ylib-wecom-openclaw-plugin 2026.4.29

package/dist/src/openclaw-compat.js

@@ -0,0 +1,839 @@
+"use strict";
+/**
+ * openclaw plugin-sdk 高版本方法兼容层
+ *
+ * 部分方法（如 loadOutboundMediaFromUrl、detectMime、getDefaultMediaLocalRoots）
+ * 仅在较新版本的 openclaw plugin-sdk 中才导出。
+ *
+ * 本模块在加载时一次性探测 SDK 导出，存在则直接 re-export SDK 版本，
+ * 不存在则导出 fallback 实现。其他模块统一从本文件导入，无需关心底层兼容细节。
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+var __spreadArrays = (this && this.__spreadArrays) || function () {
+    for (var s = 0, i = 0, il = arguments.length; i < il; i++) s += arguments[i].length;
+    for (var r = Array(s), k = 0, i = 0; i < il; i++)
+        for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++)
+            r[k] = a[j];
+    return r;
+};
+exports.__esModule = true;
+exports.buildAccountScopedDmSecurityPolicyCompat = exports.formatPairingApproveHint = exports.buildAccountScopedDmSecurityPolicy = exports.parseOptionalDelimitedEntries = exports.emptyPluginConfigSchema = exports.getDefaultMediaLocalRoots = exports.addWildcardAllowFrom = exports.loadOutboundMediaFromUrl = exports.detectMime = exports.DEFAULT_ACCOUNT_ID = exports.resolveStateDir = void 0;
+var fs = __importStar(require("node:fs/promises"));
+var path = __importStar(require("node:path"));
+var os = __importStar(require("node:os"));
+var node_url_1 = require("node:url");
+var state_dir_resolve_js_1 = require("./state-dir-resolve.js");
+exports.resolveStateDir = state_dir_resolve_js_1.resolveStateDir;
+exports.DEFAULT_ACCOUNT_ID = "default";
+var REMOTE_MEDIA_FETCH_TIMEOUT_MS = 20000;
+var REMOTE_MEDIA_FETCH_MAX_ATTEMPTS = 3;
+var REMOTE_MEDIA_FETCH_RETRY_DELAY_MS = 600;
+var _sdkReady = Promise.resolve().then(function () { return __importStar(require("ylib-openclaw/plugin-sdk")); }).then(function (sdk) {
+    var exports = {};
+    if (typeof sdk.loadOutboundMediaFromUrl === "function") {
+        exports.loadOutboundMediaFromUrl = sdk.loadOutboundMediaFromUrl;
+    }
+    if (typeof sdk.detectMime === "function") {
+        exports.detectMime = sdk.detectMime;
+    }
+    if (typeof sdk.getDefaultMediaLocalRoots === "function") {
+        exports.getDefaultMediaLocalRoots = sdk.getDefaultMediaLocalRoots;
+    }
+    if (typeof sdk.addWildcardAllowFrom === "function") {
+        exports.addWildcardAllowFrom = sdk.addWildcardAllowFrom;
+    }
+    return exports;
+})["catch"](function () {
+    // openclaw/plugin-sdk 不可用或版本过低，全部使用 fallback
+    return {};
+});
+// 同时尝试从 plugin-sdk/setup 模块探测（缓存同步可用的引用）
+var _cachedAddWildcardAllowFrom;
+var _setupSdkReady = Promise.resolve().then(function () { return __importStar(require("ylib-openclaw/plugin-sdk")); }).then(function (sdk) {
+    if (typeof sdk.addWildcardAllowFrom === "function") {
+        _cachedAddWildcardAllowFrom = sdk.addWildcardAllowFrom;
+    }
+})["catch"](function () { });
+// 同时也从 core 模块的结果中缓存
+_sdkReady.then(function (sdk) {
+    if (!_cachedAddWildcardAllowFrom && sdk.addWildcardAllowFrom) {
+        _cachedAddWildcardAllowFrom = sdk.addWildcardAllowFrom;
+    }
+});
+// ============================================================================
+// detectMime —— 检测 MIME 类型
+// ============================================================================
+var MIME_BY_EXT = {
+    ".heic": "image/heic",
+    ".heif": "image/heif",
+    ".jpg": "image/jpeg",
+    ".jpeg": "image/jpeg",
+    ".png": "image/png",
+    ".webp": "image/webp",
+    ".gif": "image/gif",
+    ".ogg": "audio/ogg",
+    ".mp3": "audio/mpeg",
+    ".m4a": "audio/x-m4a",
+    ".mp4": "video/mp4",
+    ".mov": "video/quicktime",
+    ".pdf": "application/pdf",
+    ".json": "application/json",
+    ".zip": "application/zip",
+    ".gz": "application/gzip",
+    ".tar": "application/x-tar",
+    ".7z": "application/x-7z-compressed",
+    ".rar": "application/vnd.rar",
+    ".doc": "application/msword",
+    ".xls": "application/vnd.ms-excel",
+    ".ppt": "application/vnd.ms-powerpoint",
+    ".docx": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+    ".xlsx": "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+    ".pptx": "application/vnd.openxmlformats-officedocument.presentationml.presentation",
+    ".csv": "text/csv",
+    ".txt": "text/plain",
+    ".md": "text/markdown",
+    ".amr": "audio/amr",
+    ".aac": "audio/aac",
+    ".wav": "audio/wav",
+    ".webm": "video/webm",
+    ".avi": "video/x-msvideo",
+    ".bmp": "image/bmp",
+    ".svg": "image/svg+xml"
+};
+/** 通过 buffer 魔术字节嗅探 MIME 类型（动态导入 file-type，不强依赖） */
+function sniffMimeFromBuffer(buffer) {
+    var _a;
+    return __awaiter(this, void 0, void 0, function () {
+        var fileTypeFromBuffer, type, _b;
+        return __generator(this, function (_c) {
+            switch (_c.label) {
+                case 0:
+                    _c.trys.push([0, 3, , 4]);
+                    return [4 /*yield*/, Promise.resolve().then(function () { return __importStar(require("file-type")); })];
+                case 1:
+                    fileTypeFromBuffer = (_c.sent()).fileTypeFromBuffer;
+                    return [4 /*yield*/, fileTypeFromBuffer(buffer)];
+                case 2:
+                    type = _c.sent();
+                    return [2 /*return*/, (_a = type === null || type === void 0 ? void 0 : type.mime) !== null && _a !== void 0 ? _a : undefined];
+                case 3:
+                    _b = _c.sent();
+                    return [2 /*return*/, undefined];
+                case 4: return [2 /*return*/];
+            }
+        });
+    });
+}
+/** fallback 版 detectMime，参考 weclaw/src/media/mime.ts */
+function detectMimeFallback(opts) {
+    var _a, _b, _c;
+    return __awaiter(this, void 0, void 0, function () {
+        var ext, extMime, sniffed, _d, isGeneric, headerMime;
+        return __generator(this, function (_e) {
+            switch (_e.label) {
+                case 0:
+                    ext = opts.filePath ? path.extname(opts.filePath).toLowerCase() : undefined;
+                    extMime = ext ? MIME_BY_EXT[ext] : undefined;
+                    if (!opts.buffer) return [3 /*break*/, 2];
+                    return [4 /*yield*/, sniffMimeFromBuffer(opts.buffer)];
+                case 1:
+                    _d = _e.sent();
+                    return [3 /*break*/, 3];
+                case 2:
+                    _d = undefined;
+                    _e.label = 3;
+                case 3:
+                    sniffed = _d;
+                    isGeneric = function (m) {
+                        return !m || m === "application/octet-stream" || m === "application/zip";
+                    };
+                    if (sniffed && (!isGeneric(sniffed) || !extMime)) {
+                        return [2 /*return*/, sniffed];
+                    }
+                    if (extMime) {
+                        return [2 /*return*/, extMime];
+                    }
+                    headerMime = (_c = (_b = (_a = opts.headerMime) === null || _a === void 0 ? void 0 : _a.split(";")) === null || _b === void 0 ? void 0 : _b[0]) === null || _c === void 0 ? void 0 : _c.trim().toLowerCase();
+                    if (headerMime && !isGeneric(headerMime)) {
+                        return [2 /*return*/, headerMime];
+                    }
+                    if (sniffed) {
+                        return [2 /*return*/, sniffed];
+                    }
+                    if (headerMime) {
+                        return [2 /*return*/, headerMime];
+                    }
+                    return [2 /*return*/, undefined];
+            }
+        });
+    });
+}
+/**
+ * 检测 MIME 类型（兼容入口）
+ *
+ * 支持两种调用签名以兼容不同使用场景：
+ * - detectMime(buffer)           → 旧式调用
+ * - detectMime({ buffer, headerMime, filePath }) → 完整参数
+ *
+ * 优先使用 SDK 版本，不可用时使用 fallback。
+ */
+function detectMime(bufferOrOpts) {
+    return __awaiter(this, void 0, void 0, function () {
+        var sdk, opts, _a;
+        return __generator(this, function (_b) {
+            switch (_b.label) {
+                case 0: return [4 /*yield*/, _sdkReady];
+                case 1:
+                    sdk = _b.sent();
+                    opts = Buffer.isBuffer(bufferOrOpts)
+                        ? { buffer: bufferOrOpts }
+                        : bufferOrOpts;
+                    if (!sdk.detectMime) return [3 /*break*/, 5];
+                    _b.label = 2;
+                case 2:
+                    _b.trys.push([2, 4, , 5]);
+                    return [4 /*yield*/, sdk.detectMime(opts)];
+                case 3: return [2 /*return*/, _b.sent()];
+                case 4:
+                    _a = _b.sent();
+                    return [3 /*break*/, 5];
+                case 5: return [2 /*return*/, detectMimeFallback(opts)];
+            }
+        });
+    });
+}
+exports.detectMime = detectMime;
+// ============================================================================
+// loadOutboundMediaFromUrl —— 从 URL/路径加载媒体文件
+// ============================================================================
+/** 安全的本地文件路径校验，参考 weclaw/src/web/media.ts */
+function assertLocalMediaAllowed(mediaPath, localRoots) {
+    return __awaiter(this, void 0, void 0, function () {
+        var resolved, _a, _i, localRoots_1, root, resolvedRoot, _b;
+        return __generator(this, function (_c) {
+            switch (_c.label) {
+                case 0:
+                    if (!localRoots || localRoots.length === 0) {
+                        throw new Error("Local media path is not under an allowed directory: " + mediaPath);
+                    }
+                    _c.label = 1;
+                case 1:
+                    _c.trys.push([1, 3, , 4]);
+                    return [4 /*yield*/, fs.realpath(mediaPath)];
+                case 2:
+                    resolved = _c.sent();
+                    return [3 /*break*/, 4];
+                case 3:
+                    _a = _c.sent();
+                    resolved = path.resolve(mediaPath);
+                    return [3 /*break*/, 4];
+                case 4:
+                    _i = 0, localRoots_1 = localRoots;
+                    _c.label = 5;
+                case 5:
+                    if (!(_i < localRoots_1.length)) return [3 /*break*/, 11];
+                    root = localRoots_1[_i];
+                    resolvedRoot = void 0;
+                    _c.label = 6;
+                case 6:
+                    _c.trys.push([6, 8, , 9]);
+                    return [4 /*yield*/, fs.realpath(root)];
+                case 7:
+                    resolvedRoot = _c.sent();
+                    return [3 /*break*/, 9];
+                case 8:
+                    _b = _c.sent();
+                    resolvedRoot = path.resolve(root);
+                    return [3 /*break*/, 9];
+                case 9:
+                    if (resolvedRoot === path.parse(resolvedRoot).root) {
+                        return [3 /*break*/, 10];
+                    }
+                    if (resolved === resolvedRoot || resolved.startsWith(resolvedRoot + path.sep)) {
+                        return [2 /*return*/];
+                    }
+                    _c.label = 10;
+                case 10:
+                    _i++;
+                    return [3 /*break*/, 5];
+                case 11: throw new Error("Local media path is not under an allowed directory: " + mediaPath);
+            }
+        });
+    });
+}
+/** 从远程 URL 获取媒体 */
+function shouldRetryRemoteFetchStatus(status) {
+    return status === 408 || status === 429 || status >= 500;
+}
+function shouldRetryRemoteFetchError(err) {
+    var _a, _b;
+    var code = String(((_a = err) === null || _a === void 0 ? void 0 : _a.code) || "").trim();
+    if (code === "ECONNRESET" ||
+        code === "ETIMEDOUT" ||
+        code === "ECONNREFUSED" ||
+        code === "EAI_AGAIN" ||
+        code === "ENETUNREACH" ||
+        code === "EHOSTUNREACH") {
+        return true;
+    }
+    var message = String(((_b = err) === null || _b === void 0 ? void 0 : _b.message) || err || "").toLowerCase();
+    return (message.includes("network") ||
+        message.includes("timed out") ||
+        message.includes("timeout") ||
+        message.includes("socket hang up") ||
+        message.includes("fetch failed") ||
+        message.includes("connection reset"));
+}
+function sleep(ms) {
+    return __awaiter(this, void 0, void 0, function () {
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, new Promise(function (resolve) { return setTimeout(resolve, ms); })];
+                case 1:
+                    _a.sent();
+                    return [2 /*return*/];
+            }
+        });
+    });
+}
+function fetchRemoteMedia(url, maxBytes, gatewayToken) {
+    var _a, _b, _c;
+    return __awaiter(this, void 0, void 0, function () {
+        var headers, token, res, lastErr, _loop_1, attempt, state_1, buffer, _d, _e, headerMime, fileName, disposition, match, contentType;
+        return __generator(this, function (_f) {
+            switch (_f.label) {
+                case 0:
+                    headers = {};
+                    token = String(gatewayToken || "").trim();
+                    if (token) {
+                        headers.Authorization = "Bearer " + token;
+                    }
+                    res = null;
+                    lastErr = null;
+                    _loop_1 = function (attempt) {
+                        var controller, timer, err_1;
+                        return __generator(this, function (_a) {
+                            switch (_a.label) {
+                                case 0:
+                                    controller = new AbortController();
+                                    timer = setTimeout(function () { return controller.abort(); }, REMOTE_MEDIA_FETCH_TIMEOUT_MS);
+                                    _a.label = 1;
+                                case 1:
+                                    _a.trys.push([1, 3, , 6]);
+                                    return [4 /*yield*/, fetch(url, {
+                                            redirect: "follow",
+                                            headers: Object.keys(headers).length ? headers : undefined,
+                                            signal: controller.signal
+                                        })];
+                                case 2:
+                                    res = _a.sent();
+                                    clearTimeout(timer);
+                                    return [3 /*break*/, 6];
+                                case 3:
+                                    err_1 = _a.sent();
+                                    clearTimeout(timer);
+                                    lastErr = err_1;
+                                    if (!(attempt < REMOTE_MEDIA_FETCH_MAX_ATTEMPTS && shouldRetryRemoteFetchError(err_1))) return [3 /*break*/, 5];
+                                    return [4 /*yield*/, sleep(REMOTE_MEDIA_FETCH_RETRY_DELAY_MS * attempt)];
+                                case 4:
+                                    _a.sent();
+                                    return [2 /*return*/, "continue"];
+                                case 5: throw err_1;
+                                case 6:
+                                    if (res.ok) {
+                                        return [2 /*return*/, "break"];
+                                    }
+                                    lastErr = new Error("HTTP " + res.status + " " + res.statusText);
+                                    if (!(attempt < REMOTE_MEDIA_FETCH_MAX_ATTEMPTS &&
+                                        shouldRetryRemoteFetchStatus(res.status))) return [3 /*break*/, 8];
+                                    return [4 /*yield*/, sleep(REMOTE_MEDIA_FETCH_RETRY_DELAY_MS * attempt)];
+                                case 7:
+                                    _a.sent();
+                                    return [2 /*return*/, "continue"];
+                                case 8: throw new Error("Failed to fetch media from " + url + ": HTTP " + res.status + " " + res.statusText);
+                            }
+                        });
+                    };
+                    attempt = 1;
+                    _f.label = 1;
+                case 1:
+                    if (!(attempt <= REMOTE_MEDIA_FETCH_MAX_ATTEMPTS)) return [3 /*break*/, 4];
+                    return [5 /*yield**/, _loop_1(attempt)];
+                case 2:
+                    state_1 = _f.sent();
+                    if (state_1 === "break")
+                        return [3 /*break*/, 4];
+                    _f.label = 3;
+                case 3:
+                    attempt += 1;
+                    return [3 /*break*/, 1];
+                case 4:
+                    if (!res) {
+                        throw new Error("Failed to fetch media from " + url + ": " + String(lastErr || "unknown error"));
+                    }
+                    _e = (_d = Buffer).from;
+                    return [4 /*yield*/, res.arrayBuffer()];
+                case 5:
+                    buffer = _e.apply(_d, [_f.sent()]);
+                    if (maxBytes && buffer.length > maxBytes) {
+                        throw new Error("Media from " + url + " exceeds max size (" + buffer.length + " > " + maxBytes + ")");
+                    }
+                    headerMime = (_c = (_b = (_a = res.headers.get("content-type")) === null || _a === void 0 ? void 0 : _a.split(";")) === null || _b === void 0 ? void 0 : _b[0]) === null || _c === void 0 ? void 0 : _c.trim();
+                    disposition = res.headers.get("content-disposition");
+                    if (disposition) {
+                        match = /filename\*?\s*=\s*(?:UTF-8''|")?([^";]+)/i.exec(disposition);
+                        if (match === null || match === void 0 ? void 0 : match[1]) {
+                            try {
+                                fileName = path.basename(decodeURIComponent(match[1].replace(/["']/g, "").trim()));
+                            }
+                            catch (_g) {
+                                fileName = path.basename(match[1].replace(/["']/g, "").trim());
+                            }
+                        }
+                    }
+                    if (!fileName) {
+                        fileName = extractFileNameFromUrl(url);
+                    }
+                    return [4 /*yield*/, detectMimeFallback({ buffer: buffer, headerMime: headerMime, filePath: fileName !== null && fileName !== void 0 ? fileName : url })];
+                case 6:
+                    contentType = _f.sent();
+                    return [2 /*return*/, { buffer: buffer, contentType: contentType, fileName: fileName }];
+            }
+        });
+    });
+}
+function extractFileNameFromUrl(url) {
+    try {
+        var parsed = new URL(url);
+        for (var _i = 0, _a = [
+            "relative_path",
+            "path",
+            "file_path",
+            "filepath",
+            "target_path",
+            "source_path",
+        ]; _i < _a.length; _i++) {
+            var key = _a[_i];
+            var rawPath = parsed.searchParams.get(key);
+            if (!rawPath)
+                continue;
+            var base_1 = path.basename(decodeURIComponent(rawPath));
+            if (base_1 && base_1 !== "." && base_1 !== "..")
+                return base_1;
+        }
+        var base = path.basename(decodeURIComponent(parsed.pathname));
+        if (base && base.includes("."))
+            return base;
+    }
+    catch (_b) {
+        // ignore malformed URL
+    }
+    return undefined;
+}
+function isTrustedGatewayMediaUrl(mediaUrl, gatewayBaseUrl) {
+    var baseText = String(gatewayBaseUrl || "").trim().replace(/\/+$/, "");
+    if (!baseText)
+        return false;
+    try {
+        var target = new URL(mediaUrl);
+        var base = new URL(baseText);
+        if (target.origin !== base.origin)
+            return false;
+        var basePath = base.pathname.replace(/\/+$/, "");
+        if (basePath && basePath !== "/" && !target.pathname.startsWith(basePath + "/")) {
+            return false;
+        }
+        return (target.pathname.includes("/file_system/view") ||
+            target.pathname.includes("/api/media/") ||
+            target.pathname.includes("/media/"));
+    }
+    catch (_a) {
+        return false;
+    }
+}
+/** 展开 ~ 为用户主目录 */
+function resolveUserPath(p) {
+    if (p.startsWith("~")) {
+        return path.join(os.homedir(), p.slice(1));
+    }
+    return p;
+}
+/** fallback 版 loadOutboundMediaFromUrl，参考 weclaw/src/web/media.ts */
+function loadOutboundMediaFromUrlFallback(mediaUrl, options) {
+    if (options === void 0) { options = {}; }
+    return __awaiter(this, void 0, void 0, function () {
+        var maxBytes, mediaLocalRoots, gatewayToken, trustedGatewayBaseUrl, fetched, data, stat, fh, err_2, mime, fileName;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0:
+                    maxBytes = options.maxBytes, mediaLocalRoots = options.mediaLocalRoots, gatewayToken = options.gatewayToken, trustedGatewayBaseUrl = options.trustedGatewayBaseUrl;
+                    // 去除 MEDIA: 前缀
+                    mediaUrl = mediaUrl.replace(/^\s*MEDIA\s*:\s*/i, "");
+                    // 处理 file:// URL
+                    if (mediaUrl.startsWith("file://")) {
+                        try {
+                            mediaUrl = node_url_1.fileURLToPath(mediaUrl);
+                        }
+                        catch (_b) {
+                            throw new Error("Invalid file:// URL: " + mediaUrl);
+                        }
+                    }
+                    if (!/^https?:\/\//i.test(mediaUrl)) return [3 /*break*/, 2];
+                    return [4 /*yield*/, fetchRemoteMedia(mediaUrl, maxBytes, gatewayToken)];
+                case 1:
+                    fetched = _a.sent();
+                    return [2 /*return*/, {
+                            buffer: fetched.buffer,
+                            contentType: fetched.contentType,
+                            fileName: fetched.fileName
+                        }];
+                case 2:
+                    // 展开 ~ 路径
+                    if (mediaUrl.startsWith("~")) {
+                        mediaUrl = resolveUserPath(mediaUrl);
+                    }
+                    // 本地文件：安全校验
+                    return [4 /*yield*/, assertLocalMediaAllowed(mediaUrl, mediaLocalRoots)];
+                case 3:
+                    // 本地文件：安全校验
+                    _a.sent();
+                    _a.label = 4;
+                case 4:
+                    _a.trys.push([4, 12, , 13]);
+                    return [4 /*yield*/, fs.stat(mediaUrl)];
+                case 5:
+                    stat = _a.sent();
+                    if (!stat.isFile()) {
+                        throw new Error("Local media path is not a file: " + mediaUrl);
+                    }
+                    return [4 /*yield*/, fs.open(mediaUrl, "r")];
+                case 6:
+                    fh = _a.sent();
+                    _a.label = 7;
+                case 7:
+                    _a.trys.push([7, , 9, 11]);
+                    return [4 /*yield*/, fh.read({ buffer: Buffer.alloc(stat.size), length: stat.size }).then(function (r) { return r.buffer.subarray(0, r.bytesRead); })];
+                case 8:
+                    data = _a.sent();
+                    return [3 /*break*/, 11];
+                case 9: return [4 /*yield*/, fh.close()];
+                case 10:
+                    _a.sent();
+                    return [7 /*endfinally*/];
+                case 11: return [3 /*break*/, 13];
+                case 12:
+                    err_2 = _a.sent();
+                    if ((err_2 === null || err_2 === void 0 ? void 0 : err_2.code) === "ENOENT") {
+                        throw new Error("Local media file not found: " + mediaUrl);
+                    }
+                    throw err_2;
+                case 13:
+                    if (maxBytes && data.length > maxBytes) {
+                        throw new Error("Local media exceeds max size (" + data.length + " > " + maxBytes + ")");
+                    }
+                    return [4 /*yield*/, detectMimeFallback({ buffer: data, filePath: mediaUrl })];
+                case 14:
+                    mime = _a.sent();
+                    fileName = path.basename(mediaUrl) || undefined;
+                    return [2 /*return*/, {
+                            buffer: data,
+                            contentType: mime,
+                            fileName: fileName
+                        }];
+            }
+        });
+    });
+}
+/**
+ * 从 URL 或本地路径加载媒体文件（兼容入口）
+ *
+ * 优先使用 SDK 版本，不可用时使用 fallback。
+ * SDK 版本抛出的业务异常（如 LocalMediaAccessError）会直接透传。
+ */
+function loadOutboundMediaFromUrl(mediaUrl, options) {
+    if (options === void 0) { options = {}; }
+    return __awaiter(this, void 0, void 0, function () {
+        var sdk;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0:
+                    if (options.gatewayToken &&
+                        isTrustedGatewayMediaUrl(mediaUrl, options.trustedGatewayBaseUrl)) {
+                        return [2 /*return*/, fetchRemoteMedia(mediaUrl, options.maxBytes, options.gatewayToken)];
+                    }
+                    return [4 /*yield*/, _sdkReady];
+                case 1:
+                    sdk = _a.sent();
+                    if (sdk.loadOutboundMediaFromUrl) {
+                        return [2 /*return*/, sdk.loadOutboundMediaFromUrl(mediaUrl, options)];
+                    }
+                    return [2 /*return*/, loadOutboundMediaFromUrlFallback(mediaUrl, options)];
+            }
+        });
+    });
+}
+exports.loadOutboundMediaFromUrl = loadOutboundMediaFromUrl;
+// ============================================================================
+// addWildcardAllowFrom —— 向 allowFrom 列表添加通配符 "*"
+// ============================================================================
+/** fallback 版 addWildcardAllowFrom：确保列表中包含 "*" 通配符 */
+function addWildcardAllowFromFallback(allowFrom) {
+    if (allowFrom.includes("*")) {
+        return allowFrom;
+    }
+    return __spreadArrays(allowFrom, ["*"]);
+}
+/**
+ * 向 allowFrom 列表添加通配符 "*"（兼容入口）
+ *
+ * 当 dmPolicy 为 "open" 时，需要确保 allowFrom 中包含 "*" 以允许所有来源。
+ * 优先使用 SDK 版本（plugin-sdk/setup 或 plugin-sdk/core），不可用时使用 fallback。
+ *
+ * 注意：此函数为同步函数，与 SDK 原始签名一致。
+ * SDK 引用在模块加载时异步探测并缓存，调用时同步读取缓存。
+ */
+function addWildcardAllowFrom(allowFrom) {
+    if (_cachedAddWildcardAllowFrom) {
+        try {
+            return _cachedAddWildcardAllowFrom(allowFrom);
+        }
+        catch (_a) {
+            // SDK 版本异常，降级到 fallback
+        }
+    }
+    return addWildcardAllowFromFallback(allowFrom);
+}
+exports.addWildcardAllowFrom = addWildcardAllowFrom;
+// ============================================================================
+// getDefaultMediaLocalRoots —— 获取默认媒体本地路径白名单
+// ============================================================================
+/**
+ * 获取默认媒体本地路径白名单（兼容入口）
+ *
+ * 优先使用 SDK 版本，不可用时手动构建白名单（与 weclaw/src/media/local-roots.ts 逻辑一致）。
+ */
+function getDefaultMediaLocalRoots() {
+    return __awaiter(this, void 0, void 0, function () {
+        var sdk, stateDir;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, _sdkReady];
+                case 1:
+                    sdk = _a.sent();
+                    if (sdk.getDefaultMediaLocalRoots) {
+                        try {
+                            return [2 /*return*/, sdk.getDefaultMediaLocalRoots()];
+                        }
+                        catch (_b) {
+                            // SDK 版本异常，降级到 fallback
+                        }
+                    }
+                    stateDir = path.resolve(state_dir_resolve_js_1.resolveStateDir());
+                    return [2 /*return*/, [
+                            path.join(stateDir, "media"),
+                            path.join(stateDir, "agents"),
+                            path.join(stateDir, "workspace"),
+                            path.join(stateDir, "sandboxes"),
+                        ]];
+            }
+        });
+    });
+}
+exports.getDefaultMediaLocalRoots = getDefaultMediaLocalRoots;
+function emptyPluginConfigSchema() {
+    return {
+        type: 'object',
+        additionalProperties: false,
+        properties: {}
+    };
+}
+exports.emptyPluginConfigSchema = emptyPluginConfigSchema;
+// ============================================================================
+// 辅助函数（参考 moltbot 实现）
+// ============================================================================
+/**
+ * 解析可选的分隔条目
+ * @param value 输入字符串，支持逗号、分号、换行符分隔
+ * @returns 解析后的字符串数组，如果输入为空则返回 undefined
+ */
+function parseOptionalDelimitedEntries(value) {
+    if (!(value === null || value === void 0 ? void 0 : value.trim())) {
+        return undefined;
+    }
+    var parsed = value
+        .split(/[\n,;]+/g)
+        .map(function (entry) { return entry.trim(); })
+        .filter(Boolean);
+    return parsed.length > 0 ? parsed : undefined;
+}
+exports.parseOptionalDelimitedEntries = parseOptionalDelimitedEntries;
+/**
+ * 构建账户范围的 DM 安全策略
+ */
+function buildAccountScopedDmSecurityPolicy(params) {
+    var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
+    var DEFAULT_ACCOUNT_ID = "default";
+    var resolvedAccountId = (_b = (_a = params.accountId) !== null && _a !== void 0 ? _a : params.fallbackAccountId) !== null && _b !== void 0 ? _b : DEFAULT_ACCOUNT_ID;
+    var channelConfig = (_c = params.cfg.channels) === null || _c === void 0 ? void 0 : _c[params.channelKey];
+    var useAccountPath = Boolean((_d = channelConfig === null || channelConfig === void 0 ? void 0 : channelConfig.accounts) === null || _d === void 0 ? void 0 : _d[resolvedAccountId]);
+    var basePath = useAccountPath
+        ? "channels." + params.channelKey + ".accounts." + resolvedAccountId + "."
+        : "channels." + params.channelKey + ".";
+    var allowFromPath = "" + basePath + ((_e = params.allowFromPathSuffix) !== null && _e !== void 0 ? _e : "");
+    var policyPath = params.policyPathSuffix != null ? "" + basePath + params.policyPathSuffix : undefined;
+    return {
+        policy: (_g = (_f = params.policy) !== null && _f !== void 0 ? _f : params.defaultPolicy) !== null && _g !== void 0 ? _g : "pairing",
+        allowFrom: (_h = params.allowFrom) !== null && _h !== void 0 ? _h : [],
+        policyPath: policyPath,
+        allowFromPath: allowFromPath,
+        approveHint: (_j = params.approveHint) !== null && _j !== void 0 ? _j : formatPairingApproveHint((_k = params.approveChannelId) !== null && _k !== void 0 ? _k : params.channelKey),
+        normalizeEntry: params.normalizeEntry
+    };
+}
+exports.buildAccountScopedDmSecurityPolicy = buildAccountScopedDmSecurityPolicy;
+/**
+ * 格式化配对审批提示信息（参考 moltbot 实现）
+ * @param channelId 频道ID
+ * @returns 配对审批提示字符串
+ */
+function formatPairingApproveHint(channelId) {
+    var listCmd = "openclaw pairing list " + channelId;
+    var approveCmd = "openclaw pairing approve " + channelId + " <code>";
+    return "\u5411 " + channelId + " \u673A\u5668\u4EBA\u53D1\u9001\u6D88\u606F\u4EE5\u5B8C\u6210\u914D\u5BF9\u5BA1\u6279\uFF08\u547D\u4EE4\u884C\uFF1A" + listCmd + " / " + approveCmd + "\uFF09";
+}
+exports.formatPairingApproveHint = formatPairingApproveHint;
+/**
+ * fallback 实现：构建多账号作用域的 DM 安全策略对象。
+ *
+ * 逻辑与 openclaw/plugin-sdk/channel-policy 中的
+ * buildAccountScopedDmSecurityPolicy 完全一致。
+ */
+function buildAccountScopedDmSecurityPolicyFallback(params) {
+    var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
+    var DEFAULT_ACCOUNT = "default";
+    var resolvedAccountId = (_b = (_a = params.accountId) !== null && _a !== void 0 ? _a : params.fallbackAccountId) !== null && _b !== void 0 ? _b : DEFAULT_ACCOUNT;
+    var channelConfig = (_c = params.cfg.channels) === null || _c === void 0 ? void 0 : _c[params.channelKey];
+    var useAccountPath = Boolean((_d = channelConfig === null || channelConfig === void 0 ? void 0 : channelConfig.accounts) === null || _d === void 0 ? void 0 : _d[resolvedAccountId]);
+    var basePath = useAccountPath
+        ? "channels." + params.channelKey + ".accounts." + resolvedAccountId + "."
+        : "channels." + params.channelKey + ".";
+    var allowFromPath = "" + basePath + ((_e = params.allowFromPathSuffix) !== null && _e !== void 0 ? _e : "");
+    var policyPath = params.policyPathSuffix != null
+        ? "" + basePath + params.policyPathSuffix
+        : undefined;
+    // 构建 approveHint 的简化版本（不依赖 formatCliCommand）
+    var channelId = (_f = params.approveChannelId) !== null && _f !== void 0 ? _f : params.channelKey;
+    var defaultApproveHint = "Approve via: openclaw pairing list " + channelId + " / openclaw pairing approve " + channelId + " <code>";
+    return {
+        policy: (_h = (_g = params.policy) !== null && _g !== void 0 ? _g : params.defaultPolicy) !== null && _h !== void 0 ? _h : "pairing",
+        allowFrom: (_j = params.allowFrom) !== null && _j !== void 0 ? _j : [],
+        policyPath: policyPath,
+        allowFromPath: allowFromPath,
+        approveHint: (_k = params.approveHint) !== null && _k !== void 0 ? _k : defaultApproveHint,
+        normalizeEntry: params.normalizeEntry
+    };
+}
+// 一次性探测 SDK 是否导出了 buildAccountScopedDmSecurityPolicy
+var _sdkPolicyReady = (function () { return __awaiter(void 0, void 0, void 0, function () {
+    var sdk, _a;
+    return __generator(this, function (_b) {
+        switch (_b.label) {
+            case 0:
+                _b.trys.push([0, 2, , 3]);
+                return [4 /*yield*/, Promise.resolve().then(function () { return __importStar(require("ylib-openclaw/plugin-sdk")); })];
+            case 1:
+                sdk = _b.sent();
+                if (typeof sdk.buildAccountScopedDmSecurityPolicy === "function") {
+                    return [2 /*return*/, { buildAccountScopedDmSecurityPolicy: sdk.buildAccountScopedDmSecurityPolicy }];
+                }
+                return [2 /*return*/, {}];
+            case 2:
+                _a = _b.sent();
+                // openclaw/plugin-sdk 不可用或版本过低
+                return [2 /*return*/, {}];
+            case 3: return [2 /*return*/];
+        }
+    });
+}); })();
+/**
+ * 构建多账号作用域的 DM 安全策略（兼容入口）
+ *
+ * 优先使用 SDK 版本（openclaw/plugin-sdk/channel-policy），
+ * 不可用时使用 fallback 实现。
+ */
+function buildAccountScopedDmSecurityPolicyCompat(params) {
+    return __awaiter(this, void 0, void 0, function () {
+        var sdk;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, _sdkPolicyReady];
+                case 1:
+                    sdk = _a.sent();
+                    if (sdk.buildAccountScopedDmSecurityPolicy) {
+                        try {
+                            return [2 /*return*/, sdk.buildAccountScopedDmSecurityPolicy(params)];
+                        }
+                        catch (_b) {
+                            // SDK 版本异常，降级到 fallback
+                        }
+                    }
+                    return [2 /*return*/, buildAccountScopedDmSecurityPolicyFallback(params)];
+            }
+        });
+    });
+}
+exports.buildAccountScopedDmSecurityPolicyCompat = buildAccountScopedDmSecurityPolicyCompat;