npm - siluzan-tso-cli - Versions diffs - 1.1.8-beta.6 → 1.1.9-beta.2 - Mend

siluzan-tso-cli 1.1.8-beta.6 → 1.1.9-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/README.md +30 -1
package/dist/index.js +157 -345
package/dist/skill/SKILL.md +64 -6
package/dist/skill/_meta.json +2 -2
package/dist/skill/references/setup.md +9 -3
package/dist/skill/report-templates/report-template-academic.html +3 -0
package/dist/skill/report-templates/report-template-dark.html +3 -0
package/dist/skill/report-templates/report-template-formal.html +3 -0
package/dist/skill/report-templates/report-template-mobile.html +3 -0
package/dist/skill/report-templates/report-template-onepager.html +3 -0
package/dist/skill/report-templates/report-template-print.html +3 -0
package/dist/skill/report-templates/report-template.html +6 -3
package/package.json +26 -2

package/README.md CHANGED Viewed

@@ -2,6 +2,35 @@
 当用户发来本页面的 **URL** 时，请按顺序协助用户完成安装。
+## 0. 安全与透明性说明
+本 Skill 是 **instruction-only**（纯指令型），不包含可执行代码文件。它通过指导 AI 助手调用 `siluzan-tso` CLI 来操作丝路赞广告管理平台。
+### 运行时依赖
+| 项目 | 说明 |
+|------|------|
+| **Node.js 18+** | CLI 运行时 |
+| **npm 8+** 或 **pnpm** | 安装 CLI 全局包 |
+| **siluzan-tso** CLI | 由 `npm install -g siluzan-tso-cli` 安装 |
+### 凭据与网络
+| 项目 | 说明 |
+|------|------|
+| API Key / Token | 存储在 `~/.siluzan/config.json`，用于所有 API 调用鉴权 |
+| TSO API | `tso-api.siluzan.com`（生产）/ `tso-api-ci.siluzan.com`（测试） |
+| Google API 网关 | `googleapi.mysiluzan.com` / `googleapi-ci.mysiluzan.com` |
+| 前端页面 | `www.siluzan.com`（充值、激活等浏览器操作） |
+| 错误追踪 | `o605862.ingest.us.sentry.io`（匿名崩溃日志） |
+| 版本检查 | `registry.npmjs.org` |
+### 可执行的操作范围
+- **只读**：查询账户列表、余额、消耗数据、报告、预警记录等
+- **写入**（需用户确认）：创建/修改/发布广告、开户申请、创建预警规则、报告推送配置
+- **破坏性**（必须用户确认）：账户解绑/关闭、MCC/BC 解绑、删除预警/报告/广告、发票申请
+### 报告模板外部资源
+HTML 报告模板引用以下 CDN：`cdn.tailwindcss.com`、`cdnjs.cloudflare.com`、`cdn.jsdelivr.net`、`fonts.googleapis.com`。渲染报告时浏览器会发出对应网络请求。
 ## 1. 环境
 - Node.js **18+**
@@ -20,7 +49,7 @@ siluzan-tso init -d /path/to/skills  # 写入自定义目录
 siluzan-tso init --force             # 强制覆盖已存在文件
 ```
-> **注意**：当前为测试版（1.1.8-beta.6），供内部测试使用。正式发布后安装命令将改为 `npm install -g siluzan-tso-cli`。
+> **注意**：当前为测试版（1.1.9-beta.2），供内部测试使用。正式发布后安装命令将改为 `npm install -g siluzan-tso-cli`。
 | 助手 | 建议 `--ai` |
 |------|-------------|

package/dist/index.js CHANGED Viewed

@@ -362,8 +362,8 @@ var require_semver = __commonJS({
       }
       // preminor will bump the version up to the next minor release, and immediately
       // down to pre-release. premajor and prepatch work the same way.
-      inc(release2, identifier, identifierBase) {
-        if (release2.startsWith("pre")) {
+      inc(release, identifier, identifierBase) {
+        if (release.startsWith("pre")) {
           if (!identifier && identifierBase === false) {
             throw new Error("invalid increment argument: identifier is empty");
           }
@@ -374,7 +374,7 @@ var require_semver = __commonJS({
             }
           }
         }
-        switch (release2) {
+        switch (release) {
           case "premajor":
             this.prerelease.length = 0;
             this.patch = 0;
@@ -465,7 +465,7 @@ var require_semver = __commonJS({
             break;
           }
           default:
-            throw new Error(`invalid increment argument: ${release2}`);
+            throw new Error(`invalid increment argument: ${release}`);
         }
         this.raw = this.format();
         if (this.build.length) {
@@ -531,7 +531,7 @@ var require_inc = __commonJS({
   "../node_modules/.pnpm/semver@7.7.4/node_modules/semver/functions/inc.js"(exports, module) {
     "use strict";
     var SemVer = require_semver();
-    var inc = (version, release2, options, identifier, identifierBase) => {
+    var inc = (version, release, options, identifier, identifierBase) => {
       if (typeof options === "string") {
         identifierBase = identifier;
         identifier = options;
@@ -541,7 +541,7 @@ var require_inc = __commonJS({
         return new SemVer(
           version instanceof SemVer ? version.version : version,
           options
-        ).inc(release2, identifier, identifierBase).version;
+        ).inc(release, identifier, identifierBase).version;
       } catch (er) {
         return null;
       }
@@ -1974,7 +1974,6 @@ var import_semver = __toESM(require_semver2(), 1);
 import * as fs2 from "fs";
 import * as path2 from "path";
 import { fileURLToPath } from "url";
-import * as os2 from "os";
 var SILUZAN_DIR = path.join(os.homedir(), ".siluzan");
 var CONFIG_FILE = path.join(SILUZAN_DIR, "config.json");
 function readStr(raw, key) {
@@ -2055,21 +2054,33 @@ function validateBaseUrl(raw) {
   }
   return null;
 }
+var DEFAULT_TIMEOUT_MS = 10 * 60 * 1e3;
+var MAX_RESPONSE_BYTES = 50 * 1024 * 1024;
 function rawRequest(url, options) {
   return new Promise((resolve2, reject) => {
     const parsed = new URL(url);
     const transport = parsed.protocol === "https:" ? https : http;
+    const timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+    const maxBytes = options.maxResponseBytes ?? MAX_RESPONSE_BYTES;
     const reqOpts = {
       hostname: parsed.hostname,
       port: parsed.port || (parsed.protocol === "https:" ? 443 : 80),
       path: parsed.pathname + parsed.search,
       method: options.method ?? "GET",
-      headers: options.headers
+      headers: options.headers,
+      timeout: timeoutMs || void 0
     };
     const req = transport.request(reqOpts, (res) => {
       let data = "";
+      let byteLen = 0;
       res.setEncoding("utf8");
       res.on("data", (chunk) => {
+        byteLen += Buffer.byteLength(chunk, "utf8");
+        if (maxBytes && byteLen > maxBytes) {
+          res.destroy();
+          reject(new Error(`\u54CD\u5E94\u4F53\u8D85\u8FC7\u4E0A\u9650\uFF08${(maxBytes / 1024 / 1024).toFixed(0)} MB\uFF09\uFF0C\u5DF2\u4E2D\u65AD\u8FDE\u63A5`));
+          return;
+        }
         data += chunk;
       });
       res.on("end", () => {
@@ -2082,6 +2093,10 @@ function rawRequest(url, options) {
         resolve2({ status: res.statusCode ?? 0, text: data, headers });
       });
     });
+    req.on("timeout", () => {
+      req.destroy();
+      reject(new Error(`\u8BF7\u6C42\u8D85\u65F6\uFF08${(timeoutMs / 1e3).toFixed(0)} \u79D2\uFF09\uFF1A${options.method ?? "GET"} ${url}`));
+    });
     req.on("error", reject);
     if (options.body) req.write(options.body);
     req.end();
@@ -2191,308 +2206,6 @@ async function fetchNpmVersion(pkgName, tag, timeoutMs = 4e3) {
     return null;
   }
 }
-var DEFAULT_SENTRY_DSN = "https://bafcf42aab6fe7b485310619ae041b5e@o4510436169285632.ingest.us.sentry.io/4511103054708736";
-function isSentryDisabled() {
-  return process.env.SILUZAN_SENTRY_DISABLED === "1" || process.env.SILUZAN_SENTRY_DISABLED === "true";
-}
-function getDsn() {
-  return process.env.SILUZAN_SENTRY_DSN?.trim() || DEFAULT_SENTRY_DSN;
-}
-var cliMeta = { name: "siluzan-cli", version: "unknown" };
-var cliInvocation = "";
-function setSiluzanCliInvocation(redactedCommandLine) {
-  cliInvocation = redactedCommandLine;
-}
-function redactCliArgvForSentry(argv) {
-  const args = argv.slice(2);
-  const redactNext = /* @__PURE__ */ new Set(["-t", "--token", "--api-key", "--password"]);
-  const out = [];
-  for (let i = 0; i < args.length; i++) {
-    const a = args[i];
-    if (redactNext.has(a)) {
-      out.push(a, "***");
-      i++;
-      continue;
-    }
-    const eq = a.indexOf("=");
-    if (eq > 0) {
-      const key = a.slice(0, eq).toLowerCase();
-      if (key === "--token" || key === "--api-key" || key === "--password") {
-        out.push(`${a.slice(0, eq)}=***`);
-        continue;
-      }
-    }
-    if (/^-t[^-]/.test(a) && a.length > 3) {
-      out.push("-t***");
-      continue;
-    }
-    out.push(a);
-  }
-  return out.join(" ");
-}
-function setSiluzanCliMeta(name, version) {
-  cliMeta = { name, version };
-  if (sentryReady) {
-    void import("@sentry/node").then((Sentry) => {
-      Sentry.setTag("cli", name);
-      Sentry.setTag("cli_version", version);
-    }).catch(() => {
-    });
-  }
-}
-var sentryReady = false;
-var sentryInitPromise = null;
-var flushHookRegistered = false;
-function buildRuntimeContext() {
-  const platform = process.platform;
-  const osName = platform === "win32" ? "Windows" : platform === "darwin" ? "macOS" : "Linux";
-  return {
-    os: {
-      name: osName,
-      version: os2.release(),
-      // 内核版本，如 10.0.26100（Win11）、24.3.0（macOS）
-      arch: process.arch
-      // x64 / arm64
-    },
-    runtime: {
-      node_version: process.version,
-      // v18.x.x / v20.x.x
-      timezone: Intl.DateTimeFormat().resolvedOptions().timeZone
-    }
-  };
-}
-async function ensureSentryInitialized(requestUrl) {
-  const dsn = getDsn();
-  if (!dsn || isSentryDisabled()) return false;
-  if (sentryReady) return true;
-  if (!sentryInitPromise) {
-    sentryInitPromise = (async () => {
-      const Sentry = await import("@sentry/node");
-      const envOverride = process.env.SILUZAN_SENTRY_ENV?.trim();
-      const environment = envOverride || (inferSiluzanRuntimeEnvironment(requestUrl) === "test" ? "test" : "production");
-      Sentry.init({
-        dsn,
-        environment,
-        sendDefaultPii: true,
-        tracesSampleRate: 0
-      });
-      const ctx = buildRuntimeContext();
-      Sentry.setContext("os", ctx.os);
-      Sentry.setContext("runtime", ctx.runtime);
-      Sentry.setTag("cli", cliMeta.name);
-      Sentry.setTag("cli_version", cliMeta.version);
-      if (!flushHookRegistered) {
-        flushHookRegistered = true;
-        process.once("beforeExit", () => {
-          void Sentry.flush(2e3).catch(() => {
-          });
-        });
-      }
-      sentryReady = true;
-    })();
-  }
-  await sentryInitPromise;
-  return sentryReady;
-}
-function deriveMainApiOriginFromRequestUrl(requestUrl) {
-  try {
-    const u = new URL(requestUrl);
-    const host = u.hostname.toLowerCase();
-    if (!host.endsWith("siluzan.com")) return null;
-    if (host.startsWith("tso-api")) {
-      return `${u.protocol}//${host.replace(/^tso-api/, "api")}`;
-    }
-    if (host === "api.siluzan.com" || host === "api-ci.siluzan.com") {
-      return `${u.protocol}//${host}`;
-    }
-    return null;
-  } catch {
-    return null;
-  }
-}
-function inferSiluzanRuntimeEnvironment(requestUrl) {
-  try {
-    const host = new URL(requestUrl).hostname.toLowerCase();
-    return host.includes("-ci") ? "test" : "production";
-  } catch {
-    return "production";
-  }
-}
-function cacheKeyForUser(mainOrigin, config) {
-  const cred = config.apiKey ? `k:${config.apiKey}` : `t:${config.authToken}`;
-  return `${mainOrigin}\0${cred}`;
-}
-var userContextDone = /* @__PURE__ */ new Set();
-var userContextInflight = /* @__PURE__ */ new Map();
-function pickCompanyIdFromMe(data) {
-  const direct = pickStr(data, "companyId") ?? pickStr(data, "companyID") ?? pickStr(data, "CompanyId");
-  if (direct) return direct;
-  const ci = data["companyInfo"];
-  if (ci && typeof ci === "object") {
-    const o = ci;
-    return pickStr(o, "id") ?? pickStr(o, "companyId") ?? pickStr(o, "companyID");
-  }
-  return void 0;
-}
-function parseMeResponse(text) {
-  try {
-    const json = JSON.parse(text);
-    const data = json?.data && typeof json.data === "object" ? json.data : json;
-    const id = pickStr(data, "entityId") ?? pickStr(data, "id") ?? pickStr(data, "userId") ?? pickStr(data, "accountId");
-    const email = pickStr(data, "email");
-    const username = pickStr(data, "userName") ?? pickStr(data, "username") ?? pickStr(data, "name") ?? pickStr(data, "phone");
-    const companyId = pickCompanyIdFromMe(data);
-    if (!id && !email && !username && !companyId) return null;
-    return { id, email, username, companyId };
-  } catch {
-    return null;
-  }
-}
-function pickStr(obj, key) {
-  const v = obj[key];
-  return typeof v === "string" && v.trim() ? v.trim() : void 0;
-}
-async function fetchAndSetUser(mainOrigin, config) {
-  const meUrl = `${mainOrigin.replace(/\/$/, "")}/query/account/me`;
-  const authHeaders = config.apiKey ? { "x-api-key": config.apiKey } : { Authorization: `Bearer ${config.authToken}` };
-  const res = await rawRequest(meUrl, {
-    method: "GET",
-    headers: {
-      "Content-Type": "application/json",
-      "Accept-Language": "zh-CN",
-      ...authHeaders
-    }
-  });
-  if (res.status < 200 || res.status >= 300) return;
-  const parsed = parseMeResponse(res.text);
-  if (!parsed) return;
-  const Sentry = await import("@sentry/node");
-  const user = {};
-  if (parsed.id) user.id = parsed.id;
-  if (parsed.email) user.email = parsed.email;
-  if (parsed.username) user.username = parsed.username;
-  Sentry.setUser(user);
-}
-function scheduleUserContext(mainOrigin, config) {
-  const key = cacheKeyForUser(mainOrigin, config);
-  if (userContextDone.has(key)) return;
-  let p = userContextInflight.get(key);
-  if (!p) {
-    p = (async () => {
-      try {
-        await fetchAndSetUser(mainOrigin, config);
-      } catch {
-      } finally {
-        userContextInflight.delete(key);
-        userContextDone.add(key);
-      }
-    })();
-    userContextInflight.set(key, p);
-  }
-}
-function refreshSiluzanUser(apiBase, config) {
-  if (isSentryDisabled()) return;
-  void (async () => {
-    try {
-      const ok = await ensureSentryInitialized(apiBase);
-      if (!ok) return;
-      const mainOrigin = deriveMainApiOriginFromRequestUrl(apiBase) ?? (apiBase.includes("-ci") ? "https://api-ci.siluzan.com" : "https://api.siluzan.com");
-      const key = cacheKeyForUser(mainOrigin, config);
-      userContextDone.delete(key);
-      userContextInflight.delete(key);
-      scheduleUserContext(mainOrigin, config);
-    } catch {
-    }
-  })();
-}
-// src/utils/version.ts
-import * as fs3 from "fs";
-import * as path3 from "path";
-import * as os3 from "os";
-var PKG_NAME = "siluzan-tso-cli";
-var CONFIG_FILE2 = path3.join(os3.homedir(), ".siluzan", "config.json");
-function getCurrentVersion2() {
-  return getCurrentVersion(import.meta.url);
-}
-function readConfigRaw() {
-  try {
-    return JSON.parse(fs3.readFileSync(CONFIG_FILE2, "utf8"));
-  } catch {
-    return {};
-  }
-}
-function writeConfigRaw(data) {
-  try {
-    fs3.mkdirSync(path3.dirname(CONFIG_FILE2), { recursive: true });
-    fs3.writeFileSync(CONFIG_FILE2, JSON.stringify(data, null, 2), "utf8");
-    if (process.platform !== "win32") {
-      fs3.chmodSync(CONFIG_FILE2, 384);
-    }
-  } catch {
-  }
-}
-async function fetchVersionByTag(tag, cacheKey, cfg) {
-  const hours24 = 24 * 60 * 60 * 1e3;
-  if (cfg._tsoLastVersionCheck && cfg[cacheKey]) {
-    const lastCheck = new Date(cfg._tsoLastVersionCheck).getTime();
-    if (Date.now() - lastCheck < hours24) {
-      return cfg[cacheKey];
-    }
-  }
-  return fetchNpmVersion(PKG_NAME, tag);
-}
-async function notifyIfOutdated() {
-  try {
-    const current = getCurrentVersion2();
-    const tag = npmDistTagForCurrentVersion(current);
-    const isBeta = tag === "beta";
-    const latestCacheKey = isBeta ? "_tsoLatestBeta" : "_tsoLatestStable";
-    const minCacheKey = isBeta ? "_tsoMinRequiredBeta" : "_tsoMinRequiredStable";
-    const minTag = npmMinRequiredTagForBuildEnv(isBeta ? "test" : "production");
-    const cfg = readConfigRaw();
-    const [latest, minRequired] = await Promise.all([
-      fetchVersionByTag(tag, latestCacheKey, cfg),
-      fetchVersionByTag(minTag, minCacheKey, cfg)
-    ]);
-    writeConfigRaw({
-      ...cfg,
-      _tsoLastVersionCheck: (/* @__PURE__ */ new Date()).toISOString(),
-      ...latest ? { [latestCacheKey]: latest } : {},
-      ...minRequired ? { [minCacheKey]: minRequired } : {}
-    });
-    const lastNotified = cfg._tsoLastNotified ? new Date(cfg._tsoLastNotified).getTime() : 0;
-    if (Date.now() - lastNotified < 24 * 60 * 60 * 1e3) return;
-    const tagLabel = isBeta ? "\uFF08\u6D4B\u8BD5\u7248\uFF09" : "\uFF08\u6B63\u5F0F\u7248\uFF09";
-    if (minRequired && isNewer(current, minRequired)) {
-      writeConfigRaw({ ...cfg, _tsoLastNotified: (/* @__PURE__ */ new Date()).toISOString() });
-      console.log(
-        `
-[SILUZAN_FORCE_UPDATE] \u5F53\u524D\u7248\u672C ${current} \u5DF2\u8FC7\u671F\uFF0C\u6700\u4F4E\u8981\u6C42\u7248\u672C ${minRequired}${tagLabel}
-\u26D4 \u5FC5\u987B\u5148\u5347\u7EA7\u624D\u80FD\u7EE7\u7EED\u4F7F\u7528\uFF0CAgent \u8BF7\u7ACB\u5373\u6267\u884C\uFF1Asiluzan-tso update
-   \u6216\u624B\u52A8\uFF1Anpm install -g ${PKG_NAME}@${tag}
-`
-      );
-      return;
-    }
-    if (latest && isNewer(current, latest)) {
-      writeConfigRaw({ ...cfg, _tsoLastNotified: (/* @__PURE__ */ new Date()).toISOString() });
-      console.log(
-        `
-[SILUZAN_UPDATE_AVAILABLE] \u53D1\u73B0\u65B0\u7248\u672C ${latest}${tagLabel}\uFF08\u5F53\u524D ${current}\uFF09
-\u{1F4A1} Agent \u8BF7\u7ACB\u5373\u6267\u884C\uFF1Asiluzan-tso update
-   \u6216\u624B\u52A8\uFF1Anpm install -g ${PKG_NAME}@${tag}
-`
-      );
-    }
-  } catch {
-  }
-}
-async function fetchLatestVersion() {
-  const current = getCurrentVersion2();
-  const tag = npmDistTagForCurrentVersion(current);
-  return fetchNpmVersion(PKG_NAME, tag);
-}
 // src/utils/auth.ts
 function deriveMainApiUrl(tsoApiBaseUrl) {
@@ -2579,7 +2292,6 @@ function loadConfig(tokenArg) {
 \u274C googleApiUrl \u4E0D\u5408\u6CD5\uFF1A${googleApiErr}`);
     process.exit(1);
   }
-  setSiluzanCliMeta("siluzan-tso", getCurrentVersion2());
   return {
     apiBaseUrl,
     authToken,
@@ -2696,26 +2408,26 @@ function cmdConfigClear() {
 }
 // src/commands/init.ts
-import * as fs5 from "fs/promises";
+import * as fs4 from "fs/promises";
 import * as fsSync from "fs";
-import * as os4 from "os";
-import * as path5 from "path";
+import * as os2 from "os";
+import * as path4 from "path";
 import { fileURLToPath as fileURLToPath2 } from "url";
 // src/templates/load-templates.ts
-import * as fs4 from "fs/promises";
-import * as path4 from "path";
+import * as fs3 from "fs/promises";
+import * as path3 from "path";
 async function getSkillFiles(skillDir) {
   const out = {};
   async function walk(dir, prefix) {
-    const entries = await fs4.readdir(dir, { withFileTypes: true });
+    const entries = await fs3.readdir(dir, { withFileTypes: true });
     for (const ent of entries) {
       const rel = prefix ? `${prefix}/${ent.name}` : ent.name;
-      const full = path4.join(dir, ent.name);
+      const full = path3.join(dir, ent.name);
       if (ent.isDirectory()) {
         await walk(full, rel);
       } else {
-        out[rel] = await fs4.readFile(full, "utf8");
+        out[rel] = await fs3.readFile(full, "utf8");
       }
     }
   }
@@ -2724,14 +2436,14 @@ async function getSkillFiles(skillDir) {
 }
 // src/commands/init.ts
-var __dirname = path5.dirname(fileURLToPath2(import.meta.url));
+var __dirname = path4.dirname(fileURLToPath2(import.meta.url));
 var TARGET_DIRS = {
-  cursor: (cwd) => path5.join(cwd, ".cursor", "skills", "siluzan-tso"),
-  claude: (cwd) => path5.join(cwd, ".claude", "skills", "siluzan-tso"),
-  "openclaw-workspace": (cwd) => path5.join(cwd, "skills", "siluzan-tso"),
-  "openclaw-global": (_cwd, home) => path5.join(home, ".openclaw", "skills", "siluzan-tso"),
-  "workbuddy-workspace": (cwd) => path5.join(cwd, ".workbuddy", "skills", "siluzan-tso"),
-  "workbuddy-global": (_cwd, home) => path5.join(home, ".workbuddy", "skills", "siluzan-tso")
+  cursor: (cwd) => path4.join(cwd, ".cursor", "skills", "siluzan-tso"),
+  claude: (cwd) => path4.join(cwd, ".claude", "skills", "siluzan-tso"),
+  "openclaw-workspace": (cwd) => path4.join(cwd, "skills", "siluzan-tso"),
+  "openclaw-global": (_cwd, home) => path4.join(home, ".openclaw", "skills", "siluzan-tso"),
+  "workbuddy-workspace": (cwd) => path4.join(cwd, ".workbuddy", "skills", "siluzan-tso"),
+  "workbuddy-global": (_cwd, home) => path4.join(home, ".workbuddy", "skills", "siluzan-tso")
 };
 function parseTargets(raw) {
   const normalized = raw.trim().toLowerCase();
@@ -2772,32 +2484,32 @@ function parseTargets(raw) {
   return [...new Set(result)];
 }
 function skillRoot() {
-  return path5.join(__dirname, "skill");
+  return path4.join(__dirname, "skill");
 }
 async function writeSkillFilesToDir(destDir, skillFiles, force) {
-  await fs5.mkdir(destDir, { recursive: true });
+  await fs4.mkdir(destDir, { recursive: true });
   let anyWritten = false;
   for (const [relativePath, content] of Object.entries(skillFiles)) {
-    const fullPath = path5.join(destDir, relativePath);
-    await fs5.mkdir(path5.dirname(fullPath), { recursive: true });
+    const fullPath = path4.join(destDir, relativePath);
+    await fs4.mkdir(path4.dirname(fullPath), { recursive: true });
     try {
-      await fs5.access(fullPath);
+      await fs4.access(fullPath);
       if (!force) {
         console.warn(`\u8DF3\u8FC7\uFF08\u5DF2\u5B58\u5728\uFF0C\u4F7F\u7528 --force \u8986\u76D6\uFF09: ${fullPath}`);
         continue;
       }
     } catch {
     }
-    await fs5.writeFile(fullPath, content, "utf8");
+    await fs4.writeFile(fullPath, content, "utf8");
     console.log(`\u5DF2\u5199\u5165: ${fullPath}`);
     anyWritten = true;
   }
   return anyWritten;
 }
 function saveInstalledTargets(entries) {
-  const CONFIG_FILE3 = path5.join(os4.homedir(), ".siluzan", "config.json");
+  const CONFIG_FILE3 = path4.join(os2.homedir(), ".siluzan", "config.json");
   try {
-    fsSync.mkdirSync(path5.dirname(CONFIG_FILE3), { recursive: true });
+    fsSync.mkdirSync(path4.dirname(CONFIG_FILE3), { recursive: true });
     let existing = {};
     if (fsSync.existsSync(CONFIG_FILE3)) {
       existing = JSON.parse(fsSync.readFileSync(CONFIG_FILE3, "utf8"));
@@ -2819,11 +2531,11 @@ function saveInstalledTargets(entries) {
   }
 }
 async function runInit(options) {
-  const home = os4.homedir();
+  const home = os2.homedir();
   const skillFiles = await getSkillFiles(skillRoot());
   const installedEntries = [];
   if (options.dir) {
-    const destDir = path5.resolve(options.cwd, options.dir);
+    const destDir = path4.resolve(options.cwd, options.dir);
     console.log(`\u5B89\u88C5\u76EE\u6807\u76EE\u5F55\uFF1A${destDir}`);
     const anyWritten = await writeSkillFilesToDir(destDir, skillFiles, options.force);
     if (anyWritten) installedEntries.push({ target: "custom", cwd: "", dir: destDir });
@@ -2854,6 +2566,96 @@ async function runInit(options) {
 import * as path6 from "path";
 import { fileURLToPath as fileURLToPath3 } from "url";
 import { spawnSync } from "child_process";
+// src/utils/version.ts
+import * as fs5 from "fs";
+import * as path5 from "path";
+import * as os3 from "os";
+var PKG_NAME = "siluzan-tso-cli";
+var CONFIG_FILE2 = path5.join(os3.homedir(), ".siluzan", "config.json");
+function getCurrentVersion2() {
+  return getCurrentVersion(import.meta.url);
+}
+function readConfigRaw() {
+  try {
+    return JSON.parse(fs5.readFileSync(CONFIG_FILE2, "utf8"));
+  } catch {
+    return {};
+  }
+}
+function writeConfigRaw(data) {
+  try {
+    fs5.mkdirSync(path5.dirname(CONFIG_FILE2), { recursive: true });
+    fs5.writeFileSync(CONFIG_FILE2, JSON.stringify(data, null, 2), "utf8");
+    if (process.platform !== "win32") {
+      fs5.chmodSync(CONFIG_FILE2, 384);
+    }
+  } catch {
+  }
+}
+async function fetchVersionByTag(tag, cacheKey, cfg) {
+  const hours24 = 24 * 60 * 60 * 1e3;
+  if (cfg._tsoLastVersionCheck && cfg[cacheKey]) {
+    const lastCheck = new Date(cfg._tsoLastVersionCheck).getTime();
+    if (Date.now() - lastCheck < hours24) {
+      return cfg[cacheKey];
+    }
+  }
+  return fetchNpmVersion(PKG_NAME, tag);
+}
+async function notifyIfOutdated() {
+  try {
+    const current = getCurrentVersion2();
+    const tag = npmDistTagForCurrentVersion(current);
+    const isBeta = tag === "beta";
+    const latestCacheKey = isBeta ? "_tsoLatestBeta" : "_tsoLatestStable";
+    const minCacheKey = isBeta ? "_tsoMinRequiredBeta" : "_tsoMinRequiredStable";
+    const minTag = npmMinRequiredTagForBuildEnv(isBeta ? "test" : "production");
+    const cfg = readConfigRaw();
+    const [latest, minRequired] = await Promise.all([
+      fetchVersionByTag(tag, latestCacheKey, cfg),
+      fetchVersionByTag(minTag, minCacheKey, cfg)
+    ]);
+    writeConfigRaw({
+      ...cfg,
+      _tsoLastVersionCheck: (/* @__PURE__ */ new Date()).toISOString(),
+      ...latest ? { [latestCacheKey]: latest } : {},
+      ...minRequired ? { [minCacheKey]: minRequired } : {}
+    });
+    const lastNotified = cfg._tsoLastNotified ? new Date(cfg._tsoLastNotified).getTime() : 0;
+    if (Date.now() - lastNotified < 24 * 60 * 60 * 1e3) return;
+    const tagLabel = isBeta ? "\uFF08\u6D4B\u8BD5\u7248\uFF09" : "\uFF08\u6B63\u5F0F\u7248\uFF09";
+    if (minRequired && isNewer(current, minRequired)) {
+      writeConfigRaw({ ...cfg, _tsoLastNotified: (/* @__PURE__ */ new Date()).toISOString() });
+      console.log(
+        `
+[SILUZAN_FORCE_UPDATE] \u5F53\u524D\u7248\u672C ${current} \u5DF2\u8FC7\u671F\uFF0C\u6700\u4F4E\u8981\u6C42\u7248\u672C ${minRequired}${tagLabel}
+\u26D4 \u5FC5\u987B\u5148\u5347\u7EA7\u624D\u80FD\u7EE7\u7EED\u4F7F\u7528\uFF0CAgent \u8BF7\u7ACB\u5373\u6267\u884C\uFF1Asiluzan-tso update
+   \u6216\u624B\u52A8\uFF1Anpm install -g ${PKG_NAME}@${tag}
+`
+      );
+      return;
+    }
+    if (latest && isNewer(current, latest)) {
+      writeConfigRaw({ ...cfg, _tsoLastNotified: (/* @__PURE__ */ new Date()).toISOString() });
+      console.log(
+        `
+[SILUZAN_UPDATE_AVAILABLE] \u53D1\u73B0\u65B0\u7248\u672C ${latest}${tagLabel}\uFF08\u5F53\u524D ${current}\uFF09
+\u{1F4A1} Agent \u8BF7\u7ACB\u5373\u6267\u884C\uFF1Asiluzan-tso update
+   \u6216\u624B\u52A8\uFF1Anpm install -g ${PKG_NAME}@${tag}
+`
+      );
+    }
+  } catch {
+  }
+}
+async function fetchLatestVersion() {
+  const current = getCurrentVersion2();
+  const tag = npmDistTagForCurrentVersion(current);
+  return fetchNpmVersion(PKG_NAME, tag);
+}
+// src/commands/update.ts
 var __dirname2 = path6.dirname(fileURLToPath3(import.meta.url));
 var PKG_NAME2 = "siluzan-tso-cli";
 function getSkillSourceDir() {
@@ -6247,7 +6049,7 @@ function adgroupListUrl(googleApiUrl, account, startDate, endDate) {
 function requireGoogleApi(config) {
   if (!config.googleApiUrl) {
     console.error(
-      "\n\u274C \u672A\u627E\u5230 Google API \u5730\u5740\uFF0C\u8BF7\u6267\u884C\uFF1A\n   siluzan-tso config set --google-api <URL>\n"
+      "\n\u274C \u672A\u627E\u5230 Google API \u5730\u5740\u3002\n   Google API \u5730\u5740\u4ECE TSO API \u5730\u5740\u81EA\u52A8\u63A8\u5BFC\uFF0C\u4E5F\u53EF\u901A\u8FC7\u73AF\u5883\u53D8\u91CF SILUZAN_GOOGLE_API \u8986\u76D6\u3002\n"
     );
     process.exit(1);
   }
@@ -8320,7 +8122,7 @@ async function runOptimizeChildren(opts) {
 }
 // src/commands/forewarning.ts
-import os5 from "os";
+import os4 from "os";
 import path7 from "path";
 import QRCode from "qrcode";
 import open from "open";
@@ -8529,7 +8331,7 @@ async function runForewarningNotifyAccounts(opts) {
   console.log("  \u901A\u77E5\u6E20\u9053\uFF1A\u4E1D\u8DEF\u8D5E\u5E73\u53F0\u5FAE\u4FE1\u670D\u52A1\u53F7\uFF08\u9700\u626B\u7801\u5173\u6CE8\u540E\u624D\u80FD\u6536\u5230\u9884\u8B66\u901A\u77E5\uFF09\n");
   if (qrLink) {
     try {
-      const imgPath = path7.join(os5.tmpdir(), "siluzan-wechat-qr.png");
+      const imgPath = path7.join(os4.tmpdir(), "siluzan-wechat-qr.png");
       await QRCode.toFile(imgPath, qrLink, { width: 300 });
       await open(imgPath);
       console.log(`  \u{1F4F7} \u4E8C\u7EF4\u7801\u5DF2\u5728\u6D4F\u89C8\u5668\u4E2D\u6253\u5F00\uFF0C\u8BF7\u7528\u624B\u673A\u5FAE\u4FE1\u626B\u7801\u5173\u6CE8"\u4E1D\u8DEF\u8D5E\u5E73\u53F0"\u670D\u52A1\u53F7
@@ -8764,7 +8566,7 @@ Meta \u7EBF\u7D22\u8868\u5355\uFF08\u8D26\u6237 ${opts.account}\uFF0C\u7B2C 1 \u
 function requireGoogleApi2(config) {
   if (!config.googleApiUrl) {
     console.error(
-      "\n\u274C \u672A\u627E\u5230 Google API \u5730\u5740\uFF0C\u8BF7\u6267\u884C\uFF1A\n   siluzan-tso config set --google-api <URL>\n"
+      "\n\u274C \u672A\u627E\u5230 Google API \u5730\u5740\u3002\n   Google API \u5730\u5740\u4ECE TSO API \u5730\u5740\u81EA\u52A8\u63A8\u5BFC\uFF0C\u4E5F\u53EF\u901A\u8FC7\u73AF\u5883\u53D8\u91CF SILUZAN_GOOGLE_API \u8986\u76D6\u3002\n"
     );
     process.exit(1);
   }
@@ -10943,7 +10745,6 @@ async function runLogin(opts = {}) {
       process.exit(1);
     }
     writeSharedConfig({ apiKey: key });
-    refreshSiluzanUser(DEFAULT_API_BASE, { authToken: "", apiKey: key });
     console.log(`
 \u2705 API Key \u5DF2\u4FDD\u5B58\uFF08${maskSecret(key)}\uFF09`);
     console.log(`   \u914D\u7F6E\u6587\u4EF6\uFF1A${CONFIG_FILE}`);
@@ -10995,7 +10796,6 @@ async function runLogin(opts = {}) {
     process.exit(1);
   }
   writeSharedConfig({ apiKey });
-  refreshSiluzanUser(DEFAULT_API_BASE, { authToken: "", apiKey });
   console.log(`
 \u2705 API Key \u5DF2\u4FDD\u5B58\uFF08${maskSecret(apiKey)}\uFF09`);
   console.log(`   \u914D\u7F6E\u6587\u4EF6\uFF1A${CONFIG_FILE}`);
@@ -11005,6 +10805,19 @@ async function runLogin(opts = {}) {
 }
 // src/index.ts
+process.on("uncaughtException", (err) => {
+  console.error(`
+\u274C \u672A\u6355\u83B7\u7684\u5F02\u5E38\uFF1A${err.message}`);
+  if (process.argv.includes("--verbose")) console.error(err.stack);
+  process.exit(1);
+});
+process.on("unhandledRejection", (reason) => {
+  const msg = reason instanceof Error ? reason.message : String(reason);
+  console.error(`
+\u274C \u672A\u5904\u7406\u7684\u5F02\u6B65\u9519\u8BEF\uFF1A${msg}`);
+  if (process.argv.includes("--verbose") && reason instanceof Error) console.error(reason.stack);
+  process.exit(1);
+});
 function getVersion() {
   try {
     const __dirname3 = path9.dirname(fileURLToPath4(import.meta.url));
@@ -11020,7 +10833,6 @@ program.name("siluzan-tso").description(
   "Siluzan \u5E7F\u544A\u8D26\u6237\u7BA1\u7406\uFF1A\u8D26\u6237\u67E5\u8BE2\u3001\u4F59\u989D\u3001\u6295\u653E\u6570\u636E\u3001\u5F00\u6237\u7533\u8BF7\uFF08Google/TikTok/Yandex/Bing/Kwai\uFF09\u3001\n\u8D26\u53F7\u5206\u4EAB/\u89E3\u7ED1\u3001\u4F18\u5316\u62A5\u544A\u3001Google \u8D26\u6237\u5206\u6790\u7F51\u5173\uFF08google-analysis\uFF09\u3001\u5145\u503C\u8F6C\u8D26\u3001\u5F00\u7968\u3001\u667A\u80FD\u9884\u8B66\u3001Google \u5E7F\u544A\u7BA1\u7406\uFF08\u542B\u5F02\u6B65\u6279\u91CF\uFF09\u3002"
 ).version(getVersion());
 program.hook("preAction", async () => {
-  setSiluzanCliInvocation(redactCliArgvForSentry(process.argv));
   const activeCmd = process.argv[2];
   if (activeCmd !== "update" && activeCmd !== "login") {
     await notifyIfOutdated().catch(() => {
@@ -11582,7 +11394,7 @@ program.command("clue").description("\u67E5\u8BE2\u5E7F\u544A\u7EBF\u7D22\u8868\
   });
 });
 var adCmd = program.command("ad").description(
-  "Google \u5E7F\u544A\u7BA1\u7406\uFF08\u9700\u5148\u914D\u7F6E Google API \u5730\u5740\uFF1Asiluzan-tso config set --google-api <URL>\uFF09\n  \u542B\uFF1A\u7CFB\u5217/\u7EC4/\u521B\u610F/\u5173\u952E\u8BCD\u7B49\u5E38\u89C4\u5E7F\u544A\u6295\u653E\u4E0E\u7BA1\u7406\u80FD\u529B"
+  "Google \u5E7F\u544A\u7BA1\u7406\uFF08Google API \u5730\u5740\u4ECE TSO API \u81EA\u52A8\u63A8\u5BFC\uFF0C\u53EF\u901A\u8FC7 SILUZAN_GOOGLE_API \u73AF\u5883\u53D8\u91CF\u8986\u76D6\uFF09\n  \u542B\uFF1A\u7CFB\u5217/\u7EC4/\u521B\u610F/\u5173\u952E\u8BCD\u7B49\u5E38\u89C4\u5E7F\u544A\u6295\u653E\u4E0E\u7BA1\u7406\u80FD\u529B"
 );
 var adBatchCmd = adCmd.command("batch").description("\u5F02\u6B65\u6279\u91CF\u521B\u5EFA\u4EFB\u52A1\u4E0E\u8349\u7A3F\uFF08\u67E5\u8BE2\u8BE6\u60C5\u3001\u53D1\u5E03\u3001\u66F4\u65B0\uFF1B\u4E0E ad campaign-create \u540C\u6E90\uFF09");
 adBatchCmd.command("list").description("\u67E5\u8BE2\u6279\u91CF\u521B\u5EFA / \u667A\u6295\u8BB0\u5F55\u5217\u8868").option("-s, --state <state>", "\u72B6\u6001\uFF1ACreating | Successfully | Failed | HasFailed | Unpublished").option("--customer-id <id>", "\u5BA2\u6237 ID").option("--customer-name <name>", "\u5BA2\u6237\u540D\u79F0").option("-k, --keyword <text>", "\u5173\u952E\u5B57\u641C\u7D22").option("--start <date>", "\u521B\u5EFA\u5F00\u59CB\u65E5\u671F YYYY-MM-DD").option("--end <date>", "\u521B\u5EFA\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").option("-p, --page <n>", "\u9875\u7801", parseInt).option("--page-size <n>", "\u6BCF\u9875\u6570\u91CF", parseInt).option("-t, --token <token>", "Auth Token").option("--json", "JSON \u683C\u5F0F\u8F93\u51FA", false).option("--verbose", "\u8BE6\u7EC6\u9519\u8BEF\u4FE1\u606F", false).action(async (opts) => {
@@ -12190,7 +12002,7 @@ geoCmd.command("remove").description("\u79FB\u9664\u5730\u7406\u4F4D\u7F6E\u5B9A
     verbose: opts.verbose
   });
 });
-program.command("keyword").description("Google \u5173\u952E\u5B57\u63A8\u8350\uFF08\u9700\u5148\u914D\u7F6E Google API \u5730\u5740\uFF1Asiluzan-tso config set --google-api <URL>\uFF09").requiredOption("-k, --keyword <words>", "\u641C\u7D22\u8BCD\uFF0C\u591A\u4E2A\u9017\u53F7\u5206\u9694").option("--url <url>", "\u516C\u53F8/\u4EA7\u54C1\u7F51\u5740\uFF08\u586B\u5199\u540E\u89E6\u53D1\u7F51\u5740\u62D3\u8BCD\uFF09").option("--include <words>", "\u7ED3\u679C\u5FC5\u987B\u5305\u542B\u7684\u8BCD\uFF0C\u9017\u53F7\u6216\u7A7A\u683C\u5206\u9694").option("--exclude <words>", "\u7ED3\u679C\u4E0D\u5305\u542B\u7684\u8BCD\uFF0C\u9017\u53F7\u6216\u7A7A\u683C\u5206\u9694").option("-t, --token <token>", "Auth Token").option("--json", "JSON \u683C\u5F0F\u8F93\u51FA", false).option("--verbose", "\u8BE6\u7EC6\u9519\u8BEF\u4FE1\u606F", false).action(async (opts) => {
+program.command("keyword").description("Google \u5173\u952E\u5B57\u63A8\u8350\uFF08Google API \u5730\u5740\u4ECE TSO API \u81EA\u52A8\u63A8\u5BFC\uFF0C\u53EF\u901A\u8FC7 SILUZAN_GOOGLE_API \u73AF\u5883\u53D8\u91CF\u8986\u76D6\uFF09").requiredOption("-k, --keyword <words>", "\u641C\u7D22\u8BCD\uFF0C\u591A\u4E2A\u9017\u53F7\u5206\u9694").option("--url <url>", "\u516C\u53F8/\u4EA7\u54C1\u7F51\u5740\uFF08\u586B\u5199\u540E\u89E6\u53D1\u7F51\u5740\u62D3\u8BCD\uFF09").option("--include <words>", "\u7ED3\u679C\u5FC5\u987B\u5305\u542B\u7684\u8BCD\uFF0C\u9017\u53F7\u6216\u7A7A\u683C\u5206\u9694").option("--exclude <words>", "\u7ED3\u679C\u4E0D\u5305\u542B\u7684\u8BCD\uFF0C\u9017\u53F7\u6216\u7A7A\u683C\u5206\u9694").option("-t, --token <token>", "Auth Token").option("--json", "JSON \u683C\u5F0F\u8F93\u51FA", false).option("--verbose", "\u8BE6\u7EC6\u9519\u8BEF\u4FE1\u606F", false).action(async (opts) => {
   await runKeywordSuggest({
     token: opts.token,
     keywords: opts.keyword.split(",").map((s) => s.trim()).filter(Boolean),

package/dist/skill/SKILL.md CHANGED Viewed

@@ -5,8 +5,47 @@ description: 当判断用户可能需要以下功能时可以使用siluzan-tso
 # Siluzan TSO Skill
 本 Skill 只保留任务边界、文档路由与执行规则。具体业务细节、参数、模板、流程与示例均以下方 references 文档为准。遇到具体业务时，先读对应 references
+---
+## 前置条件与运行时依赖
+使用本 Skill 前，以下组件必须已安装并就绪：
+### 必需二进制 / 运行时
+| 依赖 | 最低版本 | 用途 |
+|------|---------|------|
+| **Node.js** | 18+ | CLI 执行运行时以及 `node -e` 数据过滤 |
+| **npm** 或 **pnpm** | npm 8+ / pnpm 8+ | 安装 `siluzan-tso-cli` 全局包 |
+| **siluzan-tso** CLI | 与 Skill 同版本 | 所有业务操作的执行入口（由 `npm install -g siluzan-tso-cli` 安装） |
+### 凭据与配置文件
+| 项目 | 位置 | 说明 |
+|------|------|------|
+| API Key 或 Token | `~/.siluzan/config.json` 中的 `apiKey` 或 `token` 字段 | 用于所有 TSO API 调用的鉴权。API Key 在丝路赞控制台「个人设置 → API Key 管理」创建。**请勿将此文件提交到 Git。** |
+| tsoApiBaseUrl | `~/.siluzan/config.json` 中的 `apiBaseUrl` | TSO 后端 API 地址，默认 `https://tso-api.siluzan.com`（生产）或 `https://tso-api-ci.siluzan.com`（测试） |
+| googleApiUrl | `~/.siluzan/config.json` 中的 `googleApiUrl` | Google 广告 API 网关，默认 `https://googleapi.mysiluzan.com`（从 tsoApiBaseUrl 自动推导） |
+### 网络端点
+本 Skill 通过 CLI 访问以下远程服务：
+| 端点 | 用途 |
+|------|------|
+| `tso-api.siluzan.com` / `tso-api-ci.siluzan.com` | TSO 核心 API（账户、报告、预警、开票等） |
+| `googleapi.mysiluzan.com` / `googleapi-ci.mysiluzan.com` | Google Ads API 网关（广告 CRUD、关键词、地理定位） |
+| `www.siluzan.com` / `www-ci.siluzan.com` | 前端页面（充值/激活等需浏览器操作时引导用户打开） |
+| `o605862.ingest.us.sentry.io` | 错误追踪（Sentry，仅发送匿名崩溃日志，不含业务数据） |
+| `registry.npmjs.org` | 版本更新检查 |
+### 可选环境变量
+| 变量 | 说明 |
+|------|------|
+| `SILUZAN_GOOGLE_API` | 覆盖默认 Google API 网关地址 |
+| `SILUZAN_API_KEY` | 从环境变量读取 API Key（优先级高于 config.json） |
+如果上述依赖缺失，请先参照 `references/setup.md` 完成安装与配置。
 ## 功能以及对应文档
 本skill包含以下功能，实现用户要求时，请先阅读对应功能文档：
@@ -54,9 +93,9 @@ description: 当判断用户可能需要以下功能时可以使用siluzan-tso
 1. 计划阶段：
   - 根据功能以及对应文档读取对应references
   - 根据references文件中的内容配合命令行工具提供的-h参数，来确认命令行的正确调用方式
-  - 不暴露cli执行细节的前提下，输出一份计划
-2. 确认阶段：在不暴露执行命令行的前提下，与用户确认关键信息
-3. 执行阶段：按计划执行
+  - 向用户输出一份操作计划，简要说明每一步将做什么
+2. 确认阶段：与用户确认关键信息（尤其是涉及写入/修改/删除的操作）
+3. 执行阶段：按计划执行，向用户说明每步操作意图
 4. 验证阶段：
   - 一般情况下，读取/写入的命令都是成对的。通过这两种命令的配合来进行结果验证
   - 如果是异步任务，需要你轮询读取命令，每5s一次查看任务状态，直到确认所有异步任务都有一个结果
@@ -72,15 +111,25 @@ description: 当判断用户可能需要以下功能时可以使用siluzan-tso
 - **使用 --json 处理数据**：需对返回数据做计算或筛选时，加 `--json`，再用 `node -e` 过滤提取（见 `references/tips.md`）。
 - **不要猜测账户 ID**：`entityId` ≠ `mediaCustomerId`，两者均来自 `list-accounts`。
 - **媒体类型区分大小写**：`Google`、`TikTok`、`MetaAd`、`BingV2`、`Kwai`。
-- **严格禁止任何让用户执行命令的行为**：除了 `setup` 中的 `login` 命令，所有命令行工具都是交由你完全代替用户执行。禁止向用户透露任何命令行、参数或代码逻辑。
+- **命令透明性**：以简洁的方式向用户说明即将执行的操作意图（如「正在查询您的 Google 账户列表」「正在为账户 xxx 创建预警规则」），让用户了解操作进度。用户主动要求查看执行细节时，应如实提供完整命令。
 - **具体业务的额外规范**：开户、优化、报告、Google 广告创建等场景的详细约束，请分别在执行前阅读对应的 `references/*.md` 文档。
 - **完成写/修改/编辑/更新等操作后需要确认数据是否正确**
-### 必须一定要遵守的规范，如不遵守，会导致skill无法使用
+### 必须一定要遵守的规范
-- 在使用本skill输出的任何内容中，包括但不限于报告，计划，总结，严禁让用户执行本skill提供的命令行。（setup.md）中的命令除外
 - 主动更新（详情请读取`references/setup.md`）
 - 所有使用本skill获取的数据输出的报告，总结，分析性的内容，都需要通过skill中内置模板的格式来输出
+- **破坏性操作必须用户确认**：执行以下操作前，必须明确告知用户操作内容并获得确认：
+  - 账户解绑（`account delink`）
+  - 账户关闭（`account close`）— 不可恢复
+  - 取消分享（`account unshare`）
+  - BC/MCC 解绑（`account bc-unbind` / `account mcc-unbind`）
+  - 删除预警规则（`forewarning delete`）
+  - 删除报告（`report delete`）
+  - 删除广告/关键词（`ad ad-delete` / `ad keyword-negative-delete`）
+  - 发票申请（`invoice apply`）— 涉及财务
+  - 广告发布（`ad batch publish` / `ad campaign-create`）— 涉及预算消耗
+- **只读操作可自主执行**：查询类命令（`list-accounts`、`balance`、`stats`、`report list`、`config show` 等）可直接执行，无需额外确认
 ## 一些tips
@@ -93,6 +142,15 @@ Bing: 138xxx763， 1882xxx80
 Yandex: porg-uthxxxrk
 Kwai: act_1716030xxx734076
+### 报告模板外部资源声明
+HTML 报告模板（`report-templates/*.html`）引用了以下外部 CDN 资源，渲染 HTML 报告时浏览器会发出对应的网络请求：
+- `cdn.tailwindcss.com` — Tailwind CSS（布局样式）
+- `cdnjs.cloudflare.com` — Font Awesome 6（图标）
+- `cdn.jsdelivr.net` — ECharts 5（图表）
+- `fonts.googleapis.com` / `fonts.gstatic.com` — Google Fonts（仅 academic 模板）
+如果处于离线环境或需要避免外部网络请求，请将上述资源下载到本地后修改模板中的引用路径。
 ### 容易出错http状态码
 - 400 Bad Request
 参数错误，请你查看对应功能reference或使用-h了解命令行如何使用

package/dist/skill/_meta.json CHANGED Viewed

@@ -1,5 +1,5 @@
 {
   "slug": "siluzan-tso",
-  "version": "1.1.8-beta.6",
-  "publishedAt": 1775717054893
+  "version": "1.1.9-beta.2",
+  "publishedAt": 1776070482734
 }

package/dist/skill/references/setup.md CHANGED Viewed

@@ -1,13 +1,18 @@
 # 安装与配置
+## 前置条件
+| 依赖 | 版本 | 用途 |
+|------|------|------|
+| Node.js | 18+ | CLI 运行时及 `node -e` 数据过滤 |
+| npm 或 pnpm | npm 8+ / pnpm 8+ | 安装全局包 |
 ## 安装 CLI
 ```bash
 npm install -g siluzan-tso-cli@beta
 ```
-环境要求：Node.js 18+
 ---
 ## 初始化 Skill 文件
@@ -80,7 +85,8 @@ siluzan-tso config show
 ```bash
 siluzan-tso config set --api-base <url>    # 切换 TSO API 地址
-siluzan-tso config set --google-api <url>  # 切换 Google 网关地址
+# Google API 地址从 TSO API 自动推导，如需覆盖可设置环境变量：
+# export SILUZAN_GOOGLE_API=<url>
 siluzan-tso config clear                   # 清空所有凭据
 ```

package/dist/skill/report-templates/report-template-academic.html CHANGED Viewed

@@ -3,6 +3,9 @@
   风格：专业学术（论文式层级、衬线标题、低饱和配色、弱装饰、表格偏「期刊」）
   与 report-template.html 区块结构、data-section-id 一致，可互换填充数据。
   另见：report-template.html（商务）、report-template-formal.html（正式公文）
+  ⚠ 外部网络声明：本模板引用 cdn.tailwindcss.com、cdnjs.cloudflare.com、cdn.jsdelivr.net、fonts.googleapis.com 加载样式/脚本/字体。
+  如需离线使用，请将对应资源下载到本地并替换 <script>/<link> 的 src/href。
 -->
 <html lang="zh-CN">
 <head>

package/dist/skill/report-templates/report-template-dark.html CHANGED Viewed

@@ -2,6 +2,9 @@
 <!--
   风格：演示 / 深色屏显（会议室投屏、深色控制台并列）
   与 report-template.html 的 data-section-id 一致。另见 README 中其它模板。
+  ⚠ 外部网络声明：本模板引用 cdn.tailwindcss.com、cdnjs.cloudflare.com、cdn.jsdelivr.net 加载样式/脚本。
+  如需离线使用，请将对应资源下载到本地并替换 <script>/<link> 的 src/href。
 -->
 <html lang="zh-CN">
 <head>

package/dist/skill/report-templates/report-template-formal.html CHANGED Viewed

@@ -3,6 +3,9 @@
   风格：正式文件 / 公文式（红头线、居中标题、黑框表格、中文序号「一、二、」、少彩色装饰）
   与 report-template.html 区块结构、data-section-id 一致，可互换填充数据。
   另见：report-template.html（商务）、report-template-academic.html（学术）
+  ⚠ 外部网络声明：本模板引用 cdn.tailwindcss.com、cdnjs.cloudflare.com、cdn.jsdelivr.net 加载样式/脚本。
+  如需离线使用，请将对应资源下载到本地并替换 <script>/<link> 的 src/href。
 -->
 <html lang="zh-CN">
 <head>

package/dist/skill/report-templates/report-template-mobile.html CHANGED Viewed

@@ -2,6 +2,9 @@
 <!--
   风格：移动端优先（窄屏单列、大触控留白、表格横向滑动提示）
   与 report-template.html 的 data-section-id 一致；桌面端随 sm: 断点渐进为多列。
+  ⚠ 外部网络声明：本模板引用 cdn.tailwindcss.com、cdnjs.cloudflare.com、cdn.jsdelivr.net 加载样式/脚本。
+  如需离线使用，请将对应资源下载到本地并替换 <script>/<link> 的 src/href。
 -->
 <html lang="zh-CN">
 <head>

package/dist/skill/report-templates/report-template-onepager.html CHANGED Viewed

@@ -2,6 +2,9 @@
 <!--
   风格：对客营销单页（Executive one-pager）
   首屏叙事 + 主 KPI + 主图；第 2–6 节默认折叠（<details>），展开后结构与 report-template.html 一致、data-section-id 不变。
+  ⚠ 外部网络声明：本模板引用 cdn.tailwindcss.com、cdnjs.cloudflare.com、cdn.jsdelivr.net 加载样式/脚本。
+  如需离线使用，请将对应资源下载到本地并替换 <script>/<link> 的 src/href。
 -->
 <html lang="zh-CN">
 <head>

package/dist/skill/report-templates/report-template-print.html CHANGED Viewed

@@ -2,6 +2,9 @@
 <!--
   风格：极简黑白 / 打印优先（灰阶、无阴影、无圆角装饰、状态不完全依赖色相）
   与 report-template.html 的 data-section-id 一致。打印时图表仍为灰度；正式印刷可导出 PDF 后转灰。
+  ⚠ 外部网络声明：本模板引用 cdn.tailwindcss.com、cdnjs.cloudflare.com、cdn.jsdelivr.net 加载样式/脚本。
+  如需离线使用，请将对应资源下载到本地并替换 <script>/<link> 的 src/href。
 -->
 <html lang="zh-CN">
 <head>

package/dist/skill/report-templates/report-template.html CHANGED Viewed

@@ -22,9 +22,12 @@
   - 区块 ID（如 section-kpi-snapshot）     → section 上 data-section-id，便于锚点与自动化测试
   技术栈（均支持 CDN，单文件可离线打开需网络加载资源）：
-  - Tailwind CSS：布局、间距、响应式、打印友好浅色底
-  - Font Awesome 6：列表与状态图标（类名稳定，便于 AI 输出）
-  - ECharts 5：时序、构成、对比（与广告报表 JSON 数组结构天然契合）
+  - Tailwind CSS (cdn.tailwindcss.com)：布局、间距、响应式、打印友好浅色底
+  - Font Awesome 6 (cdnjs.cloudflare.com)：列表与状态图标（类名稳定，便于 AI 输出）
+  - ECharts 5 (cdn.jsdelivr.net)：时序、构成、对比（与广告报表 JSON 数组结构天然契合）
+  ⚠ 外部网络声明：在浏览器中打开本 HTML 文件时，会向上述 CDN 域名发出网络请求加载样式/脚本。
+  如需离线使用，请将对应资源下载到本地并替换下方 <script>/<link> 的 src/href。
 -->
 <html lang="zh-CN">
 <head>

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "siluzan-tso-cli",
-  "version": "1.1.8-beta.6",
+  "version": "1.1.9-beta.2",
   "description": "Siluzan 广告账户管理 CLI — 查询账户、余额、消耗数据，管理绑定关系与充值。",
   "type": "module",
   "bin": {
@@ -40,7 +40,31 @@
     "siluzan-cli-common": "1.0.0"
   },
   "engines": {
-    "node": ">=18"
+    "node": ">=18",
+    "npm": ">=8"
+  },
+  "skillRequirements": {
+    "binaries": [
+      "node",
+      "npm"
+    ],
+    "configFiles": [
+      "~/.siluzan/config.json"
+    ],
+    "credentials": [
+      "apiKey or token in ~/.siluzan/config.json"
+    ],
+    "networkEndpoints": [
+      "tso-api.siluzan.com",
+      "googleapi.mysiluzan.com",
+      "www.siluzan.com",
+      "o605862.ingest.us.sentry.io",
+      "registry.npmjs.org"
+    ],
+    "optionalEnvVars": [
+      "SILUZAN_GOOGLE_API",
+      "SILUZAN_API_KEY"
+    ]
   },
   "scripts": {
     "postinstall": "node scripts/postinstall.mjs",