siluzan-tso-cli 1.1.18-beta.6 → 1.1.18-beta.8

package/README.md

@@ -51,7 +51,7 @@ siluzan-tso init -d /path/to/skills  # 写入自定义目录
 siluzan-tso init --force             # 强制覆盖已存在文件
 ```
 
-> **注意**：当前为测试版（1.1.18-beta.6），供内部测试使用。正式发布后安装命令将改为 `npm install -g siluzan-tso-cli`。
+> **注意**：当前为测试版（1.1.18-beta.8），供内部测试使用。正式发布后安装命令将改为 `npm install -g siluzan-tso-cli`。
 
 | 助手                    | 建议 `--ai`                          |
 | ----------------------- | ------------------------------------ |

package/dist/index.js

@@ -2412,23 +2412,28 @@ function createVersionNotifier(opts) {
     mergeWriteConfig,
     readConfigRaw
   } = opts;
-  const KEY_LAST_CHECK = `${cachePrefix}LastVersionCheck`;
   const KEY_LATEST_STABLE = `${cachePrefix}LatestStable`;
   const KEY_LATEST_BETA = `${cachePrefix}LatestBeta`;
   const KEY_MIN_STABLE = `${cachePrefix}MinRequiredStable`;
   const KEY_MIN_BETA = `${cachePrefix}MinRequiredBeta`;
   const KEY_LAST_NOTIFIED = `${cachePrefix}LastNotified`;
+  const KEY_FETCH_AT_MAIN = `${cachePrefix}VersionFetchAtMain`;
+  const KEY_FETCH_AT_MIN = `${cachePrefix}VersionFetchAtMin`;
   const HOURS_24 = 24 * 60 * 60 * 1e3;
-  async function fetchVersionByTag(tag, cacheKey, cfg) {
-    const lastCheck = cfg[KEY_LAST_CHECK];
-    if (typeof lastCheck === "string" && cacheKey in cfg) {
-      const lastMs = new Date(lastCheck).getTime();
-      if (Date.now() - lastMs < HOURS_24) {
+  const TTL_MAIN_TAG_MS = 60 * 60 * 1e3;
+  const TTL_MIN_REQUIRED_MS = HOURS_24;
+  async function fetchVersionByTag(tag, cacheKey, fetchAtKey, cfg, maxAgeMs) {
+    const lastAt = cfg[fetchAtKey];
+    if (typeof lastAt === "string" && cacheKey in cfg) {
+      const lastMs = new Date(lastAt).getTime();
+      if (Date.now() - lastMs < maxAgeMs) {
         const v = cfg[cacheKey];
-        return typeof v === "string" && v ? v : null;
+        const sv = typeof v === "string" && v ? v : null;
+        return { version: sv, hitNetwork: false };
       }
     }
-    return fetchNpmVersion(pkgName, tag);
+    const version = await fetchNpmVersion(pkgName, tag);
+    return { version, hitNetwork: true };
   }
   async function notifyIfOutdated2() {
     try {
@@ -2439,15 +2444,20 @@ function createVersionNotifier(opts) {
       const minCacheKey = isBeta ? KEY_MIN_BETA : KEY_MIN_STABLE;
       const minTag = npmMinRequiredTagForBuildEnv(isBeta ? "test" : "production");
       const cfg = readConfigRaw();
-      const [latest, minRequired] = await Promise.all([
-        fetchVersionByTag(tag, latestCacheKey, cfg),
-        fetchVersionByTag(minTag, minCacheKey, cfg)
+      const [mainRes, minRes] = await Promise.all([
+        fetchVersionByTag(tag, latestCacheKey, KEY_FETCH_AT_MAIN, cfg, TTL_MAIN_TAG_MS),
+        fetchVersionByTag(minTag, minCacheKey, KEY_FETCH_AT_MIN, cfg, TTL_MIN_REQUIRED_MS)
       ]);
-      await mergeWriteConfig({
-        [KEY_LAST_CHECK]: (/* @__PURE__ */ new Date()).toISOString(),
+      const latest = mainRes.version;
+      const minRequired = minRes.version;
+      const nowIso = (/* @__PURE__ */ new Date()).toISOString();
+      const cacheUpdates = {
         [latestCacheKey]: latest ?? "",
         [minCacheKey]: minRequired ?? ""
-      });
+      };
+      if (mainRes.hitNetwork) cacheUpdates[KEY_FETCH_AT_MAIN] = nowIso;
+      if (minRes.hitNetwork) cacheUpdates[KEY_FETCH_AT_MIN] = nowIso;
+      await mergeWriteConfig(cacheUpdates);
       const lastNotified = typeof cfg[KEY_LAST_NOTIFIED] === "string" ? new Date(cfg[KEY_LAST_NOTIFIED]).getTime() : 0;
       if (Date.now() - lastNotified < HOURS_24) return;
       const tagLabel = isBeta ? "\uFF08\u6D4B\u8BD5\u7248\uFF09" : "\uFF08\u6B63\u5F0F\u7248\uFF09";
@@ -2549,16 +2559,11 @@ function printAuthMissingHelp(binName) {
     `
 \u274C \u672A\u627E\u5230\u8BA4\u8BC1\u51ED\u636E\u3002\u8BF7\u9009\u62E9\u4EE5\u4E0B\u4EFB\u610F\u4E00\u79CD\u65B9\u5F0F\uFF1A
 
-   \u65B9\u5F0F\u4E00\uFF08\u63A8\u8350\uFF09\uFF1AAPI Key
-     \u5728\u4E1D\u8DEF\u8D5E\u300C\u8BBE\u7F6E \u2192 API Key \u7BA1\u7406\u300D\u521B\u5EFA API Key\uFF0C\u7136\u540E\u8FD0\u884C\uFF1A
-     ${binName} login --api-key <YOUR_API_KEY>
-
-   \u65B9\u5F0F\u4E8C\uFF1A\u73AF\u5883\u53D8\u91CF\uFF08CI/CD \u63A8\u8350\uFF09
-     export SILUZAN_API_KEY=<YOUR_API_KEY>
-     # \u6216 export SILUZAN_AUTH_TOKEN=<YOUR_TOKEN>
-
-   \u65B9\u5F0F\u4E09\uFF1AJWT Token
-     ${binName} login
+\u8BF7\u4F7F\u7528\u624B\u673A\u53F7\u91CD\u65B0\u767B\u5F55
+${binName} send-login-code --phone <YOUR_PHONE>
+`,
+    `\u7136\u540E\u4F7F\u7528\u6536\u5230\u7684\u9A8C\u8BC1\u7801\u5B8C\u6210\u767B\u5F55
+${binName} login --phone <YOUR_PHONE> --code <YOUR_CODE>
 `
   );
   process.exit(1);
@@ -3050,6 +3055,35 @@ function normalizeChinaPhone(input) {
 function isValidChinaPhone(input) {
   return /^\+861\d{10}$/.test(normalizeChinaPhone(input));
 }
+async function sendPhoneLoginCode(opts) {
+  const phone = normalizeChinaPhone(opts.phone);
+  const url = `${opts.ssoBaseUrl}/Account/SendVaildCode?Phone=${encodeURIComponent(
+    phone
+  )}&RandStr=&Iicket=`;
+  if (opts.verbose) {
+    process.stderr.write(`[phone-login] GET ${url}
+`);
+  }
+  const res = await rawRequest(url, {
+    method: "GET",
+    headers: {
+      Accept: "application/json",
+      "Accept-Language": "zh-CN"
+    }
+  });
+  if (res.status < 200 || res.status >= 300) {
+    return { ok: false, message: `HTTP ${res.status}` };
+  }
+  let body;
+  try {
+    body = JSON.parse(res.text);
+  } catch {
+    return { ok: false, message: `\u54CD\u5E94\u975E JSON\uFF1A${res.text.slice(0, 120)}` };
+  }
+  const state = (body.State ?? body.state ?? "").toLowerCase();
+  const message = body.Message ?? body.message ?? "";
+  return { ok: state === "ok", message };
+}
 async function loginByPhoneCode(opts) {
   const phone = normalizeChinaPhone(opts.phone);
   const url = `${opts.ssoBaseUrl}/Account/LoginByMiniCode?phone=${encodeURIComponent(
@@ -5965,6 +5999,11 @@ async function fetchJson(config, pathWithQuery, verbose) {
 function assertNever(x, ctx) {
   throw new Error(`${ctx}\uFF1A\u672A\u5904\u7406\u7684\u5206\u652F ${String(x)}`);
 }
+function rowsFromAccountDailyReportsEnvelope(raw, mediaCustomerId) {
+  const block = raw.accounts?.[mediaCustomerId];
+  const list = block?.data;
+  return Array.isArray(list) ? list : [];
+}
 async function fetchGoogleAnalysisSectionJson(config, fullPath, verbose, name) {
   switch (name) {
     case "overview":
@@ -5995,8 +6034,6 @@ async function fetchGoogleAnalysisSectionJson(config, fullPath, verbose, name) {
       return fetchJson(config, fullPath, verbose);
     case "conversion-actions":
       return fetchJson(config, fullPath, verbose);
-    case "daily-metrics":
-      return fetchJson(config, fullPath, verbose);
     case "gold-account":
       return fetchJson(config, fullPath, verbose);
     case "ads-index":
@@ -6049,6 +6086,18 @@ async function fetchSectionPayload(def, opts, config, id) {
     const merged = { images, videos };
     return stripLegacyGoogleFieldsIfV2Present(merged);
   }
+  if (def.name === "daily-metrics") {
+    const { startDate, endDate } = resolveDateRange2(opts.start, opts.end);
+    const params = new URLSearchParams({
+      mediaCustomerIds: id,
+      startDate: `${startDate}T00:00:00+08:00`,
+      endDate: `${endDate}T23:59:59+08:00`
+    });
+    const url = `${config.apiBaseUrl}/report/media-account/google/account-daily-reports?${params.toString()}`;
+    const raw = await apiFetch2(url, config, {}, !!opts.verbose);
+    const rows = rowsFromAccountDailyReportsEnvelope(raw, id);
+    return stripLegacyGoogleFieldsIfV2Present(rows);
+  }
   const sectionPath = def.path(id);
   const query = buildSearchParams(def, opts.start, opts.end, extras);
   const data = await fetchGoogleAnalysisSectionJson(
@@ -6457,9 +6506,10 @@ var init_google_analysis2 = __esm({
       },
       {
         name: "daily-metrics",
-        description: "\u6309\u65E5\u6307\u6807\u66F2\u7EBF reports\uFF08\u542B\u8F6C\u5316\u6210\u672C\u7B49\uFF09",
+        description: "\u6309\u65E5\u6307\u6807\uFF08\u4E3B\u5E73\u53F0 /report/media-account/google/account-daily-reports\uFF0C\u542B\u641C\u7D22\u4EFD\u989D\u7B49\uFF09",
         dateMode: "range",
-        path: (id) => `/reporting/media-account/${id}/reports`
+        /** 仅用于 manifest endpointHint；实际请求走 fetchSectionPayload 专用分支（apiBaseUrl + 东八区起止时刻） */
+        path: () => "/report/media-account/google/account-daily-reports"
       },
       {
         name: "gold-account",
@@ -6594,17 +6644,38 @@ function validateAndNormalizePhone(rawInput) {
   }
   return normalizeChinaPhone(rawPhone);
 }
-async function runPhoneLogin(opts) {
+async function runSendLoginCode(opts) {
   const phone = validateAndNormalizePhone(opts.phone);
-  const code = opts.code?.trim() ?? "";
-  if (!code) {
-    console.error("\n\u274C \u7F3A\u5C11 --code \u53C2\u6570\u3002\u624B\u673A\u53F7\u767B\u5F55\u662F\u4E24\u6BB5\u5F0F\u8C03\u7528\uFF0C\u8BF7\u6309\u987A\u5E8F\u6267\u884C\uFF1A\n");
-    console.error(`  1) siluzan-tso send-login-code --phone ${phone}`);
-    console.error(`  2) siluzan-tso login --phone ${phone} --code <\u6536\u5230\u76846\u4F4D\u9A8C\u8BC1\u7801>
+  const tsoApiBase = process.env.SILUZAN_TSO_API_BASE ?? DEFAULT_API_BASE;
+  const ssoBaseUrl = deriveSsoBaseUrl(tsoApiBase);
+  console.log("\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  console.log("  Siluzan \u53D1\u9001\u767B\u5F55\u77ED\u4FE1\u9A8C\u8BC1\u7801");
+  console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n");
+  console.log(`  \u624B\u673A\u53F7 : ${phone}`);
+  console.log("\u2192 \u6B63\u5728\u5411\u624B\u673A\u53D1\u9001\u9A8C\u8BC1\u7801...");
+  const r = await sendPhoneLoginCode({ ssoBaseUrl, phone, verbose: opts.verbose });
+  if (!r.ok) {
+    console.error(`
+\u274C \u77ED\u4FE1\u9A8C\u8BC1\u7801\u53D1\u9001\u5931\u8D25\uFF1A${r.message || "(\u540E\u7AEF\u672A\u8FD4\u56DE\u539F\u56E0)"}
 `);
-    console.error("\uFF08\u62C6\u6210\u4E24\u6B65\u662F\u4E3A\u4E86\u907F\u514D AI Agent \u5361\u5728\u4EA4\u4E92\u8F93\u5165\u65F6\u53CD\u590D\u91CD\u8BD5\u5BFC\u81F4\u77ED\u4FE1\u8F70\u70B8\uFF09\n");
     process.exit(1);
   }
+  console.log(`\u2713 \u9A8C\u8BC1\u7801\u5DF2\u53D1\u9001\uFF0810 \u5206\u949F\u5185\u6709\u6548\uFF09\u3002
+`);
+  console.log("\u4E0B\u4E00\u6B65\uFF1A\u62FF\u5230 6 \u4F4D\u9A8C\u8BC1\u7801\u540E\uFF0C\u8FD0\u884C\u4E0B\u9762\u7684\u547D\u4EE4\u5B8C\u6210\u767B\u5F55\uFF1A\n");
+  console.log(`  siluzan-tso login --phone ${phone} --code <6\u4F4D\u9A8C\u8BC1\u7801>
+`);
+  console.log("\u53EF\u9009\u53C2\u6570\uFF1A--name / --valid-days / --expires-at / --services");
+  console.log("\uFF08\u9ED8\u8BA4\u521B\u5EFA 90 \u5929\u6709\u6548\u3001\u52FE\u9009 TSO + CUT \u670D\u52A1\u7684 API Key\uFF09\n");
+}
+function normalizeBearerTokenInput(raw) {
+  const t = raw.trim();
+  if (/^bearer\s+/i.test(t)) {
+    return t.replace(/^bearer\s+/i, "").trim();
+  }
+  return t;
+}
+async function executePhoneLoginWithVerifiedCode(phone, code, opts) {
   let allowedServices;
   try {
     allowedServices = parseAllowedServices(opts.services);
@@ -6676,9 +6747,10 @@ async function runPhoneLogin(opts) {
         `
   \u8BE5\u624B\u673A\u53F7\u5C1A\u672A\u6CE8\u518C\u4E1D\u8DEF\u8D5E\u8D26\u53F7\u3002\u8BF7\u5148\u5728\u7F51\u9875\u7AEF\u6CE8\u518C\uFF1A
     ${WEB_BASE_URL}
-  \u6CE8\u518C\u6210\u529F\u540E\u518D\u56DE\u5230 CLI \u91CD\u8BD5\u4E24\u6BB5\u5F0F\u767B\u5F55\uFF1A
+  \u6CE8\u518C\u6210\u529F\u540E\u518D\u56DE\u5230 CLI \u91CD\u8BD5\uFF1A
     siluzan-tso send-login-code --phone ${phone}
     siluzan-tso login --phone ${phone} --code <6\u4F4D\u9A8C\u8BC1\u7801>
+  \u6216\u5728\u7EC8\u7AEF\u6267\u884C\u65E0\u53C2 siluzan-tso login \u540E\u9009\u62E9\u300C\u624B\u673A\u53F7\u767B\u5F55\u300D\u3002
 `
       );
     } else if (/验证码错误|验证码/.test(msg)) {
@@ -6692,34 +6764,72 @@ async function runPhoneLogin(opts) {
     process.exit(1);
   }
 }
-async function runLogin(opts = {}) {
-  if (opts.apiKey !== void 0) {
-    const key = opts.apiKey.trim();
-    if (!key) {
-      console.error("\n\u274C API Key \u4E0D\u80FD\u4E3A\u7A7A\u3002\n");
+async function runPhoneLogin(opts) {
+  const phone = validateAndNormalizePhone(opts.phone);
+  const code = opts.code?.trim() ?? "";
+  if (!code) {
+    console.error("\n\u274C \u7F3A\u5C11 --code \u53C2\u6570\u3002\u624B\u673A\u53F7\u767B\u5F55\u662F\u4E24\u6BB5\u5F0F\u8C03\u7528\uFF0C\u8BF7\u6309\u987A\u5E8F\u6267\u884C\uFF1A\n");
+    console.error(`  1) siluzan-tso send-login-code --phone ${phone}`);
+    console.error(`  2) siluzan-tso login --phone ${phone} --code <\u6536\u5230\u76846\u4F4D\u9A8C\u8BC1\u7801>
+`);
+    console.error("\uFF08\u62C6\u6210\u4E24\u6B65\u662F\u4E3A\u4E86\u907F\u514D AI Agent \u5361\u5728\u4EA4\u4E92\u8F93\u5165\u65F6\u53CD\u590D\u91CD\u8BD5\u5BFC\u81F4\u77ED\u4FE1\u8F70\u70B8\uFF09\n");
+    console.error("\u6216\u5728\u7EC8\u7AEF\u6267\u884C\uFF1Asiluzan-tso login\uFF08\u65E0\u53C2\u6570\uFF09\uFF0C\u9009\u62E9\u300C\u624B\u673A\u53F7 + \u77ED\u4FE1\u9A8C\u8BC1\u7801\u300D\u7531\u672C CLI \u53D1\u7801\u3002\n");
+    process.exit(1);
+  }
+  await executePhoneLoginWithVerifiedCode(phone, code, opts);
+}
+async function runInteractiveJwtLogin() {
+  const shared = readSharedConfig();
+  const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+  const prompt = (q) => new Promise((res) => rl.question(q, (a) => res(a.trim())));
+  try {
+    if (shared.apiKey) {
+      console.log(`
+\u5DF2\u4FDD\u5B58 API Key\uFF08${maskSecret(shared.apiKey)}\uFF09\u3002\u6539\u7528 JWT \u5C06\u6E05\u9664 API Key \u5E76\u4F18\u5148\u4F7F\u7528 Bearer Token\u3002`);
+      const ans = await prompt("\u662F\u5426\u7EE7\u7EED\uFF1F(y/N) ");
+      if (ans.toLowerCase() !== "y") {
+        console.log("\n\u5DF2\u53D6\u6D88\u3002\n");
+        return;
+      }
+    }
+    console.log("\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+    console.log("  Siluzan \u767B\u5F55\uFF08JWT Token\uFF09");
+    console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+    console.log("\n\u8BF7\u7C98\u8D34 access token\uFF08\u53EF\u5E26\u6216\u4E0D\u5E26 `Bearer ` \u524D\u7F00\uFF09\uFF1A\n");
+    let token = "";
+    for (let i = 0; i < 3; i++) {
+      const input = await prompt("Token\uFF1A");
+      const normalized = normalizeBearerTokenInput(input);
+      if (normalized) {
+        token = normalized;
+        break;
+      }
+      console.log("\u274C Token \u4E0D\u80FD\u4E3A\u7A7A\uFF0C\u8BF7\u91CD\u8BD5");
+    }
+    if (!token) {
+      console.error("\n\u274C \u591A\u6B21\u8F93\u5165\u65E0\u6548\u3002\n");
       process.exit(1);
     }
-    writeSharedConfig({ apiKey: key });
+    writeSharedConfig({ authToken: token, apiKey: "" });
     console.log(`
-\u2705 API Key \u5DF2\u4FDD\u5B58\uFF08${maskSecret(key)}\uFF09`);
+\u2705 JWT \u5DF2\u4FDD\u5B58\uFF08${maskSecret(token)}\uFF09`);
     console.log(`   \u914D\u7F6E\u6587\u4EF6\uFF1A${CONFIG_FILE}`);
     printPostLoginReminderBanner();
     console.log("\u73B0\u5728\u53EF\u4EE5\u8FD0\u884C siluzan-tso -h \u547D\u4EE4\u67E5\u770B\u5E2E\u52A9\u4E86\n");
-    return;
-  }
-  if (opts.phone !== void 0) {
-    await runPhoneLogin(opts);
-    return;
+  } finally {
+    rl.close();
   }
+}
+async function runInteractiveApiKeyLogin() {
   const shared = readSharedConfig();
   const currentKey = shared.apiKey ?? "";
   if (currentKey) {
     console.log(`
 \u5DF2\u68C0\u6D4B\u5230\u5DF2\u4FDD\u5B58\u7684 API Key\uFF08${maskSecret(currentKey)}\uFF09\u3002`);
-    const rl2 = readline.createInterface({ input: process.stdin, output: process.stdout });
+    const rl0 = readline.createInterface({ input: process.stdin, output: process.stdout });
     const answer = await new Promise(
-      (res) => rl2.question("\u662F\u5426\u8986\u76D6\uFF1F(y/N) ", (a) => {
-        rl2.close();
+      (res) => rl0.question("\u662F\u5426\u8986\u76D6\uFF1F(y/N) ", (a) => {
+        rl0.close();
         res(a.trim());
       })
     );
@@ -6730,46 +6840,164 @@ async function runLogin(opts = {}) {
   }
   const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
   const prompt = (q) => new Promise((res) => rl.question(q, (a) => res(a.trim())));
-  console.log("\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
-  console.log("  Siluzan \u767B\u5F55\uFF08API Key\uFF09");
-  console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
-  console.log("\n\u8BF7\u6309\u4EE5\u4E0B\u6B65\u9AA4\u83B7\u53D6 API Key\uFF1A");
-  console.log("\n  1. \u5728\u6D4F\u89C8\u5668\u4E2D\u6253\u5F00\u4EE5\u4E0B\u5730\u5740\uFF08\u9700\u5DF2\u767B\u5F55\u4E1D\u8DEF\u8D5E\u8D26\u53F7\uFF09\uFF1A");
-  console.log(`
+  try {
+    console.log("\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+    console.log("  Siluzan \u767B\u5F55\uFF08API Key\uFF09");
+    console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+    console.log("\n\u8BF7\u6309\u4EE5\u4E0B\u6B65\u9AA4\u83B7\u53D6 API Key\uFF1A");
+    console.log("\n  1. \u5728\u6D4F\u89C8\u5668\u4E2D\u6253\u5F00\u4EE5\u4E0B\u5730\u5740\uFF08\u9700\u5DF2\u767B\u5F55\u4E1D\u8DEF\u8D5E\u8D26\u53F7\uFF09\uFF1A");
+    console.log(`
      ${API_KEY_MANAGEMENT_URL}
 `);
-  console.log(
-    "  2. \u70B9\u51FB\u300C\u521B\u5EFA API Key\u300D\u6309\u94AE\u751F\u6210\u4E00\u4E2A\u65B0\u7684 Key, \u52FE\u9009TSO (\u5E7F\u544A\u6295\u653E\u670D\u52A1)\u4E0ESUCAI (\u7D20\u6750\u4E2D\u5FC3\u670D\u52A1)"
-  );
-  console.log("  3. \u590D\u5236\u751F\u6210\u7684 API Key");
-  console.log("  4. \u7C98\u8D34\u5230\u4E0B\u65B9\u5E76\u6309\u56DE\u8F66\n");
-  let apiKey = "";
-  for (let i = 0; i < 3; i++) {
-    const input = await prompt("\u7C98\u8D34 API Key\uFF1A");
-    if (input) {
-      apiKey = input;
+    console.log(
+      "  2. \u70B9\u51FB\u300C\u521B\u5EFA API Key\u300D\u6309\u94AE\u751F\u6210\u4E00\u4E2A\u65B0\u7684 Key, \u52FE\u9009TSO (\u5E7F\u544A\u6295\u653E\u670D\u52A1)\u4E0ESUCAI (\u7D20\u6750\u4E2D\u5FC3\u670D\u52A1)"
+    );
+    console.log("  3. \u590D\u5236\u751F\u6210\u7684 API Key");
+    console.log("  4. \u7C98\u8D34\u5230\u4E0B\u65B9\u5E76\u6309\u56DE\u8F66\n");
+    let apiKey = "";
+    for (let i = 0; i < 3; i++) {
+      const input = await prompt("\u7C98\u8D34 API Key\uFF1A");
+      if (input) {
+        apiKey = input;
+        break;
+      }
+      console.log("\u274C API Key \u4E0D\u80FD\u4E3A\u7A7A\uFF0C\u8BF7\u91CD\u8BD5");
+    }
+    if (!apiKey) {
+      console.error("\n\u274C \u591A\u6B21\u8F93\u5165\u65E0\u6548\uFF0C\u8BF7\u91CD\u8BD5\u3002\n");
+      process.exit(1);
+    }
+    writeSharedConfig({ apiKey });
+    console.log(`
+\u2705 API Key \u5DF2\u4FDD\u5B58\uFF08${maskSecret(apiKey)}\uFF09`);
+    printPostLoginReminderBanner();
+    console.log("\u73B0\u5728\u53EF\u4EE5\u8FD0\u884C\uFF1A");
+    console.log("  siluzan-tso list-accounts    \u67E5\u770B\u5E7F\u544A\u8D26\u6237\u5217\u8868");
+    console.log("  siluzan-tso balance -m Google  \u67E5\u770B\u8D26\u6237\u4F59\u989D\n");
+  } finally {
+    rl.close();
+  }
+}
+async function runInteractivePhoneLogin(menuOpts) {
+  const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+  const prompt = (q) => new Promise((res) => rl.question(q, (a) => res(a.trim())));
+  try {
+    const phoneRaw = await prompt("\n\u8BF7\u8F93\u5165\u624B\u673A\u53F7\uFF08\u5927\u9646\u53F7\u7801\uFF0C\u53EF\u5E26 +86\uFF09\uFF1A");
+    const phone = validateAndNormalizePhone(phoneRaw);
+    const tsoApiBase = process.env.SILUZAN_TSO_API_BASE ?? DEFAULT_API_BASE;
+    const ssoBaseUrl = deriveSsoBaseUrl(tsoApiBase);
+    console.log("\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+    console.log("  \u53D1\u9001\u767B\u5F55\u77ED\u4FE1\u9A8C\u8BC1\u7801");
+    console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+    console.log(`  \u624B\u673A\u53F7 : ${phone}`);
+    console.log("\u2192 \u6B63\u5728\u5411\u624B\u673A\u53D1\u9001\u9A8C\u8BC1\u7801...");
+    const sendRes = await sendPhoneLoginCode({ ssoBaseUrl, phone, verbose: menuOpts.verbose });
+    if (!sendRes.ok) {
+      console.error(`
+\u274C \u77ED\u4FE1\u9A8C\u8BC1\u7801\u53D1\u9001\u5931\u8D25\uFF1A${sendRes.message || "(\u540E\u7AEF\u672A\u8FD4\u56DE\u539F\u56E0)"}
+`);
+      process.exit(1);
+    }
+    console.log("\u2713 \u9A8C\u8BC1\u7801\u5DF2\u53D1\u9001\uFF0810 \u5206\u949F\u5185\u6709\u6548\uFF09\u3002\n");
+    const code = await prompt("\u8BF7\u8F93\u5165 6 \u4F4D\u9A8C\u8BC1\u7801\uFF1A");
+    if (!code.trim()) {
+      console.error("\n\u274C \u9A8C\u8BC1\u7801\u4E0D\u80FD\u4E3A\u7A7A\u3002\n");
+      process.exit(1);
+    }
+    await executePhoneLoginWithVerifiedCode(phone, code.trim(), menuOpts);
+  } finally {
+    rl.close();
+  }
+}
+async function runLoginMethodMenu(menuOpts) {
+  const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+  const prompt = (q) => new Promise((res) => rl.question(q, (a) => res(a.trim())));
+  console.log("\n\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  console.log("  Siluzan \u767B\u5F55");
+  console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550");
+  console.log("\n\u8BF7\u9009\u62E9\u767B\u5F55\u65B9\u5F0F\uFF1A");
+  console.log("  1) JWT Token\uFF08Bearer\uFF0C\u7C98\u8D34 access token\uFF09");
+  console.log("  2) API Key\uFF08\u7F51\u9875\u300C\u8BBE\u7F6E \u2192 API Key \u7BA1\u7406\u300D\u521B\u5EFA\u540E\u7C98\u8D34\uFF09");
+  console.log("  3) \u624B\u673A\u53F7 + \u77ED\u4FE1\u9A8C\u8BC1\u7801\uFF08\u5C06\u5411\u624B\u673A\u53D1\u9001\u9A8C\u8BC1\u7801\uFF0C\u9A8C\u8BC1\u540E\u81EA\u52A8\u521B\u5EFA API Key\uFF09");
+  console.log("  0) \u9000\u51FA\n");
+  let choice = "";
+  for (let attempt = 0; attempt < 5; attempt++) {
+    choice = await prompt("\u8BF7\u8F93\u5165\u9009\u9879 [0-3]\uFF1A");
+    if (choice === "0" || choice === "1" || choice === "2" || choice === "3") {
       break;
     }
-    console.log("\u274C API Key \u4E0D\u80FD\u4E3A\u7A7A\uFF0C\u8BF7\u91CD\u8BD5");
+    console.log("\u65E0\u6548\u9009\u62E9\uFF0C\u8BF7\u8F93\u5165 0\u30011\u30012 \u6216 3\u3002");
   }
   rl.close();
-  if (!apiKey) {
-    console.error("\n\u274C \u591A\u6B21\u8F93\u5165\u65E0\u6548\uFF0C\u8BF7\u91CD\u8BD5\u3002\n");
-    process.exit(1);
+  if (choice === "0" || choice === "") {
+    console.log("\n\u5DF2\u53D6\u6D88\u3002\n");
+    return;
   }
-  writeSharedConfig({ apiKey });
-  console.log(`
-\u2705 API Key \u5DF2\u4FDD\u5B58\uFF08${maskSecret(apiKey)}\uFF09`);
-  console.log(`   \u914D\u7F6E\u6587\u4EF6\uFF1A${CONFIG_FILE}`);
-  printPostLoginReminderBanner();
-  console.log("\u73B0\u5728\u53EF\u4EE5\u8FD0\u884C\uFF1A");
-  console.log("  siluzan-tso list-accounts    \u67E5\u770B\u5E7F\u544A\u8D26\u6237\u5217\u8868");
-  console.log("  siluzan-tso balance -m Google  \u67E5\u770B\u8D26\u6237\u4F59\u989D\n");
+  if (choice === "1") {
+    await runInteractiveJwtLogin();
+    return;
+  }
+  if (choice === "2") {
+    await runInteractiveApiKeyLogin();
+    return;
+  }
+  await runInteractivePhoneLogin(menuOpts);
+}
+async function runLogin(opts = {}) {
+  if (opts.apiKey !== void 0) {
+    const key = opts.apiKey.trim();
+    if (!key) {
+      console.error("\n\u274C API Key \u4E0D\u80FD\u4E3A\u7A7A\u3002\n");
+      process.exit(1);
+    }
+    writeSharedConfig({ apiKey: key });
+    console.log(`
+\u2705 API Key \u5DF2\u4FDD\u5B58\uFF08${maskSecret(key)}\uFF09`);
+    console.log(`   \u914D\u7F6E\u6587\u4EF6\uFF1A${CONFIG_FILE}`);
+    printPostLoginReminderBanner();
+    console.log("\u73B0\u5728\u53EF\u4EE5\u8FD0\u884C siluzan-tso -h \u547D\u4EE4\u67E5\u770B\u5E2E\u52A9\u4E86\n");
+    return;
+  }
+  if (opts.phone !== void 0) {
+    await runPhoneLogin(opts);
+    return;
+  }
+  if (opts.manual) {
+    await runInteractiveJwtLogin();
+    return;
+  }
+  await runLoginMethodMenu(opts);
 }
 function register(program2) {
-  program2.command("login").description("\u4FDD\u5B58\u8BA4\u8BC1\u51ED\u636E\u5230 ~/.siluzan/config.json\uFF08Token \u6216 API Key \u4E8C\u9009\u4E00\uFF09").option("--api-key <key>", "\u76F4\u63A5\u4FDD\u5B58 API Key\uFF08\u5728\u4E1D\u8DEF\u8D5E\u300C\u8BBE\u7F6E \u2192 API Key \u7BA1\u7406\u300D\u521B\u5EFA\uFF09\uFF0C\u63A8\u8350\u65B9\u5F0F").option("--manual", "\u4EA4\u4E92\u5F0F\u7C98\u8D34 JWT Token\uFF08\u65E0 API Key \u65F6\u4F7F\u7528\uFF09").action(async (opts) => {
-    await runLogin({ apiKey: opts.apiKey });
+  program2.command("send-login-code").description("\u5411\u624B\u673A\u53F7\u53D1\u9001\u4E1D\u8DEF\u8D5E\u767B\u5F55\u77ED\u4FE1\u9A8C\u8BC1\u7801\uFF08\u65E0\u4EA4\u4E92\uFF0C\u9002\u5408 Agent\uFF1A\u5148\u53D1\u7801\u518D login --phone --code\uFF09").requiredOption("--phone <phone>", "\u4E2D\u56FD\u5927\u9646\u624B\u673A\u53F7\uFF08\u53EF\u5E26 +86\uFF09").option("--verbose", "\u8BE6\u7EC6\u9519\u8BEF\u4FE1\u606F", false).action(async (opts) => {
+    await runSendLoginCode({ phone: opts.phone, verbose: opts.verbose });
   });
+  program2.command("login").description(
+    "\u4FDD\u5B58\u8BA4\u8BC1\u51ED\u636E\u5230 ~/.siluzan/config.json\uFF1B\u65E0\u53C2\u6570\u65F6\u5C55\u5F00 JWT / API Key / \u624B\u673A\u53F7\u4E09\u79CD\u4EA4\u4E92\u767B\u5F55"
+  ).option("--api-key <key>", "\u76F4\u63A5\u4FDD\u5B58 API Key\uFF08\u7F51\u9875\u300C\u8BBE\u7F6E \u2192 API Key \u7BA1\u7406\u300D\u521B\u5EFA\uFF09").option("--phone <phone>", "\u624B\u673A\u53F7\uFF08\u987B\u4E0E --code \u540C\u4F20\uFF1B\u6216\u7EC8\u7AEF\u65E0\u53C2 login \u9009 3 \u7531 CLI \u53D1\u7801\uFF09").option("--code <code>", "\u77ED\u4FE1\u9A8C\u8BC1\u7801\uFF08\u987B\u4E0E --phone \u540C\u4F20\uFF09").option("--name <text>", "\u624B\u673A\u53F7\u767B\u5F55\u65F6\u81EA\u52A8\u521B\u5EFA\u7684 API Key \u540D\u79F0").option("--valid-days <n>", "API Key \u6709\u6548\u5929\u6570\uFF0C\u9ED8\u8BA4 90").option("--expires-at <iso>", "API Key \u7EDD\u5BF9\u8FC7\u671F\u65F6\u95F4 ISO8601\uFF08\u4E0E --valid-days \u4E8C\u9009\u4E00\uFF09").option("--services <csv>", "API Key \u670D\u52A1\uFF1ACSO,TSO,CUT \u9017\u53F7\u5206\u9694\uFF0C\u9ED8\u8BA4 TSO,CUT").option("--manual", "\u8DF3\u8FC7\u83DC\u5355\uFF0C\u76F4\u63A5\u7C98\u8D34 JWT\uFF08\u4E0E\u65E0\u53C2\u83DC\u5355\u9009\u9879 1 \u7B49\u4EF7\uFF09").option("--verbose", "\u8BE6\u7EC6 HTTP", false).action(
+    async (opts) => {
+      let validDays;
+      if (opts.validDays !== void 0 && String(opts.validDays).trim() !== "") {
+        const n = parseInt(String(opts.validDays), 10);
+        if (Number.isNaN(n)) {
+          console.error("\n\u274C --valid-days \u987B\u4E3A\u6574\u6570\n");
+          process.exit(1);
+        }
+        validDays = n;
+      }
+      await runLogin({
+        apiKey: opts.apiKey,
+        phone: opts.phone,
+        code: opts.code,
+        name: opts.name,
+        validDays,
+        expiresAt: opts.expiresAt,
+        services: opts.services,
+        verbose: opts.verbose,
+        manual: opts.manual
+      });
+    }
+  );
 }
 
 // src/commands/config.ts
@@ -14368,6 +14596,42 @@ init_auth();
 init_cli_json_snapshot();
 init_strip_legacy_google_fields();
 init_cli_table();
+function unwrapKeywordDisplayTextForEdit(raw) {
+  const t = raw.trim();
+  if (t.length >= 2 && t.startsWith('"') && t.endsWith('"')) {
+    return t.slice(1, -1);
+  }
+  if (t.length >= 2 && t.startsWith("[") && t.endsWith("]")) {
+    return t.slice(1, -1);
+  }
+  return t;
+}
+function formatKeywordTextForMatchType(rawCoreOrDisplay, matchType) {
+  const core = unwrapKeywordDisplayTextForEdit(rawCoreOrDisplay);
+  switch (matchType) {
+    case "Broad":
+      return core;
+    case "Phrase":
+      return `"${core}"`;
+    case "Exact":
+      return `[${core}]`;
+    default: {
+      const _x = matchType;
+      return _x;
+    }
+  }
+}
+function firstKeywordTextFromRecord(k) {
+  const kt = k["keywordText"];
+  if (Array.isArray(kt) && kt.length > 0 && typeof kt[0] === "string") {
+    return kt[0];
+  }
+  const t = k["text"];
+  if (typeof t === "string") {
+    return t;
+  }
+  return "";
+}
 async function runAdKeywords(opts) {
   const config = loadConfig(opts.token);
   const googleApiUrl = requireGoogleApi(config);
@@ -14559,8 +14823,17 @@ async function runAdKeywordEdit(opts) {
     process.exit(1);
   }
   const body = { ...keyword };
-  if (opts.text !== void 0) body["keywordText"] = [opts.text];
-  if (opts.matchType !== void 0) body["matchTypeV2"] = opts.matchType;
+  if (opts.matchType !== void 0) {
+    const base = opts.text !== void 0 ? opts.text : firstKeywordTextFromRecord(keyword);
+    if (!String(base).trim()) {
+      console.error("\n\u274C \u65E0\u6CD5\u89E3\u6790\u5F53\u524D\u5173\u952E\u8BCD\u6587\u6848\uFF0C\u8BF7\u540C\u65F6\u4F20 --text <\u8BCD\u5E72>\n");
+      process.exit(1);
+    }
+    body["keywordText"] = [formatKeywordTextForMatchType(base, opts.matchType)];
+    body["matchTypeV2"] = opts.matchType;
+  } else if (opts.text !== void 0) {
+    body["keywordText"] = [opts.text];
+  }
   if (opts.maxCpc !== void 0) body["maxCPC"] = opts.maxCpc;
   if (opts.finalUrl !== void 0) body["finalURL"] = opts.finalUrl;
   const url = `${googleApiUrl}/keywordmanagement/Keyword/${opts.account}/batch`;
@@ -14607,8 +14880,17 @@ async function runAdNegativeKeywordEdit(opts) {
     process.exit(1);
   }
   const body = { ...keyword };
-  if (opts.text !== void 0) body["keywordText"] = [opts.text];
-  if (opts.matchType !== void 0) body["matchTypeV2"] = opts.matchType;
+  if (opts.matchType !== void 0) {
+    const base = opts.text !== void 0 ? opts.text : firstKeywordTextFromRecord(keyword);
+    if (!String(base).trim()) {
+      console.error("\n\u274C \u65E0\u6CD5\u89E3\u6790\u5F53\u524D\u5426\u5B9A\u5173\u952E\u8BCD\u6587\u6848\uFF0C\u8BF7\u540C\u65F6\u4F20 --text <\u8BCD\u5E72>\n");
+      process.exit(1);
+    }
+    body["keywordText"] = [formatKeywordTextForMatchType(base, opts.matchType)];
+    body["matchTypeV2"] = opts.matchType;
+  } else if (opts.text !== void 0) {
+    body["keywordText"] = [opts.text];
+  }
   const url = `${googleApiUrl}/negativekeywordmanagement/negativekeyword/${opts.account}/${opts.id}`;
   try {
     await apiFetch2(url, config, { method: "PUT", body: JSON.stringify(body) }, opts.verbose);
@@ -15910,7 +16192,10 @@ function register20(program2) {
       });
     }
   );
-  adCmd.command("keyword-edit").description("\u7F16\u8F91\u641C\u7D22\u5173\u952E\u8BCD\uFF08\u6570\u7EC4 body\uFF0C\u5148 list \u518D\u5408\u5E76\uFF09").requiredOption("-a, --account <id>", "Google \u8D26\u6237 mediaCustomerId").requiredOption("--id <keywordId>", "\u5173\u952E\u8BCD ID\uFF08\u6765\u81EA ad keywords --json \u2192 id\uFF09").option("--text <text>", "\u65B0\u5173\u952E\u8BCD\u6587\u672C\uFF08\u5199\u5165 keywordText \u6570\u7EC4\uFF09").option("--match-type <type>", "\u65B0\u5339\u914D\u7C7B\u578B\uFF1ABroad | Phrase | Exact\uFF08\u5199\u5165 matchTypeV2\uFF09").option(
+  adCmd.command("keyword-edit").description("\u7F16\u8F91\u641C\u7D22\u5173\u952E\u8BCD\uFF08\u6570\u7EC4 body\uFF0C\u5148 list \u518D\u5408\u5E76\uFF09").requiredOption("-a, --account <id>", "Google \u8D26\u6237 mediaCustomerId").requiredOption("--id <keywordId>", "\u5173\u952E\u8BCD ID\uFF08\u6765\u81EA ad keywords --json \u2192 id\uFF09").option("--text <text>", "\u65B0\u5173\u952E\u8BCD\u6587\u672C\uFF08\u5199\u5165 keywordText \u6570\u7EC4\uFF09").option(
+    "--match-type <type>",
+    '\u65B0\u5339\u914D\u7C7B\u578B\uFF1ABroad | Phrase | Exact\uFF08\u5199 matchTypeV2\uFF0C\u5E76\u9ED8\u8BA4\u540C\u6B65\u6539\u5199 keywordText \u4E3A\u8BCD\u5E72/"\u8BCD"/[\u8BCD] \u4EE5\u7B26\u5408\u7F51\u5173\u63A8\u65AD\uFF09'
+  ).option(
     "--max-cpc <n>",
     "\u6700\u9AD8\u6BCF\u6B21\u70B9\u51FB\u8D39\u7528 maxCPC\uFF0C\u4E3B\u5E01\u79CD\u91D1\u989D\uFF08\u5982 5 \u8868\u793A \xA55\uFF1B\u26A0\uFE0F \u8FD9\u4E2A\u5B57\u6BB5\u540E\u7AEF\u5355\u4F4D\u5C31\u662F\u300C\u4E3B\u5E01\u79CD\u5143\u300D\uFF0CCLI \u76F4\u63A5\u900F\u4F20\u4E0D\u505A \xD7100\uFF0C\u4E0E budget / \u7EC4 maxCPCAmount \u4E0D\u540C\uFF1B0 \u8868\u793A\u6309\u5E73\u53F0/\u8BA1\u5212\u9ED8\u8BA4\uFF09"
   ).option("--final-url <url>", "\u5173\u952E\u8BCD\u7EA7\u6700\u7EC8\u5230\u8FBE\u7F51\u5740 finalURL").option("--start <date>", "\u5217\u8868\u67E5\u8BE2\u8D77\u59CB\u65E5\u671F YYYY-MM-DD").option("--end <date>", "\u5217\u8868\u67E5\u8BE2\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").option("-t, --token <token>", "Auth Token").option("--verbose", "\u8BE6\u7EC6\u9519\u8BEF\u4FE1\u606F", false).action(
@@ -15941,7 +16226,10 @@ function register20(program2) {
       });
     }
   );
-  adCmd.command("keyword-negative-edit").description("\u7F16\u8F91\u5426\u5B9A\u5173\u952E\u8BCD\uFF08\u6587\u672C\u6216\u5339\u914D\u7C7B\u578B\uFF0C\u81F3\u5C11\u4F20\u4E00\u4E2A\u4FEE\u6539\u9879\uFF09").requiredOption("-a, --account <id>", "Google \u8D26\u6237 mediaCustomerId").requiredOption("--id <keywordId>", "\u5426\u5B9A\u5173\u952E\u8BCD ID\uFF08\u6765\u81EA ad keywords --negative --json \u2192 id\uFF09").option("--text <text>", "\u65B0\u5173\u952E\u8BCD\u6587\u672C").option("--match-type <type>", "\u65B0\u5339\u914D\u7C7B\u578B\uFF1ABroad | Phrase | Exact").option("--start <date>", "\u5217\u8868\u67E5\u8BE2\u8D77\u59CB\u65E5\u671F YYYY-MM-DD").option("--end <date>", "\u5217\u8868\u67E5\u8BE2\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").option("-t, --token <token>", "Auth Token").option("--verbose", "\u8BE6\u7EC6\u9519\u8BEF\u4FE1\u606F", false).action(
+  adCmd.command("keyword-negative-edit").description("\u7F16\u8F91\u5426\u5B9A\u5173\u952E\u8BCD\uFF08\u6587\u672C\u6216\u5339\u914D\u7C7B\u578B\uFF0C\u81F3\u5C11\u4F20\u4E00\u4E2A\u4FEE\u6539\u9879\uFF09").requiredOption("-a, --account <id>", "Google \u8D26\u6237 mediaCustomerId").requiredOption("--id <keywordId>", "\u5426\u5B9A\u5173\u952E\u8BCD ID\uFF08\u6765\u81EA ad keywords --negative --json \u2192 id\uFF09").option("--text <text>", "\u65B0\u5173\u952E\u8BCD\u6587\u672C").option(
+    "--match-type <type>",
+    '\u65B0\u5339\u914D\u7C7B\u578B\uFF1ABroad | Phrase | Exact\uFF08\u5199 matchTypeV2\uFF0C\u5E76\u9ED8\u8BA4\u540C\u6B65\u6539\u5199 keywordText \u4E3A\u8BCD\u5E72/"\u8BCD"/[\u8BCD]\uFF09'
+  ).option("--start <date>", "\u5217\u8868\u67E5\u8BE2\u8D77\u59CB\u65E5\u671F YYYY-MM-DD").option("--end <date>", "\u5217\u8868\u67E5\u8BE2\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").option("-t, --token <token>", "Auth Token").option("--verbose", "\u8BE6\u7EC6\u9519\u8BEF\u4FE1\u606F", false).action(
     async (opts) => {
       if (opts.matchType && !["Broad", "Phrase", "Exact"].includes(opts.matchType)) {
         console.error("\n\u274C --match-type \u53EA\u63A5\u53D7 Broad | Phrase | Exact\n");

package/dist/skill/_meta.json

@@ -1,5 +1,5 @@
 {
   "slug": "siluzan-tso",
-  "version": "1.1.18-beta.6",
-  "publishedAt": 1778324246028
+  "version": "1.1.18-beta.8",
+  "publishedAt": 1778478403907
 }

package/dist/skill/references/account-analytics.md

@@ -33,10 +33,10 @@
 2. 确定报告维度（默认含：执行摘要、每日趋势、月度汇总、系列表现、设备分布、地域分布、关键词表现、优化建议），详见 `report-templates/README.md`。
 3. **拉数**：使用 `google-analysis … --json-out <dir>`（Google）或对应 `report <media>-*` 命令落盘。
 4. **编写并执行代码**从磁盘读取 `manifest-<accountId>.json` 与各 `<section>-<accountId>.json` 来完成筛选、聚合、排序等计算；**禁止**用 `Read` 看 JSON 后在对话里心算或手填报告数字。
-   - **写脚本前先读 `<section>-<accountId>.outline.txt`**（与 JSON 同 stem 的纯文本，最后一行是 TS 式类型字面量）了解字段结构；它体积只有几百字节、不含数据，比直接 `Read` 整个 `*.json`（动辄几 MB / 几万行）省**两到三个数量级**的上下文。**注意是 `.outline.txt` 不是 `.outline.json`**，不要 `require()`，用 `fs.readFileSync(outlineFile,'utf8')` 读最后一行即可。
-   - 真实数据始终从 `<section>-<accountId>.json` 由脚本读，**不要**把 outline 当作业务数据贴给用户。
-5. **由代码写出最终文件**（HTML/Excel/PDF/PPT/Markdown 等）。**禁止**在报告脚本中以源码字面量写死应从 JSON 读取的业务数据（消耗金额、系列名、日期区间等）。允许的常量仅限：快照目录路径、JSON 字段键名、版式/结构占位。
-6. **报告首行**须标注：`统计区间：YYYY-MM-DD ~ YYYY-MM-DD（货币：XXX）`，由脚本从 JSON 拼接写入，不得手写常量冒充。
+   - **写脚本前先读 `<section>-<accountId>.outline.txt`**（与 JSON 同 stem 的纯文本，最后一行是 TS 式类型字面量）了解字段结构；它体积只有几百字节、不含数据，比直接 `Read` 整个 `*.json`（动辄几 MB / 几万行）省**两到三个数量级**的上下文，不要 `require()`，用 `fs.readFileSync(outlineFile,'utf8')` 读最后一行即可。
+   - 真实数据始终从 `<section>-<accountId>.json` 通过代码获取，**不要**把 outline 当作业务数据贴给用户。
+5. **由代码写出最终文件**（HTML/Excel/PDF/PPT/Markdown/word 等）。**禁止**在报告脚本中以源码字面量写死应从 JSON 读取的业务数据（消耗金额、系列名、日期区间等）。允许的常量仅限：快照目录路径、JSON 字段键名、版式/结构占位。
+6. **报告首行**须标注：`统计区间：YYYY-MM-DD ~ YYYY-MM-DD（货币：XXX）`
 7. 交付后帮用户打开报告文件。
 
 ---
@@ -139,7 +139,7 @@ siluzan-tso google-analysis -a <id> --exclude materials,gold-account --json-out
 | `materials` | 合并图片+视频 `{ images, videos }` |
 | `resource-counts` | 结构统计 |
 | `conversion-actions` | 转化动作 |
-| `daily-metrics` | 按日报表 |
+| `daily-metrics` | 按日指标（主平台 `GET …/report/media-account/google/account-daily-reports`，`--json` 根为按日数组） |
 | `gold-account` | 黄金账户 |
 | `ads-index` | 质量指标 |
 | `final-urls` | 最终到达网址（不传 `--start`/`--end`） |

package/dist/skill/references/google-ads.md

@@ -980,6 +980,8 @@ siluzan-tso ad keyword-delete -a 6326027735 --id 2464982882313 --adgroup-id 1955
 
 **约束：** `--text`、`--match-type`、`--max-cpc`、`--final-url` 至少传一项。
 
+**匹配类型与文案：** Google 网关 V2 根据 `keywordText` 上的 `"` / `[` `]` 推断实际 MatchType（会覆盖仅传的 `matchTypeV2`）。因此只要传 `--match-type`，CLI **默认**把 `keywordText` 规范为词干 / `"词干"` / `[词干]` 并写入 `matchTypeV2`，无需额外开关；仅改匹配时可不传 `--text`（用列表里的当前文案去外层括号后再包一层）。
+
 ```bash
 siluzan-tso ad keyword-edit \
   -a <accountId> \
@@ -1009,6 +1011,8 @@ siluzan-tso ad keyword-edit -a 6326027735 --id 2081924039951 \
 
 ## ad keyword-negative-edit — 否词编辑
 
+与搜索词相同：传 `--match-type` 时 CLI 会默认同步改写 `keywordText` 外层括号/引号。
+
 ```bash
 siluzan-tso ad keyword-negative-edit \
   -a <accountId> \

package/dist/skill/references/setup.md

@@ -57,7 +57,8 @@ siluzan-tso init -d /path/to-your/skills       # 写入自定义目录
 ## 其它登录方式（TTY 交互 / 已有 API Key / JWT）
 
 ```bash
-siluzan-tso login                                    # 交互式登录（需 TTY），按提示创建 API Key 后粘贴
+siluzan-tso login                                    # 无参：TTY 下展开菜单 → 1 JWT / 2 API Key / 3 手机号（发码+输码）
+siluzan-tso login --manual                           # 跳过菜单，直接粘贴 JWT（会清除已存 API Key 以启用 Bearer）
 siluzan-tso login --api-key <YOUR_API_KEY>           # 直接设置 API Key（跳过交互）
 siluzan-tso config set --api-key <Key>               # 或 config 直接写入
 siluzan-tso config set --token <Token>               # 备用：设置 JWT Token
@@ -94,7 +95,7 @@ siluzan-tso login --phone 13800138000 --code 123456 \
 >
 > **验证码错误/过期**：返回明确提示，让用户重新跑 `send-login-code` 拿新验证码。
 >
-> **AI 助手用法**：先调 `send-login-code` 发码、立即返回继续对话；等用户报出收到的验证码后，再调 `login --phone xxx --code xxx` 完成登录。**永远不要在没拿到 `--code` 的情况下调用 `login --phone xxx`，那会直接报错。**
+> **AI 助手用法**：先调 `send-login-code` 发码、立即返回继续对话；等用户报出收到的验证码后，再调 `login --phone xxx --code xxx` 完成登录。**永远不要在没拿到 `--code` 的情况下调用 `login --phone xxx`，那会直接报错。**（人类在本地终端可直接运行无参 `siluzan-tso login` 选 3，由 CLI 发码并读验证码，无需先记 `send-login-code`。）
 
 ### 通过环境变量传入凭据（CI/CD 推荐）
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "siluzan-tso-cli",
-  "version": "1.1.18-beta.6",
+  "version": "1.1.18-beta.8",
   "description": "Siluzan 广告账户管理 CLI — 查询账户、余额、消耗数据，管理绑定关系与充值。",
   "keywords": [
     "ad-account",