jQuery default processData:true re-serializes string bodies, causing
double-encoding for form-urlencoded payloads. Set processData:false
when contentType is application/x-www-form-urlencoded.
🤖 Generated with [Qoder][https://qoder.com]
- Guard against empty modes falling through to compile_multi_mode_request
by falling back to compile_simple_request_script for edge cases
- Optimize ensure_modes_populated to clone only when needed
- Reduces dead-code warnings from 3 to 2
🤖 Generated with [Qoder][https://qoder.com]
Single-mode and page-state-eval scenes now get auto-wrapped into a
default mode and compiled through compile_multi_mode_request. This
eliminates the old browser_script_with_business_logic code path and
ensures all scenes get responsePath extraction, requestTemplate, and
contentType support.
🤖 Generated with [Qoder][https://qoder.com]
8 tasks across 3 phases with exact file paths, step-by-step instructions,
test commands, and commit messages for each task.
🤖 Generated with [Qoder][https://qoder.com]
Issue #1 (Critical): Replaced eval() in buildModeRequest with a safe
resolveTemplateValue function that only supports args.fieldName and
args['fieldName'] patterns, eliminating XSS/injection vulnerability.
Issue #2 (Critical): Added defensive guard in detectMode that throws a
clear error when MODES array is empty, preventing undefined property access.
🤖 Generated with [Qoder][https://qoder.com]
The NormalizeRulesJson struct was serializing required_fields and filter_null
as snake_case, but the JavaScript template accesses them as requiredFields
and filterNull. Add #[serde(rename = "requiredFields")] and #[serde(rename = "filterNull")]
to fix the systematic snake_case vs camelCase mismatch in multi-mode templates.
🤖 Generated with [Qoder][https://qoder.com]
Add browser_script_with_modes function that generates JavaScript with:
- detectMode() to select mode based on args
- buildModeRequest() with content-type handling (JSON/form-urlencoded)
- normalizeModeRows() with validation rules
- queryModeData() with jQuery + fetch dual HTTP client
Modify browser_script() to check for modes first before falling back
to business_logic or skeleton templates.
🤖 Generated with [Qoder][https://qoder.com]
Add ModeConditionJson, NormalizeRulesJson, ApiEndpointEnhancedJson, and
ModeConfigJson structs to support multi-mode business logic in generated
scripts. Enhance SceneInfoJson with modes, default_mode, and mode_switch_field.
🤖 Generated with [Qoder][https://qoder.com]
- Add page context validation step with deps.validatePageContext
- Change validation failure status from 'error' to 'blocked'
- Add row normalization partial detection
- Use buildArtifact for all return paths consistently
- Add COLUMNS and REPORT_NAME constants for buildArtifact
- Export determineArtifactStatus, COLUMNS, REPORT_NAME in module.exports
🤖 Generated with [Qoder][https://qoder.com]
- Change function signature to accept destructured object parameter
- Integrate determineArtifactStatus for automatic status calculation
- Use REPORT_NAME and COLUMNS constants (to be defined in Task 6)
- Add proper filtering for partial_reasons (exclude api_/validation_ prefixes)
- Add deduplication for reasons array
- Update call site in buildBrowserEntrypointResult to use new signature
🤖 Generated with [Qoder][https://qoder.com]
Add a helper function to determine artifact status based on business
logic conditions:
- blocked: blockedReason exists (validation failed, wrong page context)
- error: fatalError exists (API call failed)
- partial: reasons array non-empty (some data issues)
- empty: no rows returned
- ok: rows exist with no issues
This is Task 3 of 8 in the progressive template enhancement.
🤖 Generated with [Qoder][https://qoder.com]
Enhance defaultDeps with:
- validatePageContext: Checks hostname against expected_domain for page context validation
- queryData: Dual HTTP client with jQuery $.ajax as primary and fetch as fallback
- jQuery preferred for internal pages that typically have it
- Clear error message if neither client is available
🤖 Generated with [Qoder][https://qoder.com]
The previous implementation used `new URL(endpoint.url, window.location.origin)`
which incorrectly constructed URLs based on the current page's origin. This broke
when endpoint URLs were already complete URLs (e.g., http://20.76.57.61:18080/...).
The fix uses endpoint.url directly since LLM extraction already provides complete
URLs. Also changed from GET with query params to POST with JSON body to match
typical API expectations.
🤖 Generated with [Qoder][https://qoder.com]
- Add SceneInfoJson struct with serde rename for camelCase compatibility
- Add ApiEndpointJson and BusinessLogicJson support structs
- Add scene_info_json field to GenerateSceneRequest (backward compatible)
- Rename browser_script to browser_script_skeleton
- Add new browser_script that delegates based on scene_info presence
- Add browser_script_with_business_logic for enhanced script generation
- Update CLI to accept --scene-info-json parameter
- Update usage string to document new parameter
Generated with [Qoder][https://qoder.com]
Add analyzeSceneDeep() function that extracts complete SceneInfo from
index.html content including API endpoints, static parameters, column
definitions, and business logic. Also adds http module import to support
non-HTTPS LLM endpoints.
🤖 Generated with [Qoder][https://qoder.com]
Design for enhancing sg_scene_generate to produce complete,
runnable skill packages with:
- Deep LLM extraction from index.html (API endpoints, params, columns)
- Enhanced Rust template rendering with business logic
- Web UI preview of extracted results
🤖 Generated with [Qoder][https://qoder.com]
- Add /select-folder and /select-file APIs using PowerShell dialogs
- Add --target-url parameter to CLI for explicit target URL override
- Redesign Web UI with folder browse buttons for all path inputs
- Add target_url optional input field for specifying target page URL
- Auto-fill scene-id from selected folder name
🤖 Generated with [Qoder][https://qoder.com]
When HTML has no sgclaw-expected-domain meta tag, analyzer now scans
for external script URLs (http:// or https://) and extracts the
domain (host:port) as expected_domain.
Example:
<script src="http://25.215.213.128:18080/a_js/YPTAPI.js"></script>
→ expected_domain = "25.215.213.128:18080"
This reduces manual editing required for third-party scenes.
🤖 Generated with [Qoder][https://qoder.com]
Remove the validation that required target_url, expected_domain, and
entry_script meta tags for ReportCollection scenes. Third-party scenes
do not have these meta tags, so the generator now uses empty values
that users can manually edit in scene.toml.
🤖 Generated with [Qoder][https://qoder.com]
Add scene type selector to the generator form:
- CSS styles for select element matching existing input style
- Dropdown with "报表收集类" (report_collection) and "监测类" (monitoring) options
- Pass sceneKind to /generate API endpoint
🤖 Generated with [Qoder][https://qoder.com]
Pass sceneKind to sg_scene_generate CLI when specified,
allowing generation of different scene kinds (report_collection,
monitoring, etc.).
🤖 Generated with [Qoder][https://qoder.com]
- Add scene_kind field to GenerateSceneRequest
- Update generate_scene_package to use analyze_scene_source_with_hint
- Implement scene_toml_monitoring for simplified monitoring scene manifests
- Add scene_toml router to dispatch to different templates based on SceneKind
- Add --scene-kind CLI option to sg_scene_generate binary
- Add generator_emits_monitoring_template test
- Create monitoring fixture with index.html (no meta tag, tests hint param)
Monitoring templates have simplified scene.toml without org/period resolvers.
🤖 Generated with [Qoder][https://qoder.com]
Remove duplicate implementation in analyze_scene_source() and replace
with simple delegation to analyze_scene_source_with_hint(source_dir, None).
This eliminates ~50 lines of duplicated logic that could drift apart
from the main implementation. Updated the test to verify the new
behavior where sources without scene-kind meta tag default to
ReportCollection instead of being rejected.
🤖 Generated with [Qoder][https://qoder.com]
- Add SceneKind::Monitoring enum variant with from_str/as_str helpers
- Add analyze_scene_source_with_hint function accepting optional scene kind hint
- User hint takes priority over meta tag, defaults to ReportCollection
- ReportCollection requires target_url, expected_domain, entry_script
- Monitoring type has optional fields
- Add test cases for hint parameter behavior
- Update non_report fixture with required meta tags for ReportCollection
🤖 Generated with [Qoder][https://qoder.com]
Design for extending sg_scene_generate to support multiple scene kinds
(report_collection, monitoring) with manual type selection in Web UI,
relaxing the requirement for meta tags in third-party scene directories.
🤖 Generated with [Qoder][https://qoder.com]
Add parent sgClaw directory to config search candidates so Node.js
server automatically finds the correct config with DeepSeek API
endpoint instead of the test config in claw-new directory.
🤖 Generated with [Qoder][https://qoder.com]
- server.js: sanitize static file paths to prevent directory traversal
(GET /../../sgclaw_config.json would expose API key)
- config-loader.js: fix normalizeBaseUrl to strip /v1 before appending,
preventing double /v1 for non-standard base URLs
🤖 Generated with [Qoder][https://qoder.com]
Adds a web-based UI for generating scene skill packages:
- Node.js HTTP server (zero npm dependencies) on port 3210
- HTML page with glass-morphism UI, dual-panel layout, settings modal
- LLM-powered scene-id/scene-name auto-extraction from directory contents
- Real-time SSE progress streaming during skill generation
- Spawns sg_scene_generate CLI with configurable parameters
- Windows-compatible startup scripts (serve.sh + serve.cmd)
- Rust integration tests for server files and HTML structure
Architecture:
Browser (HTML/JS) → Node.js server → LLM API + cargo run → sg_scene_generate
Files:
frontend/scene-generator/{server.js,config-loader.js,llm-client.js,generator-runner.js,sg_scene_generator.html,serve.sh,serve.cmd}
tests/{scene_generator_server_test.rs,scene_generator_html_test.rs,scene_generator_llm_test.js}
docs/superpowers/{plans,specs}/2026-04-16-scene-skill-generator*
🤖 Generated with [Qoder][https://qoder.com]
Add self-contained HTML page for the Scene Skill Generator frontend:
- Dual-column glass-morphism layout matching service-console style
- Left sidebar: status card, sourceDir input with analyze button,
sceneId/sceneName inputs, settings button, generate button
- Right panel: streaming log display with SSE event rendering
- Settings modal: outputRoot, lessons, llmBaseUrl, llmModel fields
- JavaScript: connects to http://127.0.0.1:3210, implements analyze()
via fetch POST /analyze, generate() via fetch POST /generate with
SSE stream reading, settings modal open/close
- Rust test verifying HTML file exists and contains required elements
🤖 Generated with [Qoder][https://qoder.com]
Add config-loader.js module for loading sgclaw_config.json credentials
and resolving project root directory. Add initial Rust source-guard test
to verify server file paths exist.
🤖 Generated with [Qoder][https://qoder.com]
Align the service task flow callback-host regression with the hidden helper close/open bootstrap sequence uncovered during final request-url verification.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
