metame-cli 1.6.2 → 1.6.4

package/scripts/daemon-bridges.js

@@ -49,7 +49,7 @@ function createBridgeStarter(deps) {
     return text || null;
   }
 
-  async function applyUserAcl({ bot, chatId, text, config, senderId, bypassAcl }) {
+  async function applyUserAcl({ bot, chatId, text, config, senderId, bypassAcl, fromAllowedChat }) {
     const trimmed = String(text || '').trim();
     const normalizedSenderId = normalizeSenderId(senderId);
     if (!trimmed || bypassAcl || !userAcl) {
@@ -58,10 +58,15 @@ function createBridgeStarter(deps) {
 
     let userCtx;
     try {
-      userCtx = userAcl.resolveUserCtx(normalizedSenderId, config || {});
+      userCtx = userAcl.resolveUserCtx(normalizedSenderId, config || {}, { fromAllowedChat: !!fromAllowedChat });
     } catch {
       return { blocked: false, readOnly: false, senderId: normalizedSenderId };
     }
+    // Audit trail for implicit-admin upgrades — these users are NOT in users.yaml
+    // and gain admin via group-whitelist trust, so make their action visible.
+    if (userCtx && userCtx.implicitAdmin) {
+      try { log('INFO', `[ACL] implicit admin via allowed_chat_ids: chat=${chatId} sender=${normalizedSenderId}`); } catch { /* non-fatal */ }
+    }
 
     const userCmd = userAcl.handleUserCommand(trimmed, userCtx);
     if (userCmd && userCmd.handled) {
@@ -803,6 +808,7 @@ function createBridgeStarter(deps) {
             config: liveCfg,
             senderId,
             bypassAcl: !isAllowedChat && !!isBindCmd,
+            fromAllowedChat: isAllowedChat,
           });
           if (acl.blocked) return;
           log('INFO', `Feishu file from ${chatId}: ${fileInfo.fileName} (key: ${fileInfo.fileKey}, msgId: ${fileInfo.messageId}, type: ${fileInfo.msgType})`);
@@ -850,6 +856,7 @@ function createBridgeStarter(deps) {
             config: liveCfg,
             senderId,
             bypassAcl: !isAllowedChat && !!isBindCmd,
+            fromAllowedChat: isAllowedChat,
           });
           if (acl.blocked) return;
           log('INFO', `Feishu message from ${chatId}: ${text.slice(0, 50)}`);

package/scripts/daemon-claude-engine.js

@@ -1931,6 +1931,9 @@ function createClaudeEngine(deps) {
           log('WARN', `Codex thread migrated for ${chatId}: ${prevSessionId.slice(0, 8)} -> ${safeNextId.slice(0, 8)}`);
         }
         // Keep card header in sync with the real session ID reported by the engine
+        if (!_ackCardHeader && bot.sendCard) {
+          _ackCardHeader = { title: `📎 ${safeNextId.slice(0, 8)}`, color: 'grey' };
+        }
         if (_ackCardHeader && _ackCardHeader._baseTitle) {
           _ackCardHeader = { ..._ackCardHeader, title: `${_ackCardHeader._baseTitle}（${safeNextId.slice(0, 8)}）` };
         }
@@ -1941,7 +1944,11 @@ function createClaudeEngine(deps) {
       if (_ackCardHeader) {
         _ackCardHeader._baseTitle = _ackCardHeader.title; // preserve original title for onSession updates
       }
-      if (session && session.id && _ackCardHeader) {
+      // For non-bound-project chats: create a minimal header to display session ID (Feishu cards)
+      if (!_ackCardHeader && bot.sendCard && session && session.id) {
+        _ackCardHeader = { title: `📎 ${session.id.slice(0, 8)}`, color: 'grey' };
+      }
+      if (session && session.id && _ackCardHeader && _ackCardHeader._baseTitle) {
         _ackCardHeader = { ..._ackCardHeader, title: `${_ackCardHeader._baseTitle}（${session.id.slice(0, 8)}）` };
       }
 
@@ -2336,13 +2343,15 @@ function createClaudeEngine(deps) {
               log('DEBUG', `[REPLY:${chatId}] sendCard done msgId=${replyMsg && replyMsg.message_id}`);
             } else {
               log('DEBUG', `[REPLY:${chatId}] sending sendMarkdown`);
-              replyMsg = await bot.sendMarkdown(chatId, cleanOutput);
+              const _textSessionSuffix = session && session.id ? `\n\n📎 ${session.id.slice(0, 8)}` : '';
+              replyMsg = await bot.sendMarkdown(chatId, cleanOutput + _textSessionSuffix);
               log('DEBUG', `[REPLY:${chatId}] sendMarkdown done msgId=${replyMsg && replyMsg.message_id}`);
             }
           }
         } catch (sendErr) {
           log('WARN', `sendCard/sendMarkdown failed (${sendErr.message}), falling back to sendMessage`);
-          try { replyMsg = await bot.sendMessage(chatId, cleanOutput); } catch (e2) {
+          const _textSessionSuffix = session && session.id ? `\n\n📎 ${session.id.slice(0, 8)}` : '';
+          try { replyMsg = await bot.sendMessage(chatId, cleanOutput + _textSessionSuffix); } catch (e2) {
             log('ERROR', `sendMessage fallback also failed: ${e2.message}`);
           }
         }

package/scripts/daemon-command-router.js

@@ -1,7 +1,6 @@
 'use strict';
 
 const { resolveEngineModel } = require('./daemon-engine-runtime');
-const { createAgentIntentHandler } = require('./daemon-agent-intent');
 const { rawChatId: extractOriginalChatId, isThreadChatId } = require('./core/thread-chat-id');
 const { createWikiCommandHandler } = require('./daemon-wiki');
 
@@ -26,9 +25,9 @@ function createCommandRouter(deps) {
     activeProcesses,
     pipeline,      // message pipeline — used for interrupt/clearQueue
     log,
-    agentTools,
+    agentTools: _agentTools,
     pendingAgentFlows,
-    pendingActivations,
+    pendingActivations: _pendingActivations,
     agentFlowTtlMs,
     getDefaultEngine,
     getDb,              // optional — () → DatabaseSync (for wiki commands)
@@ -42,7 +41,7 @@ function createCommandRouter(deps) {
     return Number.isFinite(num) && num > 0 ? num : (10 * 60 * 1000);
   }
 
-  function hasFreshPendingFlow(flowKey) {
+  function _hasFreshPendingFlow(flowKey) {
     if (!pendingAgentFlows) return false;
     const flow = pendingAgentFlows.get(flowKey);
     if (!flow) return false;
@@ -217,7 +216,7 @@ function createCommandRouter(deps) {
     return null;
   }
 
-  function getBoundProjectForChat(chatId, cfg) {
+  function _getBoundProjectForChat(chatId, cfg) {
     const map = {
       ...(cfg.telegram ? cfg.telegram.chat_agent_map : {}),
       ...(cfg.feishu ? cfg.feishu.chat_agent_map : {}),
@@ -356,18 +355,9 @@ function createCommandRouter(deps) {
     });
   }
 
-  const tryHandleAgentIntent = createAgentIntentHandler({
-    agentTools,
-    handleAgentCommand,
-    attachOrCreateSession,
-    normalizeCwd,
-    getDefaultEngine,
-    loadConfig,
-    getBoundProjectForChat,
-    log,
-    pendingActivations,
-    hasFreshPendingFlow,
-  });
+  // Agent intent classification removed — now handled by agent-management skill.
+  // tryHandleAgentIntent was previously created here via createAgentIntentHandler().
+  // Explicit /agent commands still work through handleAgentCommand above.
 
   async function handleCommand(bot, chatId, text, config, executeTaskByName, senderId = null, readOnly = false, _meta = {}) {
     if (text && !text.startsWith('/chatid') && !text.startsWith('/myid')) log('INFO', `CMD [${String(chatId).slice(-8)}]: ${text.slice(0, 80)}`);
@@ -593,9 +583,8 @@ function createCommandRouter(deps) {
         return;
       }
 
-      if (await tryHandleAgentIntent(bot, chatId, text, config)) {
-        return;
-      }
+      // Agent intent classification removed — now handled by agent-management skill
+      // via Claude's semantic understanding instead of daemon-level regex matching.
     }
 
     const daemonCfg = (config && config.daemon) || {};

package/scripts/daemon-engine-runtime.js

@@ -15,6 +15,8 @@ const CODEX_TOOL_MAP = Object.freeze({
   web_fetch: 'WebFetch',
 });
 
+const CODEX_AUTO_MODEL = 'auto';
+
 const ENGINE_TIMEOUT_DEFAULTS = Object.freeze({
   codex: Object.freeze({
     idleMs: 10 * 60 * 1000,
@@ -80,16 +82,19 @@ const ENGINE_MODEL_CONFIG = Object.freeze({
     hint:     null,
   },
   codex: {
-    main:     'gpt-5.4',           // recommended for most tasks (official default)
+    main:     CODEX_AUTO_MODEL,     // follow official Codex CLI default model
     distill:  'gpt-5.1-codex-mini', // cost-effective mini
     options:  [                     // quick-pick buttons (official model names)
-      { value: 'gpt-5.4',            label: 'gpt-5.4 · 推荐' },
-      { value: 'gpt-5.3-codex',      label: 'gpt-5.3-codex · 最新 Codex 专用' },
+      { value: CODEX_AUTO_MODEL,     label: 'auto · 跟随 Codex 官方默认' },
+      { value: 'gpt-5-codex',        label: 'gpt-5-codex · 官方滚动别名' },
+      { value: 'gpt-5.5',            label: 'gpt-5.5 · 固定版本' },
+      { value: 'gpt-5.4',            label: 'gpt-5.4 · 固定版本' },
+      { value: 'gpt-5.3-codex',      label: 'gpt-5.3-codex · 固定 Codex' },
       { value: 'gpt-5.1-codex-max',  label: 'gpt-5.1-codex-max · 长任务' },
       { value: 'gpt-5.1-codex-mini', label: 'gpt-5.1-codex-mini · 轻量' },
     ],
     provider: 'openai',
-    hint:     '或直接发送任意 OpenAI 模型名切换',
+    hint:     '推荐 `auto` 或 `gpt-5-codex`，也可直接发送任意 OpenAI 模型名切换',
   },
 });
 
@@ -121,7 +126,8 @@ function looksLikeCodexModel(model) {
   const raw = String(model || '').trim().toLowerCase();
   if (!raw) return false;
   return (
-    raw.startsWith('gpt-')
+    raw === CODEX_AUTO_MODEL
+    || raw.startsWith('gpt-')
     || raw.startsWith('o1')
     || raw.startsWith('o3')
     || raw.startsWith('o4')
@@ -129,6 +135,10 @@ function looksLikeCodexModel(model) {
   );
 }
 
+function isCodexAutoModel(model) {
+  return String(model || '').trim().toLowerCase() === CODEX_AUTO_MODEL;
+}
+
 function resolveEngineModel(engineName, daemonCfg = {}, overrideModel = '') {
   const engine = normalizeEngineName(engineName);
   const engineCfg = ENGINE_MODEL_CONFIG[engine] || ENGINE_MODEL_CONFIG.claude;
@@ -393,7 +403,7 @@ function buildCodexArgs(options = {}) {
     : ['exec'];
 
   args.push('--json', '--skip-git-repo-check');
-  if (model) args.push('-m', model);
+  if (model && !isCodexAutoModel(model)) args.push('-m', model);
   // -C (cwd) is only supported on fresh exec, not resume
   if (cwd && !isResume) args.push('-C', cwd);
 

package/scripts/daemon-runtime-lifecycle.js

@@ -165,8 +165,10 @@ function setupRuntimeWatchers(deps) {
   }
 
   let reloadDebounce = null;
+  let suppressNextWatch = false; // guard: skip watcher re-trigger after .bak restore
   fs.watchFile(CONFIG_FILE, { interval: 2000 }, (curr, prev) => {
     if (curr.mtimeMs === prev.mtimeMs) return;
+    if (suppressNextWatch) { suppressNextWatch = false; return; }
     if (reloadDebounce) clearTimeout(reloadDebounce);
     reloadDebounce = setTimeout(() => {
       log('INFO', 'daemon.yaml changed on disk — auto-reloading config');
@@ -176,6 +178,27 @@ function setupRuntimeWatchers(deps) {
         adminNotifyFn(`🔄 Config auto-reloaded. ${r.tasks} heartbeat tasks active.`).catch(() => { });
       } else {
         log('ERROR', `Auto-reload failed: ${r.error}`);
+        // Attempt auto-restore from backup
+        const bakFile = CONFIG_FILE + '.bak';
+        try {
+          if (!fs.existsSync(bakFile)) {
+            log('WARN', 'No .bak file available for auto-restore');
+          } else {
+            suppressNextWatch = true; // prevent watcher re-trigger from our own copyFileSync
+            fs.copyFileSync(bakFile, CONFIG_FILE);
+            log('INFO', 'Auto-restored daemon.yaml from .bak');
+            const r2 = reloadConfig();
+            if (r2.success) {
+              log('INFO', `Restored config reload OK: ${r2.tasks} tasks`);
+              adminNotifyFn(`⚠️ daemon.yaml 解析失败，已从备份恢复。错误: ${r.error}`).catch(() => { });
+            } else {
+              log('ERROR', `Backup config also invalid: ${r2.error}. Manual intervention required.`);
+              adminNotifyFn(`🚨 daemon.yaml 和备份均无法解析，请手动修复。`).catch(() => { });
+            }
+          }
+        } catch (restoreErr) {
+          log('ERROR', `Auto-restore from .bak failed: ${restoreErr.message}`);
+        }
       }
     }, 1000);
   });

package/scripts/daemon-user-acl.js

@@ -178,9 +178,15 @@ const ADMIN_ONLY_ACTIONS = new Set(['system', 'agent', 'config', 'admin_acl']);
  * 根据 senderId 解析用户上下文
  * @param {string|null} senderId  飞书 open_id
  * @param {object} config         daemon 配置（兼容旧 operator_ids）
+ * @param {object} [opts]
+ * @param {boolean} [opts.fromAllowedChat]  消息来自 allowed_chat_ids 命中的群。
+ *   当为 true 且 senderId 未在 users.yaml 显式登记时，直接判为 admin
+ *   （群级白名单已经做过准入控制，再叠用户级 operator_ids 是冗余）。
+ *   users.yaml 里显式登记的角色仍然受尊重。
  * @returns {object} userCtx { senderId, role, name, allowedActions, can(action) }
  */
-function resolveUserCtx(senderId, config) {
+function resolveUserCtx(senderId, config, opts = {}) {
+  const fromAllowedChat = !!(opts && opts.fromAllowedChat);
   const userData = loadUsers();
   // Per-platform bootstrap: Feishu open_id starts with "ou_", Telegram IDs are numeric.
   const allUsers = userData && userData.users ? userData.users : {};
@@ -194,6 +200,7 @@ function resolveUserCtx(senderId, config) {
   const hasConfiguredUsers = hasPlatformAdmin;
 
   let role, name, allowedActions;
+  let implicitAdmin = false;
 
   if (!senderId) {
     // 无 ID（Telegram 等）— 兼容旧逻辑，视为 admin
@@ -215,6 +222,16 @@ function resolveUserCtx(senderId, config) {
       } else {
         allowedActions = [];
       }
+    } else if (fromAllowedChat) {
+      // Group-whitelist trust: messages reaching us through allowed_chat_ids
+      // already passed chat-level access control. Anyone who can speak in the
+      // group is treated as admin without needing operator_ids or yaml entry.
+      // (Explicit users.yaml entries above still win — admins can demote
+      // someone by writing them in.)
+      role = 'admin';
+      name = senderId.slice(-6);
+      allowedActions = ROLE_DEFAULT_ACTIONS.admin;
+      implicitAdmin = true;
     } else {
       // 兼容旧 operator_ids：若 senderId 在 operator_ids 中，视为 admin
       const operatorIds = (config && config.feishu && config.feishu.operator_ids) || [];
@@ -254,6 +271,7 @@ function resolveUserCtx(senderId, config) {
     isAdmin: role === 'admin',
     isMember: role === 'member',
     isStranger: role === 'stranger',
+    implicitAdmin,
     can(action) { return allowedActions.includes(action); },
     readOnly: role !== 'admin',
   };

package/scripts/daemon-weixin-bridge.js

@@ -182,6 +182,8 @@ function createWeixinBridge(deps = {}) {
     let currentAccount = null;
     let currentBot = null;
     let missingAccountLogged = false;
+    let pollErrorDelay = 1000;        // exponential backoff on poll errors
+    const MAX_POLL_ERROR_DELAY = 30000;
 
     function sameAccount(a, b) {
       if (!a || !b) return false;
@@ -238,6 +240,7 @@ function createWeixinBridge(deps = {}) {
           getUpdatesBuf,
           timeoutMs: liveBridgeCfg.pollTimeoutMs,
         });
+        pollErrorDelay = 1000; // reset as soon as HTTP poll succeeds — downstream processMessage errors should not cause poll backoff
         if (resp && typeof resp.get_updates_buf === 'string' && resp.get_updates_buf) {
           getUpdatesBuf = resp.get_updates_buf;
         }
@@ -263,8 +266,9 @@ function createWeixinBridge(deps = {}) {
           });
         }
       } catch (err) {
-        log('WARN', `[WEIXIN] poll error: ${err.message}`);
-        nextDelayMs = 1000;
+        log('WARN', `[WEIXIN] poll error: ${err.message} — retrying in ${Math.round(pollErrorDelay / 1000)}s`);
+        nextDelayMs = pollErrorDelay;
+        pollErrorDelay = Math.min(pollErrorDelay * 2, MAX_POLL_ERROR_DELAY);
       } finally {
         processing = false;
         scheduleNext(nextDelayMs);

package/scripts/daemon.js

@@ -106,6 +106,9 @@ const SKILL_ROUTES = [
   { name: 'heartbeat-task-manager', pattern: /提醒|remind|闹钟|定时|每[天周月]/i },
   { name: 'skill-manager', pattern: /找技能|管理技能|更新技能|安装技能|skill manager|skill scout|(?:find|look for)\s+skills?/i },
   { name: 'skill-evolution-manager', pattern: /\/evolve\b|复盘一下|记录一下(这个)?经验|保存到\s*skill|skill evolution/i },
+  // (?<!转) excludes "转发" forwarding semantics (e.g. "把这条消息转发给我")
+  // which is conversation relay, not file delivery.
+  { name: 'send-to-user', pattern: /(?<!转)发(?:到|给|出)?\s*(?:我|手机|飞书)|发(?:个|条|份)?\s*(?:文件|附件|图(?:片)?|日志|压缩包|截图|csv|pdf|zip|excel|表格)|(?<!转)发我|给我(?:下载|发个|发份)|send\s+(?:me|file|attachment|to\s+me)|push\s+(?:to\s+)?(?:me|phone|file)|attach\s+file/i },
 ];
 
 function routeSkill(prompt) {
@@ -256,7 +259,10 @@ function loadConfig() {
 function writeConfigSafe(nextConfig) {
   const tmpFile = `${CONFIG_FILE}.tmp.${process.pid}.${Date.now()}`;
   try {
-    fs.writeFileSync(tmpFile, yaml.dump(nextConfig, { lineWidth: -1 }), 'utf8');
+    const dumped = yaml.dump(nextConfig, { lineWidth: -1 });
+    // Validate: round-trip parse before committing to disk
+    yaml.load(dumped);
+    fs.writeFileSync(tmpFile, dumped, 'utf8');
     fs.renameSync(tmpFile, CONFIG_FILE);
   } catch (e) {
     try { if (fs.existsSync(tmpFile)) fs.unlinkSync(tmpFile); } catch { }
@@ -1959,9 +1965,49 @@ const pendingAgentFlows = new Map();
 const pendingTeamFlows = new Map();
 
 // Pending activation: after creating an agent with skipChatBinding=true,
-// store here so any new unbound group can activate it with /activate
-// { agentKey, agentName, cwd, createdAt }
-const pendingActivations = new Map(); // key: agentKey -> activation record
+// store here so any new unbound group can activate it with /activate.
+// { agentKey, agentName, cwd, createdAt, preCreatedChatId?, preCreatedChatName? }
+//
+// Persisted to disk so an auto-update / lid-close / SIGUSR2 restart in the
+// 30-minute activation window doesn't strand a freshly created Feishu chat
+// that hadn't bound yet (esp. the orphan path: createChat ok + bind fail).
+// Stale entries (>30min) are dropped on load.
+const pendingActivations = new Map();
+const PENDING_ACTIVATIONS_FILE = path.join(HOME, '.metame', 'pending_activations.json');
+const PENDING_ACTIVATIONS_TTL_MS = 30 * 60 * 1000;
+function _persistPendingActivations() {
+  try {
+    const obj = Object.fromEntries(pendingActivations);
+    const tmp = PENDING_ACTIVATIONS_FILE + '.tmp';
+    fs.writeFileSync(tmp, JSON.stringify(obj), 'utf8');
+    fs.renameSync(tmp, PENDING_ACTIVATIONS_FILE);
+  } catch { /* best-effort, never throw from persistence */ }
+}
+function _restorePendingActivations() {
+  try {
+    if (!fs.existsSync(PENDING_ACTIVATIONS_FILE)) return;
+    const data = JSON.parse(fs.readFileSync(PENDING_ACTIVATIONS_FILE, 'utf8'));
+    const now = Date.now();
+    let restored = 0;
+    for (const [k, v] of Object.entries(data)) {
+      if (v && v.createdAt && now - v.createdAt < PENDING_ACTIVATIONS_TTL_MS) {
+        pendingActivations.set(k, v);
+        restored += 1;
+      }
+    }
+    if (restored > 0) log('INFO', `[pending] restored ${restored} pending activation(s) from disk`);
+  } catch { /* corrupt file → start fresh */ }
+}
+// Wrap Map.set/.delete so every mutation hits disk. Wrapping the prototype
+// methods (rather than reassigning) keeps the Map reference stable for callers
+// that stored it before the wrap (the daemon does not, but defensive).
+const _origPendingSet = pendingActivations.set.bind(pendingActivations);
+const _origPendingDelete = pendingActivations.delete.bind(pendingActivations);
+const _origPendingClear = pendingActivations.clear.bind(pendingActivations);
+pendingActivations.set = function (k, v) { const r = _origPendingSet(k, v); _persistPendingActivations(); return r; };
+pendingActivations.delete = function (k) { const r = _origPendingDelete(k); _persistPendingActivations(); return r; };
+pendingActivations.clear = function () { const r = _origPendingClear(); _persistPendingActivations(); return r; };
+_restorePendingActivations();
 
 const { handleAdminCommand } = createAdminCommandHandler({
   fs,