciphertext, keyId, iv } = await this.crypto.encrypt(msg.content);
             extra = JSON.stringify({
@@ -20377,12 +20961,20 @@ var MessagePipe = class _MessagePipe {
               sessionId: keyId
             });
             content = JSON.stringify({ content: "" });
-            log21.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_and_plain)", { sessionId: keyId });
+            log25.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_and_plain)", { sessionId: keyId });
           }
         } catch (err) {
-          log21.error("\u274C \u51FA\u7AD9\u6D88\u606F\u52A0\u5BC6\u5931\u8D25\uFF0C\u5C06\u53D1\u9001\u660E\u6587", {
-            error: err.message
+          const event = err instanceof CryptoTimeoutError ? "encryption_timeout_downgrade" : "encryption_downgrade";
+          log25.warn(`SECURITY_AUDIT:${event}`, {
+            event,
+            chatId: msg.chatId,
+            msgType: msg.msgType,
+            reason: err.message,
+            timestamp: (/* @__PURE__ */ new Date()).toISOString()
           });
+          if (err instanceof CryptoTimeoutError) {
+            metrics.increment("crypto.timeout");
+          }
         }
       }
     }
@@ -20400,7 +20992,7 @@ var MessagePipe = class _MessagePipe {
     }
     const result = await this.callMessageApi("/messages/v1/send", body, "outbound");
     if (!result) return;
-    log21.info("\u{1F4E4} outbound:sent \u2192 IM \u670D\u52A1\u5668", {
+    log25.info("\u{1F4E4} outbound:sent \u2192 IM \u670D\u52A1\u5668", {
       chatId: msg.chatId,
       encrypted: Boolean(extra),
       requestId: result.request_id,
@@ -20424,7 +21016,7 @@ var MessagePipe = class _MessagePipe {
     };
     const result = await this.callMessageApi("/messages/v1/recall", body, "recall");
     if (!result) return;
-    log21.info("recall:sent", {
+    log25.info("recall:sent", {
       messageId: params.messageId,
       requestId: result.request_id
     });
@@ -20438,9 +21030,19 @@ var MessagePipe = class _MessagePipe {
    * @param body - 请求体
    * @param logTag - 日志标签前缀 (如 'outbound' / 'recall')
    */
-  async callMessageApi(path2, body, logTag) {
-    const url2 = `${this.messageServiceBaseUrl}${path2}`;
+  async callMessageApi(path3, body, logTag) {
+    const url2 = `${this.messageServiceBaseUrl}${path3}`;
+    const rateLimitResult = await this.rateLimiter.acquire();
+    if (rateLimitResult === "throttled") {
+      metrics.increment("outbound.dropped");
+      log25.warn(`${logTag}:rate-limit-dropped`, {
+        url: url2,
+        body: { receive_id: body.receive_id, msg_type: body.msg_type }
+      });
+      return null;
+    }
     try {
+      const apiStartMs = Date.now();
       const token = await this.tokenFn();
       const resp = await fetch(url2, {
         method: "POST",
@@ -20451,25 +21053,29 @@ var MessagePipe = class _MessagePipe {
         body: JSON.stringify(body)
       });
       if (!resp.ok) {
-        log21.error(`${logTag}:http-error`, {
+        log25.error(`${logTag}:http-error`, {
           status: resp.status,
           statusText: resp.statusText,
           url: url2
         });
+        metrics.increment("outbound.failed");
         return null;
       }
       const result = await resp.json();
       if (result.code !== 0 && result.code !== 200) {
-        log21.error(`${logTag}:api-error`, {
+        log25.error(`${logTag}:api-error`, {
           code: result.code,
           msg: result.msg,
           requestId: result.request_id
         });
         return null;
       }
+      metrics.increment("outbound.success");
+      metrics.recordLatency("outbound.latency", Date.now() - apiStartMs);
       return result;
     } catch (err) {
-      log21.error(`${logTag}:network-error`, {
+      metrics.increment("outbound.failed");
+      log25.error(`${logTag}:network-error`, {
         url: url2,
         error: err.message
       });
@@ -20491,7 +21097,7 @@ var MessagePipe = class _MessagePipe {
     try {
       frame = JSON.parse(String(rawData));
     } catch (err) {
-      log21.warn("\u26A0\uFE0F WS \u5E27 JSON \u89E3\u6790\u5931\u8D25", { error: err.message });
+      log25.warn("\u26A0\uFE0F WS \u5E27 JSON \u89E3\u6790\u5931\u8D25", { error: err.message });
       return;
     }
     const timestamp = frame["X-CTQ-Timestamp"];
@@ -20502,18 +21108,36 @@ var MessagePipe = class _MessagePipe {
       const signatureInput = timestamp + nonce + frame.data;
       const expected = (0, import_node_crypto3.createHmac)("sha256", token).update(signatureInput).digest("hex");
       if (expected !== signature) {
-        log21.warn("\u26A0\uFE0F HMAC \u9A8C\u7B7E\u5931\u8D25\uFF0C\u4E22\u5F03\u5E27", { timestamp, nonce });
+        log25.warn("\u26A0\uFE0F HMAC \u9A8C\u7B7E\u5931\u8D25\uFF0C\u4E22\u5F03\u5E27", { timestamp, nonce });
         return;
       }
     }
     let callbackData;
     try {
-      callbackData = JSON.parse(frame.data);
+      const parsed = JSON.parse(frame.data);
+      const result = CallbackDataSchema.safeParse(parsed);
+      if (!result.success) {
+        log25.warn("\u26A0\uFE0F CallbackData validation failed", {
+          errors: result.error.issues.map((i) => `${i.path.join(".")}: ${i.message}`)
+        });
+        return;
+      }
+      callbackData = result.data;
     } catch (err) {
-      log21.warn("\u26A0\uFE0F CallbackData \u89E3\u6790\u5931\u8D25", { error: err.message });
+      log25.warn("\u26A0\uFE0F CallbackData \u89E3\u6790\u5931\u8D25", { error: err.message });
+      return;
+    }
+    const contentSize = JSON.stringify(callbackData.content).length;
+    const MAX_CONTENT_SIZE = 1 * 1024 * 1024;
+    if (contentSize > MAX_CONTENT_SIZE) {
+      log25.warn("\u26A0\uFE0F message content exceeds size limit", {
+        msgUid: callbackData.msgUid,
+        contentSize,
+        maxSize: MAX_CONTENT_SIZE
+      });
       return;
     }
-    log21.info("\u{1F4E9} \u5165\u7AD9\u539F\u59CB\u6570\u636E", {
+    log25.info("\u{1F4E9} \u5165\u7AD9\u539F\u59CB\u6570\u636E", {
       appId: callbackData.appId,
       msgUid: callbackData.msgUid,
       eventType: callbackData.eventType,
@@ -20531,25 +21155,25 @@ var MessagePipe = class _MessagePipe {
         const parsed = JSON.parse(extra);
         isEncrypted = Boolean(parsed.encryptMsg);
       } catch {
-        log21.debug("\u2139\uFE0F extra \u4E0D\u662F\u6709\u6548 JSON\uFF0C\u89C6\u4E3A\u660E\u6587", { msgUid: callbackData.msgUid });
+        log25.debug("\u2139\uFE0F extra \u4E0D\u662F\u6709\u6548 JSON\uFF0C\u89C6\u4E3A\u660E\u6587", { msgUid: callbackData.msgUid });
       }
     }
     let contentObj;
     if (this.encryptionMode === "quantum_only") {
       if (!this.quantumAccount) {
-        log21.info("\u26A0\uFE0F quantum_only: \u672A\u914D\u7F6E quantumAccount\uFF0C\u53D1\u9001\u5F15\u5BFC\u63D0\u793A", { chatId: callbackData.userId });
+        log25.info("\u26A0\uFE0F quantum_only: \u672A\u914D\u7F6E quantumAccount\uFF0C\u53D1\u9001\u5F15\u5BFC\u63D0\u793A", { chatId: callbackData.userId });
         await this.sendHintMessage(callbackData, HINT_NO_QUANTUM_ACCOUNT);
         return;
       }
       if (!isEncrypted) {
-        log21.info("\u26A0\uFE0F quantum_only: \u6536\u5230\u660E\u6587\u6D88\u606F\uFF0C\u62D2\u7EDD\u5904\u7406", { msgUid: callbackData.msgUid });
+        log25.info("\u26A0\uFE0F quantum_only: \u6536\u5230\u660E\u6587\u6D88\u606F\uFF0C\u62D2\u7EDD\u5904\u7406", { msgUid: callbackData.msgUid });
         await this.sendHintMessage(callbackData, HINT_PLAINTEXT_NOT_SUPPORTED);
         return;
       }
       try {
         contentObj = await this.decryptExtra(callbackData);
       } catch (err) {
-        log21.error("\u274C quantum_only: \u6D88\u606F\u89E3\u5BC6\u5931\u8D25", {
+        log25.error("\u274C quantum_only: \u6D88\u606F\u89E3\u5BC6\u5931\u8D25", {
           msgUid: callbackData.msgUid,
           error: err.message
         });
@@ -20558,14 +21182,14 @@ var MessagePipe = class _MessagePipe {
     } else {
       if (isEncrypted) {
         if (!this.quantumAccount) {
-          log21.info("\u26A0\uFE0F quantum_and_plain: \u6536\u5230\u52A0\u5BC6\u6D88\u606F\u4F46\u672A\u914D\u7F6E quantumAccount", { msgUid: callbackData.msgUid });
+          log25.info("\u26A0\uFE0F quantum_and_plain: \u6536\u5230\u52A0\u5BC6\u6D88\u606F\u4F46\u672A\u914D\u7F6E quantumAccount", { msgUid: callbackData.msgUid });
           await this.sendHintMessage(callbackData, HINT_NO_QUANTUM_ACCOUNT);
           return;
         }
         try {
           contentObj = await this.decryptExtra(callbackData);
         } catch (err) {
-          log21.error("\u274C quantum_and_plain: \u6D88\u606F\u89E3\u5BC6\u5931\u8D25", {
+          log25.error("\u274C quantum_and_plain: \u6D88\u606F\u89E3\u5BC6\u5931\u8D25", {
             msgUid: callbackData.msgUid,
             error: err.message
           });
@@ -20576,7 +21200,7 @@ var MessagePipe = class _MessagePipe {
       }
     }
     if (callbackData.eventType !== "callback:direct") {
-      log21.debug("\u2139\uFE0F \u5FFD\u7565\u975E\u76EE\u6807\u4E8B\u4EF6", { eventType: callbackData.eventType });
+      log25.debug("\u2139\uFE0F \u5FFD\u7565\u975E\u76EE\u6807\u4E8B\u4EF6", { eventType: callbackData.eventType });
       return;
     }
     const msg = {
@@ -20588,16 +21212,16 @@ var MessagePipe = class _MessagePipe {
       timestamp: Date.now(),
       isEncrypted
     };
-    log21.debug("\u{1F4E8} \u89E3\u6790 WS \u5E27", { messageId: msg.messageId, eventType: callbackData.eventType });
+    log25.debug("\u{1F4E8} \u89E3\u6790 WS \u5E27", { messageId: msg.messageId, eventType: callbackData.eventType });
     if (this.dedup.isDuplicate(msg.messageId)) {
-      log21.debug("\u{1F501} \u91CD\u590D\u6D88\u606F\u5DF2\u8DF3\u8FC7", { messageId: msg.messageId });
+      log25.debug("\u{1F501} \u91CD\u590D\u6D88\u606F\u5DF2\u8DF3\u8FC7", { messageId: msg.messageId });
       return;
     }
-    log21.info("\u2705 \u5165\u7AD9\u6D88\u606F\u9A8C\u8BC1\u901A\u8FC7", { messageId: msg.messageId, chatId: msg.chatId });
+    log25.info("\u2705 \u5165\u7AD9\u6D88\u606F\u9A8C\u8BC1\u901A\u8FC7", { messageId: msg.messageId, chatId: msg.chatId });
     if (this.messageCallback) {
       this.messageCallback(msg);
     } else {
-      log21.warn("\u26A0\uFE0F \u6D88\u606F\u56DE\u8C03\u672A\u6CE8\u518C\uFF0C\u65E0\u6CD5\u5904\u7406", { messageId: msg.messageId });
+      log25.warn("\u26A0\uFE0F \u6D88\u606F\u56DE\u8C03\u672A\u6CE8\u518C\uFF0C\u65E0\u6CD5\u5904\u7406", { messageId: msg.messageId });
     }
   }
   // ── 私有辅助方法 ──
@@ -20616,9 +21240,9 @@ var MessagePipe = class _MessagePipe {
         content: JSON.stringify({ content: hintText }),
         skipEncrypt: true
       });
-      log21.info("\u{1F4A1} \u5DF2\u53D1\u9001\u6A21\u5F0F\u63D0\u793A\u6D88\u606F", { chatId });
+      log25.info("\u{1F4A1} \u5DF2\u53D1\u9001\u6A21\u5F0F\u63D0\u793A\u6D88\u606F", { chatId });
     } catch (err) {
-      log21.error("\u274C \u63D0\u793A\u6D88\u606F\u53D1\u9001\u5931\u8D25", { error: err.message });
+      log25.error("\u274C \u63D0\u793A\u6D88\u606F\u53D1\u9001\u5931\u8D25", { error: err.message });
     }
   }
   /**
@@ -20630,12 +21254,12 @@ var MessagePipe = class _MessagePipe {
     const encryptMsg = extraData.encryptMsg ?? "";
     const sessionId = extraData.sessionId ?? "";
     if (!encryptMsg) {
-      log21.warn("\u26A0\uFE0F extra \u4E2D encryptMsg \u4E3A\u7A7A\uFF0C\u4F7F\u7528\u539F\u59CB content", { msgUid: callbackData.msgUid });
+      log25.warn("\u26A0\uFE0F extra \u4E2D encryptMsg \u4E3A\u7A7A\uFF0C\u4F7F\u7528\u539F\u59CB content", { msgUid: callbackData.msgUid });
       return callbackData.content;
     }
     const cryptoIv = extraData.cryptoIv ?? "";
     const decrypted = await this.crypto.decrypt(encryptMsg, sessionId, cryptoIv);
-    log21.debug("\u{1F513} \u6D88\u606F\u89E3\u5BC6\u6210\u529F", { msgUid: callbackData.msgUid, sessionId, hasIv: Boolean(cryptoIv) });
+    log25.debug("\u{1F513} \u6D88\u606F\u89E3\u5BC6\u6210\u529F", { msgUid: callbackData.msgUid, sessionId, hasIv: Boolean(cryptoIv) });
     try {
       return JSON.parse(decrypted);
     } catch {
@@ -20645,7 +21269,7 @@ var MessagePipe = class _MessagePipe {
 };
 
 // src/transport/connection-manager.ts
-var log22 = createLogger("transport/connection-manager");
+var log26 = createLogger("transport/connection-manager");
 function sleep2(ms) {
   return new Promise((resolve3) => setTimeout(resolve3, ms));
 }
@@ -20679,7 +21303,7 @@ var ConnectionManager = class {
       reconnectMaxMs: options?.reconnectMaxMs ?? 6e4,
       maxReconnectAttempts: options?.maxReconnectAttempts ?? 10
     };
-    log22.info("ConnectionManager initialized", this.options);
+    log26.info("ConnectionManager initialized", this.options);
   }
   /**
    * 启动连接 — 连接 WS + 开始心跳 + 注册重连逻辑
@@ -20693,8 +21317,16 @@ var ConnectionManager = class {
     this.appId = appId ?? "";
     this.running = true;
     this.reconnectAttempts = 0;
-    const token = await tokenFn();
     const wsUrl = url2.replace(/\/+$/, "") + "/events/stream";
+    if (!wsUrl.startsWith("wss://")) {
+      if (process.env.LZMX_ALLOW_INSECURE_WS === "true") {
+        log26.warn("SECURITY_AUDIT: insecure WS allowed via LZMX_ALLOW_INSECURE_WS", { url: wsUrl });
+      } else {
+        throw new Error("Insecure WebSocket (ws://) is not allowed. Set LZMX_ALLOW_INSECURE_WS=true to override.");
+      }
+    }
+    const token = await tokenFn();
+    log26.debug("ws:auth", { authorization: sanitize(token) });
     await this.client.connect({
       url: wsUrl,
       token,
@@ -20705,7 +21337,7 @@ var ConnectionManager = class {
     });
     this.registerEvents();
     this.startHeartbeat();
-    log22.info("ConnectionManager started \u2713", { url: url2 });
+    log26.info("ConnectionManager started \u2713", { url: url2 });
   }
   /** 注册 close / error / pong 事件 */
   registerEvents() {
@@ -20714,17 +21346,17 @@ var ConnectionManager = class {
     this.client.removeAllListeners("pong");
     this.client.on("close", () => {
       if (this.running) {
-        log22.warn("ws:disconnected, scheduling reconnect");
+        log26.warn("ws:disconnected, scheduling reconnect");
         this.scheduleReconnect();
       }
     });
     this.client.on("error", (err) => {
-      log22.error("ws:connection-error", { error: err.message });
+      log26.error("ws:connection-error", { error: err.message });
     });
     this.client.on("pong", () => {
       this.pongReceived = true;
       this.clearPongTimeout();
-      log22.debug("heartbeat: pong received");
+      log26.debug("heartbeat: pong received");
     });
   }
   /** 启动心跳保活 — 定时发送 WebSocket Ping 帧 */
@@ -20733,23 +21365,23 @@ var ConnectionManager = class {
     this.pongReceived = true;
     this.heartbeatTimer = setInterval(() => {
       if (this.client.readyState !== wrapper_default.OPEN) {
-        log22.warn("heartbeat: connection not open, scheduling reconnect");
+        log26.warn("heartbeat: connection not open, scheduling reconnect");
         this.scheduleReconnect();
         return;
       }
       if (!this.pongReceived) {
-        log22.warn("heartbeat: pong timeout, connection dead");
+        log26.warn("heartbeat: pong timeout, connection dead");
         this.client.close(4e3, "pong timeout");
         this.scheduleReconnect();
         return;
       }
       this.pongReceived = false;
       this.client.ping();
-      log22.debug("heartbeat: ping sent");
+      log26.debug("heartbeat: ping sent");
       this.clearPongTimeout();
       this.pongTimeoutTimer = setTimeout(() => {
         if (!this.pongReceived && this.running) {
-          log22.warn("heartbeat: pong timeout (independent timer), closing connection");
+          log26.warn("heartbeat: pong timeout (independent timer), closing connection");
           this.client.close(4e3, "pong timeout");
           this.scheduleReconnect();
         }
@@ -20787,12 +21419,13 @@ var ConnectionManager = class {
         this.options.reconnectBaseMs * 2 ** this.reconnectAttempts,
         this.options.reconnectMaxMs
       );
-      log22.info("ws:reconnecting", { attempt: this.reconnectAttempts + 1, delayMs: delay });
+      log26.info("ws:reconnecting", { attempt: this.reconnectAttempts + 1, delayMs: delay });
       await sleep2(delay);
       if (!this.running) return;
       this.reconnectAttempts++;
       try {
         const token = await this.tokenFn();
+        log26.debug("ws:reconnect-auth", { authorization: sanitize(token) });
         const wsUrl = this.url.replace(/\/+$/, "") + "/events/stream";
         await this.client.connect({
           url: wsUrl,
@@ -20805,17 +21438,17 @@ var ConnectionManager = class {
         this.reconnectAttempts = 0;
         this.registerEvents();
         this.startHeartbeat();
-        log22.info("ws:reconnected", { attempt: this.reconnectAttempts, url: this.url });
+        log26.info("ws:reconnected", { attempt: this.reconnectAttempts, url: this.url });
         return;
       } catch (err) {
-        log22.warn("ws:reconnect-failed", {
+        log26.warn("ws:reconnect-failed", {
           attempt: this.reconnectAttempts,
           error: err.message
         });
       }
     }
     if (this.running) {
-      log22.error("ws:max-reconnect-reached", {
+      log26.error("ws:max-reconnect-reached", {
         maxAttempts: this.options.maxReconnectAttempts
       });
     }
@@ -20825,7 +21458,7 @@ var ConnectionManager = class {
     this.running = false;
     this.stopHeartbeat();
     this.client.close(1e3, "shutdown");
-    log22.info("ConnectionManager stopped");
+    log26.info("ConnectionManager stopped");
   }
   /** 当前是否已连接 (WebSocket readyState === OPEN) */
   get isConnected() {
@@ -20834,7 +21467,7 @@ var ConnectionManager = class {
 };
 
 // src/push/cockatoo-client.ts
-var log23 = createLogger("push/cockatoo-client");
+var log27 = createLogger("push/cockatoo-client");
 var DEFAULT_TIMEOUT_MS2 = 3e4;
 var CockatooPushError = class extends Error {
   constructor(status, body, endpoint) {
@@ -20868,7 +21501,7 @@ var CockatooClient = class {
     const base = config2.endpoint.replace(/\/+$/, "");
     this.pushUrl = `${base}/api/v1/push`;
     this.healthUrl = `${base}/health`;
-    log23.info("CockatooClient initialized", { endpoint: config2.endpoint });
+    log27.info("CockatooClient initialized", { endpoint: config2.endpoint });
   }
   /**
    * 推送消息到 Cockatoo 服务。
@@ -20899,7 +21532,7 @@ var CockatooClient = class {
       }
       throw new CockatooPushError(resp.status, body, this.pushUrl);
     }
-    log23.debug("push:sent", { type: payload.type });
+    log27.debug("push:sent", { type: payload.type });
   }
   /**
    * 执行一次健康检查。
@@ -20917,11 +21550,11 @@ var CockatooClient = class {
       });
       const isHealthy = resp.ok;
       if (!isHealthy) {
-        log23.warn("health-check:unhealthy", { status: resp.status });
+        log27.warn("health-check:unhealthy", { status: resp.status });
       }
       return isHealthy;
     } catch (err) {
-      log23.warn("health-check:error", { error: err.message });
+      log27.warn("health-check:error", { error: err.message });
       return false;
     }
   }
@@ -20933,7 +21566,7 @@ var CockatooClient = class {
         this.healthy = await this.healthCheck();
       } catch {
         this.healthy = false;
-        log23.warn("Cockatoo health check failed");
+        log27.warn("Cockatoo health check failed");
       }
     }, this.config.healthCheckIntervalMs ?? 6e4);
     if (typeof this.healthCheckTimer === "object" && "unref" in this.healthCheckTimer) {
@@ -20954,7 +21587,7 @@ var CockatooClient = class {
 };
 
 // src/push/push-queue.ts
-var log24 = createLogger("push/push-queue");
+var log28 = createLogger("push/push-queue");
 var RETRY_BASE_MS2 = 1e3;
 var PushQueue = class {
   client;
@@ -20996,7 +21629,7 @@ var PushQueue = class {
     this.unhealthyRetryMs = config2?.unhealthyRetryMs ?? 5e3;
     this.drainOnStop = config2?.drainOnStop ?? false;
     this.drainTimeoutMs = config2?.drainTimeoutMs ?? 5e3;
-    log24.info("PushQueue initialized", {
+    log28.info("PushQueue initialized", {
       maxSize: this.maxSize,
       retryAttempts: this.retryAttempts,
       processIntervalMs: this.processIntervalMs
@@ -21007,7 +21640,7 @@ var PushQueue = class {
   start() {
     if (this.running) return;
     this.running = true;
-    log24.info("PushQueue started");
+    log28.info("PushQueue started");
     this.scheduleNext(0);
   }
   /**
@@ -21021,10 +21654,10 @@ var PushQueue = class {
     this.running = false;
     this.clearTimer();
     if (this.drainOnStop && this.queue.length > 0) {
-      log24.info("PushQueue draining", { remaining: this.queue.length });
+      log28.info("PushQueue draining", { remaining: this.queue.length });
       await this.drain();
     }
-    log24.info("PushQueue stopped", {
+    log28.info("PushQueue stopped", {
       remaining: this.queue.length,
       sent: this.sentCount,
       dropped: this.droppedCount,
@@ -21039,13 +21672,13 @@ var PushQueue = class {
     if (this.queue.length >= this.maxSize) {
       const dropped = this.queue.shift();
       this.droppedCount++;
-      log24.warn("queue:full, dropping oldest", {
+      log28.warn("queue:full, dropping oldest", {
         droppedType: dropped?.payload.type,
         queueSize: this.queue.length
       });
     }
     this.queue.push({ payload, retries: 0, eligibleAt: 0 });
-    log24.debug("queue:enqueued", { type: payload.type, queueSize: this.queue.length });
+    log28.debug("queue:enqueued", { type: payload.type, queueSize: this.queue.length });
   }
   /** 当前队列长度 */
   get size() {
@@ -21070,7 +21703,7 @@ var PushQueue = class {
     this.clearTimer();
     this.processTimer = setTimeout(() => {
       this.tick().catch((err) => {
-        log24.error("tick:unexpected-error", { error: err.message });
+        log28.error("tick:unexpected-error", { error: err.message });
         if (this.running) {
           this.scheduleNext(this.idleIntervalMs);
         }
@@ -21092,7 +21725,7 @@ var PushQueue = class {
   async tick() {
     if (!this.running) return;
     if (!this.client.isHealthy) {
-      log24.debug("tick:service-unhealthy, pausing");
+      log28.debug("tick:service-unhealthy, pausing");
       this.scheduleNext(this.unhealthyRetryMs);
       return;
     }
@@ -21112,7 +21745,7 @@ var PushQueue = class {
     try {
       await this.processItem(item);
     } catch (err) {
-      log24.error("tick:process-unexpected", { error: err.message });
+      log28.error("tick:process-unexpected", { error: err.message });
     } finally {
       this.processing = false;
     }
@@ -21131,14 +21764,14 @@ var PushQueue = class {
     try {
       await this.client.push(item.payload);
       this.sentCount++;
-      log24.debug("push:success", {
+      log28.debug("push:success", {
         type: item.payload.type,
         retries: item.retries
       });
     } catch (err) {
       if (err instanceof CockatooPushError && err.isClientError) {
         this.droppedCount++;
-        log24.warn("push:4xx-dropped", {
+        log28.warn("push:4xx-dropped", {
           type: item.payload.type,
           status: err.status,
           retries: item.retries
@@ -21147,7 +21780,7 @@ var PushQueue = class {
       }
       if (item.retries >= this.retryAttempts) {
         this.droppedCount++;
-        log24.error("push:max-retries-dropped", {
+        log28.error("push:max-retries-dropped", {
           type: item.payload.type,
           retries: item.retries,
           error: err.message
@@ -21160,7 +21793,7 @@ var PushQueue = class {
       item.eligibleAt = Date.now() + backoffMs;
       this.queue.push(item);
       const errorDetail = err instanceof CockatooPushError ? `HTTP ${err.status}` : err.message;
-      log24.warn("push:retry-enqueued", {
+      log28.warn("push:retry-enqueued", {
         type: item.payload.type,
         retries: item.retries,
         backoffMs,
@@ -21184,22 +21817,22 @@ var PushQueue = class {
       try {
         await this.client.push(item.payload);
         this.sentCount++;
-        log24.debug("drain:sent", { type: item.payload.type });
+        log28.debug("drain:sent", { type: item.payload.type });
       } catch (err) {
         this.droppedCount++;
-        log24.warn("drain:dropped", {
+        log28.warn("drain:dropped", {
           type: item.payload.type,
           error: err.message
         });
       }
     }
     if (this.queue.length > 0) {
-      log24.warn("drain:timeout", {
+      log28.warn("drain:timeout", {
         remaining: this.queue.length,
         timeoutMs: this.drainTimeoutMs
       });
     } else {
-      log24.info("drain:complete");
+      log28.info("drain:complete");
     }
   }
   // ── 内部工具 ──
@@ -21213,10 +21846,10 @@ var PushQueue = class {
 };
 
 // src/index.ts
-var log25 = createLogger("plugin");
+var log29 = createLogger("plugin");
 async function startPlugin(accountConfig, internalOverrides) {
   const config2 = buildPluginConfig(accountConfig, internalOverrides);
-  log25.info("Config built \u2713", { pluginId: config2.pluginId });
+  log29.info("Config built \u2713", { pluginId: config2.pluginId });
   let cryptoEngine;
   if (config2.crypto.enabled && accountConfig.quantumAccount) {
     try {
@@ -21225,12 +21858,13 @@ async function startPlugin(accountConfig, internalOverrides) {
           appId: accountConfig.appId,
           quantumAccount: accountConfig.quantumAccount
         },
-        config2.env
+        config2.env,
+        config2.crypto.operationTimeoutMs
       );
       await cryptoEngine.init();
-      log25.info("Crypto initialized \u2713");
+      log29.info("Crypto initialized \u2713");
     } catch (err) {
-      log25.warn("Crypto init failed, falling back to passthrough mode", {
+      log29.warn("Crypto init failed, falling back to passthrough mode", {
         error: err instanceof Error ? err.message : String(err)
       });
       cryptoEngine = CryptoEngine.createPassthrough();
@@ -21238,7 +21872,7 @@ async function startPlugin(accountConfig, internalOverrides) {
   } else {
     cryptoEngine = CryptoEngine.createPassthrough();
     const reason = !config2.crypto.enabled ? "disabled by config" : "quantumAccount not provided";
-    log25.info(`Crypto passthrough mode \u2713 (${reason})`);
+    log29.info(`Crypto passthrough mode \u2713 (${reason})`);
   }
   const oauthClient = new OAuthClient({
     baseUrl: config2.auth.serverUrl,
@@ -21252,7 +21886,7 @@ async function startPlugin(accountConfig, internalOverrides) {
     tokenStore,
     refreshAheadMs: config2.auth.refreshAheadMs
   });
-  log25.info("Auth initialized \u2713");
+  log29.info("Auth initialized \u2713");
   let pushQueue = null;
   let cockatooClient = null;
   if (config2.push?.enabled) {
@@ -21267,7 +21901,7 @@ async function startPlugin(accountConfig, internalOverrides) {
     });
     cockatooClient.startHealthCheck();
     pushQueue.start();
-    log25.info("Push initialized \u2713");
+    log29.info("Push initialized \u2713");
   }
   const wsClient = new WSClient();
   const dedup = new MessageDedup(config2.transport.dedup);
@@ -21278,7 +21912,11 @@ async function startPlugin(accountConfig, internalOverrides) {
     tokenFn: () => tokenManager.getValidToken(),
     messageServiceBaseUrl: config2.message.messageServiceBaseUrl,
     quantumAccount: accountConfig.quantumAccount,
-    encryptionMode: accountConfig.encryptionMode
+    encryptionMode: accountConfig.encryptionMode,
+    maxInboundConcurrency: config2.transport.maxInboundConcurrency,
+    maxWaitingQueue: config2.transport.maxWaitingQueue,
+    rateLimitPerSecond: config2.message.rateLimitPerSecond,
+    rateLimitBurst: config2.message.rateLimitBurst
   });
   const connectionManager = new ConnectionManager(wsClient, {
     heartbeatIntervalMs: config2.transport.heartbeatIntervalMs,
@@ -21287,8 +21925,14 @@ async function startPlugin(accountConfig, internalOverrides) {
     reconnectMaxMs: config2.transport.reconnectMaxMs,
     maxReconnectAttempts: config2.transport.maxReconnectAttempts
   });
-  log25.info("Transport initialized \u2713");
-  log25.info("Plugin started \u2713");
+  log29.info("Transport initialized \u2713");
+  initUploadSemaphore(config2.file.maxUploadConcurrency);
+  log29.info("Upload semaphore initialized \u2713", { maxConcurrency: config2.file.maxUploadConcurrency });
+  if (config2.metrics.enabled) {
+    metrics.startPeriodicLog(config2.metrics.logIntervalMs);
+    log29.info("Metrics initialized \u2713", { intervalMs: config2.metrics.logIntervalMs });
+  }
+  log29.info("Plugin started \u2713");
   return {
     config: config2,
     messagePipe,
@@ -21296,12 +21940,14 @@ async function startPlugin(accountConfig, internalOverrides) {
     tokenManager,
     pushQueue,
     shutdown: async () => {
-      log25.info("Shutting down...");
+      log29.info("Shutting down...");
       await connectionManager.stop();
       if (pushQueue) await pushQueue.stop();
       if (cockatooClient) cockatooClient.stopHealthCheck();
       tokenManager.shutdown();
-      log25.info("Shutdown complete \u2713");
+      metrics.stop();
+      destroyEncryptionMaps();
+      log29.info("Shutdown complete \u2713");
     }
   };
 }
@@ -21312,7 +21958,7 @@ var plugin = {
   register(api) {
     setPluginRuntime(api.runtime);
     api.registerChannel({ plugin: quantumImPlugin });
-    log25.info("plugin registered \u2713");
+    log29.info("plugin registered \u2713");
   }
 };
 var index_default = plugin;