linco-connect 1.1.3 → 1.1.5

package/README.md

@@ -253,6 +253,8 @@ C:\Users\<用户名>\.linco\config.json
 linco-connect start
 ```
 
+如果 Linco Connect 已经在运行，再次执行 `linco-connect start` 或 `npm start` 会先停止旧进程，再启动新的进程，相当于一次 restart。
+
 需要使用本地测试页模拟前端 IM 时，显式启用：
 
 ```bash
@@ -267,6 +269,8 @@ linco-connect start --mock-im
 linco-connect start --daemon
 ```
 
+如果后台服务已经在运行，再次执行 `linco-connect start --daemon` 也会先停止旧进程，再启动新的后台进程。
+
 后台启动并启用本地模拟前端 IM：
 
 ```bash

package/bin/linco-connect.js

@@ -3,7 +3,7 @@
 const fs = require('fs');
 const path = require('path');
 const { execFileSync, spawn } = require('child_process');
-const { startServer } = require('../src/serverApp');
+const { startServer, stopServer } = require('../src/serverApp');
 const {
   ensureDir,
   findGitBash,
@@ -205,21 +205,14 @@ async function startCommand(options = {}) {
     return;
   }
 
-  startServer(rootDir, { config });
+  await startForeground(config);
 }
 
 async function startDaemon(config) {
   ensureDir(config.lincoHome);
   ensureDir(config.logsDir);
 
-  const pidFile = daemonPidFile(config);
-  const existing = readDaemonPid(pidFile);
-  if (existing?.pid) {
-    if (isOwnDaemon(existing) && isProcessRunning(existing.pid)) {
-      throw new Error(`Linco Connect 已在后台运行，PID: ${existing.pid}`);
-    }
-    removeDaemonPid(pidFile);
-  }
+  await restartExistingProcessIfRunning(config);
 
   const logs = daemonLogFiles(config);
   const outFd = fs.openSync(logs.stdoutLog, 'a');
@@ -238,6 +231,7 @@ async function startDaemon(config) {
   fs.closeSync(outFd);
   fs.closeSync(errFd);
 
+  const pidFile = daemonPidFile(config);
   await waitForDaemonStart(child.pid, pidFile, 5000);
 
   console.log('✅ Linco Connect 已在后台启动');
@@ -247,26 +241,73 @@ async function startDaemon(config) {
   console.log(`   错误日志: ${logs.stderrLog}`);
 }
 
+async function startForeground(config) {
+  const pidFile = daemonPidFile(config);
+  await restartExistingProcessIfRunning(config);
+
+  let cleaned = false;
+  let shuttingDown = false;
+  let server = null;
+  const cleanup = () => {
+    if (cleaned) return;
+    cleaned = true;
+    removeDaemonPid(pidFile);
+  };
+  const shutdown = () => {
+    if (shuttingDown) return;
+    shuttingDown = true;
+    cleanup();
+    stopServer(config, server).finally(() => process.exit(0));
+  };
+
+  process.once('SIGINT', shutdown);
+  process.once('SIGTERM', shutdown);
+  process.once('exit', cleanup);
+
+  server = startServer(rootDir, {
+    config,
+    onListening: () => writeDaemonPid(config, { mode: 'foreground' }),
+    onClose: cleanup,
+  });
+}
+
+async function restartExistingProcessIfRunning(config) {
+  const pidFile = daemonPidFile(config);
+  const existing = readDaemonPid(pidFile);
+  if (existing?.pid) {
+    if (isOwnDaemon(existing) && isProcessRunning(existing.pid)) {
+      console.log(`Linco Connect 已在运行，正在重启，PID: ${existing.pid}`);
+      await stopDaemonProcess(existing.pid);
+      console.log(`已停止旧的 Linco Connect 进程，PID: ${existing.pid}`);
+    }
+    removeDaemonPid(pidFile);
+  }
+}
+
 function startDaemonChild(config) {
   const pidFile = daemonPidFile(config);
   let cleaned = false;
+  let shuttingDown = false;
+  let server = null;
   const cleanup = () => {
     if (cleaned) return;
     cleaned = true;
     removeDaemonPid(pidFile);
   };
   const shutdown = () => {
+    if (shuttingDown) return;
+    shuttingDown = true;
     cleanup();
-    process.exit(0);
+    stopServer(config, server).finally(() => process.exit(0));
   };
 
   process.once('SIGINT', shutdown);
   process.once('SIGTERM', shutdown);
   process.once('exit', cleanup);
 
-  startServer(rootDir, {
+  server = startServer(rootDir, {
     config,
-    onListening: () => writeDaemonPid(config),
+    onListening: () => writeDaemonPid(config, { mode: 'daemon' }),
     onClose: cleanup,
   });
 }
@@ -294,20 +335,24 @@ async function stopCommand() {
     return;
   }
 
-  process.kill(metadata.pid, 'SIGTERM');
-  const stopped = await waitForProcessExit(metadata.pid, 5000);
-  if (!stopped && isProcessRunning(metadata.pid)) {
-    process.kill(metadata.pid, 'SIGKILL');
-    const killed = await waitForProcessExit(metadata.pid, 2000);
-    if (!killed && isProcessRunning(metadata.pid)) {
-      throw new Error(`停止失败，进程仍在运行，PID: ${metadata.pid}`);
-    }
-  }
+  await stopDaemonProcess(metadata.pid);
 
   removeDaemonPid(pidFile);
   console.log(`✅ Linco Connect 已停止，PID: ${metadata.pid}`);
 }
 
+async function stopDaemonProcess(pid) {
+  process.kill(pid, 'SIGTERM');
+  const stopped = await waitForProcessExit(pid, 5000);
+  if (!stopped && isProcessRunning(pid)) {
+    process.kill(pid, 'SIGKILL');
+    const killed = await waitForProcessExit(pid, 2000);
+    if (!killed && isProcessRunning(pid)) {
+      throw new Error(`停止失败，进程仍在运行，PID: ${pid}`);
+    }
+  }
+}
+
 function daemonPidFile(config) {
   return path.join(config.lincoHome, 'linco-connect.pid');
 }
@@ -328,7 +373,7 @@ function readDaemonPid(pidFile) {
   }
 }
 
-function writeDaemonPid(config) {
+function writeDaemonPid(config, options = {}) {
   ensureDir(config.lincoHome);
   const logs = daemonLogFiles(config);
   fs.writeFileSync(daemonPidFile(config), `${JSON.stringify({
@@ -336,6 +381,7 @@ function writeDaemonPid(config) {
     cli: __filename,
     cwd: rootDir,
     pid: process.pid,
+    mode: options.mode || 'daemon',
     startedAt: new Date().toISOString(),
     host: config.host,
     port: config.port,
@@ -493,8 +539,8 @@ function printHelp() {
 
 说明:
   init    初始化本地配置，不需要填写 wsUrl
-  start   启动本机 Agent 连接器（本地测试页需加 --local-im 开启）
-  stop    停止后台运行的 Linco Connect
+  start   启动本机 Agent 连接器（已运行时会先停止旧进程再启动）
+  stop    停止运行中的 Linco Connect
   doctor  检查本地运行环境
 
 Agent:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "linco-connect",
-  "version": "1.1.3",
+  "version": "1.1.5",
   "description": "自研 IM 桥接多 Agent 服务",
   "main": "server.js",
   "bin": {

package/server.js

@@ -1,17 +1,12 @@
 const { spawnSync } = require('child_process');
 const path = require('path');
-const { startServer } = require('./src/serverApp');
 
 const cliFlags = process.argv.slice(2);
-if (cliFlags.includes('--daemon') || cliFlags.includes('--local-im') || cliFlags.includes('--mock-im')) {
-  const cli = path.join(__dirname, 'bin', 'linco-connect.js');
-  const result = spawnSync(process.execPath, [cli, 'start', ...cliFlags], {
-    cwd: __dirname,
-    env: process.env,
-    stdio: 'inherit',
-    windowsHide: true,
-  });
-  process.exit(result.status || 0);
-}
-
-startServer(__dirname);
+const cli = path.join(__dirname, 'bin', 'linco-connect.js');
+const result = spawnSync(process.execPath, [cli, 'start', ...cliFlags], {
+  cwd: __dirname,
+  env: process.env,
+  stdio: 'inherit',
+  windowsHide: true,
+});
+process.exit(result.status || 0);

package/src/agents/codex.js

@@ -14,19 +14,15 @@ const {
 
 function execute(input, ws, session, config) {
   const textForCheck = stringifyInput(input);
-  if (isDangerousCommand(textForCheck)) {
-    if (session.autoApprove === true) {
-      sendSystem(ws, '✅ 已自动批准危险操作确认。');
-    } else {
-      const preview = textForCheck.slice(0, 200);
-      session.pendingDanger = { input };
-      send(ws, 'danger_warning', {
-        text: `⚠️ 检测到可能的危险操作，请确认是否继续执行：
+  if (isDangerousCommand(textForCheck) && session.autoApprove !== true) {
+    const preview = textForCheck.slice(0, 200);
+    session.pendingDanger = { input };
+    send(ws, 'danger_warning', {
+      text: `⚠️ 检测到可能的危险操作，请确认是否继续执行：
 
 "${preview}${textForCheck.length > 200 ? '...' : ''}"`,
-      });
-      return;
-    }
+    });
+    return;
   }
 
   if (session.isTurnActive) {
@@ -232,6 +228,7 @@ function ensureThread(session) {
       threadId: session.agentSessionId,
       cwd: session.workspace,
       approvalPolicy: 'untrusted',
+      ...buildCodexThreadSandbox(session),
     }).then(result => {
       return session.agentSessionId;
     }).catch(err => {
@@ -250,6 +247,7 @@ function startNewThread(session, agentConfig) {
     cwd: session.workspace,
     model: agentConfig.model || null,
     approvalPolicy: 'untrusted',
+    ...buildCodexThreadSandbox(session),
   }).then(result => {
     const threadId = result?.thread?.id || result?.id || result?.threadId;
     if (threadId) {
@@ -359,34 +357,59 @@ function sendJsonRpc(child, message) {
   }
 }
 
+function buildCodexThreadSandbox(session) {
+  const writableRoots = [session.workspace, session.outboxDir].filter(Boolean);
+  return {
+    sandbox: 'workspace-write',
+    config: {
+      sandbox_mode: 'workspace-write',
+      sandbox_workspace_write: {
+        writable_roots: [...new Set(writableRoots)],
+        network_access: false,
+        exclude_tmpdir_env_var: false,
+        exclude_slash_tmp: false,
+      },
+    },
+  };
+}
+
+function buildCodexPermissionGrant(session) {
+  const readableRoots = [session.attachmentsDir].filter(Boolean);
+  const writableRoots = [session.outboxDir].filter(Boolean);
+  const entries = [
+    ...readableRoots.map(root => ({
+      path: { type: 'path', path: root },
+      access: 'read',
+    })),
+    ...writableRoots.map(root => ({
+      path: { type: 'path', path: root },
+      access: 'write',
+    })),
+  ];
+
+  return {
+    fileSystem: {
+      read: readableRoots,
+      write: writableRoots,
+      entries,
+    },
+    network: { enabled: false },
+  };
+}
+
 function handleServerRequest(message, session) {
   const method = message.method || '';
   const params = message.params || {};
   const ws = session._lastWs;
 
-  // File change approval — auto-approve but notify user
+  // File change approval — auto-approve silently
   if (method === 'item/fileChange/requestApproval') {
-    const toolId = String(message.id);
-    const input = summarizeCodexParams(params);
     session._log?.info('codex auto-approving file change');
-    if (ws) {
-      send(ws, 'tool_call', {
-        id: toolId,
-        name: 'fileChange',
-        input,
-      });
-    }
     sendJsonRpc(session.codexAppServer, {
       jsonrpc: '2.0',
       id: message.id,
       result: { decision: 'accept' },
     });
-    if (ws) {
-      send(ws, 'tool_result', {
-        id: toolId,
-        output: 'approved',
-      });
-    }
     return;
   }
 
@@ -403,9 +426,6 @@ function handleServerRequest(message, session) {
         id: message.id,
         result: { decision: 'accept' },
       });
-      if (ws) {
-        sendSystem(ws, `✅ 已自动批准命令执行：${cmd}`);
-      }
       return;
     }
 
@@ -434,34 +454,19 @@ function handleServerRequest(message, session) {
     sendJsonRpc(session.codexAppServer, {
       jsonrpc: '2.0',
       id: message.id,
-      result: { permissions: { fileSystem: { entries: [] }, network: { enabled: false } }, scope: 'session' },
+      result: { permissions: buildCodexPermissionGrant(session), scope: 'session' },
     });
     return;
   }
 
-  // Apply patch approval — auto-approve
+  // Apply patch approval — auto-approve silently
   if (method === 'applyPatchApproval') {
-    const toolId = String(message.id);
-    const input = summarizeCodexParams(params);
     session._log?.info('codex auto-approving patch');
-    if (ws) {
-      send(ws, 'tool_call', {
-        id: toolId,
-        name: 'applyPatch',
-        input,
-      });
-    }
     sendJsonRpc(session.codexAppServer, {
       jsonrpc: '2.0',
       id: message.id,
       result: { decision: 'approved' },
     });
-    if (ws) {
-      send(ws, 'tool_result', {
-        id: toolId,
-        output: 'approved',
-      });
-    }
     return;
   }
 

package/src/agents/hermes.js

@@ -22,17 +22,13 @@ function extractText(input) {
 
 function execute(input, ws, session, config) {
   const textForCheck = stringifyInput(input);
-  if (isDangerousCommand(textForCheck)) {
-    if (session.autoApprove === true) {
-      sendSystem(ws, '✅ 已自动批准危险操作确认。');
-    } else {
-      const preview = textForCheck.slice(0, 200);
-      session.pendingDanger = { input };
-      send(ws, 'danger_warning', {
-        text: `⚠️ 检测到可能的危险操作，请确认是否继续执行：\n\n"${preview}${textForCheck.length > 200 ? '...' : ''}"`,
-      });
-      return;
-    }
+  if (isDangerousCommand(textForCheck) && session.autoApprove !== true) {
+    const preview = textForCheck.slice(0, 200);
+    session.pendingDanger = { input };
+    send(ws, 'danger_warning', {
+      text: `⚠️ 检测到可能的危险操作，请确认是否继续执行：\n\n"${preview}${textForCheck.length > 200 ? '...' : ''}"`,
+    });
+    return;
   }
 
   if (session.isTurnActive) {
@@ -170,7 +166,6 @@ function handleHermesEvent(event, ws, session, config) {
       handleApprovalRequest(event, ws, session, config);
       return;
     case 'approval.responded':
-      sendSystem(ws, event.choice === 'deny' ? '🚫 已拒绝 Hermes 操作。' : '✅ 已批准 Hermes 操作。');
       return;
     case 'run.completed':
       completeRun(event, ws, session, config);
@@ -217,7 +212,7 @@ function handleApprovalRequest(event, ws, session, config) {
       sessionId: session.id,
       requestId,
     });
-    resolvePendingPermission(true, ws, session, config, requestId).catch(err => {
+    resolvePendingPermission(true, ws, session, config, requestId, { silent: true }).catch(err => {
       sendError(ws, `Hermes 自动审批失败: ${err.message}`);
     });
     return;
@@ -394,7 +389,7 @@ async function resolvePendingDanger(confirmed, ws, session, config) {
   return true;
 }
 
-async function resolvePendingPermission(approved, ws, session, config, requestId) {
+async function resolvePendingPermission(approved, ws, session, config, requestId, options = {}) {
   const pending = getPendingPermission(session, requestId, 'hermes');
   if (!pending) {
     config.logger?.warn('hermes permission response without pending request', {
@@ -415,7 +410,9 @@ async function resolvePendingPermission(approved, ws, session, config, requestId
       method: 'POST',
       body: JSON.stringify({ choice: approved ? 'once' : 'deny' }),
     });
-    sendSystem(ws, approved ? '✅ 已批准 Hermes 操作。' : '🚫 已拒绝 Hermes 操作。');
+    if (!options.silent) {
+      sendSystem(ws, approved ? '✅ 已批准 Hermes 操作。' : '🚫 已拒绝 Hermes 操作。');
+    }
   } catch (err) {
     sendError(ws, `Hermes 审批响应失败: ${err.message}`);
   }

package/src/agents/openclaw.js

@@ -26,19 +26,17 @@ const {
   setPendingPermission,
 } = require('../permissionState');
 
+const DEFAULT_TURN_TIMEOUT_MS = 10 * 60 * 1000;
+
 function execute(input, ws, session, config) {
   const textForCheck = stringifyInput(input);
-  if (isDangerousCommand(textForCheck)) {
-    if (session.autoApprove === true) {
-      sendSystem(ws, 'Dangerous operation auto-approved.');
-    } else {
-      const preview = textForCheck.slice(0, 200);
-      session.pendingDanger = { input };
-      send(ws, 'danger_warning', {
-        text: `Possible dangerous operation detected. Confirm to continue:\n\n"${preview}${textForCheck.length > 200 ? '...' : ''}"`,
-      });
-      return;
-    }
+  if (isDangerousCommand(textForCheck) && session.autoApprove !== true) {
+    const preview = textForCheck.slice(0, 200);
+    session.pendingDanger = { input };
+    send(ws, 'danger_warning', {
+      text: `Possible dangerous operation detected. Confirm to continue:\n\n"${preview}${textForCheck.length > 200 ? '...' : ''}"`,
+    });
+    return;
   }
 
   if (session.isTurnActive) {
@@ -82,15 +80,24 @@ async function runOpenClawTurn(input, ws, session, config) {
     const done = new Promise(resolve => {
       session._openclawFinish = resolve;
     });
+    armOpenClawTurnTimeout(ws, session, config, agentConfig);
 
-    const result = await client.request('chat.send', {
+    const sendStarted = client.request('chat.send', {
       sessionKey,
       message: stringifyInput(inputWithOutbox),
       deliver: false,
       idempotencyKey: runId,
       attachments: buildOpenClawAttachments(inputWithOutbox),
-    }, { timeoutMs: null });
+    }, { timeoutMs: null }).catch(err => {
+      if (session.isTurnActive) throw err;
+      return null;
+    });
 
+    const result = await Promise.race([
+      sendStarted,
+      done.then(() => null),
+    ]);
+    if (!session.isTurnActive) return;
     if (result?.runId) session.openclawRunId = result.runId;
     config.logger?.info('openclaw run started', {
       runId: session.openclawRunId,
@@ -100,8 +107,10 @@ async function runOpenClawTurn(input, ws, session, config) {
 
     await done;
   } catch (err) {
-    if (!isClosedAbort(err)) sendError(ws, `OpenClaw error: ${err.message}`);
-    finishTurn(ws, session, config, { drain: !isClosedAbort(err) });
+    if (session.isTurnActive) {
+      if (!isClosedAbort(err)) sendError(ws, `OpenClaw error: ${err.message}`);
+      finishTurn(ws, session, config, { drain: !isClosedAbort(err) });
+    }
   }
 }
 
@@ -121,6 +130,9 @@ async function ensureOpenClawClient(session, agentConfig, gatewayUrl, config) {
   session.openclawUnsubscribeEvents = client.onEvent((event, payload, frame) => {
     handleOpenClawEvent(event, payload, frame, session._lastWs || session.ws, session, session._lastConfig || config);
   });
+  session.openclawUnsubscribeClose = client.onClose(err => {
+    handleOpenClawGatewayClose(err, session._lastWs || session.ws, session, session._lastConfig || config);
+  });
   session.agentProcess = createOpenClawProcessHandle(session, client);
   await client.connect();
   return client;
@@ -177,7 +189,6 @@ function handleOpenClawEvent(event, payload, frame, ws, session, config) {
     return;
   }
   if (event === 'exec.approval.resolved' || event === 'plugin.approval.resolved') {
-    sendSystem(ws, 'OpenClaw approval resolved.');
     return;
   }
   if (event.includes('tool') || event.includes('node') || event.includes('plugin')) {
@@ -235,6 +246,7 @@ function completeRun(payload, ws, session, config) {
 
 function finishTurn(ws, session, config, options = {}) {
   const { drain = true } = options;
+  clearOpenClawTurnTimeout(session);
   session.openclawRunId = null;
   session.openclawLastText = '';
   session.openclawFinished = true;
@@ -249,6 +261,19 @@ function finishTurn(ws, session, config, options = {}) {
   if (drain) drainQueue(ws, session, config);
 }
 
+function handleOpenClawGatewayClose(err, ws, session, config) {
+  if (!session?.isTurnActive) return;
+  const message = `OpenClaw Gateway disconnected: ${err?.message || 'connection closed'}`;
+  config.logger?.warn?.('openclaw gateway disconnected during turn', {
+    sessionId: session.id,
+    runId: session.openclawRunId,
+    error: err?.message,
+  });
+  sendError(ws, message);
+  sendTurnEnd(ws, session, 'error', { error: message });
+  finishTurn(ws, session, config);
+}
+
 function handleToolEvent(event, payload, ws) {
   const state = String(payload.state || payload.status || event).toLowerCase();
   const id = String(payload.id || payload.toolCallId || payload.callId || payload.runId || `${event}:${Date.now()}`);
@@ -289,7 +314,7 @@ function handleApprovalRequest(kind, payload, ws, session, config) {
 
   if (session.autoApprove === true) {
     config.logger?.info('openclaw permission auto-approved', { sessionId: session.id, requestId, kind });
-    resolvePendingPermission(true, ws, session, config, requestId).catch(err => {
+    resolvePendingPermission(true, ws, session, config, requestId, { silent: true }).catch(err => {
       sendError(ws, `OpenClaw auto approval failed: ${err.message}`);
     });
     return;
@@ -302,7 +327,7 @@ function handleApprovalRequest(kind, payload, ws, session, config) {
   });
 }
 
-async function resolvePendingPermission(approved, ws, session, config, requestId) {
+async function resolvePendingPermission(approved, ws, session, config, requestId, options = {}) {
   const pending = getPendingPermission(session, requestId, 'openclaw');
   if (!pending) {
     config.logger?.warn('openclaw permission response without pending request', {
@@ -324,7 +349,9 @@ async function resolvePendingPermission(approved, ws, session, config, requestId
       id: pending.requestId,
       decision: approved ? 'allow-once' : 'deny',
     });
-    sendSystem(ws, approved ? 'OpenClaw operation approved.' : 'OpenClaw operation denied.');
+    if (!options.silent) {
+      sendSystem(ws, approved ? 'OpenClaw operation approved.' : 'OpenClaw operation denied.');
+    }
   } catch (err) {
     sendError(ws, `OpenClaw approval response failed: ${err.message}`);
   }
@@ -387,6 +414,10 @@ function createOpenClawProcessHandle(session, client) {
         try { session.openclawUnsubscribeEvents(); } catch {}
         session.openclawUnsubscribeEvents = null;
       }
+      if (session.openclawUnsubscribeClose) {
+        try { session.openclawUnsubscribeClose(); } catch {}
+        session.openclawUnsubscribeClose = null;
+      }
       client.close();
       if (session.openclawClient === client) session.openclawClient = null;
     },
@@ -406,14 +437,15 @@ function resolveOpenClawAgentId(input, session, agentConfig) {
 
 function buildOpenClawSessionKey(agentId, session) {
   const safeAgentId = sanitizeKeyPart(agentId || 'main');
+  const safeChatType = sanitizeKeyPart(session.linco?.chatType || 'direct');
   const safeSessionId = sanitizeKeyPart(session.storageId || session.id || crypto.randomUUID());
-  return `agent:${safeAgentId}:ddchat:${safeSessionId}`;
+  return `agent:${safeAgentId}:linco:${safeChatType}:${safeSessionId}`;
 }
 
 function isSessionKeyForAgent(sessionKey, agentId) {
   const key = String(sessionKey || '');
   const safeAgentId = sanitizeKeyPart(agentId || 'main');
-  return key.startsWith(`agent:${safeAgentId}:`);
+  return key.startsWith(`agent:${safeAgentId}:linco:`);
 }
 
 function ensureHistoryEntry(session, sessionKey, input) {
@@ -496,11 +528,43 @@ function stringifyInput(input) {
 function maybeAddOutboxHint(input, session, config) {
   const text = stringifyInput(input);
   if (!/(send|upload|attach|file|image|download|发送|文件|图片)/i.test(text)) return input;
-  const hint = `System hint: if you need to send a generated file or image to the user, write it to this session outbox directory. linco-connect will deliver new files automatically:\n${getOutboxDir(session, config)}`;
+  const hint = `系统提示：如果你需要把生成的文件或图片发送给用户，请写入本会话的 outbox 目录。linco-connect 会自动下发新文件：\n${getOutboxDir(session, config)}`;
   if (Array.isArray(input)) return [...input, { type: 'text', text: hint }];
   return `${text}\n\n${hint}`;
 }
 
+function armOpenClawTurnTimeout(ws, session, config, agentConfig = {}) {
+  clearOpenClawTurnTimeout(session);
+  const timeoutMs = Number(agentConfig.turnTimeoutMs) > 0
+    ? Number(agentConfig.turnTimeoutMs)
+    : DEFAULT_TURN_TIMEOUT_MS;
+  session.openclawTurnTimer = setTimeout(() => {
+    if (!session.isTurnActive) return;
+    const message = `OpenClaw turn timed out after ${Math.round(timeoutMs / 1000)}s.`;
+    config.logger?.warn?.('openclaw turn timeout', {
+      sessionId: session.id,
+      runId: session.openclawRunId,
+      timeoutMs,
+    });
+    if (session.openclawClient?.connected && session.agentSessionId) {
+      const params = session.openclawRunId
+        ? { sessionKey: session.agentSessionId, runId: session.openclawRunId }
+        : { sessionKey: session.agentSessionId };
+      session.openclawClient.request('chat.abort', params).catch(() => {});
+    }
+    sendError(ws, message);
+    sendTurnEnd(ws, session, 'timeout', { error: message });
+    finishTurn(ws, session, config);
+  }, timeoutMs);
+  session.openclawTurnTimer.unref?.();
+}
+
+function clearOpenClawTurnTimeout(session) {
+  if (!session.openclawTurnTimer) return;
+  clearTimeout(session.openclawTurnTimer);
+  session.openclawTurnTimer = null;
+}
+
 function firstText(input) {
   if (!Array.isArray(input)) return String(input || '');
   return input
@@ -614,5 +678,10 @@ module.exports = {
   stop,
   _internal: {
     resolveOpenClawAgentId,
+    buildOpenClawSessionKey,
+    isSessionKeyForAgent,
+    handleOpenClawGatewayClose,
+    armOpenClawTurnTimeout,
+    clearOpenClawTurnTimeout,
   },
 };

package/src/claudeRunner.js

@@ -24,7 +24,6 @@ function executeClaudeQuery(input, ws, session, config) {
       autoApprove: session.autoApprove === true,
     });
     if (session.autoApprove === true) {
-      sendSystem(ws, '✅ 已自动批准危险操作确认。');
       enqueueClaudeQuery(input, ws, session, config);
       return;
     }
@@ -475,7 +474,6 @@ function handleControlRequest(parsed, ws, session, config) {
         requestId: requestID,
         toolName,
       });
-      sendSystem(ws, `✅ 已自动批准工具使用：${toolName}`);
     } catch (err) {
       sendError(ws, `❌ 自动批准工具权限失败: ${err.message}`);
     }

package/src/config.js

@@ -293,6 +293,7 @@ function agentConfig(userConfig, imConfig, agentType, defaults = {}) {
     ...(agentType === 'openclaw' ? {
       autoStartGateway: booleanFromEnv('LINCO_OPENCLAW_AUTO_START_GATEWAY', configured.autoStartGateway ?? channelAccount?.autoStartGateway ?? defaults.autoStartGateway ?? true),
       gatewayStartTimeoutMs: numberFromEnv('LINCO_OPENCLAW_GATEWAY_START_TIMEOUT_MS', configured.gatewayStartTimeoutMs || channelAccount?.gatewayStartTimeoutMs || defaults.gatewayStartTimeoutMs || 30000),
+      turnTimeoutMs: numberFromEnv('LINCO_OPENCLAW_TURN_TIMEOUT_MS', configured.turnTimeoutMs || channelAccount?.turnTimeoutMs || defaults.turnTimeoutMs || TIMEOUT),
       openclawAgentId: stringFromEnv(agentIdEnv, channelAccount?.openclawAgentId || configured.openclawAgentId || defaults.openclawAgentId || 'main'),
     } : {}),
     appId: stringFromEnv(appIdEnv, channelAccount?.appId || configured.appId),

package/src/openclawGateway.js

@@ -201,11 +201,13 @@ class OpenClawGatewayClient {
     this.requestTimeoutMs = options.requestTimeoutMs || DEFAULT_REQUEST_TIMEOUT_MS;
     this.pending = new Map();
     this.eventHandlers = new Set();
+    this.closeHandlers = new Set();
     this.methods = new Set();
     this.hello = null;
     this.ws = null;
     this.connected = false;
     this.closed = false;
+    this.closeNotified = false;
   }
 
   async connect() {
@@ -252,6 +254,7 @@ class OpenClawGatewayClient {
           helloResolved = true;
           clearTimeout(timer);
           this.connected = true;
+          this.closeNotified = false;
           this.hello = frame.payload || {};
           for (const method of this.hello.features?.methods || []) this.methods.add(method);
           resolve(this.hello);
@@ -262,10 +265,15 @@ class OpenClawGatewayClient {
       });
 
       ws.once('open', () => {});
-      ws.once('error', err => rejectOnce(err));
+      ws.once('error', err => {
+        if (this.connected && !this.closed) this.notifyClose(err);
+        rejectOnce(err);
+      });
       ws.once('close', (code, reason) => {
         this.connected = false;
-        this.rejectAllPending(new Error(`OpenClaw Gateway closed: ${code} ${reason?.toString?.() || ''}`.trim()));
+        const err = new Error(`OpenClaw Gateway closed: ${code} ${reason?.toString?.() || ''}`.trim());
+        this.rejectAllPending(err);
+        if (!this.closed) this.notifyClose(err);
         if (!helloResolved) rejectOnce(new Error(`OpenClaw Gateway closed before connect: ${code}`));
       });
     });
@@ -314,6 +322,11 @@ class OpenClawGatewayClient {
     return () => this.eventHandlers.delete(handler);
   }
 
+  onClose(handler) {
+    this.closeHandlers.add(handler);
+    return () => this.closeHandlers.delete(handler);
+  }
+
   close() {
     this.closed = true;
     this.connected = false;
@@ -323,6 +336,7 @@ class OpenClawGatewayClient {
     } catch {}
     this.ws = null;
     this.eventHandlers.clear();
+    this.closeHandlers.clear();
   }
 
   handleFrame(frame) {
@@ -358,6 +372,18 @@ class OpenClawGatewayClient {
       this.pending.delete(id);
     }
   }
+
+  notifyClose(err) {
+    if (this.closeNotified) return;
+    this.closeNotified = true;
+    for (const handler of Array.from(this.closeHandlers)) {
+      try {
+        handler(err);
+      } catch (handlerErr) {
+        this.logger?.warn?.('openclaw close handler failed', { error: handlerErr.message });
+      }
+    }
+  }
 }
 
 function buildConnectRequest(_nonce, agentConfig = {}) {

package/src/outgoingAttachmentHandler.js

@@ -151,8 +151,6 @@ function getOutboxDir(session, config) {
 function buildOutboxSystemPrompt(session, config) {
   return `${config.systemPrompt}
 
-工具使用要求：调用 Read 工具读取普通文件时不要传 pages 字段；只有读取 PDF 且需要指定页码时才传 pages，且 pages 不能是空字符串。
-
 如果你需要把文件或图片发送给用户，请将文件保存或复制到以下目录：
 ${getOutboxDir(session, config)}
 

package/src/serverApp.js

@@ -4,6 +4,7 @@ const { createStaticServer } = require('./httpStatic');
 const { startImConnectors } = require('./imConnector');
 const { createLogger } = require('./logger');
 const { attachWebSocketServer } = require('./wsServer');
+const { cleanupSession } = require('./session');
 
 async function prewarmHermesGateway(config) {
   const hermes = config.agents?.hermes;
@@ -28,14 +29,16 @@ function startServer(rootDir, options = {}) {
   }
 
   const imConnectors = startImConnectors(config);
+  config._imConnectors = imConnectors;
 
   if (config.localWeb?.enabled) {
     const server = createStaticServer(config);
-    attachWebSocketServer(server, config);
+    config._localWss = attachWebSocketServer(server, config);
 
     server.on('close', () => {
       log.info('server closing');
       for (const connector of imConnectors) connector.stop();
+      config._localWss = null;
       options.onClose?.(server, config);
     });
 
@@ -96,6 +99,107 @@ function startServer(rootDir, options = {}) {
   }
 }
 
+async function stopServer(config, server, options = {}) {
+  if (!config?.lincoHome) return;
+  if (config._shutdownPromise) return config._shutdownPromise;
+
+  config._shutdownPromise = (async () => {
+    const log = config.logger;
+    log?.info('server shutdown started');
+
+    for (const connector of config._imConnectors || []) {
+      try {
+        connector.stop();
+      } catch (err) {
+        log?.warn('im connector stop failed', { error: err.message });
+      }
+    }
+
+    closeLocalWebSockets(config);
+    cleanupActiveSessions(config);
+    await closeHttpServer(server, options.serverCloseMs || 1000);
+
+    // Session cleanup first closes stdin; wait long enough for the fallback
+    // process-tree kill to run before the parent exits.
+    await delay(options.childGraceMs || 3200);
+    log?.info('server shutdown completed');
+  })();
+
+  return config._shutdownPromise;
+}
+
+function closeLocalWebSockets(config) {
+  const wss = config._localWss;
+  if (!wss) return;
+
+  for (const client of wss.clients || []) {
+    try {
+      client.close(1001, 'Server shutdown');
+    } catch {}
+  }
+
+  setTimeout(() => {
+    for (const client of wss.clients || []) {
+      try {
+        client.terminate();
+      } catch {}
+    }
+  }, 1000).unref?.();
+
+  try {
+    wss.close();
+  } catch {}
+}
+
+function cleanupActiveSessions(config) {
+  const activeSessions = config.activeSessions;
+  if (!activeSessions?.size) return;
+
+  const sessions = [...activeSessions.values()];
+  activeSessions.clear();
+  for (const session of sessions) {
+    try {
+      cleanupSession(session);
+    } catch (err) {
+      config.logger?.warn('session cleanup failed', {
+        sessionId: session?.id,
+        agentType: session?.agentType,
+        error: err.message,
+      });
+    }
+  }
+}
+
+function closeHttpServer(server, timeoutMs) {
+  if (!server || typeof server.close !== 'function') return Promise.resolve();
+
+  return new Promise((resolve) => {
+    let settled = false;
+    const finish = () => {
+      if (settled) return;
+      settled = true;
+      resolve();
+    };
+    const timer = setTimeout(finish, timeoutMs);
+    timer.unref?.();
+
+    try {
+      server.close(() => {
+        clearTimeout(timer);
+        finish();
+      });
+    } catch {
+      clearTimeout(timer);
+      finish();
+    }
+  });
+}
+
+function delay(ms) {
+  return new Promise(resolve => setTimeout(resolve, ms));
+}
+
 module.exports = {
   startServer,
+  stopServer,
 };

package/src/session.js

@@ -1,6 +1,7 @@
 const crypto = require('crypto');
 const fs = require('fs');
 const path = require('path');
+const { spawnSync } = require('child_process');
 const { ensureDir } = require('./config');
 const { stopOutboxWatcher } = require('./outgoingAttachmentHandler');
 const { createTextStreamBuffer, resetTextStream } = require('./streamBuffer');
@@ -306,27 +307,65 @@ function resetConversationState(session, { clearAgentSession = true, clearClaude
 
 function stopAgentProcess(session, { clearAgentSession = false, clearClaudeSession } = {}) {
   const shouldClearAgentSession = clearClaudeSession == null ? clearAgentSession : clearClaudeSession;
-  const child = session.agentProcess || session.claudeProcess;
+  const children = collectSessionChildren(session);
   session.agentProcess = null;
   session.claudeProcess = null;
+  session.codexAppServer = null;
 
-  if (child) {
-    try {
-      if (!child.stdin.destroyed) child.stdin.end();
-    } catch {}
-
-    if (!child.killed && child.exitCode === null) {
-      setTimeout(() => {
-        if (!child.killed && child.exitCode === null) {
-          child.kill();
-        }
-      }, 3000).unref?.();
-    }
+  for (const child of children) {
+    stopChildProcess(child);
   }
 
   resetConversationState(session, { clearAgentSession: shouldClearAgentSession });
 }
 
+function collectSessionChildren(session) {
+  const children = [];
+  const seen = new Set();
+  for (const child of [session.agentProcess, session.claudeProcess, session.codexAppServer]) {
+    if (!child || seen.has(child)) continue;
+    seen.add(child);
+    children.push(child);
+  }
+  return children;
+}
+
+function stopChildProcess(child, graceMs = 3000) {
+  try {
+    if (child.stdin && !child.stdin.destroyed) child.stdin.end();
+  } catch {}
+
+  if (isChildRunning(child)) {
+    setTimeout(() => {
+      forceKillChildProcess(child);
+    }, graceMs).unref?.();
+  }
+}
+
+function isChildRunning(child) {
+  return !!child && !child.killed && child.exitCode === null;
+}
+
+function forceKillChildProcess(child) {
+  if (!isChildRunning(child)) return;
+
+  try {
+    if (process.platform === 'win32' && child.pid) {
+      spawnSync('taskkill.exe', ['/pid', String(child.pid), '/T', '/F'], {
+        stdio: 'ignore',
+        windowsHide: true,
+      });
+      return;
+    }
+
+    child.kill('SIGKILL');
+  } catch {
+    try {
+      child.kill();
+    } catch {}
+  }
+}
+
 function stopClaudeProcess(session, { clearClaudeSession = false } = {}) {
   stopAgentProcess(session, { clearAgentSession: clearClaudeSession });
 }