admin/claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: admin:main
Branches Tags
admin:main admin:feature/generated-scene-skill-platform admin:feature/claw-ws
...
compare: admin:883647dffce5ca23845a36b38523b8fd08fe81b3
Branches Tags
admin:feature/generated-scene-skill-platform admin:feature/claw-ws admin:main

10 Commits
main ... 883647dffc

Author SHA1 Message Date
木炎
883647dffc feat: add config-owned direct submit runtime 
Keep browser-attached workflows on the configured direct-skill path and align the Zhihu export/browser regression contracts with the current ws merge state.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 15:45:42 +08:00
木炎
b454fa3f54 refactor: remove ws-only scene routing remnants 
Keep the ws branch focused on websocket and Zhihu behavior by dropping staged scene-routing artifacts and restoring single-path skills dir semantics.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-10 22:35:43 +08:00
木炎
81de162756 docs: add ws branch cleanup plan 
Document the post-main cleanup steps for removing staged scene routing from the ws branch while preserving websocket and Zhihu flows.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-09 11:13:43 +08:00
木炎
630190e4d3 docs: add command center analysis artifacts 
Capture the command-center operation analyses, inventory outputs, and browser pipeline reference files produced during the current research pass so they can be reviewed from the branch.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-09 10:43:09 +08:00
木炎
57b9be733d fix: harden service websocket reconnect flows 
Stabilize the service console and callback-host websocket paths so idle disconnects and mid-task client drops no longer wedge task execution or spam repeated commands.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-09 10:34:34 +08:00
木炎
96c3bf1dee feat: route staged scene skills through runtime 
Add registry-driven scene routing and multi-root skill loading so fault-details and 95598 scene skills can be triggered from natural language while still running through the browser-backed runtime.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-07 16:17:17 +08:00
木炎
bdf8e12246 feat: align browser callback runtime and export flows 
Consolidate the browser task runtime around the callback path, add safer artifact opening for Zhihu exports, and cover the new service/browser flows with focused tests and supporting docs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-06 21:44:53 +08:00
木炎
0dd655712c feat: add standalone service chat console 
Provide a local HTML console that reuses the existing service websocket so task entry stays outside the browser-helper runtime path.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-06 15:26:15 +08:00
木炎
6068a8228b feat: realign zhihu browser callback runtime 
Keep Zhihu browser-attached execution on the callback-host path so direct routes, runtime wiring, and service startup stay aligned for the current websocket browser flow.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-06 12:09:47 +08:00
木炎
3e18350320 feat: add websocket browser service runtime 
Wire the service/browser runtime onto the websocket-driven execution path and add the new browser/service modules needed for the submit flow and runtime integration.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 23:42:27 +08:00
102 changed files with 26838 additions and 1441 deletions
Expand all files Collapse all files

1
Cargo.lock generated
View File

@@ -2377,6 +2377,7 @@ dependencies = [
"sha2",
"thiserror 1.0.69",
"tokio",
"tungstenite 0.29.0",
"uuid",
"zeroclawlabs",
"zip 0.6.6",

1
Cargo.toml
View File

@@ -17,6 +17,7 @@ serde_json = "1"
sha2 = "0.10"
thiserror = "1"
tokio = { version = "1", default-features = false, features = ["rt-multi-thread", "macros"] }
tungstenite = "0.29"
uuid = { version = "1", features = ["v4"] }
zip = { version = "0.6.6", default-features = false, features = ["deflate"] }
zeroclaw = { package = "zeroclawlabs", path = "third_party/zeroclaw", default-features = false }

1572
docs/_tmp_sgbrowser_ws_api_doc.txt Normal file
View File

File diff suppressed because it is too large Load Diff

145
docs/_tmp_sgbrowser_ws_probe_transcript.md Normal file
View File

@@ -0,0 +1,145 @@
# sgBrowser websocket probe transcript
Endpoint: `ws://127.0.0.1:12345`
Timeout: `1500ms`
Cargo target dir override: `D:/data/ideaSpace/rust/sgClaw/claw-new/target_task4`
## baseline-open
```text
$ CARGO_TARGET_DIR="/d/data/ideaSpace/rust/sgClaw/claw-new/target_task4" cargo run --manifest-path "/d/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "baseline-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.95s
Running `target_task4\debug\sgbrowser_ws_probe.exe --ws-url 'ws://127.0.0.1:12345' --timeout-ms 1500 --step 'baseline-open::["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]'`
STEP 1 baseline-open
SEND: ["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
RECV: Welcome! You are client #1
OUTCOME: received
```
## open-agent
```text
$ CARGO_TARGET_DIR="/d/data/ideaSpace/rust/sgClaw/claw-new/target_task4" cargo run --manifest-path "/d/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "open-agent::[\"about:blank\",\"sgOpenAgent\"]" --step "post-open-agent-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.98s
Running `target_task4\debug\sgbrowser_ws_probe.exe --ws-url 'ws://127.0.0.1:12345' --timeout-ms 1500 --step 'open-agent::["about:blank","sgOpenAgent"]' --step 'post-open-agent-open::["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]'`
STEP 1 open-agent
SEND: ["about:blank","sgOpenAgent"]
RECV: Welcome! You are client #1
OUTCOME: received
STEP 2 post-open-agent-open
SEND: ["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
RECV: <none>
OUTCOME: timeout
```
## set-auth
```text
$ CARGO_TARGET_DIR="/d/data/ideaSpace/rust/sgClaw/claw-new/target_task4" cargo run --manifest-path "/d/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "set-auth::[\"about:blank\",\"sgSetAuthInfo\",\"probe-user\",\"probe-token\"]" --step "post-set-auth-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.95s
Running `target_task4\debug\sgbrowser_ws_probe.exe --ws-url 'ws://127.0.0.1:12345' --timeout-ms 1500 --step 'set-auth::["about:blank","sgSetAuthInfo","probe-user","probe-token"]' --step 'post-set-auth-open::["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]'`
STEP 1 set-auth
SEND: ["about:blank","sgSetAuthInfo","probe-user","probe-token"]
RECV: Welcome! You are client #1
OUTCOME: received
STEP 2 post-set-auth-open
SEND: ["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
RECV: <none>
OUTCOME: timeout
```
## browser-login
```text
$ CARGO_TARGET_DIR="/d/data/ideaSpace/rust/sgClaw/claw-new/target_task4" cargo run --manifest-path "/d/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step 'browser-login::["about:blank","sgBrowserLogin",{"appName":"probe","userName":"probe","orgName":"probe","menus":[{"name":"probe","normalImg":"x","activeImg":"x","url":"https://www.zhihu.com/hot"}]}]' --step 'post-browser-login-open::["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]'
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.95s
Running `target_task4\debug\sgbrowser_ws_probe.exe --ws-url 'ws://127.0.0.1:12345' --timeout-ms 1500 --step 'browser-login::["about:blank","sgBrowserLogin",{"appName":"probe","userName":"probe","orgName":"probe","menus":[{"name":"probe","normalImg":"x","activeImg":"x","url":"https://www.zhihu.com/hot"}]}]' --step 'post-browser-login-open::["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]'`
STEP 1 browser-login
SEND: ["about:blank","sgBrowserLogin",{"appName":"probe","userName":"probe","orgName":"probe","menus":[{"name":"probe","normalImg":"x","activeImg":"x","url":"https://www.zhihu.com/hot"}]}]
RECV: Welcome! You are client #1
OUTCOME: received
STEP 2 post-browser-login-open
SEND: ["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
RECV: <none>
OUTCOME: timeout
```
## active-tab
```text
$ CARGO_TARGET_DIR="/d/data/ideaSpace/rust/sgClaw/claw-new/target_task4" cargo run --manifest-path "/d/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "active-tab::[\"about:blank\",\"sgBrowerserActiveTab\",\"https://www.zhihu.com/hot\",\"probeCallback\"]" --step "post-active-tab-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.95s
Running `target_task4\debug\sgbrowser_ws_probe.exe --ws-url 'ws://127.0.0.1:12345' --timeout-ms 1500 --step 'active-tab::["about:blank","sgBrowerserActiveTab","https://www.zhihu.com/hot","probeCallback"]' --step 'post-active-tab-open::["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]'`
STEP 1 active-tab
SEND: ["about:blank","sgBrowerserActiveTab","https://www.zhihu.com/hot","probeCallback"]
RECV: Welcome! You are client #1
OUTCOME: received
STEP 2 post-active-tab-open
SEND: ["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
RECV: <none>
OUTCOME: timeout
```
## combined-bootstrap
```text
$ CARGO_TARGET_DIR="/d/data/ideaSpace/rust/sgClaw/claw-new/target_task4" cargo run --manifest-path "/d/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "combined-open-agent::[\"about:blank\",\"sgOpenAgent\"]" --step "combined-active-tab::[\"about:blank\",\"sgBrowerserActiveTab\",\"https://www.zhihu.com/hot\",\"probeCallback\"]" --step "combined-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.95s
Running `target_task4\debug\sgbrowser_ws_probe.exe --ws-url 'ws://127.0.0.1:12345' --timeout-ms 1500 --step 'combined-open-agent::["about:blank","sgOpenAgent"]' --step 'combined-active-tab::["about:blank","sgBrowerserActiveTab","https://www.zhihu.com/hot","probeCallback"]' --step 'combined-open::["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]'`
STEP 1 combined-open-agent
SEND: ["about:blank","sgOpenAgent"]
RECV: Welcome! You are client #1
OUTCOME: received
STEP 2 combined-active-tab
SEND: ["about:blank","sgBrowerserActiveTab","https://www.zhihu.com/hot","probeCallback"]
RECV: <none>
OUTCOME: timeout
STEP 3 combined-open
SEND: ["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
RECV: <none>
OUTCOME: timeout
```
## requesturl-variants
```text
$ CARGO_TARGET_DIR="/d/data/ideaSpace/rust/sgClaw/claw-new/target_task4" cargo run --manifest-path "/d/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "target-as-requesturl::[\"https://www.zhihu.com/hot\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.94s
Running `target_task4\debug\sgbrowser_ws_probe.exe --ws-url 'ws://127.0.0.1:12345' --timeout-ms 1500 --step 'target-as-requesturl::["https://www.zhihu.com/hot","sgBrowerserOpenPage","https://www.zhihu.com/hot"]'`
STEP 1 target-as-requesturl
SEND: ["https://www.zhihu.com/hot","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
RECV: Welcome! You are client #1
OUTCOME: received
```
```text
$ CARGO_TARGET_DIR="/d/data/ideaSpace/rust/sgClaw/claw-new/target_task4" cargo run --manifest-path "/d/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "baidu-requesturl::[\"https://www.baidu.com\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.94s
Running `target_task4\debug\sgbrowser_ws_probe.exe --ws-url 'ws://127.0.0.1:12345' --timeout-ms 1500 --step 'baidu-requesturl::["https://www.baidu.com","sgBrowerserOpenPage","https://www.zhihu.com/hot"]'`
STEP 1 baidu-requesturl
SEND: ["https://www.baidu.com","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
RECV: Welcome! You are client #1
OUTCOME: received
```
| Sequence | Sent frames | First reply | Final outcome | Decision signal |
| --- | --- | --- | --- | --- |
| baseline-open | `["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]` | `Welcome! You are client #1` | received only welcome banner; no numeric status or callback frame captured | does not satisfy Option A rule |
| open-agent | `["about:blank","sgOpenAgent"]` then `["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]` | `Welcome! You are client #1` | step 2 timed out with no reply | does not satisfy Option A rule |
| set-auth | `["about:blank","sgSetAuthInfo","probe-user","probe-token"]` then `["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]` | `Welcome! You are client #1` | step 2 timed out with no reply | does not satisfy Option A rule |
| browser-login | `["about:blank","sgBrowserLogin",{"appName":"probe","userName":"probe","orgName":"probe","menus":[{"name":"probe","normalImg":"x","activeImg":"x","url":"https://www.zhihu.com/hot"}]}]` then `["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]` | `Welcome! You are client #1` | step 2 timed out with no reply | does not satisfy Option A rule |
| active-tab | `["about:blank","sgBrowerserActiveTab","https://www.zhihu.com/hot","probeCallback"]` then `["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]` | `Welcome! You are client #1` | step 2 timed out with no reply | does not satisfy Option A rule |
| combined-bootstrap | `["about:blank","sgOpenAgent"]` then `["about:blank","sgBrowerserActiveTab","https://www.zhihu.com/hot","probeCallback"]` then `["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]` | `Welcome! You are client #1` | steps 2 and 3 timed out with no reply | does not satisfy Option A rule |
| requesturl-variants | `["https://www.zhihu.com/hot","sgBrowerserOpenPage","https://www.zhihu.com/hot"]` and `["https://www.baidu.com","sgBrowerserOpenPage","https://www.zhihu.com/hot"]` | `Welcome! You are client #1` | each one-shot run received only the welcome banner; no numeric status or callback frame captured | does not satisfy Option A rule |
## Final decision
**Option B wins.**
Reason: the strict rule says Option A wins only if at least one sequence reproducibly yields real numeric status and/or callback frames for a real business action. Across the full required matrix, the reachable endpoint consistently returned only the websocket welcome banner on the first reply for each fresh connection, and every follow-on business-action step either timed out or produced no numeric status/callback frame. Therefore the evidence does not validate a raw-websocket bootstrap contract, so Option B is the required outcome.

425
docs/superpowers/plans/2026-04-01-claw-ws-execution-cards.md Normal file
View File

@@ -0,0 +1,425 @@
# Claw-WS 开发执行顺序卡片
> 配套计划:[`2026-04-01-claw-ws-parallel-transport.md`](./2026-04-01-claw-ws-parallel-transport.md)
>
> 使用方式:严格按卡片顺序执行。每张卡片完成后先跑卡片内测试,再进入下一张。不要跳卡,不要提前接线,不要先写 service/client 再回头抽象底层。
---
## 卡片 0执行前约束
**目标**
先锁定边界,避免实现过程中把 pipe 模式改坏。
**必须遵守**
- 现有 pipe 模式必须保持可用
- 新增的是并行 `claw-ws` 模式,不是替换 pipe
- v1 只做单客户端、单任务串行
- `browser_action` / `superrpa_browser` 外部命名保持稳定
- 如果 WS `Eval` 不完整,先禁用相关 browser-script skill 暴露
- 不要提前做多客户端、任务队列、管理接口
**完成标准**
- 开发者明确后续所有改动都围绕“抽象复用 + 并行新增”进行
---
## 卡片 1抽共享 SubmitTask Runner
**目标**
把当前 `BrowserMessage::SubmitTask` 的主执行逻辑从 pipe 入口里抽出来,变成共享执行器。
**先做什么**
1. 新增 `tests/task_runner_test.rs`
2. 先写失败用例:
- 空 instruction
- 无 LLM 配置
- 日志顺序仍然是 `LogEntry` -> `TaskComplete`
**要改哪些文件**
- `src/agent/mod.rs`
- `src/lib.rs`
- `src/agent/task_runner.rs`
- `tests/task_runner_test.rs`
**实现动作**
1.`SubmitTaskRequest`
2.`AgentEventSink`
3.`run_submit_task(...)`
4. 让 pipe 入口只做:
- 解包 `BrowserMessage::SubmitTask`
- 转成 `SubmitTaskRequest`
- 调共享 runner
**绝对不要做**
- 不要在这一张卡里引入 ws backend
- 不要改 tool adapter
- 不要碰 service/client
**本卡测试命令**
```bash
cargo test --test runtime_task_flow_test --test task_runner_test
```
**通过标准**
- 老的 `runtime_task_flow_test` 继续绿
- 新的 `task_runner_test` 通过
- pipe 行为无变化
**完成后提交**
```bash
git commit -m "refactor: extract shared submit-task runner"
```
---
## 卡片 2抽 BrowserBackend 抽象
**目标**
把上层 runtime / orchestration / tool adapter 从 `BrowserPipeTool<T>` 解耦,统一依赖浏览器后端接口。
**先做什么**
1. 新增 `tests/browser_backend_capability_test.rs`
2. 先写失败用例:
- pipe backend 元数据不变
- pipe backend 支持 `Eval`
- `supports_eval() == false` 时不暴露 browser-script tools
**要改哪些文件**
- `src/browser/mod.rs`
- `src/browser/backend.rs`
- `src/browser/pipe_backend.rs`
- `src/compat/browser_tool_adapter.rs`
- `src/compat/browser_script_skill_tool.rs`
- `src/compat/runtime.rs`
- `src/compat/orchestration.rs`
- `src/compat/workflow_executor.rs`
- `src/lib.rs`
- `tests/browser_backend_capability_test.rs`
**实现动作**
1. 定义 `BrowserBackend`
2.`pipe_backend` 包装当前 `BrowserPipeTool`
3. 把上层签名改成 `Arc<dyn BrowserBackend>`
4. 保持工具名不变:
- `browser_action`
- `superrpa_browser`
5. 增加 `supports_eval()` gating
**绝对不要做**
- 不要在这一张卡里接浏览器 ws 协议
- 不要建 service
- 不要加 client 协议
**本卡测试命令**
```bash
cargo test --test browser_tool_test --test compat_browser_tool_test --test browser_backend_capability_test
```
**通过标准**
- 现有 browser tool 相关测试不回归
- 新 capability test 通过
- 上层逻辑已脱离 `BrowserPipeTool<T>` 的硬耦合
**完成后提交**
```bash
git commit -m "refactor: abstract browser backend from pipe transport"
```
---
## 卡片 3写死浏览器 WS 协议 Codec
**目标**
单独做浏览器固定 WebSocket 协议编解码层,不把协议细节散落到 backend 和 service 里。
**先做什么**
1. 新增 `tests/browser_ws_protocol_test.rs`
2. 先写失败用例:
- outbound frame 精确编码
- callback payload 解析
- 异常格式拒绝
- v1 action 覆盖完整
**要改哪些文件**
- `src/browser/ws_protocol.rs`
- `tests/browser_ws_protocol_test.rs`
**实现动作**
1. 按浏览器文档编码数组消息
2. 只支持 v1 必需动作:
- `Navigate`
- `GetText`
- `Click`
- `Type`
- `Eval`
3. 定义 callback 解析和关联规则
4. 对 unsupported / malformed 早失败
**绝对不要做**
- 不要在这张卡里连真实浏览器
- 不要写 service 协议
- 不要把网络连接逻辑塞进 codec
**本卡测试命令**
```bash
cargo test --test browser_ws_protocol_test
```
**通过标准**
- codec 单测全绿
- 无网络依赖
- 已能作为 backend 的纯协议层基础
**完成后提交**
```bash
git commit -m "test: codify fixed browser websocket protocol"
```
---
## 卡片 4实现 Browser WS Backend
**目标**
在 codec 之上提供和 pipe backend 类似的阻塞式 `invoke(...)` 能力。
**先做什么**
1. 新增 `tests/browser_ws_backend_test.rs`
2. 先写失败用例:
- `0 + 无 callback` 成功
-`0` 失败
- `0 + callback` 成功
- callback timeout
- socket drop
**要改哪些文件**
- `src/browser/mod.rs`
- `src/browser/ws_backend.rs`
- `tests/browser_ws_backend_test.rs`
**实现动作**
1. 建长连接管理器
2. 先做串行单飞请求
3. 发送前过 `MacPolicy`
4. 统一即时返回和 callback 返回
5. 输出统一 `CommandOutput`
**绝对不要做**
- 不要在这一张卡里接 service 层
- 不要做多并发 browser request
- 不要直接把浏览器 ws 代码散进 runtime
**本卡测试命令**
```bash
cargo test --test browser_ws_backend_test
```
**通过标准**
- backend 在 mocks/fakes 下稳定通过
- invoke 语义与 pipe backend 接近
- 可供上层 runtime 直接替换使用
**完成后提交**
```bash
git commit -m "feat: add browser websocket backend"
```
---
## 卡片 5实现 sg_claw Service
**目标**
新增本地长驻服务端,承接 client 请求并复用共享 task runner。
**先做什么**
1. 新增 `tests/service_ws_session_test.rs`
2. 先写失败用例:
- 首个客户端接入成功
- 第二个客户端收到 busy
- 断开后状态释放
- 任务重入被拒绝
**要改哪些文件**
- `src/service/mod.rs`
- `src/service/protocol.rs`
- `src/service/server.rs`
- `src/bin/sg_claw.rs`
- `src/lib.rs`
- `Cargo.toml`
- `tests/service_ws_session_test.rs`
**实现动作**
1. 定义 client/service 协议
2. 实现 service 端事件 sink
3. 建单活 session 状态机:
- `Idle`
- `ClientAttached`
- `TaskRunning`
4. 路由 `SubmitTask` 到共享 runner
5. 保持 pipe 入口不变
**绝对不要做**
- 不要在这一张卡里做 client 交互体验优化
- 不要加任务队列
- 不要支持多客户端并发
**本卡测试命令**
```bash
cargo test --test service_ws_session_test
```
**通过标准**
- 服务端会话锁生效
- 共享 runner 可被 service 复用
- pipe 模式入口未受影响
**完成后提交**
```bash
git commit -m "feat: add claw-ws service entrypoint"
```
---
## 卡片 6实现 sg_claw_client
**目标**
新增一个薄客户端,提供类似 `claude/codex` 的交互式命令行体验。
**先做什么**
1. 新增 `tests/service_task_flow_test.rs`
2. 先写失败用例:
- submit-task 送达 service
- 日志按顺序流回
- completion 只到一次
- 完成后断开处理清晰
**要改哪些文件**
- `src/bin/sg_claw_client.rs`
- `Cargo.toml`
- `tests/service_task_flow_test.rs`
**实现动作**
1. 建立到本地 service 的 ws 连接
2. 读取用户输入
3. 发送 `SubmitTask`
4. 实时打印日志
5. 收到 `TaskComplete` 结束本轮
**绝对不要做**
- 不要把 runtime、skills、browser backend 复制进 client
- 不要让 client 直接连浏览器
- 不要让 client 承担业务逻辑
**本卡测试命令**
```bash
cargo test --test service_task_flow_test
cargo build --bin sg_claw --bin sg_claw_client
```
**通过标准**
- client 是薄壳
- task flow 正常
- 两个新 binary 可编译
**完成后提交**
```bash
git commit -m "feat: add interactive claw-ws client"
```
---
## 卡片 7最终接线与回归验证
**目标**
把 ws 路径接起来,同时确认 pipe 路径零回归。
**先做什么**
1. 只增加最小配置项:
- `browser_ws_url`
- `service_ws_listen_addr`
2. 检查外部工具命名保持稳定
**要改哪些文件**
- `Cargo.toml`
- `src/lib.rs`
- `src/config/settings.rs`
- `src/runtime/engine.rs`(如确有必要)
**实现动作**
1. 接入最小配置面
2. 确保 pipe / ws 下工具命名一致
3. 跑旧 pipe 回归
4. 跑新 ws 测试
5. 跑全量 Rust tests
6. 编译所有 binary
7. 做一次真实本地 smoke test
**本卡 pipe 回归命令**
```bash
cargo test --test browser_tool_test --test compat_browser_tool_test --test runtime_task_flow_test --test pipe_handshake_test --test pipe_protocol_test --test task_protocol_test
```
**本卡 ws 测试命令**
```bash
cargo test --test task_runner_test --test browser_ws_protocol_test --test browser_ws_backend_test --test browser_backend_capability_test --test service_ws_session_test --test service_task_flow_test
```
**本卡全量命令**
```bash
cargo test --tests
cargo build --bin sgclaw --bin sg_claw --bin sg_claw_client
```
**手工验证**
1. 启动浏览器,确认 `ws://127.0.0.1:12345` 可用
2. `cargo run --bin sg_claw`
3. 新终端运行 `cargo run --bin sg_claw_client`
4. 发一个简单浏览器任务
5. 确认日志流和单次 completion
6. 确认旧 `cargo run` pipe 入口仍可启动
**通过标准**
- pipe 模式零回归
- ws 模式可独立工作
- 两套模式并行存在
**完成后提交**
```bash
git commit -m "feat: wire parallel claw-ws transport"
```
---
## 一句话执行顺序
严格按下面顺序做:
1. 共享 runner
2. browser backend 抽象
3. ws 协议 codec
4. ws backend
5. service
6. client
7. 配置接线 + 回归
如果顺序乱了,最容易出现的问题是:
- 上层重复实现
- pipe 被误伤
- ws 协议细节扩散到整个工程
- service/client 提前写完后又被迫重构

687
docs/superpowers/plans/2026-04-01-claw-ws-parallel-transport.md Normal file
View File

@@ -0,0 +1,687 @@
# Claw-WS Parallel Transport Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Add a parallel `claw-ws` transport path that keeps the current pipe mode intact while introducing a long-lived `sg_claw` local service, an interactive `sg_claw_client`, and a browser WebSocket backend at `ws://127.0.0.1:12345`.
**Architecture:** First extract a transport-agnostic submit-task runner and browser backend abstraction from the current pipe-coupled flow. Keep the existing pipe path as one adapter/backend, then add a fixed-protocol browser WebSocket backend plus a small service/session layer and an interactive CLI client that reuse the same runtime, orchestration, and browser-facing tool adapters.
**Tech Stack:** Rust 2021, current sgclaw compat runtime, zeroclaw runtime engine, `serde`/`serde_json`, existing `MacPolicy`, and a blocking WebSocket crate for v1 (`tungstenite` preferred over a broad async rewrite).
---
## Scope Guardrails
- Keep the current pipe mode entrypoint and behavior working.
- Do **not** replace the existing browser pipe path.
- Add a **parallel** WebSocket path only.
- v1 supports **one active client session** only.
- Reuse existing tool names and runtime behavior whenever possible.
- If WS `Eval` support is incomplete, disable eval-dependent browser-script skill exposure in WS mode rather than shipping partial behavior.
- Do not broaden v1 with task queues, multi-client support, or admin endpoints.
---
## File Structure
### Existing files to reuse
- Modify: `src/lib.rs` — current pipe bootstrap and receive loop; keep as the legacy pipe entrypoint.
- Modify: `src/agent/mod.rs` — current `BrowserMessage::SubmitTask` entrypoint and config-loading flow.
- Modify: `src/compat/runtime.rs` — compat runtime and tool assembly.
- Modify: `src/compat/orchestration.rs` — direct workflow vs compat runtime routing.
- Modify: `src/compat/browser_tool_adapter.rs` — exposes `browser_action` and `superrpa_browser`.
- Modify: `src/compat/browser_script_skill_tool.rs` — browser-script skill execution.
- Modify: `src/compat/workflow_executor.rs` — direct browser workflows such as Zhihu flows.
- Reuse: `src/pipe/browser_tool.rs` — current browser command executor; retain as the pipe backend implementation.
- Reuse: `src/pipe/protocol.rs``BrowserMessage`, `AgentMessage`, `Action`, `ExecutionSurfaceMetadata`.
- Reuse: `src/security/mac_policy.rs` — local action/domain guardrails.
- Modify: `src/config/settings.rs` — minimal new config surface for WS mode.
- Optional modify: `src/runtime/engine.rs` — only if backend capability wiring requires it.
### New files to create
- Create: `src/agent/task_runner.rs` — shared submit-task execution entrypoint.
- Create: `src/browser/mod.rs` — browser backend exports.
- Create: `src/browser/backend.rs``BrowserBackend` trait and helpers.
- Create: `src/browser/pipe_backend.rs` — wrapper around existing `BrowserPipeTool`.
- Create: `src/browser/ws_protocol.rs` — fixed browser WS request/response codec.
- Create: `src/browser/ws_backend.rs` — browser WS backend with blocking invoke semantics.
- Create: `src/service/mod.rs` — service exports.
- Create: `src/service/protocol.rs` — client/service WS message types.
- Create: `src/service/server.rs` — single-session `sg_claw` server.
- Create: `src/bin/sg_claw.rs` — service binary.
- Create: `src/bin/sg_claw_client.rs` — interactive CLI client.
- Create: `tests/task_runner_test.rs` — shared submit-task runner regressions.
- Create: `tests/browser_backend_capability_test.rs` — backend capability/tool exposure tests.
- Create: `tests/browser_ws_protocol_test.rs` — browser WS protocol tests.
- Create: `tests/browser_ws_backend_test.rs` — browser WS backend tests.
- Create: `tests/service_ws_session_test.rs` — single-session server tests.
- Create: `tests/service_task_flow_test.rs` — client/service task flow tests.
---
## Task 1: Extract a shared submit-task runner
**Files:**
- Create: `src/agent/task_runner.rs`
- Modify: `src/agent/mod.rs`
- Modify: `src/lib.rs`
- Test: `tests/task_runner_test.rs`
- Reuse: `src/compat/runtime.rs`, `src/compat/orchestration.rs`
- [ ] **Step 1: Write a failing runner regression test**
Create `tests/task_runner_test.rs` covering:
- empty instruction returns the same `TaskComplete` failure summary
- missing LLM config still returns the same summary shape
- the pipe adapter still emits `LogEntry` before `TaskComplete`
- [ ] **Step 2: Run the targeted regression tests first**
Run:
```bash
cargo test --test runtime_task_flow_test --test task_runner_test
```
Expected: `task_runner_test` fails because the shared runner does not exist yet.
- [ ] **Step 3: Define the transport-neutral request model**
Create `src/agent/task_runner.rs` with a request struct that mirrors the current pipe payload:
```rust
pub struct SubmitTaskRequest {
pub instruction: String,
pub conversation_id: Option<String>,
pub messages: Vec<ConversationMessage>,
pub page_url: Option<String>,
pub page_title: Option<String>,
}
```
Normalize empty strings to `None` at the adapter boundary.
- [ ] **Step 4: Define an event sink abstraction**
Add a small trait that can emit the current agent events without depending on a specific transport:
```rust
pub trait AgentEventSink {
fn send(&self, message: &AgentMessage) -> Result<(), PipeError>;
}
```
The existing pipe transport should implement this first.
- [ ] **Step 5: Move submit-task execution into a shared function**
Extract the body currently inside `BrowserMessage::SubmitTask` handling from `src/agent/mod.rs` into a shared function such as:
```rust
pub fn run_submit_task(
sink: &dyn AgentEventSink,
browser_backend: Arc<dyn BrowserBackend>,
context: &AgentRuntimeContext,
request: SubmitTaskRequest,
) -> Result<(), PipeError>
```
This function must still:
- validate empty instruction
- load sgclaw settings
- log runtime/config info
- choose orchestration vs compat runtime
- emit `AgentMessage::TaskComplete`
- [ ] **Step 6: Keep pipe mode as a thin adapter**
Refactor `handle_browser_message_with_context(...)` in `src/agent/mod.rs` so it only:
- pattern matches `BrowserMessage`
- converts `SubmitTask` into `SubmitTaskRequest`
- forwards into `run_submit_task(...)`
- [ ] **Step 7: Re-run the runner regressions**
Run:
```bash
cargo test --test runtime_task_flow_test --test task_runner_test
```
Expected: both tests pass and pipe behavior remains unchanged.
- [ ] **Step 8: Commit**
```bash
git add src/agent/mod.rs src/agent/task_runner.rs src/lib.rs tests/task_runner_test.rs
git commit -m "refactor: extract shared submit-task runner"
```
---
## Task 2: Introduce a browser backend abstraction and wrap the current pipe implementation
**Files:**
- Create: `src/browser/mod.rs`
- Create: `src/browser/backend.rs`
- Create: `src/browser/pipe_backend.rs`
- Modify: `src/lib.rs`
- Modify: `src/compat/browser_tool_adapter.rs`
- Modify: `src/compat/browser_script_skill_tool.rs`
- Modify: `src/compat/runtime.rs`
- Modify: `src/compat/orchestration.rs`
- Modify: `src/compat/workflow_executor.rs`
- Test: `tests/browser_backend_capability_test.rs`
- Reuse: `src/pipe/browser_tool.rs`, `src/security/mac_policy.rs`
- [ ] **Step 1: Add a failing backend capability test**
Create `tests/browser_backend_capability_test.rs` to verify:
- pipe backend still exposes privileged surface metadata
- pipe backend still supports `Eval`
- browser-script tool exposure is disabled when `supports_eval()` is false
- [ ] **Step 2: Run the current browser adapter tests first**
Run:
```bash
cargo test --test browser_tool_test --test compat_browser_tool_test --test browser_backend_capability_test
```
Expected: new capability test fails because the backend abstraction does not exist yet.
- [ ] **Step 3: Define the shared browser interface**
Create `src/browser/backend.rs`:
```rust
pub trait BrowserBackend: Send + Sync {
fn invoke(
&self,
action: Action,
params: Value,
expected_domain: &str,
) -> Result<CommandOutput, PipeError>;
fn surface_metadata(&self) -> ExecutionSurfaceMetadata;
fn supports_eval(&self) -> bool {
true
}
}
```
- [ ] **Step 4: Implement the pipe backend as a wrapper**
Create `src/browser/pipe_backend.rs` that stores the current `BrowserPipeTool<T>` and forwards `invoke(...)` and `surface_metadata()` unchanged.
Pipe mode must continue using:
- `perform_handshake(...)`
- `MacPolicy::load_from_path(...)`
- `BrowserPipeTool::new(...).with_response_timeout(...)`
- [ ] **Step 5: Refactor runtime and tool adapters to depend on `Arc<dyn BrowserBackend>`**
Update:
- `src/compat/browser_tool_adapter.rs`
- `src/compat/browser_script_skill_tool.rs`
- `src/compat/runtime.rs`
- `src/compat/orchestration.rs`
- `src/compat/workflow_executor.rs`
Preserve external tool names:
- `browser_action`
- `superrpa_browser`
- [ ] **Step 6: Add capability gating for eval-dependent script tools**
If `supports_eval()` is false, do **not** expose browser-script skill tools from `build_browser_script_skill_tools(...)` in that backend mode.
- [ ] **Step 7: Re-run browser adapter tests**
Run:
```bash
cargo test --test browser_tool_test --test compat_browser_tool_test --test browser_backend_capability_test
```
Expected: all three pass.
- [ ] **Step 8: Commit**
```bash
git add src/browser src/lib.rs src/compat/browser_tool_adapter.rs src/compat/browser_script_skill_tool.rs src/compat/runtime.rs src/compat/orchestration.rs src/compat/workflow_executor.rs tests/browser_backend_capability_test.rs
git commit -m "refactor: abstract browser backend from pipe transport"
```
---
## Task 3: Implement the fixed browser WebSocket protocol codec in isolation
**Files:**
- Create: `src/browser/ws_protocol.rs`
- Test: `tests/browser_ws_protocol_test.rs`
- Reuse: `docs/_tmp_sgbrowser_ws_api_doc.txt`
- [ ] **Step 1: Write failing protocol codec tests**
Create `tests/browser_ws_protocol_test.rs` covering:
- exact outbound frame encoding
- callback payload decoding
- unknown callback format rejection
- mapping coverage for every supported v1 action
- [ ] **Step 2: Run the protocol tests first**
Run:
```bash
cargo test --test browser_ws_protocol_test
```
Expected: fail because the WS protocol codec does not exist yet.
- [ ] **Step 3: Encode the exact browser frame shapes**
Create `src/browser/ws_protocol.rs` so it can build exact array-form payloads such as:
```rust
[requesturl, "sgBrowserExcuteJsCodeByArea", target_url, js_code, area]
```
Serialize to the JSON string format required by the browser service.
- [ ] **Step 4: Define the v1 action mapping table**
Support only the actions already needed by current sgclaw flows:
- `Navigate`
- `GetText`
- `Click`
- `Type`
- `Eval`
Document which browser functions each one maps to and what assumptions they rely on.
- [ ] **Step 5: Define callback parsing and correlation rules**
Represent callback-bearing operations explicitly, including the callback function naming or request-correlation strategy the backend will depend on.
- [ ] **Step 6: Reject unsupported or malformed shapes early**
Fail fast for:
- unsupported actions
- malformed callback payloads
- missing request correlation metadata
- [ ] **Step 7: Re-run the protocol tests**
Run:
```bash
cargo test --test browser_ws_protocol_test
```
Expected: pass with no network dependency.
- [ ] **Step 8: Commit**
```bash
git add src/browser/ws_protocol.rs tests/browser_ws_protocol_test.rs
git commit -m "test: codify fixed browser websocket protocol"
```
---
## Task 4: Build the browser WS backend with synchronous invoke semantics
**Files:**
- Create: `src/browser/ws_backend.rs`
- Modify: `src/browser/mod.rs`
- Test: `tests/browser_ws_backend_test.rs`
- Reuse: `CommandOutput`, `PipeError`, `ExecutionSurfaceMetadata`, `MacPolicy`
- [ ] **Step 1: Write failing backend behavior tests**
Create `tests/browser_ws_backend_test.rs` covering:
- zero return + no callback => success
- non-zero return => failure
- zero return + callback => success with normalized `CommandOutput`
- callback timeout => timeout error
- dropped socket => clear failure
- [ ] **Step 2: Run backend tests first**
Run:
```bash
cargo test --test browser_ws_backend_test
```
Expected: fail because the WS backend does not exist yet.
- [ ] **Step 3: Build a long-lived browser connection manager**
Implement `src/browser/ws_backend.rs` to connect to `ws://127.0.0.1:12345` and expose blocking `invoke(...)` calls.
Use a dedicated connection loop plus request/response coordination instead of scattering raw socket calls through the runtime.
- [ ] **Step 4: Preserve local guardrails before send**
Validate `MacPolicy` before translating an action into the browser WS protocol, matching current pipe backend behavior.
- [ ] **Step 5: Normalize immediate status returns and delayed callbacks**
For each `invoke(...)` call:
- fail immediately on non-zero return codes
- succeed immediately for operations with no data callback
- wait for the matching callback for result-bearing operations
- convert the final outcome into `CommandOutput`
- [ ] **Step 6: Keep v1 concurrency intentionally serialized**
Allow only one in-flight browser request at a time unless the browser callback protocol proves a stable request-id guarantee.
- [ ] **Step 7: Re-run backend tests**
Run:
```bash
cargo test --test browser_ws_backend_test
```
Expected: pass using mocks/fakes, not the real browser.
- [ ] **Step 8: Commit**
```bash
git add src/browser/mod.rs src/browser/ws_backend.rs tests/browser_ws_backend_test.rs
git commit -m "feat: add browser websocket backend"
```
---
## Task 5: Add the `sg_claw` service protocol and single-session server
**Files:**
- Create: `src/service/mod.rs`
- Create: `src/service/protocol.rs`
- Create: `src/service/server.rs`
- Create: `src/bin/sg_claw.rs`
- Modify: `src/lib.rs`
- Modify: `Cargo.toml`
- Test: `tests/service_ws_session_test.rs`
- Reuse: `AgentMessage::LogEntry`, `AgentMessage::TaskComplete`, `SubmitTaskRequest`, `run_submit_task(...)`
- [ ] **Step 1: Write failing service session tests**
Create `tests/service_ws_session_test.rs` to verify:
- first client attaches
- second client gets `Busy`
- disconnect resets session state
- overlapping task submission is rejected clearly
- [ ] **Step 2: Run the session tests first**
Run:
```bash
cargo test --test service_ws_session_test
```
Expected: fail because the service layer does not exist yet.
- [ ] **Step 3: Define a thin client/service WS protocol**
In `src/service/protocol.rs`, reuse existing task/event shapes as much as possible:
```rust
ClientMessage::SubmitTask { instruction, conversation_id, messages, page_url, page_title }
ClientMessage::Ping
ServiceMessage::LogEntry { level, message }
ServiceMessage::TaskComplete { success, summary }
ServiceMessage::Busy { message }
```
- [ ] **Step 4: Add the service event sink adapter**
Implement `AgentEventSink` for the service session writer so the shared task runner can stream `LogEntry` and `TaskComplete` over the service WebSocket.
- [ ] **Step 5: Implement single-active-client session state**
Model explicit states such as:
- `Idle`
- `ClientAttached`
- `TaskRunning`
Reject a second client with `ServiceMessage::Busy` and close the socket. Reject overlapping tasks instead of queueing them.
- [ ] **Step 6: Add the service binary**
Create `src/bin/sg_claw.rs` that:
- loads config
- creates the browser WS backend
- listens for local client connections
- routes `SubmitTask` into `run_submit_task(...)`
Keep `src/main.rs` and the existing `sgclaw::run()` pipe path unchanged.
- [ ] **Step 7: Re-run the session tests**
Run:
```bash
cargo test --test service_ws_session_test
```
Expected: pass without the real browser.
- [ ] **Step 8: Commit**
```bash
git add src/service src/bin/sg_claw.rs src/lib.rs Cargo.toml tests/service_ws_session_test.rs
git commit -m "feat: add claw-ws service entrypoint"
```
---
## Task 6: Add the `sg_claw_client` interactive CLI
**Files:**
- Create: `src/bin/sg_claw_client.rs`
- Modify: `Cargo.toml`
- Test: `tests/service_task_flow_test.rs`
- Reuse: `src/service/protocol.rs`
- [ ] **Step 1: Write failing client/service task flow tests**
Create `tests/service_task_flow_test.rs` to verify:
- the submit-task request reaches the service
- log entries stream in order
- the final summary arrives exactly once
- disconnect after task completion is handled cleanly
- [ ] **Step 2: Run the flow tests first**
Run:
```bash
cargo test --test service_task_flow_test
```
Expected: fail because the client does not exist yet.
- [ ] **Step 3: Implement a thin interactive client loop**
Create `src/bin/sg_claw_client.rs` that:
- connects to the local `sg_claw` service
- reads a line of user input
- sends `ClientMessage::SubmitTask`
- prints streamed `LogEntry` events as they arrive
- ends the turn on `TaskComplete`
- [ ] **Step 4: Keep the client intentionally dumb**
Do **not** duplicate runtime logic in the client. Browser access, skills, orchestration, and task execution remain entirely inside the service.
- [ ] **Step 5: Re-run the flow tests**
Run:
```bash
cargo test --test service_task_flow_test
```
Expected: pass without the real browser.
- [ ] **Step 6: Build the new binaries explicitly**
Run:
```bash
cargo build --bin sg_claw --bin sg_claw_client
```
Expected: both binaries compile successfully.
- [ ] **Step 7: Commit**
```bash
git add src/bin/sg_claw_client.rs Cargo.toml tests/service_task_flow_test.rs
git commit -m "feat: add interactive claw-ws client"
```
---
## Task 7: Finish wiring, preserve pipe mode, and verify end-to-end behavior
**Files:**
- Modify: `Cargo.toml`
- Modify: `src/lib.rs`
- Modify: `src/config/settings.rs`
- Optional modify: `src/runtime/engine.rs`
- Reuse: `tests/browser_tool_test.rs`, `tests/runtime_task_flow_test.rs`, `tests/compat_runtime_test.rs`
- [ ] **Step 1: Add only the minimum config surface for v1**
Add settings such as:
- `browser_ws_url` defaulting to `ws://127.0.0.1:12345`
- `service_ws_listen_addr` defaulting to local loopback
Do **not** change the meaning of existing browser backend/profile settings just to represent service mode.
- [ ] **Step 2: Keep external browser tool naming stable**
Verify that the runtime still exposes:
- `superrpa_browser`
- `browser_action`
under both pipe and WS modes where the backend supports them.
- [ ] **Step 3: Re-run the current pipe regression suite**
Run:
```bash
cargo test --test browser_tool_test --test compat_browser_tool_test --test runtime_task_flow_test --test pipe_handshake_test --test pipe_protocol_test --test task_protocol_test
```
Expected: all existing pipe-oriented tests still pass unchanged.
- [ ] **Step 4: Run the new WS-focused suite**
Run:
```bash
cargo test --test task_runner_test --test browser_ws_protocol_test --test browser_ws_backend_test --test browser_backend_capability_test --test service_ws_session_test --test service_task_flow_test
```
Expected: all new tests pass without launching the real browser.
- [ ] **Step 5: Run a full Rust test sweep**
Run:
```bash
cargo test --tests
```
Expected: all Rust tests pass.
- [ ] **Step 6: Build all three binaries**
Run:
```bash
cargo build --bin sgclaw --bin sg_claw --bin sg_claw_client
```
Expected: all three binaries compile.
- [ ] **Step 7: Perform a manual local smoke test**
Manual test:
1. Start the browser app so `ws://127.0.0.1:12345` is available.
2. Run `cargo run --bin sg_claw`.
3. In another terminal, run `cargo run --bin sg_claw_client`.
4. Submit a simple browser task such as opening a page or fetching visible text.
5. Confirm the client prints streaming logs and exactly one final completion summary.
6. Confirm the old pipe-mode entry still starts via `cargo run`.
Expected: both modes work side-by-side.
- [ ] **Step 8: Commit**
```bash
git add Cargo.toml src/lib.rs src/config/settings.rs src/runtime/engine.rs
git commit -m "feat: wire parallel claw-ws transport"
```
---
## Verification Checklist
### Fast regression checks
```bash
cargo test --test browser_tool_test --test compat_browser_tool_test --test runtime_task_flow_test
```
Expected: current pipe/browser runtime behavior remains green.
### Full Rust test sweep
```bash
cargo test --tests
```
Expected: all Rust tests pass.
### Binary build verification
```bash
cargo build --bin sgclaw --bin sg_claw --bin sg_claw_client
```
Expected: all three binaries compile.
### Manual end-to-end verification
- Browser app listening on `ws://127.0.0.1:12345`
- `cargo run --bin sg_claw`
- `cargo run --bin sg_claw_client`
- submit one browser task
- verify streaming logs, final completion, and single-client lock behavior
- verify `cargo run` still preserves old pipe bootstrap
---
## Notes for Implementation
- Keep the current pipe bootstrap in `src/lib.rs` intact until the shared runner and pipe backend wrapper are both green.
- Prefer small commits at each task boundary.
- Keep the new WS path additive and isolated.
- Do not ship partial browser capabilities under stable tool names.
- Treat `docs/_tmp_sgbrowser_ws_api_doc.txt` as the browser WS protocol source of truth while implementing `src/browser/ws_protocol.rs`.

607
docs/superpowers/plans/2026-04-02-ws-browser-backend-auth-plan.md Normal file
View File

@@ -0,0 +1,607 @@
# WS Browser Backend Auth Replacement Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Replace the ws service paths empty-session-key `BrowserPipeTool` dependency with a ws-native browser backend path so real browser websocket calls work, while preserving legacy pipe behavior exactly.
**Architecture:** Keep the existing pipe entry untouched and add a ws-only parallel execution seam. The ws service path will construct a `ServiceBrowserWsClient` plus `WsBrowserBackend`, pass that backend through a new ws-only submit-task entry, and let the existing compat/runtime stack consume `Arc<dyn BrowserBackend>` instead of requiring `BrowserPipeTool` on the ws path.
**Tech Stack:** Rust 2021, current sgclaw agent/task runner, compat runtime/orchestration stack, `tungstenite`, `serde_json`, existing `MacPolicy`, existing `BrowserBackend`/`WsBrowserBackend`, and the current Rust test suite.
---
## Scope Guardrails
- Only change the ws service path.
- Do **not** change `src/lib.rs` pipe runtime behavior.
- Do **not** change pipe handshake semantics.
- Do **not** introduce fake session keys, fake HMAC seeds, or auth bypasses.
- Keep legacy `run_submit_task(...)` available for the pipe entry.
- If a shared layer must change, add a parallel ws-only entry instead of weakening the pipe path.
- Keep the current single-client, single-task service model.
- Do not broaden this slice into browser process launch, queueing, multi-client support, or protocol extensions.
---
## File Structure
### Existing files to modify
- Modify: `src/agent/task_runner.rs` — keep the current pipe-oriented submit path and add the ws-only backend-based submit path.
- Modify: `src/compat/runtime.rs` — add a backend-driven execution entry that accepts `Arc<dyn BrowserBackend>` directly, while keeping the current pipe-oriented public functions behaviorally unchanged.
- Modify: `src/compat/orchestration.rs` — add a matching backend-driven execution entry for orchestration/direct-route flows, while keeping the current pipe-oriented public functions behaviorally unchanged.
- Modify: `src/compat/workflow_executor.rs` — add backend-driven sibling APIs for direct-route/fallback execution, while keeping the current pipe-oriented public functions behaviorally unchanged.
- Modify: `src/service/server.rs` — replace the ws services `BrowserPipeTool::new(..., vec![])` path with a ws-native `WsClient` + `WsBrowserBackend` path.
- Modify: `src/service/mod.rs` — only if minimal re-export or call-signature changes are needed around the new ws-only submit path.
- Modify: `src/browser/mod.rs` — only if export cleanup is truly needed for the service wiring.
- Reuse: `src/agent/mod.rs` — keep the current pipe routing unchanged unless a tiny internal refactor is strictly needed to reuse shared code.
- Reuse: `src/browser/backend.rs` — existing shared browser backend trait.
- Reuse: `src/browser/ws_backend.rs` — existing ws-native browser backend implementation.
- Reuse: `src/browser/ws_protocol.rs` — existing browser websocket protocol codec.
- Reuse: `src/compat/browser_tool_adapter.rs` — should already speak `BrowserBackend`; only touch if a narrow ws regression forces it.
- Reuse: `src/compat/browser_script_skill_tool.rs` — eval-capability gating already exists; only touch if a narrow ws regression forces it.
- Reuse: `src/lib.rs` — pipe entrypoint must remain behaviorally unchanged; verify only.
### Existing tests to extend
- Modify: `tests/browser_ws_backend_test.rs` — keep existing ws backend coverage green after the service adapter wiring lands.
- Modify: `tests/browser_script_skill_tool_test.rs` — re-verify eval-gating and browser-script behavior after the shared compat/runtime seam changes.
- Modify: `tests/service_ws_session_test.rs` — update service-side unit/session tests to exercise the ws-only submit path.
- Modify: `tests/service_task_flow_test.rs` — add client→service chain coverage proving the ws path reaches a browser websocket and no longer emits `invalid hmac seed`.
- Modify: `src/service/server.rs` under `#[cfg(test)]` if the private service-side ws adapter cannot be exercised from an integration test crate without changing production visibility.
### New files to create
- Create: `tests/browser_ws_service_adapter_test.rs` if the adapter can be exercised through a public seam; otherwise keep the deterministic adapter tests as unit tests in `src/service/server.rs` so no production visibility changes are required.
---
## Task 1: Lock the ws-only behavior with deterministic failing tests
**Files:**
- Create: `tests/browser_ws_service_adapter_test.rs`
- Modify: `tests/service_task_flow_test.rs`
- Reuse: `tests/browser_ws_backend_test.rs`, `src/browser/ws_backend.rs`, `src/service/server.rs`
- [ ] **Step 1: Write the first failing backend/adapter test**
Create `tests/browser_ws_service_adapter_test.rs` with one focused test that directly exercises the ws-service adapter layer, without `sg_claw_client`, without LLM planning, and without natural-language tasks.
Start with the smallest real behavior from the spec:
- fake browser websocket server accepts one connection
- the ws-service adapter builds the same kind of client the service will use
- `WsBrowserBackend.invoke(Action::Navigate, ...)` succeeds on status `0`
- the fake server receives one text frame that decodes as a ws `Navigate` call
- [ ] **Step 2: Run that single new test and watch it fail**
Run:
```bash
cargo test --test browser_ws_service_adapter_test ws_service_backend_navigate_reaches_browser_websocket -- --nocapture
```
Expected: FAIL because the service-side ws client/adapter does not exist yet.
- [ ] **Step 3: Add the second failing deterministic test**
In the same file, add a test for the forced-close path:
- fake browser websocket server accepts a request, then closes/reset the socket before returning a status frame
- observe the error at the `WsBrowserBackend.invoke(...)` call site
- assert the outward error is exactly `PipeError::PipeClosed`
- [ ] **Step 4: Run only the forced-close test and watch it fail**
Run:
```bash
cargo test --test browser_ws_service_adapter_test ws_service_backend_maps_browser_disconnect_to_pipe_closed -- --nocapture
```
Expected: FAIL because the service-side ws client/adapter still does not exist.
- [ ] **Step 5: Add the third failing deterministic test**
In the same file, add a callback-timeout test:
- fake browser websocket server returns status `0`
- it never returns the callback frame
- assert the outward error at `invoke(...)` is exactly `PipeError::Timeout`
Use a tiny response timeout in the backend under test.
- [ ] **Step 6: Run only the callback-timeout test and watch it fail**
Run:
```bash
cargo test --test browser_ws_service_adapter_test ws_service_backend_times_out_waiting_for_callback -- --nocapture
```
Expected: FAIL because the service-side ws client/adapter still does not exist.
- [ ] **Step 7: Add the end-to-end failing regression for the auth bug**
Extend `tests/service_task_flow_test.rs` with one client→service integration test that:
- starts a fake browser websocket server
- starts the real `sg_claw` service binary with a temp config pointing `browserWsUrl` to that fake server
- starts the real `sg_claw_client`
- submits the fixed instruction `打开知乎热榜并读取页面主区域文本`
- captures service/client output
- asserts the fake browser server received at least one text frame
- asserts output does **not** contain `invalid hmac seed: session key must not be empty`
Do not assert planner details here. This test only proves the service path no longer goes through the empty-session-key auth failure.
- [ ] **Step 8: Run the integration regression and watch it fail**
Run:
```bash
cargo test --test service_task_flow_test ws_service_submit_task_no_longer_hits_invalid_hmac_seed -- --nocapture
```
Expected: FAIL on the current code because the ws service still constructs `BrowserPipeTool::new(..., vec![])`.
- [ ] **Step 9: Commit the red tests only after they are all in place**
Do not commit yet if any required red test was skipped. The next task will make them pass.
---
## Task 2: Add a ws-only browser-backend execution seam without changing the pipe path
**Files:**
- Modify: `src/agent/task_runner.rs`
- Modify: `src/compat/runtime.rs`
- Modify: `src/compat/orchestration.rs`
- Modify: `src/compat/workflow_executor.rs`
- Reuse: `src/agent/mod.rs`, `src/browser/backend.rs`
- Test: `tests/task_runner_test.rs`, `tests/browser_script_skill_tool_test.rs`
- [ ] **Step 1: Write the smallest failing runner-level ws entry test**
Extend `tests/task_runner_test.rs` with a focused test that proves there is a ws-only submit entry accepting `Arc<dyn BrowserBackend>` and an arbitrary event sink, while the old `run_submit_task(...)` signature still exists for pipe mode.
The test can stay on the missing-LLM-config path so it does not need a real browser call. It should compile only once the new ws-only function exists.
- [ ] **Step 2: Run the targeted runner test and watch it fail**
Run:
```bash
cargo test --test task_runner_test ws_only_submit_task_entry_accepts_browser_backend -- --nocapture
```
Expected: FAIL to compile or FAIL to link because the ws-only entry does not exist yet.
- [ ] **Step 3: Add the new ws-only submit-task entry in `src/agent/task_runner.rs`**
Keep the current pipe function intact:
```rust
pub fn run_submit_task<T: Transport + 'static>(... browser_tool: &BrowserPipeTool<T>, ...)
```
Add a parallel entry for the service path, for example:
```rust
pub fn run_submit_task_with_browser_backend(
sink: &dyn AgentEventSink,
browser_backend: Arc<dyn BrowserBackend>,
context: &AgentRuntimeContext,
request: SubmitTaskRequest,
) -> Result<(), PipeError>
```
Rules:
- share as much internal logic as possible with the pipe path
- do not change `run_submit_task(...)` behavior
- do not change `src/agent/mod.rs` pipe wiring except, at most, small internal refactoring to reuse common code
- [ ] **Step 4: Add a backend-driven compat runtime entry**
In `src/compat/runtime.rs`, add a parallel entry that accepts `Arc<dyn BrowserBackend>` directly instead of `BrowserPipeTool<T>`.
Keep the existing pipe-oriented public function in place.
The backend-driven entry must preserve:
- existing log emission order
- tool names (`superrpa_browser`, `browser_action`)
- existing browser-script tool gating behavior
- existing office/screen tool attachment logic
- existing conversation seeding and provider setup
- [ ] **Step 5: Add backend-driven orchestration and workflow-executor entries**
In `src/compat/orchestration.rs`, add the matching backend-driven entry so direct-route flows and fallback flows can run with `Arc<dyn BrowserBackend>` on the ws path.
In `src/compat/workflow_executor.rs`, add backend-driven sibling APIs for any direct-route/fallback execution that is currently hard-wired to `BrowserPipeTool<T>`.
Keep the existing pipe-oriented orchestration and workflow-executor public functions in place.
- [ ] **Step 6: Route the new ws-only submit entry through the backend-driven compat/orchestration/workflow-executor path**
Inside `src/agent/task_runner.rs`, make the new ws-only submit entry call the new backend-based compat/orchestration functions, while the old pipe entry keeps calling the old pipe-based functions.
This is the core compatibility seam, and it must cover both normal compat-runtime execution and direct-route/fallback workflow execution.
- [ ] **Step 7: Re-run the new runner test**
Run:
```bash
cargo test --test task_runner_test ws_only_submit_task_entry_accepts_browser_backend -- --nocapture
```
Expected: PASS.
- [ ] **Step 8: Re-run the full runner, workflow, and browser-script regressions**
Run:
```bash
cargo test --test task_runner_test --test browser_script_skill_tool_test -- --nocapture
```
Then run the workflow executor unit coverage that protects direct-route behavior:
```bash
cargo test compat::workflow_executor::tests -- --nocapture
```
Expected: all existing runner, workflow, and browser-script tests still pass, proving the pipe-facing path, direct-route behavior, and eval-gating stayed stable.
- [ ] **Step 9: Commit**
```bash
git add src/agent/task_runner.rs src/compat/runtime.rs src/compat/orchestration.rs src/compat/workflow_executor.rs tests/task_runner_test.rs tests/browser_script_skill_tool_test.rs
git commit -m "refactor: add ws-only browser backend submit path"
```
---
## Task 3: Replace the ws services empty-session-key browser tool with a ws-native backend
**Files:**
- Modify: `src/service/server.rs`
- Modify: `src/service/mod.rs` only if minimal re-export or signature cleanup is required
- Modify: `src/browser/mod.rs` only if export cleanup is needed
- Test: `tests/browser_ws_service_adapter_test.rs`
- Reuse: `src/browser/ws_backend.rs`, `src/browser/ws_protocol.rs`
- [ ] **Step 1: Write the smallest failing service-side adapter compile target**
Add a compile-level or construction-level assertion in `tests/browser_ws_service_adapter_test.rs` that the service path can construct the new service-side ws client type used by `serve_client(...)`.
This should fail until the type exists in `src/service/server.rs`.
- [ ] **Step 2: Run the adapter test group and watch the constructor test fail**
Run:
```bash
cargo test --test browser_ws_service_adapter_test -- --nocapture
```
Expected: FAIL because the service-side ws client type does not exist yet.
- [ ] **Step 3: Introduce `ServiceBrowserWsClient` in `src/service/server.rs`**
Create a narrow client type that owns the real websocket connection to `browser_ws_url` and implements `WsClient`:
Required responsibilities only:
- lazily connect on first use
- send raw text frames
- receive raw text frames with timeout
- map close/reset to exactly `PipeError::PipeClosed`
- map connect failure to exactly `PipeError::Protocol("browser websocket connect failed: ...")`
- map timeouts to exactly `PipeError::Timeout`
Do **not** duplicate `WsBrowserBackend` responsibilities here.
- [ ] **Step 4: Remove ws-path use of `BrowserPipeTool::new(..., vec![])`**
In `serve_client(...)`, replace this shape:
```rust
let transport = Arc::new(ServiceBrowserTransport::new(...));
let browser_tool = BrowserPipeTool::new(transport.clone(), mac_policy.clone(), vec![])
```
with the ws-native shape:
```rust
let ws_client = Arc::new(ServiceBrowserWsClient::new(...));
let browser_backend: Arc<dyn BrowserBackend> = Arc::new(
WsBrowserBackend::new(ws_client, mac_policy.clone(), initial_request_url(...))
.with_response_timeout(BROWSER_RESPONSE_TIMEOUT)
);
```
Then route the task through the new ws-only submit entry from Task 2.
- [ ] **Step 5: Delete or narrow old ws-path transport code that duplicated protocol handling**
Remove the service-only callback polling / response queue logic that existed solely to feed `BrowserPipeTool`.
Keep only what is still needed for:
- service client websocket I/O (`sg_claw_client``sg_claw`)
- browser websocket I/O (`sg_claw``browser_ws_url`)
Do not leave two competing ws protocol implementations in `src/service/server.rs`.
- [ ] **Step 6: Re-run deterministic adapter/backend tests**
Run:
```bash
cargo test --test browser_ws_service_adapter_test -- --nocapture
```
Expected: PASS, including:
- navigate success
- disconnect => `PipeError::PipeClosed`
- callback timeout => `PipeError::Timeout`
- [ ] **Step 7: Re-run existing ws backend tests**
Run:
```bash
cargo test --test browser_ws_backend_test -- --nocapture
```
Expected: PASS, confirming the service adapter change did not break the existing ws backend semantics.
- [ ] **Step 8: Commit**
```bash
git add src/service/server.rs src/service/mod.rs src/browser/mod.rs tests/browser_ws_service_adapter_test.rs
git commit -m "feat: switch ws service to ws-native browser backend"
```
---
## Task 4: Prove the auth bug is gone and pipe mode is unchanged
**Files:**
- Modify: `tests/service_ws_session_test.rs`
- Modify: `tests/service_task_flow_test.rs`
- Reuse: `src/lib.rs`, `src/service/mod.rs`, `src/compat/workflow_executor.rs`
- [ ] **Step 1: Update service session tests for the new ws-only call path**
Adjust any service session tests that still call `handle_client_message(...)` through the old ws-path `BrowserPipeTool` assumption.
Prefer one of these narrow approaches:
- overload `handle_client_message(...)` with a backend-based service entry used only in ws tests, or
- keep `handle_client_message(...)` pipe-oriented and test the ws path through `serve_client(...)` and the real service binary instead
Choose the option that changes the fewest existing tests and leaves the pipe path simplest.
- [ ] **Step 2: Run the focused service session file**
Run:
```bash
cargo test --test service_ws_session_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 3: Make the auth-regression integration test pass**
Re-run the exact end-to-end regression from Task 1:
```bash
cargo test --test service_task_flow_test ws_service_submit_task_no_longer_hits_invalid_hmac_seed -- --nocapture
```
Expected: PASS, with evidence that:
- the fake browser websocket server received at least one frame
- output no longer contains `invalid hmac seed: session key must not be empty`
- [ ] **Step 4: Add one explicit mandatory assertion for browser websocket connect failures**
Add one focused assertion that a browser websocket connect failure surfaces outward as:
```rust
PipeError::Protocol("browser websocket connect failed: ...")
```
Do not leave this semantic implied.
- [ ] **Step 5: Add one explicit ws direct-route regression**
Add one focused regression that proves a ws-backed browser backend can traverse a direct-route/fallback path that currently flows through `src/compat/workflow_executor.rs`.
Keep it deterministic and narrow. Prefer a fake backend plus direct function invocation over a planner-dependent natural-language end-to-end test.
- [ ] **Step 6: Run the ws-focused regression suite**
Run:
```bash
cargo test --test browser_ws_service_adapter_test --test browser_ws_backend_test --test browser_ws_protocol_test --test service_ws_session_test --test service_task_flow_test -- --nocapture
```
Then run the workflow-executor direct-route coverage:
```bash
cargo test compat::workflow_executor::tests -- --nocapture
```
Expected: all ws-focused and direct-route workflow tests pass.
- [ ] **Step 7: Run the required pipe and browser-script regression suite**
Run:
```bash
cargo test --test pipe_handshake_test --test browser_tool_test --test compat_browser_tool_test --test browser_script_skill_tool_test --test runtime_task_flow_test -- --nocapture
```
Expected: all required pipe and browser-script regressions pass unchanged.
- [ ] **Step 8: Run the full relevant verification sweep**
Run:
```bash
cargo test --test browser_ws_service_adapter_test --test browser_ws_backend_test --test browser_ws_protocol_test --test service_ws_session_test --test service_task_flow_test --test pipe_handshake_test --test browser_tool_test --test compat_browser_tool_test --test browser_script_skill_tool_test --test runtime_task_flow_test -- --nocapture
```
Then run:
```bash
cargo test compat::workflow_executor::tests -- --nocapture
```
Expected: full mixed ws+pipe verification passes in fresh runs.
- [ ] **Step 9: Build the affected binaries**
Run:
```bash
cargo build --bin sgclaw --bin sg_claw --bin sg_claw_client
```
Expected: all three binaries compile.
- [ ] **Step 10: Commit**
```bash
git add tests/service_ws_session_test.rs tests/service_task_flow_test.rs tests/browser_ws_service_adapter_test.rs src/compat/workflow_executor.rs
git commit -m "test: verify ws auth replacement and pipe regressions"
```
---
## Task 5: Manual smoke verification against the real browser
**Files:**
- Reuse only: no code changes unless a verified bug is found during smoke work
- [ ] **Step 1: Start the real browser websocket target**
Confirm the real sgBrowser endpoint is reachable at the configured `browserWsUrl`.
- [ ] **Step 2: Start the real ws service**
Run:
```bash
cargo run --bin sg_claw -- --config-path "D:/data/ideaSpace/rust/sgClaw/sgclaw_config.json"
```
Expected: service prints the resolved listen address and browser websocket URL.
- [ ] **Step 3: Run the minimal browser task through the real client**
Run from a separate terminal with UTF-8-safe input:
```bash
cargo run --bin sg_claw_client -- --config-path "D:/data/ideaSpace/rust/sgClaw/sgclaw_config.json"
```
Submit:
```text
打开知乎热榜并读取页面主区域文本
```
Expected:
- browser actions start executing
- no `invalid hmac seed: session key must not be empty`
- one final completion is returned
- [ ] **Step 4: Run the old Zhihu skill smoke**
Submit:
```text
读取知乎热榜数据,并导出 excel 文件
```
Expected: the task enters the real browser action path instead of dying at auth initialization.
- [ ] **Step 5: Re-check the legacy pipe entry without modifying it**
Run:
```bash
cargo run
```
Only verify startup behavior appropriate for the current pipe environment. Do not change pipe code during this smoke step.
- [ ] **Step 6: If a smoke failure appears, stop and debug before editing**
Any failure found here must be handled with:
- a fresh reproducer
- a failing automated test if feasible
- the smallest scoped fix
Do not fold speculative smoke fixes into this slice.
---
## Verification Checklist
### Deterministic ws-only tests
```bash
cargo test --test browser_ws_service_adapter_test --test browser_ws_backend_test --test browser_ws_protocol_test -- --nocapture
```
Expected: ws-native backend and service adapter semantics are green without LLM/planner dependencies.
### Client→service ws chain tests
```bash
cargo test --test service_ws_session_test --test service_task_flow_test -- --nocapture
```
Expected: the ws service path reaches the browser websocket and no longer emits the empty-session-key auth failure.
### Required pipe and browser-script regressions
```bash
cargo test --test pipe_handshake_test --test browser_tool_test --test compat_browser_tool_test --test browser_script_skill_tool_test --test runtime_task_flow_test -- --nocapture
```
Expected: legacy pipe behavior and browser-script eval-gating remain unchanged.
### Binary build verification
```bash
cargo build --bin sgclaw --bin sg_claw --bin sg_claw_client
```
Expected: all affected binaries compile.
### Manual end-to-end verification
- real sgBrowser running at configured `browserWsUrl`
- `cargo run --bin sg_claw -- --config-path "D:/data/ideaSpace/rust/sgClaw/sgclaw_config.json"`
- `cargo run --bin sg_claw_client -- --config-path "D:/data/ideaSpace/rust/sgClaw/sgclaw_config.json"`
- run the Zhihu minimal task
- run the old Zhihu export task
- verify no `invalid hmac seed` appears
- verify pipe startup still behaves as before
---
## Notes for Implementation
- Keep the current pipe bootstrap in `src/lib.rs` untouched.
- Prefer adding ws-only functions over changing existing pipe signatures.
- Reuse `WsBrowserBackend` for protocol semantics; do not re-implement callback handling inside the service.
- Keep `ServiceBrowserWsClient` narrow: connection lifecycle + raw websocket I/O only.
- Preserve exact outward error semantics from the spec:
- connect failure => `PipeError::Protocol("browser websocket connect failed: ...")`
- non-zero status => `PipeError::Protocol("browser returned non-zero status: ...")`
- callback timeout => `PipeError::Timeout`
- close/reset => `PipeError::PipeClosed`
- Do not claim success until the mixed ws+pipe verification commands have been run fresh.

482
docs/superpowers/plans/2026-04-03-ws-browser-bridge-path-plan.md Normal file
View File

@@ -0,0 +1,482 @@
# WS Browser Bridge Path Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Replace the raw-ws-direct browser execution assumption with a bridge-backed browser integration path that matches the validated FunctionsUI / BrowserAction / CommandRouter model while preserving existing pipe behavior.
**Architecture:** Keep the current Rust-side browser orchestration flow centered on `Arc<dyn BrowserBackend>`, but stop treating `WsBrowserBackend` as the real production browser surface. Model the validated bridge as two explicit layers: Layer 1 session/lifecycle calls (`sgclawConnect`, `sgclawStart`, `sgclawStop`, `sgclawSubmitTask`) and Layer 2 browser-action execution (`window.sgFunctionsUI(...)`, `window.BrowserAction(...)`, `CommandRouter`). The new backend targets Layer 2 only through a narrow repo-local `BridgeActionTransport` seam, while lifecycle/session concerns stay separate from per-action browser execution.
**Tech Stack:** Rust 2021, existing `BrowserBackend` abstraction, compat/runtime/orchestration stack, current service/task runner integration, existing bridge-oriented design docs, existing Rust unit/integration test suite.
---
## Scope Guardrails
- Do **not** continue extending raw external sgBrowser websocket business-frame handling as the mainline path.
- Do **not** modify `src/lib.rs`, pipe handshake behavior, or the working `BrowserPipeTool` path.
- Do **not** invent a parallel browser-command contract unrelated to the documented bridge surface.
- Do **not** rewrite the whole compat/runtime stack when a narrow adapter will do.
- Do **not** assume access to the full SuperRPA browser-host codebase from this repository; encode the validated contract at the nearest seam available here.
---
## File Structure
### Existing files to modify
- Modify: `src/browser/mod.rs`
- export the new bridge contract/transport/backend modules explicitly
- Modify: `src/browser/backend.rs`
- only if a tiny shared helper or trait documentation update is needed for the new bridge-backed backend
- Modify: `src/compat/browser_tool_adapter.rs`
- ensure existing browser action mapping remains reusable with the new backend implementation
- Modify: `src/compat/runtime.rs`
- wire the bridge-backed browser backend into the ws service/browser execution path without changing the pipe path
- Modify: `src/compat/orchestration.rs`
- only where browser backend wiring requires the bridge-backed path to flow through orchestration
- Modify: `src/compat/workflow_executor.rs`
- preserve direct-route/fallback use of `BrowserBackend` when the backend is bridge-backed instead of websocket-backed
- Modify: `src/service/server.rs`
- replace the current real-browser execution assumption with bridge-backend construction plus a repo-local bridge transport provider seam for the relevant service path
- Modify: `tests/compat_browser_tool_test.rs`
- extend browser tool mapping coverage if needed for bridge-backed execution
- Modify: `tests/service_task_flow_test.rs`
- replace raw-ws-direct expectations with bridge-path expectations where appropriate
- Modify: `tests/service_ws_session_test.rs`
- update service-side tests if they currently assume the real browser path is raw websocket driven
### New files to create
- Create: `src/browser/bridge_contract.rs`
- narrow, explicit contract types that keep lifecycle/session bridge calls separate from browser-action execution requests/replies
- Create: `src/browser/bridge_transport.rs`
- repo-local `BridgeActionTransport` seam used by the backend and injected by service/runtime wiring
- Create: `src/browser/bridge_backend.rs`
- new `BrowserBackend` implementation that maps browser actions onto the Layer-2 bridge action contract through `BridgeActionTransport`
- Create: `tests/browser_bridge_backend_test.rs`
- deterministic unit tests for action-to-bridge mapping and reply/error normalization using a fake bridge transport
- Create: `tests/browser_bridge_contract_test.rs`
- narrow tests proving the two bridge layers stay explicit and browser-action requests remain semantic rather than raw-websocket-shaped
### Evidence files to consult during implementation
- Read: `docs/_tmp_sgbrowser_ws_probe_transcript.md`
- Read: `frontend/archive/sgClaw验证-已归档/testRunner.js`
- Read: `docs/superpowers/specs/2026-03-25-superrpa-sgclaw-browser-control-design.md`
- Read: `docs/archive/项目管理与排期/协作时间表.md`
- Read: `docs/plans/2026-03-27-sgclaw-floating-chat-frontend-design.md`
---
## Task 1: Lock the bridge contract in deterministic tests before adding the backend
**Files:**
- Create: `src/browser/bridge_contract.rs`
- Create: `tests/browser_bridge_contract_test.rs`
- Reuse as design evidence:
- `frontend/archive/sgClaw验证-已归档/testRunner.js`
- `docs/archive/项目管理与排期/协作时间表.md`
- `docs/plans/2026-03-27-sgclaw-floating-chat-frontend-design.md`
- [ ] **Step 1: Write the first failing contract test for named bridge calls**
Create `tests/browser_bridge_contract_test.rs` with one focused test that encodes the bridge naming expectations already evidenced in the repo.
Start with a test shape like:
```rust
#[test]
fn bridge_contract_names_match_documented_bridge_surface() {
// assert the contract contains the exact bridge action names
}
```
Required expectations:
- `sgclawConnect`
- `sgclawStart`
- `sgclawStop`
- `sgclawSubmitTask`
- these names live in an explicit lifecycle/session contract type, not in the browser-action request type
Do **not** invent additional action names in this first test.
- [ ] **Step 2: Run the single contract test and verify it fails**
Run:
```bash
cargo test --test browser_bridge_contract_test bridge_contract_names_match_documented_bridge_surface -- --nocapture
```
Expected: FAIL because `src/browser/bridge_contract.rs` does not exist yet.
- [ ] **Step 3: Add the second failing contract test for browser-action request shaping**
In the same file, add one focused test proving the bridge contract can represent a browser action request without leaking raw websocket business-frame semantics.
Test shape:
```rust
#[test]
fn bridge_contract_represents_browser_action_requests_without_ws_business_frames() {
// create a click/navigate/getText style action request and assert shape
}
```
Required assertions:
- request shape identifies the intended browser action semantically
- request shape is distinct from the lifecycle/session bridge call type
- request shape does **not** embed `sgBrowerserOpenPage`, `callBackJsToCpp`, or other raw websocket business-frame names
- [ ] **Step 4: Run the second contract test and verify it fails**
Run:
```bash
cargo test --test browser_bridge_contract_test bridge_contract_represents_browser_action_requests_without_ws_business_frames -- --nocapture
```
Expected: FAIL because the bridge contract does not exist yet.
- [ ] **Step 5: Implement the minimal bridge contract module**
Create `src/browser/bridge_contract.rs` with only the types needed by the tests.
Recommended shape:
```rust
pub enum BridgeLifecycleCall {
Connect,
Start,
Stop,
SubmitTask,
}
impl BridgeLifecycleCall {
pub fn bridge_name(&self) -> &'static str {
match self {
Self::Connect => "sgclawConnect",
Self::Start => "sgclawStart",
Self::Stop => "sgclawStop",
Self::SubmitTask => "sgclawSubmitTask",
}
}
}
pub struct BridgeBrowserActionRequest {
pub action: String,
pub params: serde_json::Value,
pub expected_domain: String,
}
```
Rules:
- model the documented bridge/lifecycle naming explicitly
- keep the browser action request semantic, not websocket-frame-shaped
- keep the module small and repository-local
- [ ] **Step 6: Re-run the contract tests**
Run:
```bash
cargo test --test browser_bridge_contract_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 7: Commit**
```bash
git add src/browser/bridge_contract.rs tests/browser_bridge_contract_test.rs
git commit -m "test: define sgClaw bridge contract surface"
```
---
## Task 2: Add the repo-local transport seam and bridge-backed `BrowserBackend`
**Files:**
- Create: `src/browser/bridge_transport.rs`
- Create: `src/browser/bridge_backend.rs`
- Create: `tests/browser_bridge_backend_test.rs`
- Reuse: `src/browser/backend.rs`
- Reuse: `src/browser/bridge_contract.rs`
- Reuse: `src/compat/browser_tool_adapter.rs`
- [ ] **Step 1: Write the first failing backend test for action mapping**
Create `tests/browser_bridge_backend_test.rs` with one focused test proving a `BrowserBackend` action is translated into the bridge contract request shape.
Start with a narrow action such as `Action::Navigate`.
Required assertions:
- `Action::Navigate` becomes one semantic bridge browser-action request
- the request preserves action parameters and expected domain
- the test does **not** assert any raw websocket payload strings
- [ ] **Step 2: Run the first backend test and verify it fails**
Run:
```bash
cargo test --test browser_bridge_backend_test bridge_backend_maps_navigate_to_bridge_action_request -- --nocapture
```
Expected: FAIL because `src/browser/bridge_backend.rs` does not exist yet.
- [ ] **Step 3: Add the second failing backend test for reply normalization**
Add one focused test proving the backend can normalize a successful bridge reply into the existing `CommandOutput` shape expected by `BrowserBackend` callers.
- [ ] **Step 4: Run the second backend test and verify it fails**
Run:
```bash
cargo test --test browser_bridge_backend_test bridge_backend_normalizes_successful_bridge_reply -- --nocapture
```
Expected: FAIL because the backend does not exist yet.
- [ ] **Step 5: Add the third failing backend test for bridge-side errors**
Add one focused test proving a bridge-side error normalizes into the correct outward `PipeError` semantics for backend callers.
- [ ] **Step 6: Run the error-path test and verify it fails**
Run:
```bash
cargo test --test browser_bridge_backend_test bridge_backend_maps_bridge_failure_to_pipe_error -- --nocapture
```
Expected: FAIL because the backend does not exist yet.
- [ ] **Step 7: Implement the minimal transport seam and bridge backend**
Create `src/browser/bridge_transport.rs` and `src/browser/bridge_backend.rs`.
The transport seam must:
- define the repo-local `BridgeActionTransport` contract used for Layer-2 browser-action execution only
- accept semantic `BridgeBrowserActionRequest` values and return semantic success/error replies
- remain small, explicit, and easy to fake in tests
The backend must:
- implement the existing `BrowserBackend` trait
- translate supported actions into `BridgeBrowserActionRequest`
- depend on `BridgeActionTransport` instead of raw websocket payload building
- normalize success/error replies into existing backend-facing result types
Rules:
- do not embed raw websocket business-frame names
- do not change `BrowserBackend` semantics for existing callers
- do not pull lifecycle/session bridge calls into this backend layer
- [ ] **Step 8: Re-run the bridge backend tests**
Run:
```bash
cargo test --test browser_bridge_backend_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 9: Re-run browser tool adapter coverage**
Run:
```bash
cargo test --test compat_browser_tool_test -- --nocapture
```
Expected: PASS, proving the existing browser action mapping remains reusable with the new backend.
- [ ] **Step 10: Commit**
```bash
git add src/browser/bridge_transport.rs src/browser/bridge_backend.rs tests/browser_bridge_backend_test.rs src/compat/browser_tool_adapter.rs src/browser/mod.rs
git commit -m "feat: add bridge-backed browser backend"
```
---
## Task 3: Wire the bridge-backed backend into the real-browser service path
**Files:**
- Modify: `src/service/server.rs`
- Modify: `src/compat/runtime.rs`
- Modify: `src/compat/orchestration.rs`
- Modify: `src/compat/workflow_executor.rs`
- Modify: `tests/service_task_flow_test.rs`
- Modify: `tests/service_ws_session_test.rs`
- Reuse: `src/browser/bridge_backend.rs`
- Reuse: `src/browser/bridge_contract.rs`
- Reuse: `src/browser/bridge_transport.rs`
- [ ] **Step 1: Write the first failing service-path test for bridge backend construction**
Add or update one focused service test proving the real-browser execution path constructs and uses the bridge-backed backend instead of the raw websocket backend assumption.
The test should observe backend selection at the nearest possible seam.
- [ ] **Step 2: Run the focused service test and verify it fails**
Run the narrowest affected service test command.
Expected: FAIL because the service path is not wired to the bridge backend yet.
- [ ] **Step 3: Add the minimal service/runtime wiring**
Change the relevant service/browser execution path so it constructs the new bridge-backed backend, injects the repo-local bridge transport provider at the nearest seam, and passes the backend through the existing runtime/orchestration flow.
Rules:
- keep the pipe path unchanged
- keep changes localized
- keep lifecycle/session bridge handling separate from per-action browser execution
- preserve existing runtime log and task flow behavior where possible
- [ ] **Step 4: Add one direct-route/fallback regression**
Add one focused regression proving a bridge-backed backend still works through the direct-route or fallback path exercised by `src/compat/workflow_executor.rs`.
- [ ] **Step 5: Run the bridge-focused service tests**
Run:
```bash
cargo test --test service_ws_session_test --test service_task_flow_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 6: Re-run workflow/runtime regressions**
Run:
```bash
cargo test compat::workflow_executor::tests -- --nocapture
cargo test --test compat_browser_tool_test --test browser_script_skill_tool_test --test task_runner_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 7: Commit**
```bash
git add src/service/server.rs src/compat/runtime.rs src/compat/orchestration.rs src/compat/workflow_executor.rs tests/service_ws_session_test.rs tests/service_task_flow_test.rs
git commit -m "refactor: route real browser path through bridge backend"
```
---
## Task 4: Verify bridge-path behavior without pipe regression
**Files:**
- Reuse only unless a failing test proves a minimal fix is still needed
- [ ] **Step 1: Run bridge/backend unit coverage**
Run:
```bash
cargo test --test browser_bridge_contract_test --test browser_bridge_backend_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 2: Run service/runtime bridge-path regressions**
Run:
```bash
cargo test --test service_ws_session_test --test service_task_flow_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 3: Run required pipe regressions**
Run:
```bash
cargo test --test pipe_handshake_test --test browser_tool_test --test compat_browser_tool_test --test browser_script_skill_tool_test --test runtime_task_flow_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 4: Build the affected binaries**
Run:
```bash
cargo build --bin sgclaw --bin sg_claw --bin sg_claw_client
```
Expected: PASS.
- [ ] **Step 5: Stop if any regression points back to raw websocket assumptions**
If any test still encodes raw external websocket business-frame assumptions as the real-browser path, update that test to the bridge-backed design rather than patching production code to satisfy the old assumption.
- [ ] **Step 6: Commit**
```bash
git add tests/browser_bridge_contract_test.rs tests/browser_bridge_backend_test.rs tests/service_ws_session_test.rs tests/service_task_flow_test.rs
git commit -m "test: verify bridge path and preserve pipe behavior"
```
---
## Verification Checklist
### Bridge contract tests
```bash
cargo test --test browser_bridge_contract_test -- --nocapture
```
Expected: documented bridge names and semantic browser-action request shaping are locked.
### Bridge backend tests
```bash
cargo test --test browser_bridge_backend_test -- --nocapture
```
Expected: backend action mapping and reply/error normalization are green.
### Service/runtime integration tests
```bash
cargo test --test service_ws_session_test --test service_task_flow_test -- --nocapture
cargo test compat::workflow_executor::tests -- --nocapture
```
Expected: real-browser path uses the bridge-backed backend and direct-route/fallback behavior remains intact.
### Pipe regressions
```bash
cargo test --test pipe_handshake_test --test browser_tool_test --test compat_browser_tool_test --test browser_script_skill_tool_test --test runtime_task_flow_test -- --nocapture
```
Expected: pipe path remains unchanged.
### Binary build verification
```bash
cargo build --bin sgclaw --bin sg_claw --bin sg_claw_client
```
Expected: affected binaries compile.
---
## Notes for Implementation
- The websocket probe work stays in the repository as diagnostic tooling; do not repurpose it into the bridge adapter.
- `docs/_tmp_sgbrowser_ws_probe_transcript.md` is evidence that rejected the raw-ws-direct assumption, not a contract to keep satisfying.
- Favor one narrow bridge-backed backend over broad runtime rewrites.
- If the nearest repo-local seam is still slightly abstract because the external SuperRPA host code is outside this repository, make that abstraction explicit and test it rather than guessing hidden behavior.

566
docs/superpowers/plans/2026-04-03-ws-browser-integration-surface-correction-plan.md Normal file
View File

@@ -0,0 +1,566 @@
# WS Browser Integration Surface Correction Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Replace the unvalidated raw-ws-direct assumption with an evidence-backed decision: either prove a minimal sgBrowser bootstrap sequence for raw websocket control, or pivot to the real browser bridge surface.
**Architecture:** Treat the existing ws-native backend as a protocol/testing asset, not as a validated production integration surface. First build a narrow probe/validation harness that can run candidate bootstrap sequences and capture exact live transcripts from the real endpoint. Then branch decisively: if a reproducible bootstrap sequence yields real status/callback frames, implement that bootstrap path; otherwise stop raw-ws speculation and write the bridge-first implementation slice.
**Tech Stack:** Rust 2021, existing `src/browser/ws_protocol.rs` / `src/browser/ws_backend.rs`, service websocket infrastructure, `tungstenite`, `serde_json`, current Rust test suite, local sgBrowser websocket documentation.
---
## Scope Guardrails
- Do **not** add more speculative production fixes to `src/service/server.rs` just to “try one more thing.”
- Do **not** claim raw websocket is the supported path unless the live probe transcript proves it.
- Do **not** modify `src/lib.rs`, pipe handshake behavior, or the pipe browser-tool path.
- Do **not** implement both the bootstrap architecture and the bridge architecture in the same branch.
- Keep the ws-native code unless and until the bridge decision makes specific pieces obsolete.
- Prefer a dedicated probe surface over embedding validation logic into production request handling.
---
## File Structure
### Existing files to modify
- Modify: `src/browser/mod.rs`
- export the new `ws_probe` module so both tests and the probe binary use the same library surface
- Modify: `src/browser/ws_protocol.rs`
- only if a tiny helper extraction is required for test/probe readability
- do not change existing protocol semantics in this slice
- Modify: `tests/browser_ws_protocol_test.rs`
- add deterministic coverage for any extracted helper used by the probe harness
### New files to create
- Create: `src/bin/sgbrowser_ws_probe.rs`
- standalone diagnostic binary for ordered frame-script probing against a live sgBrowser websocket endpoint
- Create: `src/browser/ws_probe.rs`
- small reusable probe/transcript module, if needed, to keep the binary and tests focused
- Create: `tests/browser_ws_probe_test.rs`
- deterministic fake-server tests for transcript capture, timeout reporting, and scripted sequence execution
- Create: `docs/superpowers/specs/2026-04-03-ws-browser-bridge-path-design.md` **only if Option B wins after probing**
- follow-up bridge design, not part of the initial coding slice
- Create: `docs/superpowers/plans/2026-04-03-ws-browser-bridge-path-plan.md` **only if Option B wins after probing**
- follow-up bridge implementation plan, not part of the initial coding slice
- Create: `docs/_tmp_sgbrowser_ws_probe_transcript.md`
- temporary evidence artifact capturing the real endpoint probe matrix and outcomes
### Files deliberately not changed in the initial slice
- `src/lib.rs`
- `src/agent/task_runner.rs`
- `src/compat/runtime.rs`
- `src/compat/orchestration.rs`
- `src/compat/workflow_executor.rs`
- `src/browser/ws_backend.rs`
Unless the probe results prove a real bootstrap contract, these files stay untouched.
---
## Task 1: Build a deterministic websocket probe harness before touching production behavior
**Files:**
- Create: `src/browser/ws_probe.rs`
- Create: `tests/browser_ws_probe_test.rs`
- Reuse: `src/browser/ws_protocol.rs`
- [ ] **Step 1: Write the first failing transcript test**
Create `tests/browser_ws_probe_test.rs` with one focused fake-server test that executes a scripted sequence of outgoing text frames and records all received text frames in order.
Start with this shape:
```rust
#[test]
fn probe_records_welcome_then_silence_transcript() {
// fake server sends one welcome frame and then stays silent
// probe result should preserve that exact transcript and mark timeout/silence explicitly
}
```
Required assertions:
- the probe can connect to the fake websocket server
- it can send a scripted first frame
- it records the first inbound text frame exactly
- it returns a transcript/result object that distinguishes timeout from protocol parse failure
- [ ] **Step 2: Run the single new test and verify it fails**
Run:
```bash
cargo test --test browser_ws_probe_test probe_records_welcome_then_silence_transcript -- --nocapture
```
Expected: FAIL because the probe harness does not exist yet.
- [ ] **Step 3: Add the second failing probe test for ordered multi-step scripts**
In the same file, add a test proving the harness can run multiple outgoing frames in a fixed order and keep the transcript segmented by step.
Test shape:
```rust
#[test]
fn probe_runs_ordered_frame_script_and_records_per_step_results() {
// send bootstrap frame 1, bootstrap frame 2, then minimal action
// fake server replies differently at each step
// probe result preserves exact order and outcomes
}
```
Required assertions:
- outgoing frames are sent in the configured order
- inbound frames are attached to the correct step
- the probe can stop the sequence on timeout/close if configured
- [ ] **Step 4: Run the ordered-script test and verify it fails**
Run:
```bash
cargo test --test browser_ws_probe_test probe_runs_ordered_frame_script_and_records_per_step_results -- --nocapture
```
Expected: FAIL because the probe harness does not exist yet.
- [ ] **Step 5: Add the third failing probe test for close/reset visibility**
Add one focused fake-server test that closes the connection after a script step and asserts the transcript reports close/reset rather than generic timeout.
- [ ] **Step 6: Run the close/reset test and verify it fails**
Run:
```bash
cargo test --test browser_ws_probe_test probe_reports_socket_close_separately_from_timeout -- --nocapture
```
Expected: FAIL because the probe harness does not exist yet.
- [ ] **Step 7: Implement the minimal probe module**
Create `src/browser/ws_probe.rs` with only the types and behavior needed by the tests.
Recommended shape:
```rust
pub struct ProbeStep {
pub label: String,
pub payload: String,
pub expect_reply: bool,
}
pub enum ProbeOutcome {
Received(Vec<String>),
TimedOut,
Closed,
ConnectFailed(String),
}
pub struct ProbeStepResult {
pub label: String,
pub sent: String,
pub outcome: ProbeOutcome,
}
pub fn run_probe_script(/* ws url, timeout, steps */) -> Result<Vec<ProbeStepResult>, ProbeError> {
// connect, send ordered frames, collect exact transcript
}
```
Rules:
- do not parse business meaning yet
- do not mix this into normal task execution
- preserve exact raw text frames in transcript results
- keep the module small and diagnostic-oriented
- [ ] **Step 8: Re-run the new probe tests**
Run:
```bash
cargo test --test browser_ws_probe_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 9: Commit**
```bash
git add src/browser/ws_probe.rs tests/browser_ws_probe_test.rs
git commit -m "test: add sgBrowser websocket probe harness"
```
---
## Task 2: Add a standalone probe binary for live sgBrowser evidence collection
**Files:**
- Create: `src/bin/sgbrowser_ws_probe.rs`
- Create: `src/browser/ws_probe.rs`
- Modify: `src/browser/mod.rs`
- Create: `tests/browser_ws_probe_test.rs`
- [ ] **Step 1: Write the failing helper parser test**
In `tests/browser_ws_probe_test.rs`, add one focused test for a new helper function in `src/browser/ws_probe.rs`:
```rust
#[test]
fn parse_probe_args_accepts_ws_url_timeout_and_ordered_steps() {
// parse a fixed argv-style slice into a ProbeCliConfig
}
```
Create and use this exact helper shape:
```rust
pub struct ProbeCliConfig {
pub ws_url: String,
pub timeout_ms: u64,
pub steps: Vec<ProbeStep>,
}
pub fn parse_probe_args(args: &[String]) -> Result<ProbeCliConfig, ProbeError>
```
The test must assert that these exact arguments parse successfully and preserve step order:
```text
--ws-url ws://127.0.0.1:12345
--timeout-ms 1500
--step open-agent::["about:blank","sgOpenAgent"]
--step open-hot::["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
```
- [ ] **Step 2: Run the parser test and verify it fails**
Run:
```bash
cargo test --test browser_ws_probe_test parse_probe_args_accepts_ws_url_timeout_and_ordered_steps -- --nocapture
```
Expected: FAIL because `parse_probe_args(...)` and `ProbeCliConfig` do not exist yet.
- [ ] **Step 3: Implement the helper and binary together**
In `src/browser/ws_probe.rs`, add `ProbeCliConfig` and `parse_probe_args(...)`.
In `src/browser/mod.rs`, add the module export:
```rust
pub mod ws_probe;
```
In `src/bin/sgbrowser_ws_probe.rs`, implement the binary using only `std::env::args()` plus `parse_probe_args(...)`.
Required behavior:
- accepts a websocket URL
- accepts a timeout in milliseconds
- accepts repeated ordered steps
- runs the probe harness
- prints a markdown-friendly transcript including:
- step label
- exact sent payload
- exact received frames, if any
- timeout/close outcome
Output shape can be simple, for example:
```text
STEP 1 bootstrap-open-agent
SEND: ["about:blank","sgOpenAgent"]
RECV: Welcome! You are client #1
OUTCOME: timeout
```
Rules:
- no production/browser-runtime integration
- no hidden fallback logic
- no “best effort” guessing of next steps
- [ ] **Step 4: Re-run the parser/helper test**
Run:
```bash
cargo test --test browser_ws_probe_test parse_probe_args_accepts_ws_url_timeout_and_ordered_steps -- --nocapture
```
Expected: PASS.
- [ ] **Step 5: Build the probe binary**
Run:
```bash
cargo build --bin sgbrowser_ws_probe
```
Expected: PASS.
- [ ] **Step 6: Commit**
```bash
git add src/bin/sgbrowser_ws_probe.rs src/browser/ws_probe.rs src/browser/mod.rs tests/browser_ws_probe_test.rs
git commit -m "feat: add live sgBrowser websocket probe binary"
```
---
## Task 3: Run the real endpoint probe matrix and write the evidence transcript
**Files:**
- Create: `docs/_tmp_sgbrowser_ws_probe_transcript.md`
- Reuse only: `src/bin/sgbrowser_ws_probe.rs`, `docs/_tmp_sgbrowser_ws_api_doc.txt`
- [ ] **Step 1: Run the no-bootstrap baseline probe**
Run exactly:
```bash
cargo run --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "baseline-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
```
Append the exact output under a `## baseline-open` heading in `docs/_tmp_sgbrowser_ws_probe_transcript.md`.
- [ ] **Step 2: Run the documented `sgOpenAgent` candidate**
Run exactly:
```bash
cargo run --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "open-agent::[\"about:blank\",\"sgOpenAgent\"]" --step "post-open-agent-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
```
Append the exact output under a `## open-agent` heading.
- [ ] **Step 3: Run the documented `sgSetAuthInfo` candidate**
Run exactly:
```bash
cargo run --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "set-auth::[\"about:blank\",\"sgSetAuthInfo\",\"probe-user\",\"probe-token\"]" --step "post-set-auth-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
```
Append the exact output under a `## set-auth` heading.
- [ ] **Step 4: Run the documented `sgBrowserLogin` candidate**
Run exactly:
```bash
cargo run --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "browser-login::{\"request\":\"use-json-helper\"}"
```
Before running, replace the placeholder payload with the exact JSON-array frame produced by the helper for:
```json
["about:blank","sgBrowserLogin",{"appName":"probe","userName":"probe","orgName":"probe","menus":[{"name":"probe","normalImg":"x","activeImg":"x","url":"https://www.zhihu.com/hot"}]}]
```
Then add a second step in the same command:
```json
["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]
```
Append the exact output under a `## browser-login` heading.
- [ ] **Step 5: Run the documented `sgBrowerserActiveTab` candidate**
Run exactly:
```bash
cargo run --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "active-tab::[\"about:blank\",\"sgBrowerserActiveTab\",\"https://www.zhihu.com/hot\",\"probeCallback\"]" --step "post-active-tab-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
```
Append the exact output under a `## active-tab` heading.
- [ ] **Step 6: Run one combined bootstrap candidate**
Run exactly:
```bash
cargo run --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "combined-open-agent::[\"about:blank\",\"sgOpenAgent\"]" --step "combined-active-tab::[\"about:blank\",\"sgBrowerserActiveTab\",\"https://www.zhihu.com/hot\",\"probeCallback\"]" --step "combined-open::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
```
Append the exact output under a `## combined-bootstrap` heading.
- [ ] **Step 7: Run `requesturl` variants for the minimal action**
Run exactly these two additional commands:
```bash
cargo run --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "target-as-requesturl::[\"https://www.zhihu.com/hot\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
```
```bash
cargo run --bin sgbrowser_ws_probe -- --ws-url "ws://127.0.0.1:12345" --timeout-ms 1500 --step "baidu-requesturl::[\"https://www.baidu.com\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
```
Append the exact outputs under `## requesturl-variants`.
- [ ] **Step 8: Summarize the matrix in the transcript file**
At the end of `docs/_tmp_sgbrowser_ws_probe_transcript.md`, add this exact table template and fill it in:
```markdown
| Sequence | Sent frames | First reply | Final outcome | Decision signal |
| --- | --- | --- | --- | --- |
```
- [ ] **Step 9: Determine which architecture option wins**
Decision rule:
- if at least one sequence reproducibly yields real numeric status and/or callback frames for a real business action, Option A (bootstrap-validated raw websocket) wins
- otherwise, Option B (bridge-first) wins
Do not weaken this decision rule.
- [ ] **Step 10: Commit the evidence artifact**
```bash
git add docs/_tmp_sgbrowser_ws_probe_transcript.md
git commit -m "docs: capture sgBrowser websocket probe evidence"
```
---
## Task 4A: If Option A wins, write the narrow bootstrap implementation slice
**Files:**
- Create: `docs/superpowers/specs/2026-04-03-ws-browser-bootstrap-contract-design.md`
- Create: `docs/superpowers/plans/2026-04-03-ws-browser-bootstrap-contract-plan.md`
- Reuse as evidence input:
- `docs/_tmp_sgbrowser_ws_probe_transcript.md`
- `docs/_tmp_sgbrowser_ws_api_doc.txt`
- `src/browser/ws_backend.rs`
- `src/browser/ws_protocol.rs`
- [ ] **Step 1: Write one new design doc capturing the proven bootstrap contract**
Create:
```text
docs/superpowers/specs/2026-04-03-ws-browser-bootstrap-contract-design.md
```
Include:
- exact validated sequence
- exact required state (`requesturl`, active tab, agent page, auth payload)
- exact failure semantics
- why this is sufficient evidence to keep raw websocket as the product surface
- [ ] **Step 2: Write one new implementation plan for the bootstrap path**
Create:
```text
docs/superpowers/plans/2026-04-03-ws-browser-bootstrap-contract-plan.md
```
Plan only the minimal production changes required to embed the validated bootstrap sequence into the service/browser path.
- [ ] **Step 3: Commit the bootstrap decision docs**
```bash
git add docs/superpowers/specs/2026-04-03-ws-browser-bootstrap-contract-design.md docs/superpowers/plans/2026-04-03-ws-browser-bootstrap-contract-plan.md
git commit -m "docs: capture ws browser bootstrap contract"
```
- [ ] **Step 4: Stop after writing the bootstrap plan**
Do not begin production implementation in the same slice unless the user explicitly asks for execution.
---
## Task 4B: If Option B wins, write the bridge-first implementation slice
**Files:**
- Create: `docs/superpowers/specs/2026-04-03-ws-browser-bridge-path-design.md`
- Create: `docs/superpowers/plans/2026-04-03-ws-browser-bridge-path-plan.md`
- Reuse as evidence input:
- `docs/_tmp_sgbrowser_ws_probe_transcript.md`
- `frontend/archive/sgClaw验证-已归档/testRunner.js`
- `docs/superpowers/specs/2026-03-25-superrpa-sgclaw-browser-control-design.md`
- `docs/archive/项目管理与排期/协作时间表.md`
- `docs/plans/2026-03-27-sgclaw-floating-chat-frontend-design.md`
- [ ] **Step 1: Write the bridge-path design doc**
Create `docs/superpowers/specs/2026-04-03-ws-browser-bridge-path-design.md`.
The design must specify:
- why raw websocket is considered non-validated for external control
- which bridge surface becomes authoritative
- where sgClaw should integrate (`FunctionsUI`, host bridge, `BrowserAction`, `CommandRouter`, or the nearest validated seam in this repo)
- how to preserve pipe behavior and existing abstractions where practical
- [ ] **Step 2: Write the bridge-path implementation plan**
Create `docs/superpowers/plans/2026-04-03-ws-browser-bridge-path-plan.md`.
The plan must:
- identify exact files to touch
- describe the narrowest adapter implementation
- keep TDD/task granularity as in this document
- avoid speculative work outside the bridge slice
- [ ] **Step 3: Commit the bridge decision docs**
```bash
git add docs/superpowers/specs/2026-04-03-ws-browser-bridge-path-design.md docs/superpowers/plans/2026-04-03-ws-browser-bridge-path-plan.md
git commit -m "docs: define bridge-first sgBrowser integration"
```
- [ ] **Step 4: Stop after writing the bridge plan**
Do not start the bridge implementation in the same slice unless the user explicitly asks for execution.
---
## Verification Checklist
### Deterministic probe harness tests
```bash
cargo test --test browser_ws_probe_test -- --nocapture
```
Expected: transcript capture, ordered scripts, timeout reporting, and close/reset reporting all pass.
### Probe binary build
```bash
cargo build --bin sgbrowser_ws_probe
```
Expected: PASS.
### Live evidence collection
- run the probe matrix against the real configured endpoint
- save exact transcripts to `docs/_tmp_sgbrowser_ws_probe_transcript.md`
- make the architecture decision using the documented rule
### Follow-up branch condition
- if Option A wins, repository contains a bootstrap-contract design + plan
- if Option B wins, repository contains a bridge-path design + plan
- no production runtime changes are made until that decision is written down
---
## Notes for Implementation
- The existing `WsBrowserBackend` fix that remembers the last navigated URL remains valid; do not revert it.
- The previous auth-replacement work also remains valid; it removed a real bug but did not prove the raw websocket architecture.
- Keep the probe tool brutally literal: exact sent frames, exact received frames, explicit timeout/close outcomes.
- Resist the temptation to make the probe “smart.” Smart probes hide evidence.
- If the real endpoint still replies only with the welcome banner and then silence across the matrix, treat that as a decision, not as an excuse for more guessing.

362
docs/superpowers/plans/2026-04-03-ws-browser-welcome-frame-plan.md Normal file
View File

@@ -0,0 +1,362 @@
# WS Browser Welcome Frame Compatibility Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Make the ws service path tolerate the real sgBrowser welcome banner (`Welcome! You are client #...`) without weakening general ws protocol validation or changing pipe behavior.
**Architecture:** Keep the shared `WsBrowserBackend` strict and implement the compatibility shim only in `ServiceBrowserWsClient`, which is already the real-browser adapter for the ws service path. Add one positive red test for the known welcome frame and one negative red test proving non-matching first text frames still fail as protocol errors, then make the minimal stateful change in `src/service/server.rs` and verify ws + pipe regressions.
**Tech Stack:** Rust 2021, tungstenite websocket client/server, existing `WsBrowserBackend`, existing `ServiceBrowserWsClient`, existing Rust unit/integration test suite.
---
## File Structure
### Existing files to modify
- Modify: `src/service/server.rs`
- Add the one-time per-connection welcome-skip state to `ServiceBrowserWsClient`
- Add the minimal helper(s) for detecting and discarding the first known welcome frame
- Add focused service-adapter unit tests in the existing `#[cfg(test)]` module
- Reuse: `src/browser/ws_backend.rs`
- Do not change protocol parsing rules; only verify behavior remains strict for all non-service callers
- Reuse: `tests/service_task_flow_test.rs`
- Re-run to confirm the ws service path still reaches the browser websocket after the service-side shim
- Reuse: `tests/browser_ws_backend_test.rs`
- Re-run to prove the shared backend semantics remain unchanged
### Files deliberately not changed
- `src/browser/ws_backend.rs`
- `src/browser/ws_protocol.rs`
- `src/agent/task_runner.rs`
- `src/compat/runtime.rs`
- `src/compat/orchestration.rs`
- `src/compat/workflow_executor.rs`
- `src/lib.rs`
The design explicitly keeps the welcome-banner workaround out of the shared backend and out of the pipe path.
---
## Task 1: Reproduce the real welcome-frame failure with focused unit tests
**Files:**
- Modify: `src/service/server.rs`
- [ ] **Step 1: Add the positive failing test for the known welcome frame**
In the existing `#[cfg(test)] mod tests` inside `src/service/server.rs`, add one focused test next to the current ws adapter tests.
Test shape:
```rust
#[test]
fn future_server_side_ws_native_adapter_skips_initial_known_welcome_frame() {
// fake server sends:
// 1. "Welcome! You are client #1"
// 2. "0"
// backend.invoke(Action::Navigate, ...) should succeed
}
```
Required assertions:
- the fake websocket server accepts one connection
- it sends the welcome banner first, then the numeric success status
- `WsBrowserBackend.invoke(Action::Navigate, ...)` returns `Ok(CommandOutput { success: true, .. })`
- [ ] **Step 2: Run only the positive new test and watch it fail**
Run:
```bash
cargo test service::server::tests::future_server_side_ws_native_adapter_skips_initial_known_welcome_frame -- --nocapture
```
Expected: FAIL with a protocol error containing `invalid browser status frame: Welcome! You are client #1`.
- [ ] **Step 3: Add the negative failing test for arbitrary first text**
In the same `#[cfg(test)]` module, add one negative test proving we do **not** silently skip arbitrary first text frames.
Test shape:
```rust
#[test]
fn future_server_side_ws_native_adapter_does_not_skip_unknown_first_text_frame() {
// fake server sends:
// 1. "Hello from server"
// assert invoke(...) fails as PipeError::Protocol(...)
}
```
Required assertions:
- the first frame is a non-matching text frame such as `Hello from server`
- `invoke(...)` fails
- the failure remains a protocol error rather than success or timeout
- [ ] **Step 4: Run only the negative new test and verify the current behavior is already strict**
Run:
```bash
cargo test service::server::tests::future_server_side_ws_native_adapter_does_not_skip_unknown_first_text_frame -- --nocapture
```
Expected: PASS, proving the current implementation already treats arbitrary first text as a protocol error. Keep that assertion in place before any production change.
- [ ] **Step 5: Confirm the TDD gate before implementation**
Do not implement production code before both tests exist and the positive test has failed on current behavior.
---
## Task 2: Add the minimal per-connection welcome-skip state in the service adapter
**Files:**
- Modify: `src/service/server.rs`
- [ ] **Step 1: Add one-time per-connection state to `ServiceBrowserWsClient`**
Extend `ServiceBrowserWsClient` with one extra state field that tracks whether the initial welcome candidate has already been consumed for the current websocket connection.
Allowed shape:
```rust
struct ServiceBrowserWsClient {
browser_ws_url: String,
browser_socket: Mutex<Option<WebSocket<MaybeTlsStream<TcpStream>>>>,
initial_text_frame_checked: Mutex<bool>,
}
```
or an equally small equivalent.
Rules:
- state is per connection, not per request
- state must survive multiple `invoke(...)` calls while reusing the same socket
- do not add broader protocol state machines
- [ ] **Step 2: Add a narrow welcome-frame matcher**
In `src/service/server.rs`, add one small helper that recognizes only the known banner prefix:
```rust
fn is_known_welcome_frame(frame: &str) -> bool {
frame.starts_with("Welcome! You are client #")
}
```
Rules:
- no regex needed
- no generic “ignore arbitrary text” logic
- keep the matcher local to `src/service/server.rs`
- [ ] **Step 3: Update `recv_text_timeout(...)` to skip at most one initial known banner**
Modify `impl WsClient for ServiceBrowserWsClient` so that the first text frame received after connection establishment is handled like this:
1. read the next text frame
2. if the initial-frame state is still false:
- mark the first-frame check as consumed
- if the frame matches `is_known_welcome_frame(...)`, read the next frame and return that next frame instead
3. otherwise, return the frame unchanged
Rules:
- skip only once per connection
- do not loop indefinitely over multiple text frames
- do not swallow unknown first text frames
- do not change timeout / close / reset / connect-failure behavior
- [ ] **Step 4: Reset the one-time state when a fresh socket is created**
When `with_socket(...)` establishes a brand-new websocket connection, ensure the one-time banner-check state is reset so a new connection can tolerate its own first welcome frame.
- [ ] **Step 5: Add one reconnect regression in the service adapter tests**
Add one focused test proving the welcome skip resets on a fresh connection after socket close/reset.
Test shape:
```rust
#[test]
fn future_server_side_ws_native_adapter_skips_welcome_again_after_reconnect() {
// first connection closes after use
// second fresh connection sends the same welcome banner again
// both invocations succeed
}
```
Required assertion:
- the one-time skip is per connection, not global for the client instance
- [ ] **Step 6: Run the positive new test**
Run:
```bash
cargo test service::server::tests::future_server_side_ws_native_adapter_skips_initial_known_welcome_frame -- --nocapture
```
Expected: PASS.
- [ ] **Step 7: Run the negative new test**
Run:
```bash
cargo test service::server::tests::future_server_side_ws_native_adapter_does_not_skip_unknown_first_text_frame -- --nocapture
```
Expected: PASS, proving unknown first text is still treated as a protocol error.
- [ ] **Step 8: Run the reconnect regression**
Run:
```bash
cargo test service::server::tests::future_server_side_ws_native_adapter_skips_welcome_again_after_reconnect -- --nocapture
```
Expected: PASS.
- [ ] **Step 9: Run the full service adapter unit group**
Run:
```bash
cargo test service::server::tests -- --nocapture
```
Expected: PASS, including the existing tests for:
- status `0` success
- connect failure => `PipeError::Protocol("browser websocket connect failed: ...")`
- disconnect/reset => `PipeError::PipeClosed`
- callback timeout => `PipeError::Timeout`
- new known-welcome success path
- new unknown-first-frame strictness path
- new reconnect reset behavior
---
## Task 3: Verify the shared backend stayed strict and the ws service path still works
**Files:**
- Reuse: `tests/browser_ws_backend_test.rs`
- Reuse: `tests/service_task_flow_test.rs`
- Reuse: `src/browser/ws_backend.rs`
- [ ] **Step 1: Re-run the shared ws backend tests unchanged**
Run:
```bash
cargo test --test browser_ws_backend_test -- --nocapture
```
Expected: PASS. This proves `WsBrowserBackend` semantics remain unchanged for its existing deterministic callers.
- [ ] **Step 2: Re-run the service task-flow regression**
Run:
```bash
cargo test --test service_task_flow_test -- --nocapture
```
Expected: PASS, including the auth-regression test that proves the ws service path reaches the browser websocket and no longer emits `invalid hmac seed: session key must not be empty`.
- [ ] **Step 3: Re-run the ws-focused mixed verification**
Run:
```bash
cargo test --test browser_ws_backend_test --test browser_ws_protocol_test --test service_ws_session_test --test service_task_flow_test -- --nocapture
```
Expected: PASS.
---
## Task 4: Re-run the real manual smoke that originally failed
**Files:**
- Reuse only: no code changes unless a fresh reproducer proves another bug
- [ ] **Step 1: Confirm real browser websocket reachability**
Run a reachability check for `ws://127.0.0.1:12345` (or the configured `browserWsUrl`) before starting smoke.
Expected: reachable.
- [ ] **Step 2: Start the real ws service**
Run:
```bash
cargo run --bin sg_claw -- --config-path "D:/data/ideaSpace/rust/sgClaw/sgclaw_config.json"
```
Expected: the service prints:
- `sg_claw ready: ...`
- the resolved `service_ws_listen_addr`
- the configured `browser_ws_url`
- [ ] **Step 3: Re-run the original failing manual smoke**
Run:
```bash
printf '打开知乎热榜并读取页面主区域文本\n' | cargo run --bin sg_claw_client -- --config-path "D:/data/ideaSpace/rust/sgClaw/sgclaw_config.json"
```
Expected:
- no `invalid browser status frame: Welcome! You are client #1`
- browser actions proceed past the first status frame
- if the browser later fails for another reason, capture that new reason exactly
- [ ] **Step 4: Re-run the old Zhihu export task smoke**
Run:
```bash
printf '读取知乎热榜数据,并导出 excel 文件\n' | cargo run --bin sg_claw_client -- --config-path "D:/data/ideaSpace/rust/sgClaw/sgclaw_config.json"
```
Expected:
- no `invalid browser status frame: Welcome! You are client #1`
- the task reaches the real browser action path beyond connection banner handling
- [ ] **Step 5: Stop and debug if a new real-browser issue appears**
If smoke now fails for a different reason, do not piggyback a second fix into this slice without:
- capturing the exact new output
- writing a new focused spec/plan if the issue is materially different
---
## Verification Checklist
### Service adapter unit tests
```bash
cargo test service::server::tests -- --nocapture
```
Expected: all service-side ws adapter tests pass, including the new welcome-frame positive/negative cases and reconnect reset case.
### Shared ws backend + ws service regressions
```bash
cargo test --test browser_ws_backend_test --test browser_ws_protocol_test --test service_ws_session_test --test service_task_flow_test -- --nocapture
```
Expected: PASS.
### Real smoke verification
- `browserWsUrl` reachable
- `sg_claw` starts with real config
- `sg_claw_client` no longer fails on `Welcome! You are client #...`
- Zhihu minimal read task gets past the first status frame
- Zhihu export task gets past the first status frame

564
docs/superpowers/plans/2026-04-03-zhihu-release-ws-function-callback-plan.md Normal file
View File

@@ -0,0 +1,564 @@
# Zhihu Release WS Function-Callback Migration Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Move only the Zhihu direct-execution path to the new Release browser websocket interaction style while keeping the existing pipe protocol and non-Zhihu submit behavior unchanged.
**Architecture:** Keep `ClientMessage` / `ServiceMessage`, `run_submit_task_with_browser_backend(...)`, and the high-level Zhihu workflow steps unchanged. First prove the exact Release browser interaction contract with transcript-backed probes. Then implement the smallest Zhihu-scoped backend path that follows that proven contract. Do not globally rewire the submit path unless the probe evidence proves there is no narrower safe seam.
**Tech Stack:** Rust, tungstenite, existing sgclaw service/client pipe protocol, `docs/_tmp_sgbrowser_ws_api_doc.txt`, Release browser websocket at `ws://127.0.0.1:12345`, current Zhihu direct-execution workflow.
---
## Context
The user has now made the target behavior explicit:
- the browser has changed and the working reference behavior is the user-provided HTML page that connects to `ws://127.0.0.1:12345`
- that page sends a bootstrap registration frame: `{"type":"register","role":"web"}`
- browser requests are still JSON arrays such as `[window.location.href, "sgBrowserSetTheme", "1"]` and `[window.location.href, "sgBrowerserGetUrls", "showUrls"]`
- callback-bearing browser behavior is now centered on page-defined JS callback functions like `showUrls`, not on Rust directly reading a websocket callback frame as the final business result
- the existing sgclaw pipe protocol must remain unchanged
The current sgclaw drift that must be corrected is visible in:
- `src/browser/ws_protocol.rs`
- `Action::Navigate` currently emits `sgHideBrowserCallAfterLoaded` with an inline `callBackJsToCpp(...)` string
- `src/browser/ws_backend.rs`
- Rust currently waits for a browser websocket callback frame and treats that as the action result
- `tests/service_ws_session_test.rs:498-605`
- `tests/service_task_flow_test.rs:499-635`
- existing **generic submit-flow** regressions still lock in the old direct raw-websocket callback-frame assumption
- these are useful as non-regression guardrails, but they are not themselves Zhihu-specific regressions
Zhihu-specific verification must therefore be added explicitly instead of assuming those Baidu-path tests already cover Zhihu.
The new browser style proves these facts and only these facts so far:
1. sgclaw must handle a register-first websocket handshake
2. browser requests are still `[requesturl, action, ...args]`
3. some browser capabilities now return through page-defined callback functions like `showUrls`
4. the current direct raw-websocket callback expectation in Zhihu path is no longer a safe assumption
The production seam is **not** pre-decided here. Task 1 must determine whether Zhihu can be integrated by:
- a direct Zhihu-scoped backend with no helper page, or
- a helper page / relay design because named page callbacks are the only reliable result path
Until Task 1 evidence is captured, both remain hypotheses.
## Evidence to preserve in the implementation
### Browser websocket API doc
From `docs/_tmp_sgbrowser_ws_api_doc.txt`:
- `ws://localhost:12345` is the browser websocket endpoint
- request frames are array payloads with `requesturl`
- `sgBrowerserGetUrls(callback)` uses a callback **function name**: `[requesturl,"sgBrowerserGetUrls", callback]`
- `sgBrowserCallAfterLoaded(targetUrl, callback)` and `sgHideBrowserCallAfterLoaded(targetUrl, callback)` use callback strings with parentheses
- `callBackJsToCpp(param)` uses `sourceUrl@_@targetUrl@_@callback@_@actionUrl@_@responseTxt`
- `sgBrowserRegJsFun(targeturl, funContent)` and `sgBrowserExcuteJsFun(targeturl, funName)` exist and may be useful when the helper page needs durable callback helpers
### Current working HTML pattern from the user
The now-working reference interaction is:
```html
const socket = new WebSocket('ws://127.0.0.1:12345');
socket.onopen = () => {
socket.send(JSON.stringify({type: 'register', role: 'web'}));
};
socket.send(JSON.stringify([window.location.href,"sgBrowerserGetUrls","showUrls"]));
function showUrls(urls) {
// browser invokes this page-defined callback
}
```
That is the browser behavior sgclaw now needs to follow.
---
## Critical files
### Production files to modify
- `src/browser/ws_protocol.rs`
- `src/compat/workflow_executor.rs` (only if a narrow Zhihu-specific correction is required after backend swap)
- `src/service/server.rs` (only if the chosen Zhihu-scoped integration seam must be wired here)
- `src/service/mod.rs` (only if startup plumbing changes are truly required)
- `src/browser/mod.rs`
### New production files likely needed
- `src/browser/zhihu_release_backend.rs`
- a Zhihu-scoped `BrowserBackend` adapter that follows the proven Release browser interaction style without changing non-Zhihu routes
- `src/service/browser_callback_host.rs` **only if the probe proves a service-controlled helper page is actually required**
- service-local helper-page lifecycle and callback relay, if evidence shows the browser cannot be driven safely without it
### Existing files to preserve
- `src/agent/task_runner.rs`
- `src/service/protocol.rs`
- `src/compat/orchestration.rs`
- `src/compat/runtime.rs`
- `src/pipe/*`
### Existing direct-ws files to review explicitly
- `src/browser/ws_backend.rs`
- `tests/browser_ws_backend_test.rs`
These files currently encode the old direct raw-websocket callback expectation. The implementation must either:
- leave them untouched as legacy/direct-contract coverage with no Zhihu production callers, or
- update/remove the Zhihu-specific assumptions they currently lock in.
### Primary test files
- `tests/browser_ws_probe_test.rs`
- `tests/browser_ws_protocol_test.rs`
- `tests/service_ws_session_test.rs`
- `tests/service_task_flow_test.rs`
- `tests/task_runner_test.rs`
- `tests/browser_ws_backend_test.rs`
---
## File structure decisions
### `src/browser/zhihu_release_backend.rs`
Prefer a Zhihu-scoped backend first.
Responsibilities:
- keep the same `BrowserBackend` trait surface
- implement only the behavior needed by the current Zhihu direct-execution route
- translate `Action::Navigate`, `Action::GetText`, and `Action::Eval` into the proven Release-browser interaction style
- normalize results back into `CommandOutput`
- avoid affecting non-Zhihu callers
This is the preferred seam because the user asked to change the current Zhihu flow, not to redesign the whole submit pipeline.
### `src/service/browser_callback_host.rs` (conditional)
Create this file only if Task 1 probe evidence proves that sgclaw must host or control a page in order to receive named callback-function results.
If it is needed, the plan must keep the design minimal and specific:
- one concrete transport only (choose websocket or HTTP, not “websocket or HTTP”)
- explicit readiness handshake
- explicit request correlation by `request_id`
- explicit cleanup when the submit task ends
If Task 1 shows a simpler seam, do not create this file.
### `src/browser/ws_protocol.rs`
Do not let this file keep only the old direct-callback assumption.
It should become the shared place for doc-native request builders such as:
- browser bootstrap frames proven by the transcript
- `sgBrowserCallAfterLoaded` / `sgHideBrowserCallAfterLoaded`
- `sgBrowserExcuteJsCodeByArea`
- optional `sgBrowserRegJsFun` / `sgBrowserExcuteJsFun`
But do **not** let `ws_protocol.rs` absorb service-host lifecycle logic.
### `src/browser/ws_backend.rs` and `tests/browser_ws_backend_test.rs`
Handle these explicitly in the implementation:
- if they still describe a valid direct browser contract, keep them as isolated legacy/direct-ws coverage only
- if their current navigate/callback assumptions conflict with the proven Release Zhihu path, update or narrow those tests so they no longer describe the active Zhihu integration path
Do not leave the old direct-callback assumptions ambiguously “reviewed”; the implementation must make their status explicit.
---
## Task 1: Capture the new Release browser contract in a reproducible probe transcript
**Files:**
- Review/modify: `src/browser/ws_probe.rs`
- Review/modify: `src/bin/sgbrowser_ws_probe.rs`
- Review/modify: `tests/browser_ws_probe_test.rs`
- Create: `docs/_tmp_release_ws_callback_host_transcript.md`
- [ ] **Step 1: Verify current probe coverage against the Release-browser questions**
Read the existing probe module and tests and check whether they already prove all of the following:
- a register-first websocket script can be expressed
- a later array action frame can be expressed in the same script
- per-step inbound frames/outcomes are preserved separately
- timeout/close remain distinguishable in the transcript
Required result:
- identify the exact existing tests that already prove these behaviors
- identify the smallest missing Release-specific coverage, if any
- [ ] **Step 2: Add only the missing regression coverage**
If current tests do **not** already prove the Release-browser bootstrap shape, add the narrowest failing regression in `tests/browser_ws_probe_test.rs`.
Preferred shape if coverage is missing:
```rust
#[test]
fn probe_supports_register_then_array_action_script() {
// fake server expects:
// 1. {"type":"register","role":"web"}
// 2. ["http://127.0.0.1/helper.html","sgBrowerserGetUrls","showUrls"]
}
```
And, if still missing, add one regression proving per-step transcript separation for the register reply and later action reply.
If those behaviors are already covered, skip new test creation and record the exact test names to rely on.
- [ ] **Step 3: Run the relevant probe tests**
Run the narrowest exact tests that prove the Release bootstrap behavior, or the full file if multiple areas changed:
```bash
cargo test --test browser_ws_probe_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 4: Make the probe binary ergonomic for the Release transcript if needed**
Only if the current CLI cannot conveniently express the real Release-browser script, make the smallest change needed in `src/bin/sgbrowser_ws_probe.rs` / `src/browser/ws_probe.rs` so it can capture:
- register frame behavior
- minimal `sgBrowserSetTheme`
- minimal `sgBrowerserGetUrls`
- exact inbound websocket text per step
Do not redesign the probe if it already supports this.
- [ ] **Step 5: Run the live probe against the Release browser and record the real bootstrap**
Use the probe binary against the real endpoint to capture at minimum:
- register frame behavior
- minimal `sgBrowserSetTheme`
- minimal `sgBrowerserGetUrls`
- whether replies come back as websocket text, page-function invocation only, or both
Save the exact transcript in `docs/_tmp_release_ws_callback_host_transcript.md`.
Required output in that temp doc:
- exact sent frames
- exact received websocket frames
- the observed rule for when named callback functions are invoked
- whether Option A or Option B is supported by evidence
- [ ] **Step 6: Commit the probe-only slice if code changed**
If probe code/tests changed:
```bash
git add src/browser/ws_probe.rs src/bin/sgbrowser_ws_probe.rs tests/browser_ws_probe_test.rs docs/_tmp_release_ws_callback_host_transcript.md
git commit -m "test: capture release browser ws bootstrap contract"
```
If only the transcript doc changed, stage only that file and use a docs/test-appropriate commit message.
---
## Task 2: Choose the narrowest Zhihu-only production seam from the probe evidence
**Files:**
- Modify: `src/service/server.rs` (only if required)
- Modify: `src/browser/mod.rs`
- Modify: `src/compat/workflow_executor.rs` (only if required)
- Create: `src/browser/zhihu_release_backend.rs`
- Create: `src/service/browser_callback_host.rs` **only if required**
- Test: `tests/service_ws_session_test.rs`
- Test: `tests/service_task_flow_test.rs`
- [ ] **Step 1: Write down the seam decision in the plan notes before coding**
Based on the transcript from Task 1, record which one of these is supported by evidence:
- Option A: a Zhihu-scoped backend can talk to the Release browser directly with no service-hosted helper page
- Option B: a Zhihu-scoped backend needs a service-controlled helper page because named page callbacks are the only reliable way to get business results
Do not proceed until one option is chosen explicitly from evidence.
- [ ] **Step 2: Add a failing service/task-flow regression that proves only the Zhihu path changes**
Update or add focused tests so that:
- Zhihu submit flow uses the new Release-browser interaction seam
- non-Zhihu behavior is unchanged
- pipe messages remain unchanged
Required assertions:
- the new path is activated only for Zhihu route detection
- `ClientMessage` / `ServiceMessage` stay identical
- existing non-Zhihu submit behavior is not accidentally rerouted
- [ ] **Step 3: Run the new focused regression and confirm failure first**
Run the narrowest exact test names you added in:
```bash
cargo test --test service_ws_session_test <new_test_name> -- --nocapture
cargo test --test service_task_flow_test <new_test_name> -- --nocapture
```
Expected: FAIL because the Zhihu-specific seam does not exist yet.
- [ ] **Step 4: Implement the chosen seam with the smallest blast radius**
If Option A won:
- add `src/browser/zhihu_release_backend.rs`
- wire it only where the Zhihu direct-execution route is selected
- leave global submit-path wiring alone
If Option B won:
- add `src/service/browser_callback_host.rs` with one specific transport and one explicit readiness/correlation model
- add `src/browser/zhihu_release_backend.rs` to talk to that helper path
- wire it only for the Zhihu route
In both cases:
- do not change non-Zhihu callers
- do not redesign `run_submit_task_with_browser_backend(...)`
- do not change the pipe protocol
- [ ] **Step 5: Make the status of old direct-ws code explicit**
Update `src/browser/ws_backend.rs` / `tests/browser_ws_backend_test.rs` only as needed so they no longer ambiguously describe the active Zhihu path.
Allowed outcomes:
- keep them untouched as legacy/direct-ws coverage with no Zhihu production caller
- narrow/update the tests so they no longer claim the active Zhihu integration path
Not allowed:
- leaving the plan and code in a state where both old and new paths appear to be the active Zhihu contract
- [ ] **Step 6: Run focused integration tests**
Run:
```bash
cargo test --test service_ws_session_test -- --nocapture
cargo test --test service_task_flow_test -- --nocapture
cargo test --test task_runner_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 7: Commit the seam-selection slice**
Adjust staged files to match the option actually implemented, for example:
```bash
git add src/browser/zhihu_release_backend.rs src/browser/mod.rs src/service/server.rs src/service/browser_callback_host.rs tests/service_ws_session_test.rs tests/service_task_flow_test.rs tests/browser_ws_backend_test.rs
git commit -m "feat: route zhihu flow through release browser ws contract"
```
Only stage files that were truly changed.
---
## Task 3: Implement Zhihu action mapping on the chosen Release-browser seam
**Files:**
- Modify: `src/browser/ws_protocol.rs`
- Modify: `src/browser/zhihu_release_backend.rs`
- Test: `tests/browser_ws_protocol_test.rs`
- Create: `tests/browser_zhihu_release_backend_test.rs`
- [ ] **Step 1: Write the first failing backend test for Zhihu navigate mapping**
Create `tests/browser_zhihu_release_backend_test.rs` with a fake transport/relay and assert that `Action::Navigate` for the Zhihu path becomes the exact browser request shape proven by Task 1.
Start with this shape:
```rust
#[test]
fn zhihu_release_backend_maps_navigate_to_proven_release_frame() {
// invoke Action::Navigate
// assert exact outbound frame/opcode chosen from transcript evidence
}
```
Required assertions:
- the call site still uses `BrowserBackend::invoke(...)`
- the exact outbound frame matches the recorded Release-browser evidence
- request correlation stays deterministic
- [ ] **Step 2: Run the single new backend test and verify it fails**
Run:
```bash
cargo test --test browser_zhihu_release_backend_test zhihu_release_backend_maps_navigate_to_proven_release_frame -- --nocapture
```
Expected: FAIL because the backend does not exist yet.
- [ ] **Step 3: Implement minimal `Navigate` support**
In `src/browser/zhihu_release_backend.rs`:
- implement `BrowserBackend`
- support `Action::Navigate` first
- use `ws_protocol.rs` helpers for exact browser-frame construction
- do not hardcode speculative opcodes; follow the transcript from Task 1
- [ ] **Step 4: Add failing tests for `GetText` and `Eval`**
Add tests proving:
- `Action::GetText` returns `CommandOutput.data == {"text": "..."}`
- `Action::Eval` returns `CommandOutput.data == {"text": "..."}`
- callback or relay failures become `PipeError::Protocol(...)`
- [ ] **Step 5: Implement `GetText` and `Eval` on the chosen seam**
Use the smallest proven mechanism:
- if the transcript proves page-defined callback functions are required, route through them
- if `callBackJsToCpp(...)` to a page context is still part of the proven path, use it deliberately
- if `sgBrowserRegJsFun` / `sgBrowserExcuteJsFun` becomes necessary, add it only with test coverage and only for the Zhihu path
- [ ] **Step 6: Run focused backend/protocol tests**
Run:
```bash
cargo test --test browser_zhihu_release_backend_test -- --nocapture
cargo test --test browser_ws_protocol_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 7: Commit the Zhihu backend slice**
```bash
git add src/browser/ws_protocol.rs src/browser/zhihu_release_backend.rs src/browser/mod.rs tests/browser_ws_protocol_test.rs tests/browser_zhihu_release_backend_test.rs
git commit -m "feat: add zhihu release ws backend"
```
---
## Task 4: Keep the Zhihu workflow logic stable and patch only proven mismatches
**Files:**
- Review: `src/compat/workflow_executor.rs`
- Test: `tests/service_task_flow_test.rs`
- Test: `tests/compat_runtime_test.rs` (only if a focused direct-execution regression is needed)
- [ ] **Step 1: Write a failing Zhihu-specific regression only if the chosen seam changes route assumptions**
If the new Zhihu backend changes request-url or target-url handling enough to break hotlist flow, add one focused failing regression for that exact behavior.
Candidate assertions:
- hotlist navigate still logs `navigate https://www.zhihu.com/hot`
- follow-up `GetText body` still targets the Zhihu page, not any helper page
- extractor `Eval` still runs against Zhihu, not any helper page
- [ ] **Step 2: Keep the current high-level Zhihu action sequence unless a test proves otherwise**
`src/compat/workflow_executor.rs` currently does the right high-level work:
- navigate to Zhihu hotlist
- poll body text until ready
- run the extractor script
Prefer to keep this file unchanged. Only patch it if the new backend needs a narrow explicit `target_url` fix or similar evidence-backed adjustment.
- [ ] **Step 3: Run the smallest Zhihu-focused verification sweep**
Run:
```bash
cargo test --test service_task_flow_test -- --nocapture
cargo test --test compat_runtime_test zhihu -- --nocapture
```
If the `compat_runtime_test zhihu` filter is too broad or unstable, run the exact focused Zhihu cases that cover hotlist extraction.
- [ ] **Step 4: Commit only if a Zhihu-specific code change was actually required**
```bash
git add src/compat/workflow_executor.rs tests/service_task_flow_test.rs tests/compat_runtime_test.rs
git commit -m "fix: keep zhihu workflow aligned with release ws backend"
```
Skip this commit if no production change in `workflow_executor.rs` was needed.
---
## Task 5: Prove that pipe behavior and non-Zhihu behavior stayed unchanged
**Files:**
- Test: `tests/service_ws_session_test.rs`
- Test: `tests/service_task_flow_test.rs`
- Test: `tests/task_runner_test.rs`
- [ ] **Step 1: Add or update one regression that proves pipe messages are unchanged**
Use the smallest existing test seam to assert that `ClientMessage` / `ServiceMessage` payloads remain unchanged while the Zhihu route uses the new browser integration path internally.
- [ ] **Step 2: Add or update one regression that proves non-Zhihu behavior is unchanged**
Use a non-Zhihu submit or service-session case and assert it does not take the new Zhihu-specific backend path.
- [ ] **Step 3: Preserve current runtime regression guards**
The end-to-end tests must continue asserting that output does **not** contain:
- `invalid hmac seed: session key must not be empty`
- `Cannot drop a runtime in a context where blocking is not allowed`
- [ ] **Step 4: Run the final focused verification sweep**
Run:
```bash
cargo test --test service_ws_session_test -- --nocapture
cargo test --test service_task_flow_test -- --nocapture
cargo test --test task_runner_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 5: Commit the verification sweep**
```bash
git add tests/service_ws_session_test.rs tests/service_task_flow_test.rs tests/task_runner_test.rs tests/browser_ws_backend_test.rs
git commit -m "test: constrain zhihu release ws migration scope"
```
Only stage files that were truly changed.
---
## Out of scope
Do **not** do these in this slice:
- change the pipe protocol
- change `ClientMessage` / `ServiceMessage`
- redesign `run_submit_task_with_browser_backend(...)`
- reintroduce any browser bridge surface
- keep adding speculative direct-raw-websocket callback patches to `ws_backend.rs`
- redesign non-Zhihu workflows unless the new backend abstraction forces a shared fix
- create a long-lived external dependency or third-party server just to host the helper page
---
## Verification checklist
Run at minimum:
```bash
cargo test --test browser_ws_probe_test -- --nocapture
cargo test --test browser_zhihu_release_backend_test -- --nocapture
cargo test --test browser_ws_protocol_test -- --nocapture
cargo test --test service_ws_session_test -- --nocapture
cargo test --test service_task_flow_test -- --nocapture
cargo test --test task_runner_test -- --nocapture
```
If Task 2 chose the helper-page / relay design, also run the helper-page-specific backend tests you added for that path.
Manual verification after code changes:
1. start the real Release browser/runtime that exposes `ws://127.0.0.1:12345`
2. start `sg_claw` with real config
3. start `sg_claw_client`
4. submit:
- `打开知乎热榜获取前10条数据并导出 Excel`
5. confirm the Zhihu path uses the exact Release-browser interaction seam proven by Task 1
6. if Task 2 chose Option B, confirm the helper page / relay path is used only for the Zhihu integration seam
7. confirm non-Zhihu behavior is unchanged
8. confirm the task completes without:
- `timeout while waiting for browser message`
- `invalid browser status frame: Welcome! You are client #1`
- `invalid hmac seed: session key must not be empty`
- `Cannot drop a runtime in a context where blocking is not allowed`
---
## Expected outcome
After this slice:
- sgclaw still exposes the same pipe/service contract
- Zhihu hotlist execution uses the Release-browser websocket contract proven by Task 1
- non-Zhihu behavior remains unchanged
- old direct-ws Zhihu assumptions are no longer ambiguous in production/tests
- if Option A won, Zhihu uses a direct Release-browser backend
- if Option B won, Zhihu uses the minimal helper-page / relay seam justified by the probe evidence

322
docs/superpowers/plans/2026-04-04-zhihu-ws-submit-realignment.md Normal file
View File

@@ -0,0 +1,322 @@
# Zhihu WS Submit Realignment Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Realign Zhihu submit routes to the documented websocket callback model, removing helper-page bootstrap from the mainline while keeping the existing pipe/service contract unchanged.
**Architecture:** The change stays inside the existing submit-path backend selection and websocket protocol flow. Zhihu routes stop choosing `BrowserCallbackBackend` and instead use `WsBrowserBackend` when a real browser websocket is configured, preserving the existing pipe fallback in direct runtime when no websocket URL is available.
**Tech Stack:** Rust, tungstenite websocket client/server, serde_json, cargo test
---
## File Map
- Modify: `src/service/server.rs`
- Change only the Zhihu route-gated submit-path backend selection
- Remove Zhihu submit mainline use of `LiveBrowserCallbackHost` / `BrowserCallbackBackend`
- Keep service submit path on `WsBrowserBackend`
- Preserve initial request URL derivation for Zhihu routes
- Modify: `src/agent/mod.rs`
- Change only the Zhihu route-gated submit-path backend selection
- Remove Zhihu submit mainline use of `LiveBrowserCallbackHost` / `BrowserCallbackBackend`
- Keep direct runtime pipe fallback when browser websocket URL is absent
- Modify: `tests/agent_runtime_test.rs`
- Replace helper-page bootstrap regression with direct websocket submit regression
- Assert no `/sgclaw/browser-helper.html` bootstrap frames are emitted
- Assert real-page request ownership on follow-up Zhihu actions
- Modify: `src/browser/callback_host.rs`
- Remove or rewrite the now-wrong red test that preserves Option-B callback-host startup behavior
- Verify: `tests/browser_ws_backend_test.rs`
- Reuse existing websocket request-url behavior coverage; extend only if the new regression proves insufficient
- Reference: `docs/superpowers/specs/2026-04-04-zhihu-ws-submit-realignment-design.md`
### Task 1: Rewrite the stale submit regression around the real websocket mainline
**Files:**
- Modify: `tests/agent_runtime_test.rs:507-660`
- Test: `tests/agent_runtime_test.rs`
- [ ] **Step 1: Write the failing test**
Rename and rewrite the existing helper-page regression so it asserts the new behavior:
```rust
#[test]
fn production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap() {
// arrange runtime context and fake browser ws server
// submit Zhihu hotlist request
// assert ws frames never contain "/sgclaw/browser-helper.html"
// assert first action is navigate to https://www.zhihu.com/hot
// assert follow-up action uses real-page requesturl instead of helper page
}
```
Use the existing fake ws helpers in the file where possible. Do not add localhost callback-host HTTP plumbing to this rewritten test.
- [ ] **Step 2: Run test to verify it fails**
Run: `cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap --test agent_runtime_test -- --nocapture`
Expected: FAIL because current production code still routes Zhihu submit into `BrowserCallbackBackend` and emits helper-page bootstrap frames.
- [ ] **Step 3: Keep the regression focused**
Before touching production code, confirm the rewritten test checks only these behaviors:
```text
- no callback-host bootstrap frame
- no helper-page URL
- navigate frame still targets https://www.zhihu.com/hot
- follow-up websocket action uses real-page request ownership
```
Do not assert unrelated workflow details beyond what is needed to prove the route correction.
- [ ] **Step 4: Commit the red test**
```bash
git add tests/agent_runtime_test.rs
git commit -m "test: rewrite zhihu submit ws routing regression"
```
### Task 2: Switch service Zhihu submit routes off the callback-host backend
**Files:**
- Modify: `src/service/server.rs:287-328`
- Test: `tests/agent_runtime_test.rs`
- [ ] **Step 1: Write the minimal production change**
Replace only the Zhihu-route callback-host branch with direct websocket backend selection.
Minimal target shape:
```rust
fn browser_backend_for_submit(
browser_ws_url: &str,
mac_policy: &MacPolicy,
request: &SubmitTaskRequest,
) -> Result<Arc<dyn BrowserBackend>, PipeError> {
if should_use_callback_host_backend(request) {
return Ok(Arc::new(WsBrowserBackend::new(
Arc::new(ServiceWsClient::connect(browser_ws_url)?),
mac_policy.clone(),
initial_request_url_for_submit_task(request),
)));
}
Ok(Arc::new(WsBrowserBackend::new(
Arc::new(ServiceWsClient::connect(browser_ws_url)?),
mac_policy.clone(),
initial_request_url_for_submit_task(request),
)))
}
```
After the route-gated branch is removed, simplify further only if the branch becomes redundant without changing non-Zhihu behavior.
- [ ] **Step 2: Run the rewritten regression**
Run: `cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap --test agent_runtime_test -- --nocapture`
Expected: still FAIL or advance to a later assertion until the direct-runtime path is corrected too.
- [ ] **Step 3: Add or update a service-specific regression if needed**
If the rewritten `agent_runtime_test` does not exercise the service submit path directly, add one narrow service regression before continuing.
Target shape:
```rust
#[test]
fn service_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap() {
// fake browser ws
// submit Zhihu route through service path
// assert no helper bootstrap frame
}
```
Run the exact test you end up using:
`cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" service_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap --test <exact test file> -- --nocapture`
Expected: PASS
- [ ] **Step 4: Commit the service-path fix**
```bash
git add src/service/server.rs tests/agent_runtime_test.rs
git commit -m "fix: route zhihu submit through ws backend"
```
### Task 3: Switch direct runtime Zhihu submit routes off the callback-host backend while keeping pipe fallback
**Files:**
- Modify: `src/agent/mod.rs:49-100`
- Test: `tests/agent_runtime_test.rs`
- [ ] **Step 1: Write the minimal production change**
Remove callback-host backend selection from `browser_backend_for_submit(...)`.
Minimal target behavior:
```rust
if let Some(browser_ws_url) = configured_browser_ws_url(context) {
return Ok(Arc::new(WsBrowserBackend::new(
Arc::new(ServiceWsClient::connect(&browser_ws_url)?),
browser_tool.mac_policy().clone(),
initial_request_url_for_submit_task(request),
).with_response_timeout(browser_tool.response_timeout())));
}
Ok(Arc::new(PipeBrowserBackend::from_inner(browser_tool.clone())))
```
If `ServiceWsClient` is not reusable from `src/service/server.rs`, extract the smallest shared websocket client helper into the browser module instead of inventing a new abstraction.
- [ ] **Step 2: Add a focused fallback assertion only if needed**
If the rewritten regression does not cover the direct-runtime no-websocket case, add one small test:
```rust
#[test]
fn production_submit_task_keeps_pipe_fallback_when_browser_ws_url_is_unset() {
// no SGCLAW_BROWSER_WS_URL
// blank/no ws config
// assert no websocket bootstrap attempt occurs
}
```
Only add this test if current coverage is insufficient.
- [ ] **Step 3: Run tests to verify green**
Run: `cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap --test agent_runtime_test -- --nocapture`
Expected: PASS
If a fallback test was added, run it immediately after and expect PASS.
- [ ] **Step 4: Commit the direct-runtime fix**
```bash
git add src/agent/mod.rs tests/agent_runtime_test.rs
git commit -m "fix: align runtime zhihu submit with ws contract"
```
### Task 4: Reassess stale callback-host regression coverage only if it blocks the approved slice
**Files:**
- Maybe modify: `src/browser/callback_host.rs:793-810`
- Test: `src/browser/callback_host.rs`
- [ ] **Step 1: Check whether the callback-host red test still blocks the approved Option A slice**
Inspect whether this test still preserves rejected Option-B behavior and whether it fails or becomes misleading after Tasks 1-3:
```rust
#[test]
fn live_callback_host_starts_without_bootstrapping_external_helper_page() {
// inspect before editing
}
```
If the test is unrelated to the approved Zhihu mainline or remains harmless, leave it unchanged in this slice.
- [ ] **Step 2: Remove or rewrite only if required by the changed submit-path behavior**
If the test blocks the approved slice, make the smallest change needed:
- delete it if it exists only to preserve rejected Option B behavior, or
- rewrite it so it no longer asserts callback-host startup as the accepted Zhihu mainline
- [ ] **Step 3: Run focused callback-host tests only if Step 2 changed code**
Run: `cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" callback_host --lib -- --nocapture`
Expected: PASS
- [ ] **Step 4: Commit only if Step 2 changed code**
```bash
git add src/browser/callback_host.rs
git commit -m "test: clean up stale callback host regression"
```
### Task 5: Run the focused verification sweep
**Files:**
- Verify: `tests/agent_runtime_test.rs`
- Verify: `tests/compat_runtime_test.rs`
- Verify: any directly affected service/browser websocket tests
- [ ] **Step 1: Run submit-path regression coverage**
Run: `cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap --test agent_runtime_test -- --nocapture`
Expected: PASS
- [ ] **Step 2: Run websocket backend request-url coverage**
Run: `cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" ws_backend_reuses_last_navigated_url_for_followup_requests --test browser_ws_backend_test -- --nocapture`
Expected: PASS
- [ ] **Step 3: Run Zhihu compat runtime coverage**
Run: `cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" zhihu --test compat_runtime_test -- --nocapture`
Expected: PASS for the changed submit-path surface or clear, directly related failures only.
- [ ] **Step 4: Run affected service submit regression coverage**
Run the exact service-specific regression from Task 2 if you added one.
Otherwise, run the narrowest existing service submit test that covers `ClientMessage::SubmitTask` handling for browser routes.
Expected: PASS
- [ ] **Step 5: Commit the verified slice**
```bash
git add src/service/server.rs src/agent/mod.rs tests/agent_runtime_test.rs src/browser/callback_host.rs
git commit -m "fix: realign zhihu submit with browser ws callbacks"
```
### Task 6: Run stronger real-browser validation
**Files:**
- Verify live behavior through existing binaries and real config only
- [ ] **Step 1: Start the service with the real config**
Run: `cargo run --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sg_claw -- --config-path "D:/data/ideaSpace/rust/sgClaw/sgclaw_config.json"`
Expected: service starts without failing at callback-host readiness timeout.
- [ ] **Step 2: Run the client against the started service**
Run: `cargo run --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sg_claw_client`
Expected: for `打开知乎热榜获取前10条数据并导出 Excel`, the browser proceeds into real Zhihu page work instead of stalling before page open.
- [ ] **Step 3: Capture the narrow acceptance evidence**
Verify all of the following from logs/frames/observed behavior:
```text
- no callback-host readiness timeout
- no helper-page bootstrap frame
- at least one real-page follow-up browser action after navigate
```
- [ ] **Step 4: Commit only if live verification required code changes**
```bash
git add <only files changed during live-fix follow-up>
git commit -m "fix: tighten zhihu ws submit live validation follow-up"
```
If no further code changes were needed, do not create an extra commit.

406
docs/superpowers/plans/2026-04-06-service-chat-web-console-plan.md Normal file
View File

@@ -0,0 +1,406 @@
# Service Chat Web Console Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Add a standalone local HTML console that connects to the existing service websocket, submits natural-language tasks with the current `submit_task` payload, and leaves the browser-helper/runtime path untouched.
**Architecture:** The change stays fully at the presentation edge. A new self-contained HTML file under `frontend/service-console/` reuses the current websocket protocol from `src/service/protocol.rs`, while one narrow Rust integration test guards the page's protocol shape and forbids any reference to `browser-helper.html`, callback-host endpoints, or the browser websocket. No Rust runtime logic changes are part of this slice.
**Tech Stack:** HTML, CSS, vanilla JavaScript, Rust integration tests, std::fs, Cargo test
---
## File Map
- Create: `frontend/service-console/sg_claw_service_console.html`
- Standalone local page with inline CSS and JavaScript
- Connects to the existing service websocket at `ws://127.0.0.1:42321` by default
- Sends existing `ClientMessage::SubmitTask` JSON
- Renders inbound `ServiceMessage` rows only
- Create: `tests/service_console_html_test.rs`
- Source guard for the standalone page
- Verifies file location, allowed protocol usage, and forbidden helper/callback references
- Reference: `src/service/protocol.rs`
- Existing websocket message shape to mirror exactly
- Reference: `src/bin/sg_claw_client.rs`
- Existing terminal client behavior to mirror for `submit_task`
- Reference: `docs/superpowers/specs/2026-04-06-service-chat-web-console-design.md`
## Scope Guardrails
- Do not modify `src/service/server.rs`.
- Do not modify `src/browser/callback_host.rs`.
- Do not modify `src/browser/callback_backend.rs`.
- Do not modify `src/bin/sg_claw_client.rs`.
- Do not add an HTTP server.
- Do not connect the new page to `ws://127.0.0.1:12345`.
- Do not reference `/sgclaw/browser-helper.html` or `/sgclaw/callback/*` anywhere in the new page.
### Task 1: Add a failing source-guard test for the standalone page
**Files:**
- Create: `tests/service_console_html_test.rs`
- Reference: `docs/superpowers/specs/2026-04-06-service-chat-web-console-design.md`
- [ ] **Step 1: Write the failing test**
Create a focused integration test that resolves the HTML path from `CARGO_MANIFEST_DIR` and asserts the file contract.
```rust
use std::fs;
use std::path::PathBuf;
#[test]
fn service_console_html_stays_on_service_ws_boundary() {
let manifest_dir = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
let html_path = manifest_dir
.join("frontend")
.join("service-console")
.join("sg_claw_service_console.html");
let source = fs::read_to_string(&html_path)
.expect("service console html should exist");
assert!(source.contains("ws://127.0.0.1:42321"));
assert!(source.contains("submit_task"));
assert!(!source.contains("/sgclaw/browser-helper.html"));
assert!(!source.contains("/sgclaw/callback/ready"));
assert!(!source.contains("/sgclaw/callback/events"));
assert!(!source.contains("/sgclaw/callback/commands/next"));
assert!(!source.contains("/sgclaw/callback/commands/ack"));
assert!(!source.contains("ws://127.0.0.1:12345"));
}
```
- [ ] **Step 2: Run test to verify it fails**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" service_console_html_stays_on_service_ws_boundary --test service_console_html_test -- --exact
```
Expected: FAIL because the HTML file does not exist yet.
- [ ] **Step 3: Keep the test narrow**
Before writing production code, confirm the test guards only the approved boundary:
```text
- file exists at frontend/service-console/sg_claw_service_console.html
- service websocket default is present
- submit_task payload marker is present
- no helper-page path
- no callback-host endpoints
- no browser websocket URL
```
Do not turn this into an end-to-end browser test.
- [ ] **Step 4: Commit the red test**
```bash
git add tests/service_console_html_test.rs
git commit -m "test: add service console html boundary guard"
```
### Task 2: Implement the standalone HTML console with the approved boundary
**Files:**
- Create: `frontend/service-console/sg_claw_service_console.html`
- Reference: `src/service/protocol.rs:6`
- Reference: `src/bin/sg_claw_client.rs:16`
- Test: `tests/service_console_html_test.rs`
- [ ] **Step 1: Create the HTML file with the minimal structure**
Write one self-contained page with:
```html
<!doctype html>
<html lang="zh-CN">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>sgClaw Service Console</title>
</head>
<body>
<div id="app">
<input id="wsUrl" value="ws://127.0.0.1:42321" />
<button id="connectBtn">连接</button>
<div id="connectionState">未连接</div>
<div id="messageStream"></div>
<textarea id="instructionInput"></textarea>
<div id="validationText"></div>
<button id="sendBtn" disabled>发送任务</button>
</div>
</body>
</html>
```
Keep all CSS and JavaScript inline. Do not add external assets or a build step.
- [ ] **Step 2: Implement websocket connect/disconnect behavior**
Add the smallest possible JS behavior, including explicit disconnect on the same button so the UI
matches the approved connect/disconnect contract:
```javascript
let socket = null;
function appendRow(kind, text) {
// append a visible row to #messageStream
}
function updateUiState() {
const connected = socket && socket.readyState === WebSocket.OPEN;
document.getElementById('connectBtn').textContent = connected ? '断开' : '连接';
document.getElementById('sendBtn').disabled = !connected;
document.getElementById('connectionState').textContent = connected ? '已连接' : '未连接';
}
function connectOrDisconnectService() {
if (socket && socket.readyState === WebSocket.OPEN) {
socket.close();
return;
}
const url = document.getElementById('wsUrl').value.trim() || 'ws://127.0.0.1:42321';
socket = new WebSocket(url);
updateUiState();
socket.addEventListener('open', () => {
appendRow('status', 'service websocket connected');
updateUiState();
});
socket.addEventListener('close', () => {
appendRow('status', 'service websocket disconnected');
updateUiState();
});
socket.addEventListener('error', () => appendRow('error', 'service websocket error'));
socket.addEventListener('message', handleMessage);
}
```
Do not add retry loops or background reconnect logic.
- [ ] **Step 3: Implement submit_task sending with the current message shape**
Mirror the terminal client payload shape exactly and show inline validation for empty input:
```javascript
function setValidation(message) {
document.getElementById('validationText').textContent = message;
}
function sendTask() {
const instruction = document.getElementById('instructionInput').value.trim();
if (!socket || socket.readyState !== WebSocket.OPEN) {
return;
}
if (!instruction) {
setValidation('请输入任务内容。');
return;
}
setValidation('');
socket.send(JSON.stringify({
type: 'submit_task',
instruction,
conversation_id: '',
messages: [],
page_url: '',
page_title: ''
}));
}
```
Do not add new fields. Do not add conversation replay logic in this slice.
- [ ] **Step 4: Render existing inbound service messages only**
Handle the current `ServiceMessage` variants with a minimal dispatcher:
```javascript
function handleMessage(event) {
const message = JSON.parse(event.data);
switch (message.type) {
case 'status_changed':
appendRow('status', message.state);
break;
case 'log_entry':
appendRow('log', message.message);
break;
case 'task_complete':
appendRow(message.success ? 'complete' : 'error', message.summary);
break;
case 'busy':
appendRow('error', message.message);
break;
default:
appendRow('error', 'unknown service message: ' + event.data);
}
}
```
Keep the composer enabled during in-flight work so repeated submits surface the existing `busy` response instead of inventing a frontend queue.
- [ ] **Step 5: Keep the helper boundary explicit in the source**
Before running tests, inspect the HTML source and confirm:
```text
- no /sgclaw/browser-helper.html
- no /sgclaw/callback/*
- no ws://127.0.0.1:12345
- no browser websocket register frame logic
```
If any such string appears, remove it before testing.
- [ ] **Step 6: Run the source-guard test to verify green**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" service_console_html_stays_on_service_ws_boundary --test service_console_html_test -- --exact
```
Expected: PASS
- [ ] **Step 7: Commit the standalone page**
```bash
git add frontend/service-console/sg_claw_service_console.html tests/service_console_html_test.rs
git commit -m "feat: add standalone service chat console"
```
### Task 3: Run the focused verification sweep
**Files:**
- Verify: `tests/service_console_html_test.rs`
- Reference: `src/service/protocol.rs`
- Reference: `src/bin/sg_claw_client.rs`
- [ ] **Step 1: Re-run the source-guard test**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" service_console_html_stays_on_service_ws_boundary --test service_console_html_test -- --exact
```
Expected: PASS
- [ ] **Step 2: Manually inspect disconnected-send and validation markers in the HTML source**
Before broader verification, confirm the page source clearly contains all three UI-local rules:
```text
- connect button can disconnect an open websocket
- send button starts disabled while disconnected
- empty instruction shows inline validation text
```
This inspection stays source-level; do not add extra backend tests for it in this slice.
- [ ] **Step 3: Run an existing service protocol regression for safety**
Run the narrow existing protocol coverage to prove the page did not require backend changes:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" submit_task_client_message_converts_into_shared_runner_request --test service_ws_session_test -- --exact
```
Expected: PASS
- [ ] **Step 4: Run an existing terminal-client regression for safety**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" client_submits_first_user_line_to_service --test service_task_flow_test -- --exact
```
Expected: PASS
- [ ] **Step 5: Commit only if verification required any code change**
```bash
git add frontend/service-console/sg_claw_service_console.html tests/service_console_html_test.rs
git commit -m "test: tighten service console verification"
```
If verification required no code changes, do not create an extra commit.
### Task 4: Perform the manual smoke check
**Files:**
- Verify live behavior only; no new code required
- [ ] **Step 1: Start the existing service binary**
Run:
```bash
cargo run --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" --bin sg_claw -- --config-path "D:/data/ideaSpace/rust/sgClaw/sgclaw_config.json"
```
Expected: service starts and prints its ready line with the service websocket listen address.
- [ ] **Step 2: Open the standalone page directly**
Open:
```text
D:/data/ideaSpace/rust/sgClaw/claw-new/frontend/service-console/sg_claw_service_console.html
```
Expected: the page loads through the browser as a local file and shows the default websocket URL `ws://127.0.0.1:42321`.
- [ ] **Step 3: Connect, disconnect, and reconnect once**
Expected:
```text
- message stream shows websocket connected
- clicking the same button disconnects the websocket cleanly
- message stream shows websocket disconnected
- send button is disabled again while disconnected
- reconnect succeeds without reloading the page
```
- [ ] **Step 4: Submit one natural-language task**
Use a small harmless instruction such as:
```text
打开百度
```
Expected:
```text
- empty textarea send attempt first shows inline validation without sending a websocket frame
- page sends one submit_task payload after valid input
- page receives and renders status/log/task_complete or busy rows
```
- [ ] **Step 5: Confirm the helper boundary stayed untouched**
Verify from the page source and observed behavior:
```text
- the page never loads /sgclaw/browser-helper.html
- the page never calls /sgclaw/callback/*
- the page never connects to ws://127.0.0.1:12345
```
If the task itself triggers browser automation, that remains owned by the existing Rust runtime rather than by the page.
- [ ] **Step 6: Commit only if the manual pass required code changes**
```bash
git add frontend/service-console/sg_claw_service_console.html tests/service_console_html_test.rs
git commit -m "fix: tighten standalone service console smoke flow"
```
If the manual pass required no code changes, do not create an extra commit.

637
docs/superpowers/plans/2026-04-06-zhihu-hotlist-post-export-auto-open-plan.md Normal file
View File

@@ -0,0 +1,637 @@
# Zhihu Hotlist Post-Export Auto-Open Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Extend the existing Zhihu hotlist Excel and dashboard routes so each route can auto-open its own generated artifact after export, while preserving the current callback-host-backed browser boundary and route exclusivity.
**Architecture:** Keep orchestration in `src/compat/workflow_executor.rs`, but move post-export side effects into a new `src/compat/artifact_open.rs` helper so workflow routing stays readable. Excel auto-open is a local OS-launch side effect; dashboard auto-open reuses `screen_html_export`'s existing `presentation.url` and sends one narrow, marker-based `Action::Navigate` request through `BrowserCallbackBackend`, with a matching special-case validator in `MacPolicy` so arbitrary `file://` navigation remains blocked.
**Tech Stack:** Rust, serde_json, std::process::Command, std::path, Cargo tests
---
## File Map
- Create: `src/compat/artifact_open.rs`
- Define the narrow post-export helper surface for this slice only
- Parse and validate generated artifact payload fields passed in by the workflow layer
- Open generated `.xlsx` files with the local default app
- Build the exact approved local-dashboard navigate payload
- Keep one testable internal seam, `open_exported_xlsx_with(output_path, opener)`, so unit tests can prove the generated `.xlsx` path is handed to the launcher without starting a real spreadsheet app
- Include unit tests in the same file for exact Excel path handoff and launcher-failure reporting
- Modify: `src/compat/mod.rs`
- Export the new `artifact_open` module
- Modify: `src/compat/workflow_executor.rs`
- Keep route detection and artifact generation where they are now
- Change `export_xlsx(...)` and `export_screen(...)` so they parse tool payloads, call the route-specific opener, and produce the new success/failure summaries
- Modify: `src/browser/callback_backend.rs`
- Recognize only the approved local-dashboard navigate request shape at `Action::Navigate`
- Keep normal remote navigate behavior unchanged
- Continue emitting `sgBrowerserOpenPage` for the approved local-dashboard case so the helper page stays alive and the dashboard opens in a new visible tab
- Add focused callback-backend unit tests in the existing test module for approved and malformed local-dashboard requests
- Modify: `src/security/mac_policy.rs`
- Add a narrow validator for the approved local-dashboard presentation case
- Keep `validate(...)` unchanged for ordinary remote-domain flow
- Reject malformed marker payloads, non-HTML local paths, and mismatched `file://` / output-path combinations
- Modify: `tests/compat_runtime_test.rs`
- Keep the concrete hotlist workflow regressions in this existing integration test file
- Extend existing Zhihu hotlist export/screen regressions to assert the new summaries and the dashboard marker payload
- Keep the Excel route workflow assertion limited to summary plus “no dashboard navigate marker,” because exact launcher handoff is covered in `src/compat/artifact_open.rs` unit tests
- Modify: `tests/browser_tool_test.rs`
- Add `MacPolicy` coverage for approved local-dashboard presentation, rejected malformed presentation, and unchanged normal-domain validation in one exact file
- Extend the existing `default_rules_allow_zhihu_navigation` area with the new local-dashboard validation tests rather than creating a second policy test location
- Reference only if summary wording ripples outward: `tests/agent_runtime_test.rs:173-258`
- Existing direct-runtime user-visible summary assertion for Zhihu Excel export
- Reference only if summary wording ripples outward: `tests/service_task_flow_test.rs:704-839`
- Existing CLI-to-service user-visible summary assertion for Zhihu Excel export
- Reference only if summary wording ripples outward: `tests/service_ws_session_test.rs:755-869`
- Existing service-binary user-visible summary assertion for Zhihu Excel export
- Reference: `tests/compat_screen_html_export_tool_test.rs`
- Reuse the exact test seam `screen_html_export_tool_renders_dashboard_html_with_presentation_contract`
- Existing proof that `screen_html_export` already returns `presentation.url`
- Reference: `docs/superpowers/specs/2026-04-06-zhihu-hotlist-post-export-auto-open-design.md`
## Scope Guardrails
- Do not modify `frontend/service-console/sg_claw_service_console.html`.
- Do not modify `src/service/protocol.rs`.
- Do not modify `browser-helper.html`.
- Do not modify `/sgclaw/callback/*` endpoint contracts.
- Do not modify websocket protocol framing or `src/browser/ws_protocol.rs`.
- Do not turn Excel-open and dashboard-open into a combined mode.
- Do not add a general-purpose local file browser or generic `file://` allowlist.
- Do not move post-export decisions into the frontend service console.
- Do not require websocket-backend parity in this slice.
### Task 1: Add failing workflow tests for route-specific post-export actions
**Files:**
- Modify: `tests/compat_runtime_test.rs:2154-2304`
- Reference: `src/compat/workflow_executor.rs:375-446`
- Reference: `docs/superpowers/specs/2026-04-06-zhihu-hotlist-post-export-auto-open-design.md`
- [ ] **Step 1: Rewrite the Excel hotlist assertion as a red test for the new summary only**
Keep the current flow setup, but tighten the expectation so it proves the workflow route now reports post-export open success while staying exclusive from the dashboard path.
Target shape:
```rust
#[test]
fn handle_browser_message_chains_hotlist_skill_into_xlsx_export_and_auto_open() {
// existing setup
assert!(summary.contains("已导出并打开知乎热榜 Excel"));
assert!(generated.exists());
assert!(!sent.iter().any(|message| {
matches!(
message,
AgentMessage::Command { action, params, .. }
if action == &Action::Navigate
&& params.get("sgclaw_local_dashboard_open").is_some()
)
}));
}
```
Do not try to prove real OS launching in this workflow test. The exact `.xlsx` path handoff to the launcher belongs in `src/compat/artifact_open.rs` unit tests from Task 2.
- [ ] **Step 2: Rewrite the dashboard hotlist assertion as a red test for browser auto-open**
Tighten the existing dashboard test so it proves the workflow consumes `presentation.url` and emits the approved compat marker payload.
Target shape:
```rust
#[test]
fn handle_browser_message_chains_hotlist_skill_into_screen_export_and_auto_open() {
// existing setup
assert!(summary.contains("已在浏览器中打开知乎热榜大屏"));
let navigate = sent.iter().find_map(|message| match message {
AgentMessage::Command { action, params, security, .. }
if action == &Action::Navigate
&& security.expected_domain == "__sgclaw_local_dashboard__" => Some((params, security)),
_ => None,
}).expect("dashboard route should emit local-dashboard navigate request");
assert!(navigate.0["url"].as_str().unwrap().starts_with("file://"));
assert_eq!(navigate.0["sgclaw_local_dashboard_open"]["source"], json!("compat.workflow_executor"));
assert_eq!(navigate.0["sgclaw_local_dashboard_open"]["kind"], json!("zhihu_hotlist_screen"));
assert_eq!(navigate.0["sgclaw_local_dashboard_open"]["presentation_url"], navigate.0["url"]);
}
```
Also assert that this route still logs `call screen_html_export` and does not invoke the Excel opener path.
- [ ] **Step 3: Add a missing-`presentation.url` regression in the workflow test module if none exists**
Put this close to the existing hotlist tests and keep it narrow:
```rust
#[test]
fn handle_browser_message_reports_dashboard_auto_open_protocol_error_when_presentation_url_is_missing() {
// mock screen_html_export success payload with output_path but no presentation.url
// assert summary contains 已生成知乎热榜大屏 <path>,但浏览器自动打开失败:
}
```
Use the existing summary/path helpers in the file instead of inventing new parsing helpers.
- [ ] **Step 4: Run the focused compat runtime tests to verify they fail**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_chains_hotlist_skill_into_xlsx_export_and_auto_open --test compat_runtime_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_chains_hotlist_skill_into_screen_export_and_auto_open --test compat_runtime_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_reports_dashboard_auto_open_protocol_error_when_presentation_url_is_missing --test compat_runtime_test -- --exact
```
Expected: FAIL because the workflow still returns artifact-only summaries and has no post-export open handling.
- [ ] **Step 5: Commit the red workflow tests**
```bash
git add tests/compat_runtime_test.rs
git commit -m "test: add hotlist post-export auto-open regressions"
```
### Task 2: Implement the compat post-export opener and update workflow summaries
**Files:**
- Create: `src/compat/artifact_open.rs`
- Modify: `src/compat/mod.rs`
- Modify: `src/compat/workflow_executor.rs:375-446`
- Test: `src/compat/artifact_open.rs`
- Test: `tests/compat_runtime_test.rs`
- [ ] **Step 1: Add the red unit tests in `src/compat/artifact_open.rs` before writing production code**
Create the new module with a `#[cfg(test)]` block first so the Excel opener has an exact, non-UI verification seam.
Target tests:
```rust
#[test]
fn open_exported_xlsx_with_passes_generated_path_to_launcher() {
let mut seen = None;
let result = open_exported_xlsx_with(Path::new("C:/tmp/zhihu-hotlist.xlsx"), |path| {
seen = Some(path.to_path_buf());
Ok(())
});
assert!(matches!(result, PostExportOpen::Opened));
assert_eq!(seen.unwrap(), PathBuf::from("C:/tmp/zhihu-hotlist.xlsx"));
}
#[test]
fn open_exported_xlsx_with_reports_launcher_failure() {
let result = open_exported_xlsx_with(Path::new("C:/tmp/zhihu-hotlist.xlsx"), |_path| {
Err("launcher failed".to_string())
});
assert!(matches!(result, PostExportOpen::Failed(reason) if reason.contains("launcher failed")));
}
```
Add one matching dashboard payload test in the same file:
```rust
#[test]
fn open_local_dashboard_uses_exact_approved_marker_payload() {
// FakeBrowserBackend records invoke(action, params, expected_domain)
// assert expected_domain == "__sgclaw_local_dashboard__"
// assert params.url == params.sgclaw_local_dashboard_open.presentation_url
// assert source/kind/output_path all match the approved contract
}
```
This step is mandatory so the Excel route is proven to hand the generated path to the opener without launching a real application.
- [ ] **Step 2: Run the new unit tests to verify they fail**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" open_exported_xlsx_with_passes_generated_path_to_launcher --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" open_exported_xlsx_with_reports_launcher_failure --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" open_local_dashboard_uses_exact_approved_marker_payload --lib -- --exact
```
Expected: FAIL because `src/compat/artifact_open.rs` does not exist yet.
- [ ] **Step 3: Create the small compat opener module**
Add one focused helper module rather than embedding side effects directly into `workflow_executor.rs`.
Target shape:
```rust
pub const LOCAL_DASHBOARD_EXPECTED_DOMAIN: &str = "__sgclaw_local_dashboard__";
pub const LOCAL_DASHBOARD_SOURCE: &str = "compat.workflow_executor";
pub const LOCAL_DASHBOARD_KIND_ZHIHU_HOTLIST_SCREEN: &str = "zhihu_hotlist_screen";
pub enum PostExportOpen {
Opened,
Failed(String),
}
pub fn open_exported_xlsx(output_path: &Path) -> PostExportOpen {
open_exported_xlsx_with(output_path, launch_with_default_xlsx_app)
}
fn open_exported_xlsx_with<F>(output_path: &Path, opener: F) -> PostExportOpen
where
F: FnOnce(&Path) -> Result<(), String>,
{ /* test seam */ }
pub fn open_local_dashboard(
browser_backend: &dyn BrowserBackend,
output_path: &Path,
presentation_url: &str,
) -> PostExportOpen { /* invoke Action::Navigate with exact marker payload */ }
```
Keep the module tiny. The only dedicated test seam in this file should be `open_exported_xlsx_with(...)`; do not introduce a general launcher trait.
- [ ] **Step 4: Implement the Windows-first `.xlsx` opener minimally**
Use a focused local launcher that targets the current environment first.
Preferred target shape:
```rust
Command::new("cmd")
.args(["/C", "start", "", output_path_as_windows_string])
```
Requirements:
```text
- fail if the path does not exist
- do not swallow command-spawn errors
- do not open arbitrary user-selected files from outside this workflow
- keep cross-platform behavior minimal; only add a fallback branch if required to keep tests/build portable
```
If you need a non-Windows fallback for compilation, keep it obviously minimal and out of the hot path.
- [ ] **Step 5: Parse payloads in `workflow_executor.rs` and call the new helper**
Refactor `export_xlsx(...)` and `export_screen(...)` just enough to separate:
```text
- tool execution
- payload parsing
- route-specific post-export open
- summary formatting
```
Minimal target behavior:
```rust
match open_exported_xlsx(&output_path) {
PostExportOpen::Opened => format!("已导出并打开知乎热榜 Excel {output_path}"),
PostExportOpen::Failed(reason) => format!("已导出知乎热榜 Excel {output_path},但自动打开失败:{reason}"),
}
```
```rust
match open_local_dashboard(browser_backend, &output_path, &presentation_url) {
PostExportOpen::Opened => format!("已在浏览器中打开知乎热榜大屏 {output_path}"),
PostExportOpen::Failed(reason) => format!("已生成知乎热榜大屏 {output_path},但浏览器自动打开失败:{reason}"),
}
```
Change signatures only as much as needed to pass `browser_backend` into the dashboard route. Do not broaden unrelated call chains.
- [ ] **Step 6: Export the helper module**
Update `src/compat/mod.rs`:
```rust
pub mod artifact_open;
```
Do not reorder unrelated module exports unless rustfmt does it.
- [ ] **Step 7: Run the focused library and workflow regressions to verify green**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" open_exported_xlsx_with_passes_generated_path_to_launcher --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" open_exported_xlsx_with_reports_launcher_failure --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" open_local_dashboard_uses_exact_approved_marker_payload --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_chains_hotlist_skill_into_xlsx_export_and_auto_open --test compat_runtime_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_chains_hotlist_skill_into_screen_export_and_auto_open --test compat_runtime_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_reports_dashboard_auto_open_protocol_error_when_presentation_url_is_missing --test compat_runtime_test -- --exact
```
Expected: PASS for the new library tests and the workflow regressions, unless the dashboard-open path still fails at backend/policy validation.
- [ ] **Step 8: Commit the compat opener and workflow changes**
```bash
git add src/compat/artifact_open.rs src/compat/mod.rs src/compat/workflow_executor.rs tests/compat_runtime_test.rs
git commit -m "feat: auto-open zhihu hotlist export artifacts"
```
### Task 3: Add failing backend and security tests for the narrow local-dashboard allowance
**Files:**
- Modify: `src/browser/callback_backend.rs:536-840`
- Modify: `tests/browser_tool_test.rs` (`default_rules_allow_zhihu_navigation` section plus new local-dashboard validation tests)
- Reference: `src/security/mac_policy.rs:56-132`
- [ ] **Step 1: Add a red callback-backend acceptance test for the approved local-dashboard request shape**
Extend the existing `src/browser/callback_backend.rs` test module with one focused navigate test.
Target shape:
```rust
#[test]
fn callback_backend_accepts_approved_local_dashboard_navigate_request() {
let host = Arc::new(FakeCallbackHost::new(vec![success_reply(json!({ "navigated": true }))]));
let backend = BrowserCallbackBackend::new(
host.clone(),
test_policy(),
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
);
let output = backend.invoke(
Action::Navigate,
json!({
"url": "file:///C:/tmp/zhihu-hotlist-screen.html",
"sgclaw_local_dashboard_open": {
"source": "compat.workflow_executor",
"kind": "zhihu_hotlist_screen",
"output_path": "C:/tmp/zhihu-hotlist-screen.html",
"presentation_url": "file:///C:/tmp/zhihu-hotlist-screen.html"
}
}),
"__sgclaw_local_dashboard__",
);
assert!(output.unwrap().success);
assert_eq!(host.requests()[0].command, json!([
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
"sgBrowerserOpenPage",
"file:///C:/tmp/zhihu-hotlist-screen.html"
]));
}
```
Do not weaken any existing normal-domain tests.
- [ ] **Step 2: Add red rejection tests in exact files**
Put malformed-request rejection in `src/browser/callback_backend.rs` next to the acceptance test:
```rust
#[test]
fn callback_backend_rejects_local_dashboard_navigate_without_required_marker_fields() {}
```
Put policy-only validation in `tests/browser_tool_test.rs` so all public `MacPolicy` assertions stay in one place:
```rust
#[test]
fn mac_policy_rejects_non_html_local_dashboard_presentation() {}
#[test]
fn default_rules_allow_zhihu_navigation() {
let policy = MacPolicy::load_from_path(...).unwrap();
policy.validate(&Action::Navigate, "www.zhihu.com").unwrap();
}
```
Do not create a second `MacPolicy` regression location.
- [ ] **Step 3: Run the focused backend/policy tests to verify red**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" callback_backend_accepts_approved_local_dashboard_navigate_request --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" callback_backend_rejects_local_dashboard_navigate_without_required_marker_fields --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" mac_policy_rejects_non_html_local_dashboard_presentation --test browser_tool_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" default_rules_allow_zhihu_navigation --test browser_tool_test -- --exact
```
Expected: the new local-dashboard tests FAIL; `default_rules_allow_zhihu_navigation` should still PASS.
- [ ] **Step 4: Commit the red backend/security tests**
```bash
git add src/browser/callback_backend.rs tests/browser_tool_test.rs
git commit -m "test: lock local dashboard navigate boundary"
```
### Task 4: Implement the narrow callback-backend and MacPolicy allowance
**Files:**
- Modify: `src/browser/callback_backend.rs:300-351`
- Modify: `src/security/mac_policy.rs:56-132`
- Maybe modify: `src/security/mod.rs:9-27`
- Test: `src/browser/callback_backend.rs:536-840`
- Test: `tests/browser_tool_test.rs` (`default_rules_allow_zhihu_navigation` section plus new local-dashboard validation tests)
- [ ] **Step 1: Add a narrow local-dashboard validation helper in `MacPolicy`**
Keep `validate(...)` unchanged for ordinary domain flow. Add one small explicit helper instead.
Target shape:
```rust
pub fn validate_local_dashboard_presentation(
&self,
action: &Action,
expected_domain: &str,
presentation_url: &str,
output_path: &str,
) -> Result<(), SecurityError> {
// require Action::Navigate
// require expected_domain == "__sgclaw_local_dashboard__"
// require file:// URL
// require .html path
// require normalized file URL path matches output_path
}
```
If you need a new `SecurityError` variant for malformed local-dashboard input, add the smallest one that keeps error text clear.
- [ ] **Step 2: Recognize only the exact approved request shape in `BrowserCallbackBackend::invoke(...)`**
Before the normal `self.mac_policy.validate(&action, expected_domain)?` path runs, detect the one approved special case.
Minimal target behavior:
```rust
if let Some(local_dashboard) = approved_local_dashboard_request(&action, &params, expected_domain) {
self.mac_policy.validate_local_dashboard_presentation(
&action,
expected_domain,
&local_dashboard.presentation_url,
&local_dashboard.output_path,
)?;
} else {
self.mac_policy.validate(&action, expected_domain)?;
}
```
The helper should require all of these fields exactly:
```text
- action == Action::Navigate
- expected_domain == "__sgclaw_local_dashboard__"
- params.url exists
- params.sgclaw_local_dashboard_open.source == "compat.workflow_executor"
- params.sgclaw_local_dashboard_open.kind == "zhihu_hotlist_screen"
- params.sgclaw_local_dashboard_open.output_path exists
- params.sgclaw_local_dashboard_open.presentation_url exists and equals params.url
```
Anything else must continue down the normal rejection path.
- [ ] **Step 3: Keep `build_command(Action::Navigate, ...)` simple**
Do not add a second browser opcode or change the callback-host runtime contract. The approved local-dashboard case should still flow into the existing navigate command builder so the emitted command stays:
```rust
json!([
self.helper_page_url,
"sgBrowerserOpenPage",
target_url,
])
```
- [ ] **Step 4: Run the focused backend/security tests to verify green**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" callback_backend_accepts_approved_local_dashboard_navigate_request --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" callback_backend_rejects_local_dashboard_navigate_without_required_marker_fields --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" mac_policy_rejects_non_html_local_dashboard_presentation --test browser_tool_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" default_rules_allow_zhihu_navigation --test browser_tool_test -- --exact
```
Expected: PASS
- [ ] **Step 5: Re-run the dashboard workflow regression after backend validation lands**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_chains_hotlist_skill_into_screen_export_and_auto_open --test compat_runtime_test -- --exact
```
Expected: PASS
- [ ] **Step 6: Commit the backend/security implementation**
```bash
git add src/browser/callback_backend.rs src/security/mac_policy.rs src/security/mod.rs tests/browser_tool_test.rs tests/compat_runtime_test.rs
git commit -m "fix: allow approved local dashboard auto-open"
```
If `src/security/mod.rs` did not change, omit it from the commit.
### Task 5: Run the focused verification sweep
**Files:**
- Verify: `src/compat/artifact_open.rs`
- Verify: `tests/compat_runtime_test.rs`
- Verify: `tests/compat_screen_html_export_tool_test.rs`
- Verify: `tests/browser_tool_test.rs`
- Verify: `src/browser/callback_backend.rs` test module
- Reference only if summary wording ripples outward: `tests/agent_runtime_test.rs:173-258`
- Reference only if summary wording ripples outward: `tests/service_task_flow_test.rs:704-839`
- Reference only if summary wording ripples outward: `tests/service_ws_session_test.rs:755-869`
- [ ] **Step 1: Re-run the library and workflow regressions**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" open_exported_xlsx_with_passes_generated_path_to_launcher --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" open_exported_xlsx_with_reports_launcher_failure --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" open_local_dashboard_uses_exact_approved_marker_payload --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_chains_hotlist_skill_into_xlsx_export_and_auto_open --test compat_runtime_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_chains_hotlist_skill_into_screen_export_and_auto_open --test compat_runtime_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" handle_browser_message_reports_dashboard_auto_open_protocol_error_when_presentation_url_is_missing --test compat_runtime_test -- --exact
```
Expected: PASS
- [ ] **Step 2: Re-run the tool contract regression that the dashboard route depends on**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" screen_html_export_tool_renders_dashboard_html_with_presentation_contract --test compat_screen_html_export_tool_test -- --exact
```
Expected: PASS
- [ ] **Step 3: Re-run the callback-backend and policy boundary tests**
Run:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" callback_backend_accepts_approved_local_dashboard_navigate_request --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" callback_backend_rejects_local_dashboard_navigate_without_required_marker_fields --lib -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" mac_policy_rejects_non_html_local_dashboard_presentation --test browser_tool_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" default_rules_allow_zhihu_navigation --test browser_tool_test -- --exact
```
Expected: PASS
- [ ] **Step 4: Re-run outward-facing summary regressions only if needed**
Only if the updated summary text breaks existing assertions, run exactly these existing regressions and adjust only the affected expectation text:
```bash
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap --test agent_runtime_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" client_to_service_regression_routes_zhihu_without_helper_bootstrap_or_invalid_hmac_seed_output --test service_task_flow_test -- --exact
cargo test --manifest-path "D:/data/ideaSpace/rust/sgClaw/claw-new/Cargo.toml" service_binary_submit_flow_routes_zhihu_without_helper_bootstrap --test service_ws_session_test -- --exact
```
Expected: PASS for any test you had to touch. Skip this step entirely if those files needed no edits.
- [ ] **Step 5: Inspect scope before finishing with exact git commands**
Run:
```bash
git diff --name-only -- src/compat/artifact_open.rs src/compat/mod.rs src/compat/workflow_executor.rs src/browser/callback_backend.rs src/security/mac_policy.rs src/security/mod.rs tests/compat_runtime_test.rs tests/browser_tool_test.rs tests/agent_runtime_test.rs tests/service_task_flow_test.rs tests/service_ws_session_test.rs
git diff --stat -- src/compat/artifact_open.rs src/compat/mod.rs src/compat/workflow_executor.rs src/browser/callback_backend.rs src/security/mac_policy.rs src/security/mod.rs tests/compat_runtime_test.rs tests/browser_tool_test.rs tests/agent_runtime_test.rs tests/service_task_flow_test.rs tests/service_ws_session_test.rs
```
Confirm the diff only touches:
```text
- compat workflow/orchestration
- compat post-export helper module
- callback backend narrow local-dashboard acceptance
- MacPolicy narrow local-dashboard validation
- focused related tests
```
Confirm it does **not** touch:
```text
- frontend/service-console/
- src/service/protocol.rs
- browser-helper.html
- callback-host endpoint contracts
- websocket transport/protocol files
```
- [ ] **Step 6: Commit only if verification required additional code changes**
```bash
git add src/compat/artifact_open.rs src/compat/mod.rs src/compat/workflow_executor.rs src/browser/callback_backend.rs src/security/mac_policy.rs tests/compat_runtime_test.rs tests/browser_tool_test.rs tests/agent_runtime_test.rs tests/service_task_flow_test.rs tests/service_ws_session_test.rs
git commit -m "test: tighten hotlist post-export auto-open verification"
```
If verification required no further code changes, do not create an extra commit.

666
docs/superpowers/plans/2026-04-09-ws-branch-scene-cleanup-plan.md Normal file
View File

@@ -0,0 +1,666 @@
# WS Branch Scene Cleanup Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Strip `feature/claw-ws` back to websocket plus Zhihu execution only by removing staged scene-skill routing, `skill_staging`-aware loading, and array-style `skillsDir` config behavior from this branch.
**Architecture:** Treat `feature/claw-ws` as a transport-focused branch, not a business-scene branch. Keep the browser websocket/callback submit path and the existing Zhihu direct workflows, but delete the fault-details / `95598` scene registry, scene-specific prompt injection, staged scene directory expansion, and scene-only docs/tests so the branch stays small and merges cleanly after the real scene implementation lands on `main`.
**Tech Stack:** Rust 2021, existing sgClaw compat/runtime/orchestration stack, websocket browser backend, callback-host service path, existing `cargo test` suite.
---
## Preconditions
- Execute this plan **only after** `main` already contains the desired clean scene-skill implementation.
- Run it on `feature/claw-ws`, not on `main`.
- Keep websocket and Zhihu behavior intact; this plan is cleanup, not a redesign.
- Keep `docs/_tmp_sgbrowser_ws_api_doc.txt`; it remains the browser integration contract for this branch.
## Scope Guardrails
- Do **not** change the working Zhihu websocket flow in `tests/agent_runtime_test.rs`.
- Do **not** remove `src/browser/ws_backend.rs`, `src/service/server.rs`, or Zhihu routes from `src/compat/workflow_executor.rs`.
- Do **not** add a replacement scene abstraction on this branch.
- Do **not** keep partial scene plumbing “for future use”; delete it completely if it is scene-only.
- Do **not** keep array-style `skillsDir` tests or docs on this branch once the single-path cleanup is complete.
---
## File Map
### Delete
- `src/runtime/scene_registry.rs`
- staged scene registry, hard-coded `skill_staging` scene root, scene matching helpers
- `tests/scene_registry_test.rs`
- scene-registry-specific coverage that should disappear with the feature
- `docs/superpowers/specs/2026-04-06-scene-skill-runtime-routing-design.md`
- scene-routing design doc that no longer belongs on the ws-only branch
- `docs/superpowers/plans/2026-04-06-scene-skill-runtime-routing-plan.md`
- scene-routing implementation plan that no longer belongs on the ws-only branch
### Modify
- `src/runtime/mod.rs`
- stop exporting deleted scene registry APIs
- `src/runtime/engine.rs`
- remove scene-contract prompt injection and staged scene skill loading
- `src/compat/workflow_executor.rs`
- remove `FaultDetailsReport` route detection/execution while keeping Zhihu routes
- `src/compat/orchestration.rs`
- keep direct Zhihu orchestration only; remove scene-driven primary routing triggers
- `src/config/settings.rs`
- collapse `skillsDir` config handling back to single-path semantics
- `src/compat/config_adapter.rs`
- remove scene-specific skills-dir helpers and keep one resolved skills dir
- `src/compat/runtime.rs`
- stop carrying scene-expanded skills dirs through compat runtime
- `src/agent/task_runner.rs`
- update runtime logging and runtime calls to the single skills-dir contract
- `tests/compat_runtime_test.rs`
- remove fault-details / `95598` assertions and keep Zhihu/direct-route coverage
- `tests/runtime_profile_test.rs`
- remove `95598` scene-contract expectations and keep normal browser-profile coverage
- `tests/compat_config_test.rs`
- remove scene-dir / array-config coverage and add single-path cleanup coverage
- `tests/agent_runtime_test.rs`
- only extend if one extra Zhihu keep-path regression is needed after the config cleanup
### Keep As-Is Unless A Signature Change Forces A Tiny Edit
- `src/browser/ws_backend.rs`
- `src/browser/callback_backend.rs`
- `src/browser/callback_host.rs`
- `src/service/server.rs`
- `src/agent/mod.rs`
- `tests/browser_ws_backend_test.rs`
- `tests/service_ws_session_test.rs`
- `tests/task_runner_test.rs`
---
### Task 1: Lock The Cleanup Contract In Failing Tests
**Files:**
- Modify: `tests/compat_runtime_test.rs`
- Modify: `tests/runtime_profile_test.rs`
- Modify: `tests/compat_config_test.rs`
- Reuse: `tests/agent_runtime_test.rs`
- [ ] **Step 1: Add the first failing route-removal test**
In `tests/compat_runtime_test.rs`, add a focused assertion proving the ws branch no longer recognizes the fault-details scene as a direct route:
```rust
#[test]
fn ws_cleanup_no_longer_detects_fault_details_scene_route() {
use sgclaw::compat::workflow_executor::detect_route;
assert_eq!(
detect_route(
"导出故障明细",
Some("https://example.invalid/workbench"),
Some("业务台账"),
),
None,
);
}
```
- [ ] **Step 2: Run the focused route test and verify it fails**
Run:
```bash
cargo test --test compat_runtime_test ws_cleanup_no_longer_detects_fault_details_scene_route -- --nocapture
```
Expected: FAIL because `FaultDetailsReport` is still detected today.
- [ ] **Step 3: Add the second failing orchestration-gate test**
In `tests/compat_runtime_test.rs`, add one focused assertion proving scene keywords no longer open the primary direct-orchestration path:
```rust
#[test]
fn ws_cleanup_scene_keywords_do_not_trigger_primary_orchestration() {
assert!(!sgclaw::compat::orchestration::should_use_primary_orchestration(
"请处理95598抢修市指监测",
Some("https://95598.example.invalid/dispatch"),
Some("95598抢修市指监测"),
));
}
```
- [ ] **Step 4: Run the orchestration-gate test and verify it fails**
Run:
```bash
cargo test --test compat_runtime_test ws_cleanup_scene_keywords_do_not_trigger_primary_orchestration -- --nocapture
```
Expected: FAIL because the scene matcher still feeds primary orchestration today.
- [ ] **Step 5: Add the third failing runtime-instruction test**
In `tests/runtime_profile_test.rs`, add a focused negative assertion proving browser-attached turns no longer receive the `95598` scene execution contract:
```rust
#[test]
fn ws_cleanup_browser_profile_does_not_inject_95598_scene_contract() {
let engine = RuntimeEngine::new(RuntimeProfile::BrowserAttached);
let instruction = engine.build_instruction(
"请处理95598-repair-city-dispatch场景查看抢修市指派单并汇总当前队列",
Some("https://95598.example.invalid/dispatch"),
Some("95598抢修市指监测"),
true,
);
assert!(!instruction.contains("95598-repair-city-dispatch.collect_repair_orders"));
}
```
- [ ] **Step 6: Run the runtime-profile test and verify it fails**
Run:
```bash
cargo test --test runtime_profile_test ws_cleanup_browser_profile_does_not_inject_95598_scene_contract -- --nocapture
```
Expected: FAIL because `src/runtime/engine.rs` still injects the scene contract today.
- [ ] **Step 7: Add the fourth failing config-shape test**
In `tests/compat_config_test.rs`, add one focused assertion proving ws cleanup goes back to a single configured skills path and no longer accepts array-style `skillsDir` JSON:
```rust
#[test]
fn ws_cleanup_rejects_array_style_skills_dir_config() {
let root = std::env::temp_dir().join(format!("sgclaw-config-{}", uuid::Uuid::new_v4()));
std::fs::create_dir_all(&root).unwrap();
let config_path = root.join("sgclaw_config.json");
std::fs::write(
&config_path,
r#"{
"apiKey": "sk-test",
"baseUrl": "https://api.deepseek.com",
"model": "deepseek-chat",
"skillsDir": ["skill_lib", "skill_staging"]
}"#,
)
.unwrap();
assert!(sgclaw::config::SgClawSettings::load(Some(config_path.as_path())).is_err());
}
```
- [ ] **Step 8: Run the config-shape test and verify it fails**
Run:
```bash
cargo test --test compat_config_test ws_cleanup_rejects_array_style_skills_dir_config -- --nocapture
```
Expected: FAIL because the current parser still accepts string-or-array `skillsDir` input.
- [ ] **Step 9: Re-run the existing Zhihu keep-path test as a safety baseline**
Run:
```bash
cargo test --test agent_runtime_test production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap -- --nocapture
```
Expected: PASS, proving the behavior we want to keep is already covered before deletion starts.
---
### Task 2: Remove Scene Registry, Scene Prompt Injection, And Fault-Details Routing
**Files:**
- Delete: `src/runtime/scene_registry.rs`
- Modify: `src/runtime/mod.rs`
- Modify: `src/runtime/engine.rs`
- Modify: `src/compat/workflow_executor.rs`
- Modify: `src/compat/orchestration.rs`
- Modify: `tests/compat_runtime_test.rs`
- Modify: `tests/runtime_profile_test.rs`
- Delete: `tests/scene_registry_test.rs`
- [ ] **Step 1: Remove the runtime scene module export surface**
Update `src/runtime/mod.rs` so it no longer declares or re-exports scene registry items.
Target shape:
```rust
mod engine;
mod profile;
mod tool_policy;
pub use engine::{
is_zhihu_hotlist_task,
is_zhihu_write_task,
task_requests_zhihu_article_publish,
RuntimeEngine,
};
pub use profile::RuntimeProfile;
pub use tool_policy::ToolPolicy;
```
- [ ] **Step 2: Delete `src/runtime/scene_registry.rs`**
Remove the file entirely. Do not leave a stub module or comments about future scene support.
- [ ] **Step 3: Remove scene-aware prompt injection from `src/runtime/engine.rs`**
Delete:
- the `resolve_scene_skills_dir_path` import
- the `DispatchMode` / `match_scene_instruction` imports
- `REPAIR_CITY_DISPATCH_EXECUTION_PROMPT`
- `build_scene_execution_contract(...)`
- the `if let Some(scene_contract) = ...` block inside `RuntimeEngine::build_instruction(...)`
- staged scene directory loading inside `load_runtime_skills(...)`
The resulting instruction assembly should keep:
- browser tool contract
- Zhihu hotlist/export prompts
- Zhihu publish guard
- page context
Do **not** change Zhihu prompt text.
- [ ] **Step 4: Remove the fault-details route from `src/compat/workflow_executor.rs`**
Shrink `WorkflowRoute` back to Zhihu-only variants:
```rust
pub enum WorkflowRoute {
ZhihuHotlistExportXlsx,
ZhihuHotlistScreen,
ZhihuArticleEntry,
ZhihuArticleDraft,
ZhihuArticlePublish,
ZhihuArticleAutoPublishGenerated,
}
```
Delete:
- `FAULT_DETAILS_SCENE_ID`
- the scene check at the top of `detect_route(...)`
- `WorkflowRoute::FaultDetailsReport`
- `execute_fault_details_route(...)`
- any scene-only helpers used only by that path
Keep the Zhihu route order unchanged.
- [ ] **Step 5: Simplify `src/compat/orchestration.rs` to Zhihu-only direct routing**
After the fault-details route is gone, keep `should_use_primary_orchestration(...)` and the two execute functions focused on:
- Zhihu direct routes detected by `detect_route(...)`
- existing Zhihu export/dashboard fallback behavior
Do not add new conditions.
- [ ] **Step 6: Remove scene-only tests and replace them with cleanup assertions**
In `tests/compat_runtime_test.rs` and `tests/runtime_profile_test.rs`:
- delete `fault-details` assertions that require the old route to exist
- delete `95598` scene-contract assertions that require the old prompt injection to exist
- keep the new negative cleanup tests from Task 1
- keep the existing Zhihu assertions intact
Delete `tests/scene_registry_test.rs` completely.
- [ ] **Step 7: Run the focused cleanup tests**
Run:
```bash
cargo test --test compat_runtime_test ws_cleanup_no_longer_detects_fault_details_scene_route -- --nocapture && cargo test --test compat_runtime_test ws_cleanup_scene_keywords_do_not_trigger_primary_orchestration -- --nocapture && cargo test --test runtime_profile_test ws_cleanup_browser_profile_does_not_inject_95598_scene_contract -- --nocapture
```
Expected: PASS.
- [ ] **Step 8: Re-run the focused Zhihu runtime tests**
Run:
```bash
cargo test --test compat_runtime_test zhihu_ -- --nocapture
```
Expected: PASS, proving the Zhihu direct routes still work after the scene deletion.
- [ ] **Step 9: Commit Task 2**
```bash
git add src/runtime/mod.rs src/runtime/engine.rs src/compat/workflow_executor.rs src/compat/orchestration.rs tests/compat_runtime_test.rs tests/runtime_profile_test.rs
git rm src/runtime/scene_registry.rs tests/scene_registry_test.rs
git commit -m "refactor: remove scene routing from ws branch"
```
---
### Task 3: Collapse `skillsDir` Back To Single-Path Semantics
**Files:**
- Modify: `src/config/settings.rs`
- Modify: `src/compat/config_adapter.rs`
- Modify: `src/compat/runtime.rs`
- Modify: `src/agent/task_runner.rs`
- Modify if needed: `tests/agent_runtime_test.rs`
- Modify: `tests/compat_config_test.rs`
- [ ] **Step 1: Change config parsing to a single configured skills path**
In `src/config/settings.rs`, replace the string-or-array parser with a single optional string field.
Target shape:
```rust
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct DeepSeekSettings {
pub api_key: String,
pub base_url: String,
pub model: String,
pub skills_dir: Option<PathBuf>,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct SgClawSettings {
// ...
pub skills_dir: Option<PathBuf>,
// ...
}
```
And in `RawSgClawSettings`:
```rust
#[serde(rename = "skillsDir", alias = "skills_dir", default)]
skills_dir: Option<String>,
```
Delete `deserialize_skills_dirs(...)` entirely.
- [ ] **Step 2: Keep relative-path resolution, but only for one path**
Replace `resolve_configured_skills_dirs(...) -> Vec<PathBuf>` with a single-path helper such as:
```rust
fn resolve_configured_skills_dir(raw: Option<String>, config_dir: &Path) -> Option<PathBuf> {
raw.map(|value| value.trim().to_string())
.filter(|value| !value.is_empty())
.map(PathBuf::from)
.map(|path| if path.is_absolute() { path } else { config_dir.join(path) })
}
```
- [ ] **Step 3: Collapse compat config adapter back to one resolved skills dir**
In `src/compat/config_adapter.rs`:
- keep `zeroclaw_default_skills_dir(...)`
- change `resolve_skills_dir(...)` and `resolve_skills_dir_from_sgclaw_settings(...)` to return a single `PathBuf`
- delete `resolve_scene_skills_dir_from_sgclaw_settings(...)`
- delete `resolve_scene_skills_dir_path(...)`
- delete any helper branches that append `skill_staging/skills`
Recommended shape:
```rust
pub fn resolve_skills_dir_from_sgclaw_settings(
workspace_root: &Path,
settings: &SgClawSettings,
) -> PathBuf {
settings
.skills_dir
.as_ref()
.map(|dir| normalize_configured_skills_dir(dir))
.unwrap_or_else(|| zeroclaw_default_skills_dir(workspace_root))
}
```
- [ ] **Step 4: Update runtime callers to the single-path contract**
In `src/compat/runtime.rs` and `src/agent/task_runner.rs`:
- stop passing vectors of skills dirs around
- update logging from `skills dirs resolved to [...]` to a single-path message such as `skills dir resolved to ...`
- keep the rest of the runtime behavior unchanged
In `src/runtime/engine.rs`, if the method still needs a collection internally, convert the one path at the call site instead of preserving public multi-root plumbing.
- [ ] **Step 5: Replace config tests with single-path cleanup coverage**
In `tests/compat_config_test.rs`:
- keep single-string `skillsDir` resolution tests
- remove `resolve_scene_skills_dir_path_*` coverage
- remove array-acceptance expectations
- keep the new rejecting-array test from Task 1
Add one focused positive test like:
```rust
#[test]
fn ws_cleanup_resolves_single_configured_skills_dir() {
let root = std::env::temp_dir().join(format!("sgclaw-skills-{}", uuid::Uuid::new_v4()));
std::fs::create_dir_all(root.join("skill_lib/skills")).unwrap();
let settings = DeepSeekSettings {
api_key: "key".to_string(),
base_url: "https://api.deepseek.com".to_string(),
model: "deepseek-chat".to_string(),
skills_dir: Some(root.join("skill_lib")),
};
assert_eq!(
resolve_skills_dir(&root, &settings),
root.join("skill_lib/skills"),
);
}
```
- [ ] **Step 6: Run the focused config tests**
Run:
```bash
cargo test --test compat_config_test ws_cleanup_ -- --nocapture
```
Expected: PASS.
- [ ] **Step 7: Re-run the Zhihu websocket keep-path test**
Run:
```bash
cargo test --test agent_runtime_test production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap -- --nocapture
```
Expected: PASS.
- [ ] **Step 8: Commit Task 3**
```bash
git add src/config/settings.rs src/compat/config_adapter.rs src/compat/runtime.rs src/agent/task_runner.rs tests/compat_config_test.rs tests/agent_runtime_test.rs
git commit -m "refactor: restore single skills dir on ws branch"
```
---
### Task 4: Remove Scene-Only Docs And Residual Test References
**Files:**
- Delete: `docs/superpowers/specs/2026-04-06-scene-skill-runtime-routing-design.md`
- Delete: `docs/superpowers/plans/2026-04-06-scene-skill-runtime-routing-plan.md`
- Modify: `tests/compat_runtime_test.rs`
- Modify: `tests/runtime_profile_test.rs`
- Modify: `tests/compat_config_test.rs`
- [ ] **Step 1: Delete the two scene-only planning documents**
Remove exactly these files:
- `docs/superpowers/specs/2026-04-06-scene-skill-runtime-routing-design.md`
- `docs/superpowers/plans/2026-04-06-scene-skill-runtime-routing-plan.md`
Keep the websocket/browser docs and Zhihu docs.
- [ ] **Step 2: Sweep remaining tests for scene-only names**
Remove or rewrite any remaining test blocks that still require:
- `fault-details-report`
- `95598-repair-city-dispatch`
- `resolve_scene_skills_dir_path`
- `resolve_scene_skills_dir_from_sgclaw_settings`
- `scene_registry`
Do not delete Zhihu-related assertions during this sweep.
- [ ] **Step 3: Run a focused grep-style audit from the shell**
Run:
```bash
git grep -n "fault-details-report\|95598-repair-city-dispatch\|resolve_scene_skills_dir_path\|resolve_scene_skills_dir_from_sgclaw_settings\|scene_registry" -- src tests docs
```
Expected: no matches in `src/` or `tests/`; doc matches should be gone after the deletions.
- [ ] **Step 4: Commit Task 4**
```bash
git add tests/compat_runtime_test.rs tests/runtime_profile_test.rs tests/compat_config_test.rs
git rm docs/superpowers/specs/2026-04-06-scene-skill-runtime-routing-design.md docs/superpowers/plans/2026-04-06-scene-skill-runtime-routing-plan.md
git commit -m "docs: remove ws-only scene planning artifacts"
```
---
### Task 5: Verify The Branch Is Back To WS Plus Zhihu Only
**Files:**
- Verify only unless a failing test proves one tiny follow-up fix is needed
- [ ] **Step 1: Run the retained Zhihu websocket regression**
Run:
```bash
cargo test --test agent_runtime_test production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap -- --nocapture
```
Expected: PASS.
- [ ] **Step 2: Run websocket/backend focused coverage**
Run:
```bash
cargo test --test browser_ws_backend_test -- --nocapture && cargo test --test service_ws_session_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 3: Run direct-route/runtime Zhihu coverage**
Run:
```bash
cargo test --test compat_runtime_test zhihu_ -- --nocapture && cargo test --test task_runner_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 4: Run config/runtime verification after the single-dir cleanup**
Run:
```bash
cargo test --test compat_config_test -- --nocapture && cargo test --test runtime_profile_test -- --nocapture
```
Expected: PASS.
- [ ] **Step 5: Build the affected binaries**
Run:
```bash
cargo build --bin sgclaw --bin sg_claw --bin sg_claw_client
```
Expected: PASS.
- [ ] **Step 6: Audit the remaining branch diff against `main`**
Run:
```bash
git diff --stat main...HEAD
```
Expected: the remaining meaningful differences are websocket/browser transport work and Zhihu-related behavior, not scene-routing or staged-scene config churn.
- [ ] **Step 7: Commit the final verification pass**
```bash
git add src/config/settings.rs src/compat/config_adapter.rs src/compat/runtime.rs src/compat/workflow_executor.rs src/compat/orchestration.rs src/runtime/mod.rs src/runtime/engine.rs tests/compat_config_test.rs tests/runtime_profile_test.rs tests/compat_runtime_test.rs tests/agent_runtime_test.rs tests/task_runner_test.rs
git commit -m "test: verify ws branch cleanup preserves zhihu websocket flow"
```
---
## Verification Checklist
### Cleanup regressions
```bash
cargo test --test compat_runtime_test ws_cleanup_ -- --nocapture
cargo test --test runtime_profile_test ws_cleanup_ -- --nocapture
cargo test --test compat_config_test ws_cleanup_ -- --nocapture
```
Expected: scene detection, scene prompt injection, and array-style `skillsDir` behavior are gone.
### Retained Zhihu websocket behavior
```bash
cargo test --test agent_runtime_test production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap -- --nocapture
cargo test --test browser_ws_backend_test -- --nocapture
cargo test --test service_ws_session_test -- --nocapture
cargo test --test compat_runtime_test zhihu_ -- --nocapture
```
Expected: websocket submit path and Zhihu direct workflows still pass.
### Runtime/config verification
```bash
cargo test --test compat_config_test -- --nocapture
cargo test --test runtime_profile_test -- --nocapture
cargo test --test task_runner_test -- --nocapture
```
Expected: runtime/config plumbing is stable after the single-dir cleanup.
### Build verification
```bash
cargo build --bin sgclaw --bin sg_claw --bin sg_claw_client
```
Expected: the branch still compiles cleanly.
---
## Notes For The Engineer
- The current scene support touches three different seams: runtime prompt injection, direct route detection/execution, and multi-root `skillsDir` plumbing. Remove all three; deleting only one leaves conflict-prone leftovers.
- If collapsing `skillsDir` to `Option<PathBuf>` creates more churn than expected, keep the internal representation temporarily as a one-element collection, but the public config contract and tests on this branch must still go back to a single configured path.
- Do not delete browser websocket or callback-host code just because it is adjacent to the scene work; this plan is about stripping scene behavior, not reworking transport.
- If `git diff --stat main...HEAD` still shows scene-specific files after Task 5, stop and remove them before merging `main` back into this branch.

551
docs/superpowers/plans/2026-04-11-main-into-ws-merge-v2-plan.md Normal file
View File

@@ -0,0 +1,551 @@
# Main → WS Merge v2 Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** 把最新 `origin/main` 合并到 `feature/claw-ws`,让 `ws` 分支最终同时保留 **pipe + ws** 两套通信能力、保留 Zhihu 行为,并用 `main` 上正式的 fault-details 实现替换 `ws` 上已 cleanup 删除的旧重复实现。
**Architecture:** 这次合并不是“把 cleanup 永久保持成没有 fault-details”而是“先删除 ws 上旧重复实现,再吸收 main 上正式实现”。冲突裁决优先级是:**先保 pipe、再保 ws、再保 Zhihu、同时拒绝 ws 上旧重复 scene/fault-details 实现回流**。整个过程使用 `git merge --no-commit --no-ff origin/main`,冲突解决后只做聚焦验证,停在未提交状态。
**Tech Stack:** Git, Rust 2021, Cargo test, sgClaw pipe transport, ws transport, compat/runtime/orchestration stack, Zhihu direct workflow tests.
---
## Preconditions
- 当前分支必须是 `feature/claw-ws`
- `2026-04-09-ws-branch-scene-cleanup-plan.md` 已完成
- 当前不在 merge 状态
- 当前没有 tracked 未提交改动
- 本次**不创建 worktree**,按当前仓库执行
- 本次结束点是:**已合并、已验证、未提交**
---
## Final Merge Principles
### 1) `main` 是 pipe 主线
合并后不能把 `main` 上现有的 pipe 管道通信破坏掉。
### 2) `ws` 分支最终要同时保留 pipe + ws
合并后不能让 `ws` 分支丢掉 websocket 路径,也不能只剩 pipe。
### 3) 两边都有 Zhihu
合并后不能把现有 Zhihu 行为合坏,尤其是 ws→Zhihu 保留路径。
### 4) fault-details 以 `main` 正式实现为准
- `ws` 上那套旧重复实现:**不能回流**
- `main` 上正式实现:**应被合进来**
- 最终结果不是“没有 fault-details”而是“没有 ws 那套旧 fault-details只保留 main 正式版本”
### 5) 不回流旧 scene plumbing
以下旧面不能作为最终结果保留:
- ws 自己那套旧 scene registry / old scene plumbing
- ws cleanup 已删掉的旧重复 route/contract
- 仅为旧 `skill_staging` 场景装配服务的残留逻辑
---
## File Map
### A. 合并时重点观察的共享/高风险文件
- `Cargo.toml`
- `Cargo.lock`
- `src/agent/mod.rs`
- `src/agent/task_runner.rs`
- `src/config/settings.rs`
- `src/compat/config_adapter.rs`
- `src/compat/runtime.rs`
- `src/compat/orchestration.rs`
- `src/compat/workflow_executor.rs`
- `src/compat/browser_script_skill_tool.rs`
- `src/compat/direct_skill_runtime.rs`
- `src/compat/openxml_office_tool.rs`
### B. pipe / ws / Zhihu 保护面
- `src/compat/runtime.rs`
- `src/compat/orchestration.rs`
- `src/compat/workflow_executor.rs`
- `src/agent/task_runner.rs`
- `tests/agent_runtime_test.rs`
- `tests/browser_ws_backend_test.rs`
- `tests/service_ws_session_test.rs`
- `tests/task_runner_test.rs`
### C. cleanup 后仍需防止旧实现回流的文件
- `src/runtime/mod.rs`
- `src/runtime/engine.rs`
- `src/config/settings.rs`
- `src/compat/config_adapter.rs`
- `tests/compat_runtime_test.rs`
- `tests/runtime_profile_test.rs`
- `tests/compat_config_test.rs`
### D. 可能需要随 main 正式 fault-details 一起更新的测试面
- `tests/compat_runtime_test.rs`
- `tests/compat_config_test.rs`
- `tests/browser_script_skill_tool_test.rs`
- `tests/compat_openxml_office_tool_test.rs`
---
## Conflict Resolution Rule Table
| 类别 | 最终保留原则 |
|---|---|
| pipe 主路径 | **优先保留可工作的 main 版本**,不能被 ws 改坏 |
| ws 路径 | **必须继续保留 ws 能力**,不能因吸收 main 而丢失 |
| Zhihu | 两边相关能力都不能合坏,至少保住现有 keep-path |
| fault-details | **保留 main 正式实现**,不保留 ws 旧重复实现 |
| old scene/95598 cleanup 残留 | 不允许以 ws 旧重复实现形式回流 |
| `skillsDir` / config | 以最终产品需要为准;若 main 正式实现不要求旧 array-style/scene expansion则不回流 |
| 临时 merge 修补 | 一律不保留 |
---
### Task 1: Confirm Merge Preconditions And Diff Surface
**Files:**
- No code changes expected
- Observe repo state and branch diff only
- [ ] **Step 1: Confirm current branch**
Run:
```bash
git rev-parse --abbrev-ref HEAD
```
Expected:
```text
feature/claw-ws
```
- [ ] **Step 2: Confirm no merge is in progress**
Run:
```bash
git rev-parse -q --verify MERGE_HEAD
```
Expected: exit code `1`.
- [ ] **Step 3: Confirm no tracked local changes**
Run:
```bash
git diff --name-only && printf '\n---STAGED---\n' && git diff --cached --name-only
```
Expected:
```text
---STAGED---
```
- [ ] **Step 4: List current untracked files**
Run:
```bash
git status --short
```
Expected: only known local untracked items, or a clearly understood list.
- [ ] **Step 5: Update `origin/main`**
Run:
```bash
git fetch origin main
```
- [ ] **Step 6: Show ws vs main diff surface before merge**
Run:
```bash
git diff --name-status HEAD...origin/main
```
Expected: clear file list to compare likely merge surface.
- [ ] **Step 7: Stop if preconditions fail**
Stop if:
- branch is wrong
- merge is in progress
- tracked changes exist
- untracked file collision with `origin/main` is found and unresolved
---
### Task 2: Start The Merge Without Committing
**Files:**
- Merge index / working tree only
- [ ] **Step 1: Start no-commit merge**
Run:
```bash
git merge --no-commit --no-ff origin/main
```
Expected:
- either auto-merge pauses before commit
- or Git reports conflicts
- [ ] **Step 2: Capture merge surface immediately**
Run:
```bash
git status --short
```
- [ ] **Step 3: Separate results into three buckets**
Create a working list of conflicted files under:
1. pipe-critical
2. ws/Zhihu-critical
3. shared infra / tests
- [ ] **Step 4: If no conflicts, proceed directly to Task 4 verification**
- [ ] **Step 5: If conflicts exist, proceed to Task 3**
---
### Task 3: Resolve Conflicts By System Role, Not By Branch Bias
**Files:**
- Only files reported by Git as conflicted
#### Global conflict policy
For every conflicted hunk, answer these four questions in order:
1. Does this hunk affect **pipe** correctness?
2. Does this hunk affect **ws** correctness?
3. Does this hunk affect **Zhihu** correctness?
4. Is this hunk part of **ws old duplicate fault-details/scene logic** or **main official implementation**?
Then apply the rule:
- **pipe cannot break**
- **ws cannot break**
- **Zhihu cannot break**
- **ws old duplicate fault-details must stay deleted**
- **main official fault-details should come in**
---
#### Task 3A: Resolve pipe-critical shared runtime files
**Files:**
- `src/compat/runtime.rs`
- `src/agent/task_runner.rs`
- `src/agent/mod.rs`
- `src/config/settings.rs`
- `src/compat/config_adapter.rs`
- [ ] **Step 1: For each conflict, keep the side that preserves mains pipe behavior**
- [ ] **Step 2: Reject ws-only duplicate business logic that main already owns**
- [ ] **Step 3: Keep ws support if the file also serves ws path**
This is additive preservation, not “main wins everything”.
- [ ] **Step 4: Verify each resolved file has no conflict markers**
Run per file:
```bash
git diff --check -- <path>
```
---
#### Task 3B: Resolve ws / Zhihu-critical routing files
**Files:**
- `src/compat/workflow_executor.rs`
- `src/compat/orchestration.rs`
- [ ] **Step 1: Bring in mains official fault-details path if it lives here**
- [ ] **Step 2: Do not reintroduce wss old duplicate fault-details path**
- [ ] **Step 3: Preserve ws submit/browser websocket path**
- [ ] **Step 4: Preserve Zhihu routing path**
- [ ] **Step 5: Verify each resolved file has no conflict markers**
Run per file:
```bash
git diff --check -- <path>
```
---
#### Task 3C: Resolve shared infra files minimally
**Files:**
- `Cargo.toml`
- `Cargo.lock`
- `src/compat/browser_script_skill_tool.rs`
- `src/compat/direct_skill_runtime.rs`
- `src/compat/openxml_office_tool.rs`
- [ ] **Step 1: Keep only the dependency/code shape needed by the merged result**
- [ ] **Step 2: Do not keep lines from prior failed merge attempts**
- [ ] **Step 3: Accept main fixes unless they break pipe/ws/Zhihu behavior**
- [ ] **Step 4: Verify each resolved file has no conflict markers**
Run per file:
```bash
git diff --check -- <path>
```
---
#### Task 3D: Resolve tests to reflect final intended product
**Files:**
- `tests/compat_runtime_test.rs`
- `tests/runtime_profile_test.rs`
- `tests/compat_config_test.rs`
- `tests/agent_runtime_test.rs`
- `tests/browser_script_skill_tool_test.rs`
- `tests/compat_openxml_office_tool_test.rs`
- [ ] **Step 1: Keep tests proving pipe path still works**
- [ ] **Step 2: Keep tests proving ws path still works**
- [ ] **Step 3: Keep Zhihu keep-path regression**
- [ ] **Step 4: Replace cleanup-only “fault-details absent” assertions if final intended state is now “fault-details present via main official implementation”**
- [ ] **Step 5: Do not keep assertions that only prove wss old duplicate implementation is absent if they now contradict the intended merged product**
- [ ] **Step 6: Verify each resolved test file has no conflict markers**
Run per file:
```bash
git diff --check -- <path>
```
---
#### Task 3E: Confirm merge is fully resolved
**Files:**
- No code changes expected
- [ ] **Step 1: Confirm no unmerged entries remain**
Run:
```bash
git diff --name-only --diff-filter=U
```
Expected: no output.
- [ ] **Step 2: Show final resolved file list**
Run:
```bash
git diff --cached --name-only
```
---
### Task 4: Verify Final Product Behavior, Not Cleanup Intermediate State
**Files:**
- Test: `tests/agent_runtime_test.rs`
- Test: `tests/browser_ws_backend_test.rs`
- Test: `tests/service_ws_session_test.rs`
- Test: `tests/task_runner_test.rs`
- Test: `tests/compat_runtime_test.rs`
- Test: `tests/runtime_profile_test.rs`
- Test: `tests/compat_config_test.rs`
- Conditional: `tests/browser_script_skill_tool_test.rs`
- Conditional: `tests/compat_openxml_office_tool_test.rs`
#### Verification goals
This task must prove all four:
1. **pipe path still works**
2. **ws path still works**
3. **Zhihu still works**
4. **final fault-details implementation is the main version, not wss old duplicate**
---
#### Task 4A: Verify pipe-related behavior
- [ ] **Step 1: Run task runner coverage**
Run:
```bash
cargo test --test task_runner_test -- --nocapture
```
- [ ] **Step 2: Run compat runtime suite relevant to main path**
Run:
```bash
cargo test --test compat_runtime_test -- --nocapture
```
- [ ] **Step 3: If pipe-specific tests fail, stop and fix merge resolution before continuing**
---
#### Task 4B: Verify ws-related behavior
- [ ] **Step 1: Run browser websocket backend suite**
Run:
```bash
cargo test --test browser_ws_backend_test -- --nocapture
```
- [ ] **Step 2: Run service websocket session suite**
Run:
```bash
cargo test --test service_ws_session_test -- --nocapture
```
- [ ] **Step 3: If ws-specific tests fail, stop and fix merge resolution before continuing**
---
#### Task 4C: Verify Zhihu behavior
- [ ] **Step 1: Re-run ws→Zhihu keep-path regression**
Run:
```bash
cargo test --test agent_runtime_test production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap -- --nocapture
```
Expected:
```text
1 passed; 0 failed
```
- [ ] **Step 2: If additional Zhihu tests were touched by conflicts, run the smallest affected test target**
Run as needed:
```bash
cargo test --test agent_runtime_test -- --nocapture
```
---
#### Task 4D: Verify config/runtime contracts
- [ ] **Step 1: Run runtime profile suite**
Run:
```bash
cargo test --test runtime_profile_test -- --nocapture
```
- [ ] **Step 2: Run compat config suite**
Run:
```bash
cargo test --test compat_config_test -- --nocapture
```
- [ ] **Step 3: Ensure contracts now reflect final merged product, not the cleanup-only intermediate**
---
#### Task 4E: Verify shared infra if touched
- [ ] **Step 1: If browser-script tool files were touched**
Run:
```bash
cargo test --test browser_script_skill_tool_test -- --nocapture
```
- [ ] **Step 2: If openxml files were touched**
Run:
```bash
cargo test --test compat_openxml_office_tool_test -- --nocapture
```
---
#### Task 4F: Compile guard
- [ ] **Step 1: Run compile-only full test build**
Run:
```bash
cargo test --no-run
```
Expected: exit code `0`.
---
### Task 5: Confirm The Merge Outcome Matches The Principle
**Files:**
- No code changes expected
- [ ] **Step 1: Show final status**
Run:
```bash
git status --short
```
Expected:
- no `UU` / `AA` / `DD`
- merged, validated, uncommitted state only
- [ ] **Step 2: Show final staged summary**
Run:
```bash
git diff --cached --stat
```
- [ ] **Step 3: Report the four required facts with command-backed evidence**
Only if verified:
1. pipe 没坏
2. ws 没坏
3. Zhihu 没坏
4. 最终 fault-details 来自 main 正式实现,而不是 ws 旧重复实现
- [ ] **Step 4: Stop here**
Do **not** run:
```bash
git commit
git push
```
---
## Stop Conditions
出现以下任一情况立即停止,不擅自扩展处理:
- `origin/main` 的正式 fault-details 实现依赖 cleanup 已删掉的契约,而这已经超出简单 merge 范围
- pipe 与 ws 同时依赖同一段共享代码,但两边要求已结构性冲突
- Zhihu keep-path 失败
- `cargo test --no-run` 失败且问题超出本次 merge surface
- 需要重新设计 pipe/ws 共存方式,而不是单纯合并
---
## One-line Execution Rule
**这次 merge 的最终标准不是“继续保持 ws 没有 fault-details”而是“保住 pipe、保住 ws、保住 Zhihu并让 main 的正式 fault-details 替换 ws 旧重复实现”。**

506
docs/superpowers/specs/2026-04-02-ws-browser-backend-auth-design.md Normal file
View File

@@ -0,0 +1,506 @@
# WS 浏览器后端认证替换设计
## 背景
当前 `sg_claw` 的 websocket service 路径已经能接收 `sg_claw_client` 请求、复用共享 task runner、连接真实浏览器 websocket 地址 `browser_ws_url`,并进入真实 skill 执行链路。但真实联调时,所有浏览器相关调用都会失败并返回:
- `invalid hmac seed: session key must not be empty`
根因已经定位:
- pipe 模式在 [src/lib.rs](src/lib.rs) 中通过 handshake 拿到 `session_key`,并用它构造 `BrowserPipeTool`
- ws service 模式在 [src/service/server.rs](src/service/server.rs) 中仍然构造 `BrowserPipeTool::new(..., vec![])`
- `BrowserPipeTool` 的认证模型要求非空 session key因此 ws service 路径虽然使用的是浏览器 websocket 协议,仍错误地依赖了 pipe 特有的 HMAC/session-key 语义
这会导致:
1. `sg_claw_client -> sg_claw` 连接正常
2. skill 加载与模型调用正常
3. 真实浏览器动作开始执行
4. 但所有 browser tool 调用在认证层统一失败
## 目标
**仅限 ws 模式改动** 的前提下,让 `sg_claw` service 路径改为使用 **ws-native browser backend**,不再依赖 `BrowserPipeTool` 的 pipe session-key 认证模型,从而让真实浏览器联调可用。
## 约束
必须满足:
- 只改 ws 模式相关实现
- 不破坏 legacy pipe 模式
- 不修改 pipe handshake 语义
- 不修改 `src/lib.rs` 的 pipe 主入口行为
- 不引入临时绕过认证或 fake seed
- 不扩大到多客户端、多任务、队列、守护进程管理
## 非目标
本次不做:
- 自动拉起 sgBrowser
- 浏览器进程管理
- 多浏览器实例支持
- service/client UX 优化
- browser ws 协议扩展
- pipe 模式重构
- 统一重构所有 runtime 层去完全依赖 `BrowserBackend`
## 现状分析
### 正常 pipe 路径
pipe 模式当前在 [src/lib.rs](src/lib.rs) 中:
1. 通过 `perform_handshake(...)` 读取浏览器侧初始化消息
2. 从 handshake 中拿到 `session_key`
3.`BrowserPipeTool::new(transport.clone(), mac_policy, handshake.session_key)` 构造浏览器工具
4. 后续 browser action 使用 pipe/HMAC 语义
该路径已经可用,本次不能动。
### 当前 ws service 路径
当前 ws 模式在 [src/service/server.rs](src/service/server.rs) 中:
1. `sg_claw_client` 将任务发给 `sg_claw` service
2. service 构造 `ServiceBrowserTransport`
3. service 用 `BrowserPipeTool::new(transport.clone(), mac_policy.clone(), vec![])`
4. browser action 经 `ServiceBrowserTransport` 编码为 browser websocket 请求并发给 `browser_ws_url`
问题在于第 3 步:
- service 走的是 browser websocket 协议
- 但却仍使用 `BrowserPipeTool`
- `BrowserPipeTool` 内部仍坚持要求 pipe session key
- 因此真实 ws 联调时直接失败
### 现有 ws-native 能力
代码中已经存在:
- [src/browser/ws_protocol.rs](src/browser/ws_protocol.rs):固定 browser websocket 协议 codec
- [src/browser/ws_backend.rs](src/browser/ws_backend.rs)`WsBrowserBackend`
- [src/browser/mod.rs](src/browser/mod.rs):已导出 `WsBrowserBackend`
`WsBrowserBackend` 本身不依赖 pipe session key而是
- 使用 `WsClient` 发送/接收文本帧
- 使用 `MacPolicy` 做动作级校验
- 通过 `encode_v1_action(...)``decode_callback_frame(...)` 处理 ws 协议
这正是 ws service 模式应该使用的模型。
## 关键集成缝隙
当前共享 runner 的真实缝隙已经确认:
- [src/agent/task_runner.rs](src/agent/task_runner.rs) 的 `run_submit_task(...)` 仍直接要求 `&BrowserPipeTool<T>`
- [src/compat/runtime.rs](src/compat/runtime.rs) 与 [src/compat/orchestration.rs](src/compat/orchestration.rs) 也继续以 `BrowserPipeTool<T>` 作为主浏览器调用对象
- 同时 compat runtime 内部已经存在 `Arc<dyn BrowserBackend>` 的工具适配层,只是它目前是从 `PipeBrowserBackend::from_inner(browser_tool)` 包出来的
这意味着本次实现不能只在 `src/service/server.rs` 里替换构造逻辑,而必须在 **ws 专用调用面** 增加一个最小适配缝隙,让 service 模式能把 `WsBrowserBackend` 传入 compat/runtime/orchestration而 pipe 继续保持 `BrowserPipeTool` 原样。
允许的最小缝隙定义如下:
1. `run_submit_task(...)` 的 pipe 版本保持不动,供 pipe 入口继续使用
2. 新增一个 **仅供 ws service 使用** 的并行入口,例如:
- `run_submit_task_with_browser_backend(...)`
- 或 service 侧调用的等价 ws-only adapter
3. ws-only 入口内部允许把浏览器依赖类型降到 `Arc<dyn BrowserBackend>`
4. `src/lib.rs`、pipe handshake、pipe `BrowserPipeTool` 构造逻辑不允许改行为
## 设计决策
### 决策 1ws service 路径弃用 `BrowserPipeTool`
在 ws service 路径中,不再构造 `BrowserPipeTool`
替代方案:
- service 侧提供一个 `WsClient` 实现
- 直接构造 `WsBrowserBackend`
- 让 ws service 的 browser action 通过 `WsBrowserBackend` 执行
### 决策 2pipe 路径保持原样
pipe 模式继续:
- handshake
- `session_key`
- `BrowserPipeTool`
不做语义调整,不引入兼容层,不改动已存在的验证路径。
### 决策 3runner 只在 ws 调用面做最小接线
当前共享 task runner 复用已经存在,本次不做大重构。
策略是:
- 只在 ws service 用到的调用面,改成可使用 `WsBrowserBackend`
- 如果必须扩共享调用接口,则仅做**最小、兼容、对 pipe 零影响**的改动
- 任何涉及 pipe 行为变更的改动都不允许
### 决策 4保留现有 browser websocket 连接生命周期
本次不重做连接管理架构。
继续维持:
- 单客户端
- 单任务串行
- 按现有 service 生命周期维护 browser websocket 连接
只替换认证错误的执行路径,不顺手做生命周期优化。
## 目标架构
### 目标调用链
```text
sg_claw_client
-> sg_claw service
-> ws-native browser backend
-> browser_ws_url
-> sgBrowser
```
### 与 pipe 的并行关系
```text
pipe mode:
browser process <-> stdio/pipe <-> sgclaw::run() <-> BrowserPipeTool
ws mode:
sg_claw_client <-> sg_claw service <-> WsBrowserBackend <-> sgBrowser websocket
```
两条路径并行存在,互不混用认证模型。
## 模块设计
### 1. `src/service/server.rs`
这是本次核心改动文件。
#### 当前职责
- 管理 service client websocket 收发
- 将 service 请求转入共享 runner
- 维护 service->browser 的 websocket 传输桥
#### 本次改动
- 将“service->browser 的桥”从 `Transport + BrowserPipeTool` 组合改为 `WsClient + WsBrowserBackend`
- 删除 ws service 路径中对空 `session_key` 的依赖
- 继续保留 service socket 生命周期与 session 状态机
#### 目标结构
可接受的目标形态:
- `ServiceBrowserWsClient`:实现 `WsClient`
- 内部继续维护真实 browser websocket 连接
- `serve_client(...)` 在处理任务时构造 `WsBrowserBackend`
- 共享 runner 或其 ws 调用包装层通过该 backend 执行 browser action
### 2. 共享 runner / ws 调用包装层
本次不要求把全项目统一改成 `BrowserBackend`
但 ws service 模式必须能把 browser action 接到 `WsBrowserBackend`
可接受的最小方案:
- 在 ws service 使用的一层引入一个只服务 ws 模式的 adapter
- 该 adapter 把 runner 所需的 browser 调用能力委托给 `WsBrowserBackend`
要求:
- pipe 现有调用签名不变,或即使扩展也必须保证 pipe 行为完全一致
- 不允许为了 ws 把 pipe 入口重写
### 3. `src/browser/ws_backend.rs`
原则上复用现有实现。
只有在以下情况下才允许最小补改:
- service 真实联调发现它缺一个 ws service 必需但当前未暴露的能力
- 该补改只服务 ws-native 路径
- 不影响现有测试语义
## 连接职责与边界
为避免 service 侧与 `WsBrowserBackend` 重复实现责任,本次显式约束如下:
### `WsBrowserBackend` 负责
- 单次 `invoke(...)` 的请求串行化
- 调用 `encode_v1_action(...)`
- 发送 websocket 文本帧
- 等待即时状态帧
- 如有 callback等待 callback 帧并做名称匹配
- 将结果统一为 `CommandOutput`
- 按现有 `WsBrowserBackend` 语义产出 timeout / protocol 错误
### service 侧 `WsClient` 适配器负责
- 持有真实 browser websocket 连接
- 在第一次请求时建立到 `browser_ws_url` 的连接
-`send_text(...)` / `recv_text_timeout(...)` 委托到真实 websocket
- 将底层关闭、reset、timeout 统一映射为既有 `PipeError` 语义
- 不实现 request/response correlation不解析 browser ws 协议 payload
### 明确不允许
- service 侧继续手写 callback 轮询逻辑
- service 侧继续直接调用 `encode_v1_action(...)` 组包作为主路径
- 在 service 侧复制 `WsBrowserBackend` 的协议处理逻辑
这样可以保证:
- `src/service/server.rs` 只负责“连线”
- `src/browser/ws_backend.rs` 继续负责“ws 浏览器调用语义”
## 数据流设计
### 成功路径
1. `sg_claw_client``sg_claw``SubmitTask`
2. service 收到任务并进入共享 runner
3. 当 runner 需要浏览器动作时:
- ws service 调用 `WsBrowserBackend.invoke(...)`
4. `WsBrowserBackend`
-`MacPolicy` 校验动作
-`encode_v1_action(...)` 编码请求
- 发往 `browser_ws_url`
- 等待状态帧
- 如有 callback继续等 callback 帧
5. 结果返回到 runner
6. runner 继续执行并向 client 流式输出日志和 completion
### 失败路径
#### browser websocket 不可连
- 返回明确的 browser websocket connect 错误
- 不冒充认证错误
#### 浏览器返回非 0 状态
- 返回明确协议错误:`browser returned non-zero status`
#### callback 超时
- 返回 timeout
#### websocket 断开
- 返回 `PipeError::PipeClosed`
- 由 service 生命周期逻辑处理
#### 不再允许的错误
- `invalid hmac seed: session key must not be empty`
该错误在 ws 模式下应彻底消失。
## 失败语义
为便于测试与实现ws-only 路径的 outward error 语义固定如下:
### browser websocket connect 失败
- outward: `PipeError::Protocol("browser websocket connect failed: ...")`
### 浏览器返回非 0 状态码
- outward: `PipeError::Protocol("browser returned non-zero status: ...")`
### callback 超时
- outward: `PipeError::Timeout`
- timeout 来源:沿用 `WsBrowserBackend` / ws service 当前 response timeout 配置,默认 30 秒
### websocket 被对端正常关闭或 reset
- outward: `PipeError::PipeClosed`
- 不允许使用“等价错误”这类不精确表述
### 本次必须消除的错误
- `invalid hmac seed: session key must not be empty`
任何 ws service 联调路径再出现该错误,都视为实现未完成。
## 测试设计
### 分层测试策略
为避免依赖 LLM/planner 的非确定性行为,本次测试必须分成两层,且各自断言不同目标:
#### A. backend / adapter 层测试(确定性)
这一层不经过 `sg_claw_client`、不经过真实模型规划,直接验证 ws-only 技术行为。
目标:
1. `ServiceBrowserWsClient``WsBrowserBackend` 的组合可以:
- 发送 `Navigate`
- 接收 `0` 状态
- 在 callback 场景下读取 callback 文本
2. 当 fake browser server 主动关闭/reset 时:
-`WsClient` / `WsBrowserBackend.invoke(...)` 观察层断言 outward error 必须是 `PipeError::PipeClosed`
3. 当 fake browser server 不返回 callback 时:
-`WsBrowserBackend.invoke(...)` 观察层断言 outward error 必须是 `PipeError::Timeout`
4. 该层测试完全不依赖 LLM、planner、skills 路由
建议:
- 新增 focused ws service/backend test
- 输入动作固定为代码直接调用 `invoke(Action::Navigate, ...)` 等,而不是自然语言任务
#### B. client -> service 集成测试(链路验证)
这一层验证 ws-only 接线已经替换掉空 session key 路径,但不承担细粒度协议语义断言。
目标:
1. 通过真实 `sg_claw_client -> sg_claw service` 发起一个最小自然语言任务
2. fake browser websocket server 至少收到一个来自 ws-only 路径的文本帧
3. client/service 输出中不再出现:
- `invalid hmac seed: session key must not be empty`
4. 该层只证明:
- ws service 已不再走空 session key 的 pipe 认证路径
- 真实端到端链路已能到达 browser websocket
该层不用于断言精确 enum 身份,也不用于覆盖 callback timeout / reset 细节。
### 新增红测 1ws-only backend/adapter 基本调用可用
目标:
- 不走自然语言任务
- 直接构造 ws service 使用的 `WsClient` + `WsBrowserBackend`
- 调用固定动作:`Action::Navigate`,目标 url 固定为 `https://www.zhihu.com/hot`
- fake browser websocket server 返回 `0`
- 断言:
- `invoke(...)` 成功
- fake server 收到的首个文本帧可按 `ws_protocol` 语义解释为 `Navigate`
### 新增红测 2ws-only backend/adapter 断链语义固定
目标:
- 不走自然语言任务
- fake browser websocket server 在接受请求后主动关闭或 reset
-`invoke(...)` 观察层断言:
- outward error 固定为 `PipeError::PipeClosed`
### 新增红测 3ws-only backend/adapter callback timeout 语义固定
目标:
- 不走自然语言任务
- fake browser websocket server 返回 `0` 但不返回 callback 帧
-`invoke(...)` 观察层断言:
- outward error 固定为 `PipeError::Timeout`
### 新增红测 4client->service 链路不再触发空 session key 错误
目标:
- 通过真实 `sg_claw_client -> sg_claw service` 链路触发浏览器动作
- 用 fake browser websocket 服务端接住请求
- 任务输入固定为:`打开知乎热榜并读取页面主区域文本`
- 断言 client/service 输出中不再出现:
- `invalid hmac seed: session key must not be empty`
- 断言 fake browser server 至少收到了一个文本帧
### 回归测试
必须重新运行并保持通过:
#### pipe 回归
```bash
cargo test --test pipe_handshake_test -- --nocapture
```
如实现涉及 browser tool 上层接线,还需补跑:
```bash
cargo test --test browser_tool_test --test compat_browser_tool_test --test runtime_task_flow_test -- --nocapture
```
#### ws 回归
```bash
cargo test --test service_ws_session_test --test service_task_flow_test --test browser_ws_protocol_test --test browser_ws_backend_test -- --nocapture
```
## 手工验收
使用真实配置和真实已启动 sgBrowser
1. 启动 sgBrowser并确保 `browserWsUrl` 可用
2. 启动 `sg_claw`
3. 运行:
- `sg_claw_client`
4. 发送知乎最小任务:
- 打开知乎热榜并读取页面主区域文本
5. 观察:
- 不再出现 `invalid hmac seed`
- 出现真实 browser action 日志
- 能返回单次 completion
6. 再运行旧知乎 skill
- `读取知乎热榜数据,并导出 excel 文件`
7. 验证旧知乎 skill 进入真实 browser 执行路径
8. 最后确认 legacy pipe 入口仍可启动(仅验证,不允许为此修改 pipe 实现)
## 风险
### 风险 1ws service 与共享 runner 接口耦合过深
控制:
- 只在 ws 使用面做 adapter
- 不对 pipe 主入口做结构性改造
### 风险 2为适配 ws-native backend 误改 pipe 调用链
控制:
- 所有 pipe 回归必须在每轮修改后重跑
- `src/lib.rs` 不允许改行为
### 风险 3ws service 内联连接逻辑与 `WsBrowserBackend` 责任重复
控制:
- 本次先以最小变更消除认证阻塞
- 不顺手做大规模整理
## 通过标准
满足以下全部条件才算完成:
1. ws service 路径不再依赖空 session key
2. 不再出现 `invalid hmac seed: session key must not be empty`
3. 真实 browser websocket 请求能发到 sgBrowser/fake browser server
4. 旧知乎 skill 至少能进入真实 browser action 执行链路
5. pipe 模式零回归
6. 所有新增/相关测试通过
## 实施建议
按以下顺序实施:
1. 先补红测锁定“ws 不再触发 invalid hmac seed”
2. 再把 ws service 路径切到 `WsBrowserBackend`
3. 跑 ws 测试
4. 跑 pipe 回归
5. 做真实知乎最小任务 smoke
6. 再做旧知乎 skill smoke

276
docs/superpowers/specs/2026-04-03-ws-browser-bridge-path-design.md Normal file
View File

@@ -0,0 +1,276 @@
# WS Browser Bridge Path Design
## Background
The repository now has explicit live evidence that the real sgBrowser websocket endpoint at `ws://127.0.0.1:12345` is **reachable** but is **not validated as an external-control surface**.
The probe transcript in `docs/_tmp_sgbrowser_ws_probe_transcript.md` shows a stable outcome across the full bootstrap matrix:
- direct open-page frame
- `sgOpenAgent`
- `sgSetAuthInfo`
- `sgBrowserLogin`
- `sgBrowerserActiveTab`
- combined bootstrap attempts
- alternate `requesturl` values
Across all of those sequences, the endpoint behaved like this:
1. websocket connection succeeds
2. first inbound text frame is always the banner `Welcome! You are client #1`
3. no sequence produced a reproducible numeric status frame for a real business action
4. no sequence produced a reproducible callback frame for a real business action
5. follow-on business frames timed out or produced no further usable protocol traffic
That means the current project can no longer treat raw external websocket business frames as the default production integration surface.
## Why the raw websocket path is now considered non-validated
The decision is not based on a guess. It is based on both live evidence and repository evidence.
### Live evidence
`docs/_tmp_sgbrowser_ws_probe_transcript.md` proves that the real endpoint did **not** yield the one thing raw external control needs:
- a reproducible status/callback response for a real browser action
Because that never happened, the bootstrap hypothesis did not clear the acceptance bar.
### Repository evidence
The rest of the repository already points to a different product integration model.
#### 1. Historical frontend code uses browser-host bridge surfaces
In `frontend/archive/sgClaw验证-已归档/testRunner.js:15-26`:
- the runtime checks for `window.sgFunctionsUI`
- the runtime checks for `window.BrowserAction`
- the working path uses `window.sgFunctionsUI(action, params, callback)`
That is a host/browser bridge contract, not an external raw websocket RPC contract.
#### 2. Prior architecture docs make `CommandRouter` the execution entry
In `docs/superpowers/specs/2026-03-25-superrpa-sgclaw-browser-control-design.md:16-18` and `:36-50`:
- reuse SuperRPA `CommandRouter` as the browser execution entry
- keep browser-side hosting, security re-check, and dispatch in SuperRPA
- avoid building parallel browser automation APIs
That is directly incompatible with treating raw external websocket business frames as the primary control plane.
#### 3. Project planning docs describe FunctionsUI IPC as the supported frontend seam
In `docs/archive/项目管理与排期/协作时间表.md:419-430`:
- Vue/FunctionsUI calls browser-host methods such as `window.superrpa.sgclaw.start()` and `sendCommand(...)`
- browser host pushes callbacks such as `onStatusChange(...)` and `onLog(...)`
Again, this is a bridge and host IPC model.
#### 4. Floating-chat planning already preserves named bridge calls
In `docs/plans/2026-03-27-sgclaw-floating-chat-frontend-design.md:289-293`:
- `connect()` issues `sgclawConnect`
- `start()` issues `sgclawStart`
- `stop()` issues `sgclawStop`
- `submitTask()` issues `sgclawSubmitTask`
That design work assumes a named browser bridge, not direct raw websocket frames.
## Decision
**Authoritative browser integration surface: the browser-host bridge path, not the raw external sgBrowser websocket business-frame path.**
More concretely, sgClaw should target this chain:
```text
sgClaw runtime
-> existing browser-facing bridge contract
-> FunctionsUI / host IPC
-> BrowserAction / sgclaw host callbacks
-> existing SuperRPA CommandRouter dispatch
```
## Authoritative seams for future implementation
Because this repository does not contain the full SuperRPA browser host source tree, the bridge-first implementation must integrate at the **nearest validated seam available in this repo**, while staying aligned with the external browser-host contract already documented.
The future implementation must model **two different bridge layers** explicitly instead of mixing them together.
### Layer 1: session/lifecycle bridge contract
This layer is evidenced by the named calls already present in repo documentation:
- `sgclawConnect`
- `sgclawStart`
- `sgclawStop`
- `sgclawSubmitTask`
This layer manages session setup, task submission, and host/UI lifecycle behavior.
It is important evidence that a browser-host bridge exists, but it is **not** the per-browser-action contract that a new `BrowserBackend` implementation should target.
### Layer 2: browser-action execution contract
This is the authoritative target for the new browser backend.
It is evidenced by:
- `window.BrowserAction(...)` in archived frontend code
- `FunctionsUI` / host IPC integration in archived planning docs
- browser-side dispatch through `CommandRouter` in `docs/superpowers/specs/2026-03-25-superrpa-sgclaw-browser-control-design.md`
In this repository, the concrete boundary must be a **repo-local semantic transport seam** that can be implemented and tested without access to the external SuperRPA host code.
That seam should be a narrow Rust-side contract such as `BridgeActionTransport`:
- input: semantic browser action request (`navigate`, `click`, `getText`, etc.) plus params and expected domain
- output: semantic success/error reply that can be normalized back into `BrowserBackend` results
`BridgeBrowserBackend` should target **Layer 2 only**.
### Explicit out-of-scope boundary
The following are outside this repository and therefore outside the immediate Rust implementation slice:
- actual SuperRPA C++ host/browser code
- actual `FunctionsUI` TypeScript host plumbing in the external browser repository
- actual `CommandRouter` implementation in the external browser repository
This repository should implement only:
- the Rust-side bridge contract types
- the Rust-side bridge transport/provider seam
- the Rust-side bridge-backed browser adapter
- deterministic tests against those seams
### What this means practically
The next implementation slice should **not** continue trying to make `WsBrowserBackend` drive the real browser endpoint directly.
Instead, the next implementation slice should introduce a **bridge-backed browser adapter** that:
- preserves the Rust-side `BrowserBackend` contract where practical
- translates browser actions onto the Layer-2 semantic bridge surface
- keeps lifecycle/session bridge calls separate from per-action browser execution
- leaves the raw websocket probe code as diagnostic infrastructure only
## Chosen architecture
Use a bridge-backed adapter design.
### Target shape
```text
compat/runtime/orchestration
-> Arc<dyn BrowserBackend>
-> BridgeBrowserBackend (new)
-> BridgeActionTransport (new repo-local seam)
-> external browser-host bridge / FunctionsUI IPC
-> BrowserAction / CommandRouter path
```
### Why this shape
- It preserves the already-useful Rust-side browser abstraction (`BrowserBackend`) instead of re-plumbing the entire runtime.
- It keeps raw websocket probing available for diagnostics without letting it dictate production architecture.
- It matches the architecture already documented for SuperRPA integration.
- It keeps future work narrow: one new adapter layer instead of rewriting all runtime behavior.
## What stays the same
### Pipe path remains unchanged
The existing pipe path must remain behaviorally unchanged:
- `src/lib.rs`
- pipe handshake behavior
- `BrowserPipeTool`
- existing HMAC/domain validation semantics
The bridge-first work is about the **ws service / real browser integration path**, not about replacing or weakening the pipe path.
### Existing compat/runtime abstractions should be preserved where practical
The next slice should reuse:
- `BrowserBackend`
- existing browser tool adapters in compat/runtime
- existing task runner/orchestration flow
The new work should be concentrated in a bridge adapter and its wiring, not spread through unrelated layers.
## What does not stay the same
### Raw websocket is no longer the mainline production assumption
The repository may keep:
- `src/browser/ws_backend.rs`
- `src/browser/ws_protocol.rs`
- `src/browser/ws_probe.rs`
- `src/bin/sgbrowser_ws_probe.rs`
But those should now be treated as:
- protocol tooling
- fake-server test tooling
- live diagnostic/probe tooling
- possibly constrained compatibility code
They should remain diagnostic-only in this repository and must not be treated as the production path for reaching the real browser.
## Design constraints for the bridge slice
The bridge-path implementation must follow these constraints:
1. **No parallel browser API invention.** Reuse the real bridge/browser action surface already evidenced in docs and archived frontend code.
2. **No pipe regression.** Do not alter the working pipe entry path.
3. **Adapter-first design.** Prefer one bridge-backed backend implementation over broad runtime rewrites.
4. **TDD first.** Add focused bridge adapter tests before production wiring.
5. **Repository-local seam only.** Where external SuperRPA browser-host code is unavailable here, encode the contract in narrow adapters and tests instead of guessing internals.
## Testing implications
The bridge path changes what “proof” looks like.
### Required proof for the next slice
The next implementation slice must prove:
- a browser action can be emitted onto the bridge contract deterministically
- the bridge adapter maps replies/errors back into `BrowserBackend` semantics
- compat/runtime can use the bridge-backed backend without pipe regression
### No longer required for acceptance
The next slice does **not** need to prove that raw websocket business frames work directly against `ws://127.0.0.1:12345`, because the current evidence rejected that path as the mainline assumption.
## Acceptance criteria for this design decision
This design is correct only if future implementation follows all of these:
1. The next production slice targets the browser-host bridge path rather than raw external websocket business frames.
2. The raw websocket probe tooling remains diagnostic only.
3. Existing pipe behavior stays unchanged.
4. The next implementation plan identifies a narrow bridge-backed adapter, not a broad architecture rewrite.
5. Future success claims are based on bridge-path execution evidence, not on reinterpreting the existing raw-websocket transcript.
## Consequences
### Positive
- Aligns implementation with the strongest evidence already in the repo
- Stops further speculative coding on the wrong control surface
- Preserves existing ws probe work as useful diagnostics
- Keeps the next slice narrow and testable
### Trade-off
- Requires an additional adapter design step before more production code can land
- Defers any hope that a small websocket tweak alone will unlock the real browser path
That trade-off is correct, because the current blocker is no longer a small protocol bug. It is an integration-surface mismatch.

288
docs/superpowers/specs/2026-04-03-ws-browser-integration-surface-correction-design.md Normal file
View File

@@ -0,0 +1,288 @@
# WS Browser Integration Surface Correction Design
## Background
The current websocket service path already proved two things:
1. `sg_claw_client -> sg_claw` request handling works.
2. The ws-native backend/auth replacement removed the old pipe/HMAC mismatch that produced `invalid hmac seed: session key must not be empty`.
However, real sgBrowser smoke still does not work.
Manual probing against the configured real browser websocket endpoint (`ws://127.0.0.1:12345`) produced a stable pattern:
- the connection succeeds
- the server sends one banner text frame such as `Welcome! You are client #1`
- after that, business frames receive no status frame and no callback frame
- this remains true for:
- valid-looking `sgBrowerserOpenPage` frames
- callback-based APIs
- no-arg/context-light APIs
- malformed or obviously wrong frames
At the same time, local documentation and archived frontend code point to a different integration model:
- the websocket API doc describes the websocket service as a transport replacement for page-context JavaScript calls, and requires the current page URL (`requesturl`) in each message
- archived frontend/product code uses `window.sgFunctionsUI(...)` and `window.BrowserAction(...)`
- archived architecture docs describe the supported product path as `FunctionsUI -> browser host bridge -> BrowserAction/CommandRouter`, not an arbitrary external process speaking raw browser websocket frames
This means the current assumption is no longer acceptable as the default architecture hypothesis:
- **Rejected default assumption:** `sg_claw` can directly control the real browser by speaking raw business frames to `browserWsUrl` as an external client, with no additional browser-host bridge, page context, or bootstrap/session contract.
That assumption may still turn out to be partially true, but it is no longer justified enough to continue coding against as the mainline design.
## Problem Statement
The project currently has a functioning ws-native transport implementation, but it does **not** have a validated real integration surface for sgBrowser.
The unresolved question is now architectural rather than syntactic:
### Possibility A: raw websocket is valid, but requires hidden bootstrap/preconditions
Examples suggested by the local API document:
- a real browser page must already exist and `requesturl` must refer to that page
- one or more setup calls such as `sgSetAuthInfo`, `sgBrowserLogin`, `sgOpenAgent`, or `sgBrowerserActiveTab` must happen first
- callbacks may require a browser-side JS/page context that an external process does not automatically have
- some APIs may only work against agent/show/hide areas after browser-side initialization
### Possibility B: raw websocket is not the supported external control surface
Instead, the real product path may require:
- `FunctionsUI` / browser-host IPC
- host-side security and routing
- `BrowserAction` / `CommandRouter` dispatch
- page-injected or browser-embedded execution context
If this is true, continuing to invest in raw external websocket business-frame handling as the main integration surface would be architectural drift.
## Goal
Replace the current unvalidated ws-native-direct assumption with a decision-backed integration strategy.
The next implementation slice must do exactly one of these two things based on evidence:
1. **Bootstrap path:** prove that raw websocket control is real and supported once the missing bootstrap/precondition sequence is performed, then codify that bootstrap sequence and keep `WsBrowserBackend` as the execution surface.
2. **Bridge path:** prove that raw websocket is not the real supported surface for external control, then pivot the runtime design so sgClaw targets the actual browser-host bridge / `BrowserAction` surface instead of pretending the raw websocket is enough.
## Non-goals
This correction slice does **not** include:
- broad feature work on the floating chat UI
- multi-client service redesign
- browser process lifecycle management
- speculative protocol expansion
- generic reconnection/backoff work
- rewriting the entire compat/runtime stack without evidence
- landing both bootstrap and bridge implementations in one branch
The purpose of this slice is to choose the correct integration surface first.
## Evidence Summary
### Evidence that the current raw-ws-direct assumption is weak
1. Real endpoint accepts connections but stays silent after the welcome/banner frame.
2. Silence occurs even for malformed frames, which suggests the endpoint is not acting like an openly documented RPC surface for arbitrary external clients.
3. The API documentation frames websocket use as a replacement for page-side JS invocation, not as a standalone public automation API.
4. The documentation repeatedly depends on `requesturl`, callback function names, target pages, and browser areas (`show`, `hide`, `agent`).
5. Historical frontend/product code uses `window.sgFunctionsUI(...)` and `window.BrowserAction(...)`, not raw external websocket business calls.
6. Historical architecture docs emphasize `FunctionsUI`, `CommandRouter`, and browser-host bridge seams.
### Evidence that the current ws-native work is still useful
1. The ws-native auth replacement removed a real bug.
2. The ws backend now correctly carries forward the last navigated request URL.
3. `WsBrowserBackend` and `ws_protocol` remain valuable as deterministic protocol tooling for fake-server tests and any future bootstrap validation.
So the conclusion is **not** “delete ws-native work.”
The conclusion is:
- do not treat raw external websocket control as validated product architecture yet
- use the ws-native code only behind a decision gate
## Design Decision
Adopt a **decision-gated integration strategy**.
### Decision Gate 1: Validate bootstrap viability first
Before any more production architecture changes, add a focused, deterministic validation harness that can exercise a candidate raw-websocket bootstrap sequence against a live endpoint.
The harness must support:
- ordered frame scripts
- exact frame logging
- exact timeout/silence observation
- trying candidate setup sequences such as:
- `sgSetAuthInfo`
- `sgBrowserLogin`
- `sgOpenAgent`
- `sgBrowerserActiveTab`
- then a minimal action such as `sgBrowerserOpenPage` or `sgBrowserExcuteJsCodeByArea`
- trying the same action with different `requesturl` assumptions
- distinguishing these outcomes:
- numeric status returned
- callback returned
- welcome only, then silence
- close/reset
- protocol error
This harness is not product code. It is an evidence tool that prevents blind implementation.
### Decision Gate 2: Make bridge pivot the default fallback
If the validation harness cannot demonstrate a reproducible bootstrap sequence that yields real status/callback frames from the live browser endpoint, then raw websocket must be considered **non-validated for external control**.
At that point, the design must pivot to the bridge path:
- sgClaw browser control targets the real browser-host integration surface
- use the bridge already evidenced in docs/code (`FunctionsUI`, browser host IPC, `BrowserAction`, `CommandRouter`)
- keep raw websocket support, if retained at all, as a diagnostic or highly constrained adapter rather than the primary product path
## Architecture Options
## Option A: Bootstrap-validated raw websocket path
Choose this only if the live validation harness produces repeatable evidence.
### Resulting architecture
```text
sg_claw_client
-> sg_claw service
-> bootstrap sequence executor
-> WsBrowserBackend
-> browserWsUrl
-> sgBrowser
```
### Required conditions
- a reproducible bootstrap sequence exists
- the sequence yields status/callback traffic for real business actions
- the sequence can be encoded as a narrow service-side precondition layer
- the sequence does not require unowned browser UI/manual setup outside a documented contract
### Allowed production changes if Option A wins
- add explicit bootstrap calls before first browser action
- persist validated session/context state needed by the real endpoint
- tighten `request_url` / target-page handling around the proven contract
### Not allowed even if Option A wins
- guessing bootstrap steps without evidence
- silently sprinkling many setup calls into random locations
- broadening the compat/runtime API before the bootstrap contract is known
## Option B: Bridge-first integration path
Choose this if live validation does not prove a workable raw websocket bootstrap.
### Resulting architecture
```text
sg_claw_client
-> sg_claw service
-> bridge adapter
-> browser host / FunctionsUI / BrowserAction / CommandRouter
-> sgBrowser page actions
```
### Required conditions
- local docs/code show a stable supported bridge path
- raw websocket remains non-validated or only page-context-scoped
- the bridge surface can be wrapped behind the existing `BrowserBackend` abstraction or a sibling adapter without weakening pipe behavior
### Allowed production changes if Option B wins
- add a new browser backend implementation that targets the real bridge surface
- redirect ws service/browser execution away from raw business frames
- preserve ws-native code only for tests, probes, or intentionally constrained cases
### Not allowed even if Option B wins
- pretending the old raw-ws mainline still works “well enough”
- leaving the service path ambiguously split between two competing primary surfaces
## Scope Guardrails for the Next Implementation Plan
The next implementation plan must obey these guardrails:
1. **One branch, one decision.** Do not implement both architecture options at once.
2. **Evidence before code.** If bootstrap is unproven, the next coding task is probe/validation tooling, not another speculative service/runtime refactor.
3. **Keep pipe untouched.** `src/lib.rs`, pipe handshake, and the pipe `BrowserPipeTool` path remain behaviorally unchanged.
4. **Do not delete ws-native code prematurely.** It still has value for protocol tests and validation tooling.
5. **Do not broaden success claims.** Removing `invalid hmac seed` did not make real browser control work.
## Testing Strategy
### Stage 1: Evidence tooling tests
Add deterministic tests for the live-probe/validation harness so it can:
- send an ordered frame script
- record exact received frames
- report silence/timeout precisely
- expose transcript output suitable for comparing candidate bootstrap sequences
These tests use a fake websocket server, not sgBrowser.
### Stage 2: Live validation runs
Use the harness against the real endpoint with a fixed matrix of candidate sequences.
At minimum, compare:
1. no bootstrap -> minimal action
2. `sgOpenAgent` -> minimal action
3. `sgSetAuthInfo` -> minimal action
4. `sgBrowserLogin` -> minimal action
5. `sgBrowerserActiveTab` -> minimal action
6. combined documented bootstrap candidates -> minimal action
7. alternate `requesturl` values representing:
- `about:blank`
- target page URL
- a currently open page URL if known
### Stage 3: Architecture-branch acceptance
If Option A wins:
- add one automated regression that proves the validated bootstrap sequence produces the first real status frame in a controlled integration test
- then continue with the narrowest production implementation plan
If Option B wins:
- write a new bridge-integration implementation plan before changing production code
- base all production tasks on the documented bridge surface
## Acceptance Criteria for This Design Correction
This design correction is successful only if future work follows these rules:
1. The repository has an explicit design document recording that raw ws-native direct control is **not currently validated**.
2. The next engineering slice starts with validation or bridge selection, not another speculative runtime refactor.
3. Any future claim that raw websocket is the supported production path must be backed by a reproducible live bootstrap transcript.
4. If that evidence does not appear, the project pivots to the bridge path rather than continuing to guess.
## Consequences
### Positive
- stops further speculative coding against an unproven surface
- preserves useful ws-native work without over-committing to it
- creates a clean decision point for the next implementation branch
### Trade-off
- this does not immediately unblock real browser control
- it intentionally inserts an evidence phase before more production changes
That trade-off is acceptable because the current failure mode is architectural uncertainty, not a missing two-line fix.

105
docs/superpowers/specs/2026-04-03-ws-browser-welcome-frame-design.md Normal file
View File

@@ -0,0 +1,105 @@
# WS Browser Welcome Frame Compatibility Design
## Background
Manual smoke verification after the ws-native browser backend auth replacement showed that real `sgBrowser` sends a banner text frame immediately after the websocket connection is established:
- `Welcome! You are client #1`
The current ws-native path treats the first received text frame as a protocol status frame. In `src/browser/ws_backend.rs`, `WsBrowserBackend::invoke(...)` reads one text frame and immediately parses it as an integer status code. That works for the existing deterministic tests, but it fails against the real browser because the first frame is a human-readable welcome banner rather than `0` or another numeric status.
This means the auth replacement is working — the old `invalid hmac seed: session key must not be empty` error no longer appears — but real smoke still fails on protocol parsing.
## Goal
Make the ws service path tolerate exactly one initial welcome/banner text frame from the real browser websocket, without weakening the general ws protocol semantics.
## Non-goals
This change must not:
- Relax parsing of arbitrary non-protocol text frames
- Change `WsBrowserBackend` into a browser-specific parser for banners
- Affect the legacy pipe path
- Add retry loops or broader reconnection logic
- Change callback handling semantics
## Chosen approach
Handle the welcome banner only in `ServiceBrowserWsClient`.
### Why this layer
`ServiceBrowserWsClient` is already the real-browser adapter used only by the ws service path in `src/service/server.rs`. The welcome frame is a quirk of the real browser endpoint rather than a property of the shared ws protocol abstraction. Keeping the compatibility behavior in the service-side client preserves the stricter semantics of `WsBrowserBackend` for all other callers and test doubles.
## Behavioral rules
1. Only the first received text frame after establishing a browser websocket connection may be treated as a welcome/banner candidate.
2. If that first text frame matches the real banner shape (currently observed as `Welcome! You are client #1`), the client discards it and continues waiting for the actual protocol frame.
3. The welcome skip is one-time only per connection, not per request. Because `ServiceBrowserWsClient` holds a persistent socket, this state must survive multiple `invoke(...)` calls on the same underlying websocket.
4. After the welcome skip:
- status frames must still be numeric strings
- callback frames must still match the existing JSON-array callback protocol
- any other malformed frame remains a protocol error
5. Timeout, close/reset, and connect-failure semantics remain unchanged.
## Matching strategy
Use a narrow string check in `ServiceBrowserWsClient` for a welcome/banner frame:
- starts with `Welcome! You are client #`
This is intentionally strict. We are adapting one known real-browser behavior, not introducing a generic “ignore garbage text” mode.
## Tests
### New red tests
Add focused unit tests under `src/service/server.rs` tests:
1. Positive case:
- fake websocket server sends:
1. `Welcome! You are client #1`
2. `0`
- then `WsBrowserBackend.invoke(Action::Navigate, ...)` succeeds
2. Negative case:
- fake websocket server sends a different first text frame that does **not** match the known welcome prefix
- assert the call still fails as a protocol error rather than silently skipping the frame
The positive test must fail before the implementation change and pass after it. The negative test guards the non-goal that we are not introducing a generic “ignore arbitrary text” mode.
### Regression coverage
Re-run:
- `cargo test service::server::tests -- --nocapture`
- `cargo test --test browser_ws_backend_test -- --nocapture`
- `cargo test --test service_task_flow_test -- --nocapture`
If those pass, re-run the earlier mixed ws+pipe sweep to confirm no unexpected regression escaped the targeted checks.
## Risks and controls
### Risk: swallowing a legitimate protocol error
Control:
- only allow the one-time skip on the first received text frame
- only skip frames matching the known welcome prefix
### Risk: broadening behavior beyond service ws path
Control:
- keep the change entirely inside `ServiceBrowserWsClient`
- do not modify `WsBrowserBackend` parsing rules
## Acceptance criteria
The fix is complete only if all of the following are true:
1. The positive welcome-banner test fails before the change and passes after it.
2. The negative malformed-first-frame test proves that non-matching first text frames still fail as protocol errors.
3. Real ws service smoke no longer fails with `invalid browser status frame: Welcome! You are client #1` when using the configured real sgBrowser endpoint.
4. Existing ws backend tests remain green.
5. Existing service task-flow regression remains green.
6. Pipe behavior remains unchanged, verified by the mixed ws+pipe regression suite.

182
docs/superpowers/specs/2026-04-04-zhihu-ws-submit-realignment-design.md Normal file
View File

@@ -0,0 +1,182 @@
# Zhihu WS Submit Realignment Design
## Background
The current Zhihu submit path drifted away from the documented browser websocket contract.
The authoritative contract for this repository is `docs/_tmp_sgbrowser_ws_api_doc.txt`.
For this slice, the spec anchors to these documented invariants only:
- connect to `ws://127.0.0.1:12345`
- send `{"type":"register","role":"web"}`
- send browser actions as JSON arrays `[requesturl, action, ...args]`
- let browser results come back through documented callback semantics such as `callBackJsToCpp(...)`
- keep the current page URL as the request owner instead of inventing an external helper page
The current production path does not follow that shape for Zhihu routes.
Instead, the submit path selects `BrowserCallbackBackend`, which starts `LiveBrowserCallbackHost` and attempts to bootstrap a local helper page at `/sgclaw/browser-helper.html`. That helper-page bootstrap is not part of the user's confirmed production model, and live evidence already shows it is the wrong assumption for the Release browser.
## Problem Statement
Zhihu submit currently fails before real work begins because the service path depends on a helper-page callback host bootstrap that the Release browser does not use.
That drift shows up in three ways:
1. Zhihu submit routes select the callback-host backend instead of the direct websocket backend.
2. The mainline request URL becomes the local helper page URL instead of the real browser page URL.
3. The submit path waits for helper-page readiness rather than proceeding through the documented websocket callback model.
This causes the observable failure:
- `timeout while waiting for browser message`
- no real Zhihu page open/action in the browser
## Goal
Realign the Zhihu submit path to the documented websocket callback model without changing the existing pipe/service contract.
Concretely, the target behavior is:
- Zhihu submit routes use the websocket browser backend directly
- browser messages keep the real page URL as `requesturl`
- browser actions continue to use documented websocket opcodes
- callback-bearing results continue to use the documented callback payload model
- the browser no longer depends on opening a local helper page before Zhihu work starts
## Non-goals
This slice does not include:
- changing `ClientMessage` or `ServiceMessage`
- changing `run_submit_task_with_browser_backend(...)`
- rewriting the Zhihu workflow itself
- adding a new browser bridge abstraction
- redesigning the pipe path
- deleting callback-host code that is outside the Zhihu submit mainline
- speculative protocol expansion beyond the documented websocket contract
## Chosen Approach
Choose **Option A**: withdraw Zhihu submit from the helper-page callback-host path and return it to the documented websocket callback model.
Rejected alternatives:
- Keep callback host but remove helper bootstrap: still preserves the wrong abstraction in the mainline.
- Build a new orchestration layer: exceeds the requested scope.
## Mainline Architecture After Realignment
```text
sg_claw_client
-> sg_claw service / runtime submit path
-> existing BrowserBackend seam
-> WsBrowserBackend
-> ws://127.0.0.1:12345
-> documented browser opcodes and callback semantics
```
For Zhihu submit routes, the callback-host helper page is no longer part of the mainline execution chain.
## Required Production Changes
### 1. Route selection
Update submit-route backend selection so these routes no longer instantiate `BrowserCallbackBackend`:
- `WorkflowRoute::ZhihuHotlistExportXlsx`
- `WorkflowRoute::ZhihuHotlistScreen`
- `WorkflowRoute::ZhihuArticleEntry`
- `WorkflowRoute::ZhihuArticleDraft`
- `WorkflowRoute::ZhihuArticlePublish`
The change applies in both:
- service submit path in `src/service/server.rs`
- direct runtime submit path in `src/agent/mod.rs`
Direct runtime fallback behavior stays unchanged when no browser websocket URL is configured:
- if a real browser websocket URL is configured, use `WsBrowserBackend` for the listed Zhihu routes
- if no browser websocket URL is configured, keep the existing pipe fallback instead of failing fast
### 2. Request URL ownership
Keep `requesturl` aligned with the real browser page instead of the helper page.
Expected behavior:
- initial request URL comes from the existing submit-path request context
- after a successful navigate call, the websocket backend continues to update its request URL to the navigated target page
- later `getText` and `eval` calls run against the real Zhihu page URL
This preserves the documented page-owned websocket model.
### 3. Callback semantics
Keep callback-bearing actions on the existing websocket protocol path, using the documented callback payload shape.
Required invariants:
- action frames remain `[requesturl, action, ...args]`
- navigate uses the documented opcode `sgHideBrowserCallAfterLoaded`
- `getText` and `eval` continue to emit `callBackJsToCpp(...)` payloads in the documented `sourceUrl@_@targetUrl@_@callback@_@actionUrl@_@responseTxt` form
- callback decoding remains on the websocket path instead of moving through localhost helper-page HTTP endpoints
### 4. Callback-host removal from the Zhihu mainline
For this slice, callback-host code is removed from the Zhihu submit mainline, not redesigned.
Practical meaning:
- Zhihu submit must not start `LiveBrowserCallbackHost`
- Zhihu submit must not emit `sgBrowerserOpenPage` for `/sgclaw/browser-helper.html`
- Zhihu submit must not block on `/sgclaw/callback/ready`
Code outside the Zhihu submit mainline can remain unchanged unless tests require cleanup.
## Test Strategy
This slice follows TDD and replaces the stale helper-page assumptions with direct websocket submit-path assertions.
### Red tests to add or rewrite
1. Rewrite the current submit regression that asserts helper-page bootstrap.
- old behavior under test: Zhihu submit bootstraps callback host
- new behavior under test: Zhihu submit does **not** bootstrap callback host and does **not** emit helper-page frames
2. Add or update a focused submit-path regression proving request ownership stays on the real page.
- after navigate, subsequent Zhihu browser actions must use the real target page URL rather than `/sgclaw/browser-helper.html`
3. Remove or rewrite any newly added red test whose only purpose was to preserve callback-host-without-helper behavior.
- that test belongs to the rejected Option B path, not the chosen Option A path
### Green verification
After the minimal code change, run focused verification in this order:
1. `agent_runtime_test` coverage for the submit path
2. relevant Zhihu `compat_runtime_test` coverage
3. submit/service websocket regressions impacted by route selection
4. stronger real-browser validation after focused tests pass
## Scope Guardrails
The implementation plan for this spec must obey all of the following:
1. Do not modify the pipe contract.
2. Do not add a new browser abstraction.
3. Do not broaden the change beyond the Zhihu submit path and its directly affected websocket protocol tests.
4. Do not keep the helper-page path as a second competing Zhihu mainline.
5. If live validation still reveals a callback-payload mismatch, only adjust the websocket protocol encoding/decoding at the exact mismatch point.
## Acceptance Criteria
The slice is complete when all of the following are true:
1. Zhihu submit routes no longer select the helper-page callback-host backend.
2. No Zhihu submit regression expects or observes `/sgclaw/browser-helper.html` bootstrap.
3. The websocket backend sends Zhihu follow-up actions with the real page URL as `requesturl`.
4. Focused automated tests covering the changed submit path pass.
5. Real-browser validation no longer fails at callback-host readiness timeout, emits no helper-page bootstrap frames, and emits at least one real-page follow-up browser action after navigate.

219
docs/superpowers/specs/2026-04-06-service-chat-web-console-design.md Normal file
View File

@@ -0,0 +1,219 @@
# Service Chat Web Console Design
## Background
The current natural-language entrypoint is the terminal client in `src/bin/sg_claw_client.rs`.
That client already talks to the existing service websocket, sends `ClientMessage`, and prints
`ServiceMessage` responses.
The repository also contains a separate browser callback helper at
`http://127.0.0.1:61058/sgclaw/browser-helper.html`. That page is part of the browser backend
execution path and must remain untouched.
For this slice, the authoritative boundary is:
- the new page may talk to the existing service websocket only
- the page must not talk to the browser websocket directly
- the page must not reuse or replace `browser-helper.html`
- the page must not change the service protocol or browser execution logic
## Problem Statement
Running `cargo run --bin sg_claw_client` and typing into stdin works, but it is inconvenient for
routine usage. The user wants a simple local HTML page with a websocket connection field, a natural-
language input box, and a send button.
The risk is scope drift: if the new page reaches into the browser-helper flow or changes backend
logic, it could damage the working Zhihu/browser path.
## Goal
Add a standalone local HTML console that connects to the existing service websocket and submits
natural-language tasks using the current `submit_task` message shape.
The page should be usable without changing `sg_claw`, `sg_claw_client`, `browser-helper.html`, or
any existing service/browser runtime behavior.
## Non-goals
This slice does not include:
- serving the page from the Rust service
- changing `ClientMessage` or `ServiceMessage`
- changing `src/service/server.rs`
- changing `src/browser/callback_host.rs`
- changing `src/browser/callback_backend.rs`
- changing the helper-page bootstrap flow
- adding authentication, persistence, or multi-session orchestration
- replacing the terminal client
## Chosen Approach
Choose Option A: add one standalone HTML file that opens in a normal browser and talks to the
existing service websocket at `ws://127.0.0.1:42321` by default.
Why this option:
- it is the narrowest possible change
- it reuses the already-working service protocol
- it does not alter the browser-helper path
- it keeps all runtime ownership in the existing Rust service
Rejected alternatives:
- extend `browser-helper.html` into a chat UI: wrong boundary; that page belongs to browser
callback orchestration, not user task entry
- add a new HTTP server inside `sg_claw`: unnecessary for the requested scope
- replace the terminal client binary: not required; both clients can coexist
## File Placement
Create the page outside `frontend/runtime-host/`.
Chosen location:
- `frontend/service-console/sg_claw_service_console.html`
Reason:
- `frontend/runtime-host/` is reserved for SuperRPA runtime-host bundles
- the new page is a standalone local tool, not a Chromium-hosted bundle
- keeping it in its own directory makes the isolation explicit
## Page Architecture
The page is a single self-contained HTML file with inline CSS and inline JavaScript.
No build step and no frontend framework are required.
The page has three UI regions:
1. Connection bar
- websocket URL input
- connect/disconnect button
- current connection state label
2. Message stream
- appends service logs in arrival order
- distinguishes connection info, task logs, errors, and final completion
- keeps the current session visible until the page is refreshed
3. Task composer
- one textarea for natural-language input
- one send button
- send disabled while the websocket is disconnected
- while a task is in flight, keep the composer enabled and let repeated submits surface the
existing service-side `busy` response rather than adding a new frontend queue
## Protocol Contract
The page must reuse the existing service protocol exactly.
### Outbound message
When the user clicks send, the page sends:
```json
{
"type": "submit_task",
"instruction": "<user input>",
"conversation_id": "",
"messages": [],
"page_url": "",
"page_title": ""
}
```
This matches the current terminal client shape in `src/bin/sg_claw_client.rs`.
### Inbound messages
The page displays these existing `ServiceMessage` variants:
- `status_changed` -> render as a compact connection/runtime status row
- `log_entry` -> append as a chronological task log row
- `task_complete` -> append as the terminal result row for that submission
- `busy` -> append as a visible refusal/error row without automatic retry
No new message type is introduced.
## Interaction Flow
1. User opens the local HTML file with a normal browser, typically via `file://`.
2. User connects to the service websocket.
3. The page shows websocket connection status locally.
4. User enters a natural-language instruction and clicks send.
5. The page sends one `submit_task` payload over the service websocket.
6. The service continues to execute tasks exactly as it already does.
7. Incoming service messages are appended to the message stream.
8. After `task_complete`, the websocket remains open so the user can send another task.
## Error Handling
The page handles only UI-local failures:
- websocket connect failure -> show connection error and keep send disabled
- websocket disconnect mid-session -> mark disconnected and require reconnect
- empty instruction -> block send and show inline validation
- `busy` response -> show as a visible service-side refusal without retry logic
The page does not add retries, protocol fallbacks, or browser-runtime recovery logic.
## Isolation From `browser-helper.html`
This is the critical constraint.
The new page must never:
- reference `/sgclaw/browser-helper.html`
- reference `/sgclaw/callback/ready`
- reference `/sgclaw/callback/events`
- reference `/sgclaw/callback/commands/next`
- reference `/sgclaw/callback/commands/ack`
- connect to `ws://127.0.0.1:12345`
The only network target owned by the page is the service websocket, defaulting to
`ws://127.0.0.1:42321`.
Because of that boundary, the page does not interfere with the helper-page bootstrap path.
## Test Strategy
This slice stays minimal, so the automated guard is also minimal.
### Automated regression
Add one focused integration test in `tests/service_console_html_test.rs` that reads the standalone
HTML source and asserts:
- the file exists at the agreed path and is resolved from `CARGO_MANIFEST_DIR` so the test is
stable across working directories
- it contains the service websocket default URL
- it contains `submit_task` payload construction
- it does not contain helper-page URLs or callback-host endpoints
- it does not contain the browser websocket URL
This test is a scope guard, not a browser-E2E suite.
### Manual smoke verification
With the existing service binary running:
1. open the HTML file in a browser
2. connect to the service websocket
3. confirm local websocket open/close events and service `status_changed` messages both appear in the message stream
4. submit a natural-language task
5. confirm logs and completion render in the page
6. confirm the helper-page path remains unchanged because the page never references it
## Acceptance Criteria
The slice is complete when all of the following are true:
1. `frontend/service-console/sg_claw_service_console.html` exists.
2. The page connects to the existing service websocket without backend changes.
3. The page sends the existing `submit_task` shape and receives existing `ServiceMessage` events.
4. The page does not reference `browser-helper.html`, callback-host endpoints, or the browser
websocket URL.
5. Existing browser-helper logic remains untouched.
6. The automated source guard passes.
7. Manual smoke verification confirms a task can be submitted from the HTML page.

373
docs/superpowers/specs/2026-04-06-zhihu-hotlist-post-export-auto-open-design.md Normal file
View File

@@ -0,0 +1,373 @@
# Zhihu Hotlist Post-Export Auto-Open Design
## Background
The current Zhihu hotlist workflows already support two separate artifact outputs:
- `openxml_office` generates a local `.xlsx` file for hotlist export
- `screen_html_export` generates a local `.html` dashboard for presentation
Today, the workflow stops after artifact generation and returns a summary string such as:
- `已导出知乎热榜 Excel <path>`
- `已生成知乎热榜大屏 <path>`
That means the user still has to manually open the generated file.
The user wants one additional post-export action, but only one at a time:
1. for Excel-oriented tasks, automatically open the generated `.xlsx` with the system default spreadsheet application
2. for dashboard-oriented tasks, automatically open the generated local dashboard HTML inside the running sgBrowser session
This is an exclusive choice, not a combined mode.
## Current Runtime Facts
The implementation must match the current browser/runtime boundary that already exists in the repo:
- the active service submit path in `src/service/server.rs` constructs `BrowserCallbackBackend`
- `BrowserCallbackBackend::invoke(Action::Navigate, ...)` currently emits `sgBrowerserOpenPage`, which opens a new visible browser tab and keeps the helper page alive
- `WsBrowserBackend::invoke(Action::Navigate, ...)` has different semantics and a different transport path from the callback-host service path
- `MacPolicy::validate(...)` currently rejects empty or non-domain values, so a raw `file://...` navigation cannot pass through the normal domain validation path today
- `screen_html_export` already returns `presentation.url`, which is the existing `file://` presentation URL contract for the generated dashboard
Those facts mean the design must not promise "replace the helper page" or "reuse identical tab behavior across all backends". The required success path for this slice is narrower: open the generated dashboard automatically in the current callback-host-backed sgBrowser service session without adding a new user-facing surface.
## Problem Statement
The existing workflow logic in `src/compat/workflow_executor.rs` already separates hotlist export from dashboard generation, but it treats both routes as artifact-only flows. The last mile is missing:
- the Excel route does not auto-open the generated file
- the dashboard route does not consume the generated dashboard presentation URL and open it automatically in the browser runtime
The risk is scope drift. This change must not:
- turn Excel-open and dashboard-open into a combined workflow
- add new help/help-like user-visible surfaces
- move orchestration into `frontend/service-console/`
- modify the websocket protocol
- modify `browser-helper.html`
- modify callback-host HTTP endpoints or their contracts
- change the artifact-generation contract of `openxml_office` or `screen_html_export`
## Goal
Extend the existing Zhihu hotlist post-export behavior so that:
- Excel tasks generate `.xlsx` and then auto-open it with the local system default spreadsheet application
- dashboard tasks generate `.html` and then auto-open that generated dashboard inside sgBrowser
On the current callback-host service path, "inside sgBrowser" means opening the generated dashboard in a new visible browser tab while the helper page stays alive. The user does not need to open the file manually.
## Non-goals
This slice does not include:
- opening Excel and dashboard in the same run
- adding a new combined route that auto-opens both artifacts
- adding any new help, helper, or user-visible assistance surface
- modifying `frontend/service-console/sg_claw_service_console.html`
- modifying `src/service/protocol.rs`
- modifying `browser-helper.html`
- modifying `/sgclaw/callback/*` contracts
- turning the browser backend into a general-purpose local filesystem browser
- changing the artifact-generation JSON contract of `openxml_office` or `screen_html_export`
## Chosen Approach
Keep the current two workflow routes, but add one route-specific post-export action to each:
- `ZhihuHotlistExportXlsx` -> generate `.xlsx`, then open it locally with the OS default app
- `ZhihuHotlistScreen` -> generate `.html`, then open the generated dashboard presentation URL in the browser runtime
For the dashboard route, use the existing `presentation.url` returned by `screen_html_export` as the authoritative browser-open URL. Do not invent a separate normal-path URL conversion layer when the tool already returns the presentation contract.
The compat opener must emit one exact navigate request shape for this case.
- `action`: `Action::Navigate`
- `expected_domain`: the exact literal `__sgclaw_local_dashboard__`
- `params.url`: the exact `presentation.url` returned by `screen_html_export`
- `params.sgclaw_local_dashboard_open.source`: the exact literal `compat.workflow_executor`
- `params.sgclaw_local_dashboard_open.kind`: the exact literal `zhihu_hotlist_screen`
- `params.sgclaw_local_dashboard_open.output_path`: the generated local dashboard artifact path
- `params.sgclaw_local_dashboard_open.presentation_url`: the same `file://` URL stored in `params.url`
On the current callback-host-backed service path, only that exact request shape is approved for the local-dashboard special case. A plain `Action::Navigate` with an arbitrary `file://...` URL, or a request missing any one of the required marker fields above, must continue to be rejected.
Because normal `MacPolicy` domain validation cannot accept `file://...`, add a narrow local-dashboard presentation allowance in the browser backend/security boundary. That allowance must be limited to this one case:
- only for `Action::Navigate`
- only for generated local dashboard presentation URLs
- only for local HTML presentation, not arbitrary local paths or generic file browsing
Why this approach:
- it preserves the existing mutual exclusivity between Excel export and dashboard presentation
- it keeps artifact generation in the existing tools
- it keeps browser opening inside the existing browser backend boundary
- it uses the existing `screen_html_export` presentation contract instead of duplicating it
- it avoids pushing orchestration into the service console or protocol layer
- it stays compatible with the current callback-host runtime, where visible navigation is new-tab based
- it limits the guaranteed browser-open behavior in this slice to the callback-host-backed service path that the user is using today
Rejected alternatives:
- add a combined "Excel + dashboard" route: explicitly rejected by user behavior
- let `frontend/service-console/` decide when to open generated files: wrong layer; the console is only a submit/view surface
- add help UI to expose output choices: explicitly unwanted by the user
- change `browser-helper.html` so the helper page itself becomes the dashboard: this would break the current helper-page persistence model
- promise a backend-agnostic "replace the current page" behavior: inaccurate because callback-host and websocket backends do not share identical navigate semantics
- require the websocket backend to gain matching local-dashboard visible-open behavior in this slice: outside the narrow current-service-path goal
## File Responsibilities
### `src/compat/workflow_executor.rs`
Continue to own:
- route detection for Zhihu hotlist workflows
- artifact generation orchestration
- post-export summary construction
New responsibilities in this slice:
- parse the successful artifact payloads after `openxml_office` and `screen_html_export`
- call the route-specific post-export opener only after artifact creation succeeds
- for the dashboard route, consume `presentation.url` from the `screen_html_export` result payload
- keep generation success and post-export open success/failure distinct in the returned summary
### `src/compat/artifact_open.rs`
New helper module to keep side effects out of `workflow_executor.rs`.
Responsibilities:
- open a generated local `.xlsx` with the system default application
- open a generated local dashboard presentation URL through the existing `BrowserBackend`
- construct the exact approved dashboard navigate request shape used by this slice
- define the narrow local-dashboard presentation token/constants used by the compat layer and backend compatibility path
- return narrow success/failure results so `workflow_executor.rs` can produce accurate summaries
This module must stay small and focused. It is not a general launcher framework.
### `src/browser/callback_backend.rs`
New narrow responsibility in this slice:
- at the `BrowserCallbackBackend::invoke(Action::Navigate, params, expected_domain)` entrypoint, recognize only the exact approved local-dashboard presentation request shape
- preserve the current callback-host behavior of using `sgBrowerserOpenPage`, which opens a new visible tab and keeps the helper page alive
- reject local-file navigate attempts that do not include the exact post-export marker payload from the compat layer
This slice must not change callback-host polling, helper bootstrap, or callback endpoint behavior.
### `src/browser/ws_backend.rs`
No required behavior change in this slice.
Notes:
- websocket transport semantics differ from the callback-host service path
- this spec does not require websocket backend local-dashboard visible-open support
- websocket-specific parity can be designed later as a separate slice if needed
### `src/security/mac_policy.rs`
New narrow responsibility in this slice:
- expose a small validation helper for the approved local-dashboard presentation case
- validate the real local presentation URL and artifact path for that case rather than treating `file://` as a normal allowed domain
- keep the normal domain-based validation path unchanged for ordinary remote navigation
The policy layer must not turn `file://` into a generally allowed "domain". This is an explicit special case for generated local dashboard presentation only.
### `src/compat/mod.rs`
Expose the new helper module.
## Route Semantics
### Excel export route
Trigger examples:
- `读取知乎热榜数据,并导出 excel 文件`
- `导出知乎热榜 xlsx`
Expected behavior:
1. collect hotlist rows
2. call `openxml_office`
3. obtain `output_path`
4. open the generated `.xlsx` using the local OS default spreadsheet application
5. return a success summary reflecting both generation and open state
Summary rules:
- open succeeded -> `已导出并打开知乎热榜 Excel <path>`
- open failed but file exists -> `已导出知乎热榜 Excel <path>,但自动打开失败:<reason>`
The workflow still counts artifact generation as successful even if the post-export open step fails.
### Dashboard route
Trigger examples:
- `读取知乎热榜数据并生成领导演示大屏`
- `生成知乎热榜 dashboard`
- `展示知乎热榜大屏`
Expected behavior:
1. collect hotlist rows
2. call `screen_html_export`
3. obtain `output_path`
4. obtain `presentation.url` from the tool result payload
5. invoke the browser opener through the existing `BrowserBackend`
6. return a success summary reflecting both generation and browser-open state
Summary rules:
- browser open succeeded -> `已在浏览器中打开知乎热榜大屏 <path>`
- browser open failed but file exists -> `已生成知乎热榜大屏 <path>,但浏览器自动打开失败:<reason>`
The workflow still counts artifact generation as successful even if the browser-open step fails.
## Browser Boundary
This slice must preserve the current browser/runtime boundary.
Allowed:
- use the existing `BrowserBackend`
- use the existing `Action::Navigate`
- use the existing `screen_html_export` `presentation.url`
- add a narrow compatibility path so local generated dashboard presentation can pass backend validation
Not allowed:
- change `browser-helper.html`
- introduce a new callback-host endpoint
- move file-opening responsibility into the frontend service console
- add a new browser-side bootstrap flow
- require websocket protocol changes
Important semantic note:
- on the current service callback-host path, dashboard open is expected to use `sgBrowerserOpenPage`, so the generated dashboard appears in a new visible browser tab while the helper page remains available for later tasks
- websocket-backed browser execution may continue to differ; this slice does not require matching visible-open semantics there
## Local Dashboard Presentation Allowance
The local dashboard browser-open path needs an explicit narrow validation rule because `file://...` cannot pass the normal domain allowlist.
Requirements for the narrow allowance:
- only approved for `Action::Navigate`
- only approved for the exact compat marker payload described above
- only approved for generated local dashboard presentation URLs
- only approved when the validated local artifact path points to the generated dashboard HTML artifact returned by the same `screen_html_export` success payload
- only approved for local HTML presentation, not arbitrary executables or unrelated local files
- ordinary remote navigation must continue using the existing `MacPolicy::validate(...)` domain rules unchanged
This keeps the behavior small and auditable while still satisfying the user-visible dashboard auto-open requirement.
## Local File Opening Boundary
The Excel auto-open action is a local runtime side effect, not a browser action.
Requirements:
- use the system default application for `.xlsx`
- support the current Windows environment first
- keep the implementation minimal and focused on the generated artifact path
Not required in this slice:
- a cross-platform abstraction beyond the minimal shape needed for the current repo environment
- opening arbitrary user-selected files
- exposing local file opening to the service websocket protocol
## Error Handling
### Excel route
If `.xlsx` generation fails:
- return the existing export failure
If `.xlsx` generation succeeds but auto-open fails:
- keep the artifact path in the summary
- mark only the auto-open step as failed
- do not delete the generated file
### Dashboard route
If `.html` generation fails:
- return the existing screen export failure
If `.html` generation succeeds but browser open fails:
- keep the artifact path in the summary
- mark only the browser-open step as failed
- do not delete the generated file
If the tool result is missing `presentation.url`:
- treat that as a protocol error in the post-export open step for this route
- keep the generated artifact path in the summary if it is available
- do not silently invent a different contract in the normal path
## Test Strategy
### Workflow tests
Update or add focused workflow coverage so that:
- Excel workflow still calls `openxml_office`
- dashboard workflow still calls `screen_html_export`
- the two routes remain mutually exclusive
- dashboard workflow consumes the tool's existing `presentation.url`
### New Excel post-export test
Add a focused regression proving:
- an Excel-oriented hotlist request triggers export
- the generated `.xlsx` path is passed into the local default-app opener
- no browser dashboard navigate is triggered for that route
### New dashboard post-export test
Add a focused regression proving:
- a dashboard-oriented hotlist request triggers HTML generation
- the generated tool payload `presentation.url` is used for browser open
- the browser backend receives a local-dashboard navigate request through the approved compat path
- no local spreadsheet opener is triggered for that route
### Backend/security compatibility tests
Add focused regressions proving:
- callback backend accepts the approved local-dashboard navigate case and still emits `sgBrowerserOpenPage`
- the narrow local-dashboard allowance rejects non-local or malformed URLs
- ordinary domain validation behavior remains unchanged for normal remote navigation
### Existing boundary tests remain unchanged
Do not change the service-console boundary guard. This slice is runtime behavior only.
## Acceptance Criteria
The slice is complete when all of the following are true:
1. Excel hotlist export still generates a local `.xlsx` artifact.
2. Excel hotlist export auto-opens that `.xlsx` with the system default spreadsheet application.
3. Dashboard hotlist export still generates a local `.html` artifact.
4. Dashboard hotlist export consumes the existing `screen_html_export` `presentation.url` and auto-opens it in the current callback-host-backed sgBrowser service session.
5. On the current callback-host service path, the dashboard opens automatically in a visible browser tab without breaking the helper-page runtime.
6. Excel-open and dashboard-open remain separate user-chosen flows, not a combined mode.
7. No new help/help-like user-visible surface is added.
8. The service console, websocket protocol, `browser-helper.html`, and callback-host endpoint surface remain untouched.

217
docs/superpowers/specs/2026-04-08-95598-repair-city-dispatch-operation-analysis.md Normal file
View File

@@ -0,0 +1,217 @@
# 95598-repair-city-dispatch 操作分析
## 1. 场景概述
`95598-repair-city-dispatch` 对应“95598抢修-市指”场景,目标是监测抢修工单队列,并在必要时触发提醒、日志写入与自动派单等后续动作。根据 `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\95598-repair-city-dispatch\scene.json``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-repair-city-dispatch\SKILL.md``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-repair-city-dispatch\scripts\collect_repair_orders.js` 以及两份规则资产,当前最严谨的结论是:本场景的 packaged JS collector 已经实现输入驱动的 `monitor-snapshot` 归一化 / 比较逻辑,会按状态分桶 repair orders、解析 monitor/dispose logs、推导 `pending_ids` / `new_pending_ids`、给出 `success/partial/empty/blocked` 状态,并附带 desk 规则来源、配置基础页与已知问题元数据;但更强的业务监测、提醒与自动派单 workflow 证据仍主要存在于 desk 规则资产中,证据等级分别为 `code-confirmed`
必须显式区分三层证据:
1. packaged runtime-snapshot-collector`collect_repair_orders.js` 已直接实现 repair-order 分类、历史比较、状态判定与标准化快照输出,并显式携带 `workflow_rule_sources``config_base_page``config_base_role``packaged_collector_role``known_issues`,证据等级:`code-confirmed`
2. 业务监测逻辑:`D:\desk\智能体资料\大四区报告监测项\95598抢修-市指_业务检测配置.txt` 直接展示了队列采集、状态分类、监测日志比较、音频提醒与监测日志写入逻辑,证据等级:`code-confirmed`
3. 自动派单 / 提醒逻辑:`D:\desk\智能体资料\大四区报告监测项\95598抢修-市指_自动处理配置.txt` 直接展示了去重、班组匹配、自动派单请求、音频提醒、短信发送、外呼触发与处置日志写入逻辑,证据等级:`code-confirmed`
但这些 `code-confirmed` 只表示“代码或规则资产中存在这些实现分支或动作定义”,不等于“运行时已验证成功”。本文不对运行时成功做任何拔高表述。
## 2. 证据来源
本分析统一只使用四个证据等级标签:`code-confirmed``contract-defined``implementation intent exists but not rigorous / buggy``no direct evidence / candidate only`
1. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-repair-city-dispatch\scripts\collect_repair_orders.js`
- 直接定义 `STATUS_GROUPS``LOCAL_SERVICE_ENDPOINTS``WORKFLOW_RULE_SOURCES``CONFIG_BASE_PAGE``KNOWN_ISSUES`,并实现 repair-order 分类、monitor/dispose log 解析比较、`new_pending_ids` 推导、`success/partial/empty/blocked` 状态判定,以及带 `evidence` / `known_issues``monitor-snapshot` 输出,证据等级:`code-confirmed`
2. `D:\desk\智能体资料\大四区报告监测项\95598抢修-市指_业务检测配置.txt`
- 直接实现工单队列采集、按状态分桶、待处理列表比较、音频提醒、监测日志写入,且暴露待处理分类 bug证据等级`code-confirmed`
3. `D:\desk\智能体资料\大四区报告监测项\95598抢修-市指_自动处理配置.txt`
- 直接实现处置日志去重、班组范围匹配、自动派单请求、自动派单成功/失败/异常/未匹配分支、音频日志、短信日志、外呼触发与 `setDisposeLog` 写入,证据等级:`code-confirmed`
4. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-repair-city-dispatch\SKILL.md`
- 定义“优先使用 packaged collector、把监测快照与下游动作分离、允许 partial”的运行契约证据等级`contract-defined`
5. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-repair-city-dispatch\references\collection-flow.md`
- 定义以页面配置为入口、结合规则资产理解语义、采集状态 `00/01/06/08`、对比 monitor/dispose logs 的一阶流程,证据等级:`contract-defined`
6. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-repair-city-dispatch\references\data-quality.md`
- 定义状态分类、partial 规则、empty/failure 区分和下游副作用边界,证据等级:`contract-defined`
7. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\95598-repair-city-dispatch\scene.json`
- 声明场景分类、输入 `time`、依赖和动作类型,证据等级:`code-confirmed`
8. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\95598-repair-city-dispatch\scene.draft.json`
- 展示早期推断中对 `trigger-alert``configServices` 是否拆分的犹豫,属于候选整理结果,证据等级:`no direct evidence / candidate only`
## 3. 实际入口与运行边界
实际入口在 `scene.json` 中已固定:场景页面入口为 `index.html`,技能工具名为 `95598-repair-city-dispatch.collect_repair_orders`,输出类型为 `monitor-snapshot`,输入为 `time`,这些都属于 `code-confirmed`
其中 `assets/scene-snapshot/index.html` 只应被视为配置基础页(例如班组、联系人、范围维护),不应被当作规则 workflow 的主执行证据。
运行边界方面,需要做两个强制区分:
- packaged JS runtime collector 的实际边界:它已经能基于输入 `repair_orders``monitor_logs``dispose_logs` 做状态分类、历史比较、`new_pending_ids` 推导与 `success/partial/empty/blocked` 判定,并返回标准 `monitor-snapshot`;但它仍是输入驱动归一化 collector不直接发起浏览器请求也不直接承载完整业务 workflow证据等级`code-confirmed`
- rule-asset 行为边界:业务检测规则和自动处理规则分别展示了浏览器请求、日志比较、提醒副作用与自动派单副作用,证据等级:`code-confirmed`
也就是说,本场景不能被单句描述成“统一 packaged collector 已完整实现实时队列监测与自动派单”。更严谨的说法是packaged collector 已实现可测试的输入驱动快照归一化 / 比较逻辑;而较强的实时监测与自动处理链路证据仍来自 desk 规则资产,证据等级:`code-confirmed`
同时,`SKILL.md` 与 reference 明确要求把“快照采集成功”与“音频、短信、外呼、自动派单等下游效果”分开表达;这属于运行契约约束,证据等级:`contract-defined`
## 4. 代码已证实的实际操作流程
### 4.1 packaged runtime-snapshot-collector 已证实流程
`collect_repair_orders.js` 中现在能严格确认:
1. 调用 `collectRepairOrders(input)`,读取 `input.repair_orders``input.monitor_logs || input.monitor_log``input.dispose_logs || input.dispose_log``input.local_write_failures``input.blocked_reason` 等输入。
2. 通过 `classifyRepairOrders(...)``STATUS_GROUPS.pending = ["00", "01"]``STATUS_GROUPS.audit = ["06"]``STATUS_GROUPS.processed = ["08"]` 对 repair orders 分桶,并记录未知状态。
3. 从 pending orders 提取 `pending_ids`,再解析 monitor/dispose logs识别 malformed payload并据此推导 `new_pending_ids`
4.`blocked > partial > empty > success` 的优先级计算 `status`,并把未知状态、日志缺失、日志解析失败、本地写失败等写入 `partial_reasons`
5. 返回 `type: "monitor-snapshot"``scene: "95598-repair-city-dispatch"``pending``audit``processed``pending_ids``new_pending_ids``status``partial_reasons`
6. 在返回对象中附带 `evidence.workflow_rule_sources``evidence.config_base_page``evidence.config_base_role``evidence.packaged_collector_role = "runtime-snapshot-collector"`,以及 `known_issues`
7. 模块额外导出 `STATUS_GROUPS``LOCAL_SERVICE_ENDPOINTS``WORKFLOW_RULE_SOURCES``CONFIG_BASE_PAGE``KNOWN_ISSUES`
以上都属于 `code-confirmed`
### 4.2 业务监测规则已证实流程
`95598抢修-市指_业务检测配置.txt` 中可直接确认:
1. 通过 `BrowserAction("sgBrowerserJsAjax2", ...)` 请求 `repairOrder/list`,查询条件包含 `statusName=00,01,06,08` 与当天时间窗,证据等级:`code-confirmed`
2. 将返回列表按状态分到 `list``shlist``ycjList`,并构造 `pending/audit/processed``pendingList`,证据等级:`code-confirmed`
3. 读取 `getMonitorLog`,并基于待处理列表对比决定是否播报音频提醒,证据等级:`code-confirmed`
4. 将监测结果写入 `setMonitorData``setMonitorLog`,证据等级:`code-confirmed`
5. 音频提醒结果会写入 `setAudioPlayLog` 成功/失败/异常三类状态,证据等级:`code-confirmed`
但这里同时存在一个直接可见的 bug待处理判断写成了 `item.status == "00" && item.status == "01"`,这在单个状态值上不可能同时成立,因此规则中的 `pending` 列表构造逻辑不严谨,证据等级:`implementation intent exists but not rigorous / buggy`
### 4.3 自动处理规则已证实流程
`95598抢修-市指_自动处理配置.txt` 中可直接确认:
1. 先写一条“进入自动派单”的监测日志,再读取 `getDisposeLog` 做已派单去重,证据等级:`code-confirmed`
2. 对未派过单的待处理工单,读取 `getClassList`,按 `scope` 对故障地点 `gzdd` 做班组匹配,证据等级:`code-confirmed`
3. 匹配成功时,请求 `repairOrder/initProcess` 进行自动派单,证据等级:`code-confirmed`
4. 自动派单成功时,会触发成功音频播报、短信发送、外呼触发,并写 `setDisposeLog(state="成功")`,证据等级:`code-confirmed`
5. 自动派单失败时,会触发失败音频播报,并写 `setDisposeLog(state="失败")`,证据等级:`code-confirmed`
6. 自动派单异常时,会触发异常音频播报,并写 `setDisposeLog(state="异常")`,证据等级:`code-confirmed`
7. 未匹配到班组时,会触发未匹配音频播报,并写 `setDisposeLog(state="未匹配")`,证据等级:`code-confirmed`
以上动作都只是“规则层实现分支存在”的直接证据,不代表运行时已经验证成功。
## 5. 标准化抽象流程
若为 command-center 做严格抽象,本场景更合理的标准化流程应写成:
1. 接收监测任务输入 `time`
2. 使用规则资产定义的浏览器请求采集 95598 抢修队列。
3. 将源数据分为 `pending``audit``processed`,并保留规则层可见的待处理列表语义。
4. 用 monitor log / dispose log 做比较上下文,得出“新增待处理”或待自动处理集合。
5. 若进入标准配置归一层,再把这些结果映射为 `pending_ids``new_pending_ids` 等 canonical 字段。
6. 先返回或保留监测快照语义。
7. 再执行音频提醒、短信、外呼、自动派单、日志写入等下游动作。
其中第 1 步可由 packaged collector 的显式输入 `time` 支撑,第 3、4、5、6 步可由 packaged collector 的输入驱动归一化 / 比较逻辑支撑,证据等级:`code-confirmed`;第 2、7 步主要由规则资产直接支撑,证据等级:`code-confirmed`;“快照应先于下游副作用表达”这一边界来自 `SKILL.md` / references证据等级`contract-defined`
如果进一步把这个抽象流程说成“已由统一 packaged collector 严格承载实时浏览器采集与自动派单副作用”,那就不严谨了,因为这些更强 workflow 证据仍在 desk 规则资产而不是 packaged collector 中,证据等级只能降为 `implementation intent exists but not rigorous / buggy`
## 6. 输入、上下文与依赖
### 输入
- `time` 是 scene 与 packaged script 共同声明的显式输入,证据等级:`code-confirmed`
- 当天时间窗拼接逻辑出现在业务监测规则中,即 `00:00:00``23:59:59`,证据等级:`code-confirmed`
- “当前队列窗口通常是当天”在 reference 中被明确说明,证据等级:`contract-defined`
### 运行上下文
- 平台 session、org/user 上下文、浏览器可执行 `BrowserAction` 是规则资产和 reference 共同依赖的前提,证据等级分别为 `code-confirmed``contract-defined`
- 页面本身更偏配置页,而真正监测语义来自规则资产,这一点在 `collection-flow.md` 中被明确指出,证据等级:`contract-defined`
### 依赖
- `scene.json` 中声明 `browser``local-service``repair-order-source``history-log``status-classification`,证据等级:`code-confirmed`
- 业务监测规则直接使用 `repairOrder/list``MonitorServices/getMonitorLog``setMonitorData``setMonitorLog``setAudioPlayLog`,证据等级:`code-confirmed`
- 自动处理规则直接使用 `getDisposeLog``getClassList``repairOrder/initProcess``setDisposeLog``setSendMessageLog` 与外呼触发 `mac.callOutLogin`,证据等级:`code-confirmed`
- `configServices` 是否需要单独提升为正式依赖,在 `scene.draft.json` 中仍是待确认项,证据等级:`no direct evidence / candidate only`
## 7. 输出结构
当前输出结构需要分层描述。
### 7.1 packaged runtime collector 已直接定义的输出
`collect_repair_orders.js` 直接定义:
- `type: "monitor-snapshot"`
- `scene: "95598-repair-city-dispatch"`
- `time`
- `pending`
- `audit`
- `processed`
- `pending_ids`
- `new_pending_ids`
- `status`
- `partial_reasons`
- `evidence.workflow_rule_sources`
- `evidence.config_base_page`
- `evidence.config_base_role`
- `evidence.packaged_collector_role`
- `known_issues`
以上全部属于 `code-confirmed`
### 7.2 规则资产已展示的实际快照字段语义
业务监测规则直接构造了:
- `time`
- `type: "95598抢修-市指"`
- `pending`
- `pendingList`
- `audit`
- `processed`
这说明规则层实际快照对象与 packaged stub 的字段命名并不完全一致,尤其是 `pendingList` vs `pending_ids``type` vs `scene`,证据等级:`code-confirmed`
### 7.3 `new_pending_ids` 的证据强度
`SKILL.md`、reference 和 `data-quality.md` 都把 `new_pending_ids` 当作期望输出的一部分,证据等级:`contract-defined`。但在已读规则资产里,能直接看到的是“对 monitor log / dispose log 做比较并决定是否提醒或进入自动派单”,而没有看到显式字段 `new_pending_ids` 被直接写出,因此“存在历史比较意图”是 `code-confirmed`,“`new_pending_ids` 已被当前实现严谨产出”只能标为 `implementation intent exists but not rigorous / buggy`
## 8. 下游动作证据表
| 下游动作 | 当前证据 | 证据等级 | 严谨结论 |
| --- | --- | --- | --- |
| 返回 `monitor-snapshot` runtime collector 输出 | `collect_repair_orders.js` 直接返回对象 | `code-confirmed` | packaged JS 直接证明标准 snapshot 字段、状态判定与 collector metadata 已存在。 |
| 队列采集请求 | 业务监测规则调用 `repairOrder/list` | `code-confirmed` | 队列采集逻辑直接存在于规则资产中。 |
| 音频提醒调用 | 业务监测规则和自动处理规则都调用 `mac.audioPlay(...)` | `code-confirmed` | 只能确认规则层存在音频提醒调用,不代表运行时已验证成功。 |
| 短信发送调用 | 自动处理规则调用 `mac.sendMessages(request)` | `code-confirmed` | 只能确认规则层存在短信发送调用。 |
| 电话 / 外呼触发 | 自动处理规则调用 `mac.callOutLogin(params)` | `code-confirmed` | 只能确认规则层存在外呼触发分支。 |
| 自动派单请求调用 | 自动处理规则请求 `repairOrder/initProcess` | `code-confirmed` | 自动派单请求分支可直接定位。 |
| `setDisposeLog` 成功写入 | 自动处理规则成功分支写 `state="成功"` | `code-confirmed` | 成功路径处置日志写入定义明确存在。 |
| `setDisposeLog` 失败写入 | 自动处理规则失败分支写 `state="失败"` | `code-confirmed` | 失败路径处置日志写入定义明确存在。 |
| `setDisposeLog` 异常写入 | 自动处理规则异常分支写 `state="异常"` | `code-confirmed` | 异常路径处置日志写入定义明确存在。 |
| `setDisposeLog` 未匹配写入 | 自动处理规则未匹配分支写 `state="未匹配"` | `code-confirmed` | 未匹配路径处置日志写入定义明确存在。 |
| `new_pending_ids` 严格产出 | 只在 skill/reference/data-quality 中被要求 | `implementation intent exists but not rigorous / buggy` | 有明确目标语义,但当前读到的规则资产未直接产出同名字段。 |
| 把下游动作结果等同于采集成功 | skill/reference 明确禁止 | `contract-defined` | 契约要求把快照成功与副作用成功分离。 |
## 9. 当前代码疑点 / 不严谨点
1. 最明显的已知 bug 是业务监测规则中的待处理分类条件写成 `item.status == "00" && item.status == "01"`。这会导致 `pending` 分桶逻辑不可能按作者意图工作,证据等级:`implementation intent exists but not rigorous / buggy`
2. packaged collector 与规则资产的输出命名仍不一致collector 使用 `scene``pending_ids``new_pending_ids`,规则对象使用 `type``pendingList`,证据等级:`code-confirmed`
3. `SKILL.md``new_pending_ids` 作为输出重点,但当前直接证据更强的是“做日志比较并决定提醒/自动派单”,而不是“显式产出同名字段”,证据等级:`implementation intent exists but not rigorous / buggy`
4. `scene.draft.json` 仍在犹豫 `trigger-alert` 是否拆成 audio-alert、message-alert、callout 三类动作,说明标准动作建模尚未完全收敛,证据等级:`no direct evidence / candidate only`
5. 虽然规则层存在音频、短信、外呼、自动派单与日志写入定义,但本文不能据此声称这些动作已完成运行时验证,任何这种拔高都不严谨。
## 10. 对 command-center 标准配置的修订建议
1. 对本场景应显式拆分两层实现证据:
- `packaged_collector`: `collect_repair_orders.js` 的 runtime snapshot collector、状态判定、历史比较与 metadata规则来源、配置基础页角色、已知问题证据等级`code-confirmed`
- `rule_asset_workflow`: 业务监测与自动处理规则资产中的真实流程分支,证据等级:`code-confirmed`
2. 在标准配置中把业务监测与自动处理拆成两个子流程:
- `monitoring_flow` 对应 `95598抢修-市指_业务检测配置.txt`
- `auto_processing_flow` 对应 `95598抢修-市指_自动处理配置.txt`
这样可以避免把两份规则混成单一 collector。
3. 输出 schema 建议区分:
- `canonical_snapshot_fields`: `pending_ids` / `new_pending_ids` 等标准字段;
- `observed_rule_fields`: `pendingList` / `type` 等规则层字段。
当前两套命名并存,证据等级:`code-confirmed`
4. 对状态分类增加 `known_bug_note`,明确记录 `status == "00" && status == "01"` 的待处理分类 bug防止后续文档误把 pending 计数写成稳定事实,证据等级:`implementation intent exists but not rigorous / buggy`
5. 对下游动作增加 `effect_channels` 明细,至少拆出 `audio-reminder``sms-send``callout-trigger``auto-dispatch-request``dispose-log-write`,因为这些都已在规则资产中直接出现,证据等级:`code-confirmed`
## 11. 最终严谨结论
关于 `95598-repair-city-dispatch`,当前最可靠的结论是:仓库已经同时存在一个可测试的 packaged JS runtime collector以及两份更强的 desk 规则脚本实现(`D:\desk\智能体资料\大四区报告监测项\95598抢修-市指_业务检测配置.txt``D:\desk\智能体资料\大四区报告监测项\95598抢修-市指_自动处理配置.txt`),其中 packaged collector 已直接实现 repair-order 分类、monitor/dispose log 比较、`new_pending_ids` 推导与 `success/partial/empty/blocked` 状态判定;业务监测规则直接证实了队列采集、日志比较、音频提醒与监测日志写入,自动处理规则直接证实了去重、班组匹配、自动派单请求、短信发送、外呼触发以及 `setDisposeLog` 在成功 / 失败 / 异常 / 未匹配路径上的写入定义,证据等级:`code-confirmed`
但同样必须严格说明:这些 `code-confirmed` 只证明“代码或规则层存在这些实现分支”不证明运行时已验证成功。此外desk 业务监测规则里还存在 `status == "00" && status == "01"` 的待处理分类 bug因此 rule workflow 本身也不能被描述为严谨无误。对 command-center 而言本场景最应该被建模为“packaged collector 已具备输入驱动快照归一化能力、desk rule-asset workflow 证据更强、且监测流与自动处理流必须分开表达”的 monitor scene。

155
docs/superpowers/specs/2026-04-08-95598-weekly-monitor-report-operation-analysis.md Normal file
View File

@@ -0,0 +1,155 @@
# 95598-weekly-monitor-report 操作分析
## 1. 场景概述
`95598-weekly-monitor-report` 对应“95598、12398及配网设备监控情况周统计”场景目标是汇总 95598、12398 与配网设备多来源周统计并生成统一周报。根据 `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\95598-weekly-monitor-report\scene.json``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-weekly-monitor-report\SKILL.md``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-weekly-monitor-report\scripts\collect_weekly_metrics.js`,当前最硬直接证据是:脚本定义了六个 section template、空 artifact、`period``status: "ok"``partial_reasons: []`,证据等级:`code-confirmed`
同时必须明确:当前 packaged script 对 artifact schema / section template 的定义,远强于对实时浏览器采集、多源周统计归并、双周期对齐或导出行为的证明。也就是说,本场景现在更接近“周报结构模板脚本”,而非“已被代码严格证明可跑通的 live browser collector”证据等级`code-confirmed`
## 2. 证据来源
本分析统一只使用四个证据等级标签:`code-confirmed``contract-defined``implementation intent exists but not rigorous / buggy``no direct evidence / candidate only`。其中,脚本直接定义的 artifact schema / section template 归入 `code-confirmed`;未见脚本直接实现的双周期语义、采集逻辑与下游动作,不拔高于其对应较弱标签。
1. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-weekly-monitor-report\scripts\collect_weekly_metrics.js`
- 直接定义六个 section template并返回空 artifact证据等级`code-confirmed`
2. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-weekly-monitor-report\SKILL.md`
- 描述应读取 current-period 与 cumulative-period、校验会话、收集多来源 source groups、归一 section 数据并在输出中返回两个周期、included source groups、period alignment issues 等;这更像运行契约与实现方向,证据等级以 `contract-defined``implementation intent exists but not rigorous / buggy` 为主。
3. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\95598-weekly-monitor-report\scene.json`
- 定义场景输入 `period`、依赖 `browser` / `multi-source` / `period-alignment` / `local-report-service`,动作包括 `query` / `collect-report` / `aggregate-sections` / `align-periods`,证据等级:`code-confirmed`
4. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-weekly-monitor-report\references\collection-flow.md`
- 明确入口页面提供两个日期范围current-period 与 cumulative-period并说明要先读两个范围再收集 source groups、再按 section 归一,证据等级:`contract-defined`
5. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\95598-weekly-monitor-report\references\data-quality.md`
- 规定完整结果、partial 规则、常见弱点和 empty/failure 区分,证据等级:`contract-defined`
6. `D:\data\ideaSpace\rust\sgClaw\claw-new\docs\superpowers\specs\2026-04-08-command-center-virtual-employee-inventory.json`
- 已将该场景整理为 `workflow``status_model``hidden_dependencies``open_questions` 等 command-center 视图;但其中部分是再抽象结果,不应反向拔高为实现证据,证据等级:`no direct evidence / candidate only`(仅限 inventory 不能单独证明 packaged script 已实现的部分)。
## 3. 实际入口与运行边界
实际入口已在 `scene.json` 固定:浏览器场景 `index.html`,技能工具名为 `95598-weekly-monitor-report.collect_weekly_metrics`,输出 artifact 为 `report-artifact`,这些都是 `code-confirmed`
运行边界方面出现了本场景最明显的不严谨点:
- scene 与脚本都只保留一个 `period` 字段,证据等级:`code-confirmed`
- `SKILL.md``collection-flow.md` 与 inventory 整理结果都明确说明页面实际有 `current-period``cumulative-period` 两套输入,证据等级:`contract-defined`
- scene 还把 `period-alignment` 声明为依赖,并把 `align-periods` 声明为动作,但脚本没有任何相应执行逻辑,证据等级:`code-confirmed` 对元数据存在成立,而“已实现 period alignment”只能标为 `implementation intent exists but not rigorous / buggy`
因此,当前最严谨的边界判断是:上层元数据与参考文档都把本场景描述成“双周期、多来源、需周期对齐的 section 周报”,但 packaged script 实际只提供了一个空 artifact 模板壳,尚未证明 live collection 行为。
## 4. 代码已证实的实际操作流程
当前脚本中可直接证实的流程只有:
1. 调用 `collectWeeklyMetrics(input)`
2. 读取 `input.period || ""` 写入返回对象的 `period`
3. 构造空主表:`columns: []``rows: []`
4. 基于 `SECTION_TEMPLATES` 复制出 6 个 section且每个 section 初始 `rows: []`
5. 返回 `type: "report-artifact"``report_name``status: "ok"``partial_reasons: []`
这些都属于 `code-confirmed`
至于“读取 current-period / cumulative-period 两个日期范围”“验证多系统会话”“按 source group 采集 95598 / 12398 / 配网设备指标”“执行 period alignment”“导出周报或写报告日志”等行为只在 `SKILL.md` 与 reference 中被描述,没有在 packaged script 中以可执行逻辑出现,因此不能算“代码已证实的实际操作流程”。
## 5. 标准化抽象流程
若做 command-center 的标准化抽象,可将本场景整理为:
1. 接收周报任务请求。
2. 解析 current-period 与 cumulative-period。
3. 验证多系统访问与会话上下文。
4. 按 source groups 收集周统计数据。
5. 将结果归并到六个 section。
6. 对 current-period 与 cumulative-period 做一致性校验或对齐。
7. 生成 `report-artifact`
8. 视情况执行导出/日志等下游动作。
其中第 5 步“六个 section schema 已存在”以及第 7 步“返回 artifact 壳”是 `code-confirmed`。第 2、3、4、6、8 步主要来自 skill/reference/scene 的目标流程描述,证据等级为 `contract-defined`;若要说这些步骤已被 packaged script 落地,则只能降为 `implementation intent exists but not rigorous / buggy`
## 6. 输入、上下文与依赖
### 输入
- `period` 是 scene 与脚本共享的显式输入,证据等级:`code-confirmed`
- `currentPeriod` / `cumulativePeriod`(或 current-period / cumulative-period`SKILL.md`、reference 与 inventory 隐含/显式要求的真实业务输入,证据等级:`contract-defined`
- 这意味着当前输入建模存在明显冲突:统一配置只暴露 `period`,但场景语义其实依赖双周期,证据等级:`implementation intent exists but not rigorous / buggy`
### 运行上下文
- `session`、多源系统账号/缓存 token、浏览器可见页面、周期对齐上下文等在 scene/reference 中被描述scene 元数据层面的声明是 `code-confirmed`,具体业务语义是 `contract-defined`
- “period-alignment-context” 被 inventory 当作 runtime_context 整理出来,可视为对 scene/reference 的再抽象;作为建议结构可以保留,但不宜拔高成脚本已实现能力。
### 依赖
- `browser``multi-source``period-alignment``local-report-service``scene.json` 中可直接定位,证据等级:`code-confirmed`
- `/a_js/YPTAPI.js``http://localhost:13313/ReportServices/*` 等具体依赖来自 reference证据等级`contract-defined`
## 7. 输出结构
当前脚本直接证实的输出结构包括:
- `type: "report-artifact"`
- `report_name: "95598-weekly-monitor-report"`
- `period`
- `columns: []`
- `rows: []`
- 6 个固定 section template
- `status: "ok"`
- `partial_reasons: []`
以上全部属于 `code-confirmed`
六个已被脚本直接定义的 section 分别为:
1. `fault-repair`
2. `frequent-outage`
3. `full-aperture-work-orders`
4. `key-opinion-control`
5. `device-monitoring`
6. `proactive-dispatch`
这些 section 中,前三个使用 `current_period``cumulative``year_over_year` 三类值列,后三个只使用 `value`,证据等级:`code-confirmed`。但这里也出现了建模歧义:
- 输出 artifact 顶层只保留一个 `period`
- section 内部却已经暗示了 `current_period``cumulative` 的双周期视角。
- skill/reference 又在文字上强调 current-period 与 cumulative-period 两个输入。
因此,“双周期输入如何映射到 artifact 顶层 period 与 section 列结构”当前并不严谨,证据等级:`implementation intent exists but not rigorous / buggy`
## 8. 下游动作证据表
| 下游动作 | 当前证据 | 证据等级 | 严谨结论 |
| --- | --- | --- | --- |
| 返回 section 化 `report-artifact` | `collect_weekly_metrics.js` 直接返回对象 | `code-confirmed` | 已有周报 artifact 模板壳,但仍为空数据。 |
| 六类 section 模板存在 | 脚本直接定义 `SECTION_TEMPLATES` | `code-confirmed` | 只能确认输出分区 schema 存在,不能确认真实数据采集。 |
| 双周期读取 | 只在 `SKILL.md` / `collection-flow.md` 中描述 | `contract-defined` | 契约明确需要 current-period 与 cumulative-period但脚本未实现。 |
| 多来源周统计采集 | 只在 skill/reference 中描述 | `contract-defined` | 有清晰目标流程,当前 packaged script 未直接证明。 |
| period alignment | scene 动作/依赖 + skill/reference 说明 | `implementation intent exists but not rigorous / buggy` | 元数据和文档都表达了需要对齐,但脚本没有对齐逻辑,建模仍含糊。 |
| 导出周报 | reference 提及 localhost report services | `contract-defined` | 只能确认存在下游服务约束,不能确认当前 skill 已执行导出。 |
| 报告日志写入 | skill/reference 提及 report-log | `contract-defined` | 只有体系级概念证据,当前脚本无直接调用。 |
| partial / blocked / empty 状态细分 | reference 有定义,脚本固定 `status: "ok"` | `implementation intent exists but not rigorous / buggy` | 状态模型意图明确,但 packaged script 尚未承载。 |
## 9. 当前代码疑点 / 不严谨点
1. `period``currentPeriod/cumulativePeriod` 的建模冲突最突出。scene 与 script 顶层只保留 `period`,但 skill/reference 明确要求双周期输入,前三个 section 的列结构也隐含双周期,这说明现有标准输入设计不严谨,证据等级:`implementation intent exists but not rigorous / buggy`
2. `period-alignment` 既被声明为依赖,也被列为动作 `align-periods`,但脚本没有任何对齐实现;因此“周期对齐能力已实现”不能成立,证据等级:`implementation intent exists but not rigorous / buggy`
3. 前三个 section 使用 `cumulative` 列名,而 skill/output 描述用的是 `cumulative period`;列名、输入名、顶层字段名之间没有形成统一建模,证据等级:`implementation intent exists but not rigorous / buggy`
4. `status` 固定为 `"ok"`,与 reference 对 partial / empty / blocked 的细分要求不一致,证据等级:`code-confirmed` 对现状成立。
5. 尽管 scene/skill 明确是多来源周统计,但脚本完全没有 source group 采集或映射逻辑,因此“周统计 collector 已落地”不能提升为当前代码事实,证据等级:`no direct evidence / candidate only`(对 live collection 执行层而言)。
## 10. 对 command-center 标准配置的修订建议
1. 本场景应把标准输入从单一 `period` 修订为显式双周期结构,例如 `currentPeriod``cumulativePeriod`。若仍需要统一路由入口,可额外保留上层 `period` 摘要,但不能替代执行层双周期字段,证据等级:`implementation intent exists but not rigorous / buggy`
2.`period-alignment` 建议在标准配置中拆成两部分:
- `period_model`: 双周期输入结构;
- `alignment_rule`: 这两组周期如何校验一致性。
当前 scene 只表达了需要对齐,但未给出严格模型,因此这是必要修订。
3. 在 artifact 配置中区分:
- `implemented_section_templates`: 当前六个 section 已被脚本直接实现,证据等级:`code-confirmed`
- `implemented_collection_logic`: 当前未被 packaged script 直接证明,需显式标低。
4. 对前三个 section 的列名建议统一成更一致的配置命名,如 `current_period` / `cumulative_period` / `year_over_year`避免脚本列名、skill 文本、标准配置三套口径混用。
5. 状态模型建议拆成“契约层”和“实现层”,防止 command-center 把 `partial` / `blocked` 误当成当前 collector 已具备的稳定判定能力。
## 11. 最终严谨结论
关于 `95598-weekly-monitor-report`,当前最可靠的结论是:仓库已经存在一个六分区周报 artifact 模板实现,明确给出了 section 名称、列 schema、顶层 `period` 字段以及基础状态字段,证据等级:`code-confirmed`
但当前证据并不足以把它描述成“已严格实现双周期、多来源、含 period alignment 的真实浏览器周统计 collector”。相关双周期读取、source group 采集、period alignment、导出与日志行为主要存在于 `SKILL.md``collection-flow.md``data-quality.md` 与 scene 元数据的目标描述中。尤其是 `period` vs `currentPeriod/cumulativePeriod` 以及 `period-alignment` 的建模仍明显含糊说明本场景现在最适合被归类为“section schema 已定义,但 live browser collection 行为尚未被脚本严格证实”的 staged report scene。

203
docs/superpowers/specs/2026-04-08-command-center-evidence-grading.md Normal file
View File

@@ -0,0 +1,203 @@
# 指挥中心规格文档证据分级规则
## 目的
这份文档用于统一指挥中心相关规格文档中的证据表达方式,明确区分:
- 已被代码或规则资产直接证实的事实
- 已被外部接口或文档契约明确约束的事实
- 代码中表达了实现方向,但实现质量、完整性或正确性仍不充分的内容
- 当前没有直接证据、只能作为候选判断的内容
目标不是让规格文档写得更保守,而是让“观察到的事实”“归纳后的结构”“目标态设计”之间的边界始终可追溯、可复核、可讨论。
## 为什么必须分级
如果不做证据分级,指挥中心文档很容易把三类内容混写在一起:
1. 代码里已经存在并可直接定位的行为
2. 为了便于抽象而做出的归一化整理
3. 未来希望达成、但当前未被运行时或资产严格证明的目标结构
混写的直接问题是:
- 读者会把“推断出的整理结果”误认为“当前已实现事实”
- 后续实现或重构时,无法判断某一条到底是在复述现状,还是在提出目标
- 多份规格文档之间会出现证据强弱不一致、措辞口径不一致的问题
因此,所有指挥中心规格文档都必须对关键判断显式标注证据等级。
## 证据标签
以下 4 个标签为唯一允许使用的标准标签,必须按原文书写,不得改写,不得替换为同义词。
### 1. `code-confirmed`
定义:该结论可由当前仓库中的代码、规则资产、静态配置或可直接定位的实现内容直接支持。
适用场景:
- 某个字段、流程步骤、状态分类、规则动作在代码或规则资产中可直接定位
- 某个输出结构、配置项、动作通道已被实现内容明确写出
- 某条成功路径虽然未证明线上真实跑通,但“存在该逻辑分支”这一事实已被代码直接证实
使用边界:
- `code-confirmed` 只证明“代码/资产中存在该实现或定义”
- 不自动等于“生产可用”“运行时已验证成功”“端到端已闭环”
### 2. `contract-defined`
定义:该结论不是直接来自仓库实现,而是由当前被认可的接口契约、协议文档、外部约束文档明确规定。
适用场景:
- 浏览器侧/服务侧接口字段、消息格式、状态码语义由契约文档定义
- 某一能力边界来自明确的外部 API 文档或经项目认可的集成约束
使用边界:
- `contract-defined` 证明“契约如此定义”
- 不自动等于“本仓库已实现”
- 如果代码实现与契约不一致,应分别描述,不得互相覆盖
### 3. `implementation intent exists but not rigorous / buggy`
定义:代码中已经出现实现意图、雏形或局部链路,但当前证据不足以把它写成稳定事实;或者已知实现不严谨、存在缺口、疑似有 bug、成功语义未被严格证明。
适用场景:
- 能看到相关函数、分支、调用点、配置项或动作名,但缺少足够证据证明其稳定成立
- 逻辑存在,但状态语义混乱、异常处理不足、前后约束不完整
- 只能证明“作者想做这件事”,不能证明“这件事已经被可靠实现”
使用边界:
- 该标签用于承认“实现方向存在”
- 同时明确指出“不能把它提升为已确认事实”
- 这是指挥中心文档中承接“代码里有影子,但证据不够硬”的唯一合法标签
### 4. `no direct evidence / candidate only`
定义:当前没有找到代码、规则资产、契约文档或其他直接证据;该内容只能作为候选结构、候选能力、候选拆分或待确认项。
适用场景:
- 为了统一配置结构而提出的候选字段
- 为了后续架构演进而提出的候选能力名称
- 仅由推测、命名习惯、经验归纳得到的判断
使用边界:
- 该标签明确表示“目前只是候选,不是事实”
- 不能把它写成“已有但待接入”“已支持但未启用”之类更强说法,除非另有直接证据
## 推荐表述模板
### `code-confirmed`
可用表述:
- “根据当前代码/规则资产,可直接确认……,证据等级:`code-confirmed`。”
- “文档中的……来自现有实现直接证据,证据等级:`code-confirmed`。”
- “这里只能确认代码层存在该成功路径/动作定义,证据等级:`code-confirmed`;不代表运行时已验证。”
### `contract-defined`
可用表述:
- “根据当前接口契约,……被定义为……,证据等级:`contract-defined`。”
- “该字段/消息结构来自认可的集成契约,证据等级:`contract-defined`。”
- “这里描述的是契约约束,不等于仓库内实现已完成,证据等级:`contract-defined`。”
### `implementation intent exists but not rigorous / buggy`
可用表述:
- “当前实现中可以看到……的意图,但证据尚不足以将其写成稳定事实,证据等级:`implementation intent exists but not rigorous / buggy`。”
- “代码存在相关链路,但实现不够严谨/疑似有缺口,因此仅标为 `implementation intent exists but not rigorous / buggy`。”
- “目前最多只能确认作者试图支持……,不能确认其已被可靠实现,证据等级:`implementation intent exists but not rigorous / buggy`。”
### `no direct evidence / candidate only`
可用表述:
- “……目前没有直接证据,只能作为候选项,证据等级:`no direct evidence / candidate only`。”
- “该拆分/命名属于归一化建议,不代表现状事实,证据等级:`no direct evidence / candidate only`。”
- “除非后续补到代码或契约证据,否则这里只能保持为 `no direct evidence / candidate only`。”
## 禁止表述模式
以下表述在指挥中心规格文档中禁止使用,除非同时给出更低证据等级并明确限定范围。
### 1. 禁止把代码存在误写为运行时已验证
禁止示例:
- “系统已经稳定支持……”
- “该链路已完成闭环……”
- “运行时已证明可以成功……”
问题:这些表述把“代码里有逻辑”错误提升成“真实运行已被验证”。
### 2. 禁止把推断结构误写为既有事实
禁止示例:
- “当前配置结构就是……”
- “系统已有统一能力模型……”
- “所有任务已经按该 schema 实现……”
问题:如果只是为了整理而归纳出的标准结构,应标为候选或目标态,不能写成现状。
### 3. 禁止使用模糊强化词替代证据标签
禁止示例:
- “基本可以认为……”
- “大概率就是……”
- “看起来已经支持……”
- “应该算是实现了……”
问题:模糊判断会绕开证据分级,导致读者无法判断结论强度。
### 4. 禁止自造同义标签或混用近义词
禁止示例:
- “代码已确认”
- “契约已定义”
- “半实现”
- “待验证”
- “候选”
问题:这些中文近义词会破坏跨文档一致性。必须使用本文规定的 4 个精确标签原文。
## 示例:`95598-repair-city-dispatch`
示例结论:
-`95598-repair-city-dispatch` 而言,音频提醒、短信/消息提醒、外呼、处置日志等成功路径行为,如果能够在规则资产或实现内容中直接定位,应写为 `code-confirmed`
- 但这只能说明“代码或规则里存在这些成功路径定义”。
- 不能据此直接写成“运行时已经稳定成功触发音频/短信/外呼/处置日志”。
- 如果当前没有端到端运行验证证据,那么“运行时成功”只能写为 `implementation intent exists but not rigorous / buggy`,或者在证据更弱时写为 `no direct evidence / candidate only`;不能提升为 `code-confirmed`
推荐写法:
“在 `95598-repair-city-dispatch` 中,音频提醒、短信/消息提醒、外呼、处置日志相关成功路径可在规则资产中直接定位,因此这些‘规则层已定义的成功路径行为’可标注为 `code-confirmed`。但目前没有同等强度证据证明这些动作在真实运行时已稳定成功,因此‘运行时成功已验证’这一结论不能标为 `code-confirmed`;在缺少严格运行证据时,应标为 `implementation intent exists but not rigorous / buggy`。”
## 执行规则
- 所有指挥中心相关规格文档,必须使用本文定义的 4 个精确标签。
- 不允许使用任何同义词、中文替代词、缩写或自定义等级名。
- 一条关键结论如果没有证据等级,就视为表达不合格。
- 当同一主题同时涉及“代码事实”和“目标结构”时,必须拆句分别标注,不能合并成一个模糊结论。
## 最短落地准则
写每一条关键判断前,先问两个问题:
1. 我是在复述当前已被直接证据支持的事实,还是在做归一化整理/目标设计?
2. 我手上的证据,到底支撑的是代码存在、契约约束、实现意图,还是根本没有直接证据?
只有先回答这两个问题,指挥中心规格文档才能保持严格、可复核和可持续重写。

639
docs/superpowers/specs/2026-04-08-command-center-standard-config-structure.md Normal file
View File

@@ -0,0 +1,639 @@
# 指挥中心虚拟员工标准配置清单建议结构
> 免责声明:本文件描述的是“未来可采用的规范化目标配置结构”,不是当前 staged runtime 已稳定实现的结构,也不是对现状的直接复述。文中所有“目标 schema 字段”都必须与当前证据分级文档一起阅读;凡缺乏静态资产直接支撑的字段,只能视为 normalization choice 或 open / candidate 字段,不能表述为当前已稳定存在。
## 目标
这份结构文档的用途,是把当前 evidence-graded 现状文档中的信息,逐步映射为后续可维护、可扩展、可复用的目标配置清单。
因此必须同时保持两条边界:
1. 当前已观察到的事实,来自 evidence-graded current-state docs。
2. 这里提出的统一 schema则是为后续 command-center 配置治理而做的 normalization proposal。
它们不能混写,更不能把 normalization proposal 误写成当前实现事实。
---
## 一、当前证据文档与目标配置的关系
当前已经存在三类文档角色:
1. `2026-04-08-command-center-virtual-employee-inventory-table.md`
- 作用:给人读的 current-state 总览
- 性质:当前观察结果,不是配置 schema
2. `2026-04-08-command-center-virtual-employee-inventory.json`
- 作用:给机器读的 current-state inventory
- 性质:机器可消费的盘点结果,不是目标配置
3. 各 scene 的 `*-operation-analysis.md`
- 作用:记录每个场景的证据来源、强弱、已知问题和边界
- 性质:最关键的证据支撑层
本文件提出的目标配置结构,是在这些 current-state 文档之上的“规范化目标层”。
### 映射原则
- operation-analysis 文档中的 `code-confirmed` 结论,可优先映射为目标 schema 中的“evidence-derived fields”。
- `contract-defined` 结论可映射为“declared / contract-backed fields”但不能默认等于当前 runtime 已实现。
- `implementation intent exists but not rigorous / buggy` 的内容,应进入目标 schema 的 `known_issues``implementation_gap``notes``open_questions`,而不是被包装成稳定主字段。
- `no direct evidence / candidate only` 的内容,只能作为 normalization choice、candidate field 或未来扩展项保留。
简言之evidence-graded current-state docs 告诉我们“现在能严谨说什么”,本文件只负责说明“未来若要统一配置,可怎样承接这些信息”。
---
## 二、推荐文件组织
```text
command-center/
employee.json
capabilities.json
tasks/
fault-details-report.json
jinchang-business-environment-weekly-report.json
95598-weekly-monitor-report.json
95598-repair-city-dispatch.json
jiayuguan-meter-outage.json
```
### 文件职责
- `employee.json`
- 描述这个虚拟员工是谁、职责范围是什么、默认采用什么证据口径
- `capabilities.json`
- 维护归一化能力词表
- 明确哪些能力来自现有证据,哪些只是规范化命名
- `tasks/*.json`
- 每个场景一份目标配置
- 承接当前证据与未来标准字段的映射关系
### 为什么仍然推荐三层拆分
这类拆分仍然成立,但要加一条限定:
- 这是一种 target architecture proposal
- 不是当前仓库已存在的稳定目录结构
- 尤其 `capabilities.json` 代表“统一能力词表”的目标态,而不是当前 staged assets 已实现的统一能力注册表
因此,三层拆分本身属于 normalization choice证据等级不应高于 `no direct evidence / candidate only`,除非未来真的落地成文件结构。
---
## 三、`employee.json` 目标结构
### 3.1 推荐示例
```json
{
"id": "command-center-virtual-employee",
"name": "指挥中心虚拟员工",
"domain": "电力业务指挥中心",
"positioning": "负责业务监测、统计报表、异常识别与后续提醒/处置支撑的虚拟运营员工",
"mission": [
"采集业务数据并生成结构化报表",
"监测工单/事件并识别待处理对象",
"比较历史记录识别新增待办",
"为提醒、外呼、自动派单、自动处理等下游动作提供输入"
],
"task_ids": [
"fault-details-report",
"jinchang-business-environment-weekly-report",
"95598-weekly-monitor-report",
"95598-repair-city-dispatch",
"jiayuguan-meter-outage"
],
"default_evidence_model": [
"code-confirmed",
"contract-defined",
"implementation intent exists but not rigorous / buggy",
"no direct evidence / candidate only"
],
"default_status_model": [
"success",
"partial",
"empty",
"blocked"
]
}
```
### 3.2 字段分层说明
#### A. 可直接由当前证据承接的字段
- `name`
- `domain`
- `task_ids`(前提是仅映射当前已盘点的 5 个 scene
- `default_evidence_model`
这些字段之所以较容易承接,是因为 current-state inventory 已经稳定整理出对应对象和场景清单。
但仍要注意:这只是“可从当前文档整理得到”,不是说仓库里已经存在一个运行中的 `employee.json`
#### B. normalization choices
- `id`
- `positioning`
- `mission`
- `default_status_model`
这些字段主要是为了让目标配置更易治理、更可复用,属于规范化整理,不应表述为 staged runtime 现状。
#### C. open / candidate 字段
建议预留但暂不稳定化:
- `default_runtime_requirements`
- `default_result_types`
- `default_downstream_policy`
- `org_scope`
- `region_scope`
原因是:当前不同 scene 在“上下文依赖、输出类型、地区语义、下游策略”上并不一致,过早把这些做成员工级稳定字段会拔高现状。
---
## 四、`capabilities.json` 目标结构
### 4.1 推荐示例
```json
{
"catalog_version": 1,
"evidence_method": "evidence-graded",
"core": [
{
"id": "browser-collection",
"name": "浏览器采集",
"kind": "normalized-capability",
"evidence_basis": "derived-from-multiple-scenes"
},
{
"id": "report-generation",
"name": "报表生成",
"kind": "normalized-capability",
"evidence_basis": "derived-from-report-scenes"
},
{
"id": "monitor-snapshot",
"name": "监测快照",
"kind": "normalized-capability",
"evidence_basis": "derived-from-monitor-scenes"
}
],
"channels": [
{
"id": "audio-remind",
"name": "音频提醒",
"kind": "normalized-channel",
"observed_in": [
"95598-repair-city-dispatch",
"jiayuguan-meter-outage"
]
},
{
"id": "message-remind",
"name": "消息提醒",
"kind": "normalized-channel",
"observed_in": [
"95598-repair-city-dispatch"
],
"notes": "在 jiayuguan-meter-outage 中只看到保留意图,不应等同视为稳定现状。"
}
],
"actions": [
{
"id": "auto-dispatch",
"name": "自动派单",
"kind": "normalized-action"
}
]
}
```
### 4.2 字段分层说明
#### A. 可由当前证据承接的字段
- `observed_in`
- `notes`
- `evidence_basis`
如果后续真的落地 `capabilities.json`,最应该优先保留的不是“能力名本身”,而是能力和 scene 之间的 evidence mapping。因为当前场景的能力证据强弱明显不同
- 3 个报表 scene 多为 schema/template stub
- 2 个监测 scene 更强 workflow 主要来自规则资产
- `message-remind``callout``auto-dispatch` 等通道在不同 scene 中强度不一致
#### B. normalization choices
- `core`
- `channels`
- `actions`
- `id`
- `name`
- `kind`
这些统一词表字段本身就是规范化选择。当前没有直接证据表明仓库中已经存在统一 capability registry。
#### C. open / candidate 字段
建议保持候选态:
- `required_contexts`
- `result_semantics`
- `stability_level`
- `implemented_by`
- `runtime_owner`
这些字段看起来很有用,但 staged assets 还不足以稳定支撑它们。
### 4.3 对能力词表的关键限制
- 不要把 `report-export``audio-remind``callout` 之类词条本身写成“已全局统一支持”。
- 不要因为某个规则资产里出现了调用,就把它提升为所有 scene 的稳定 capability。
- `email` 目前仍应保持 candidate不应进入“已支持通道”集合。
---
## 五、`tasks/*.json` 目标结构
### 5.1 统一推荐骨架
```json
{
"id": "95598-repair-city-dispatch",
"name": "95598抢修-市指",
"category": "monitor",
"current_state": {
"primary_evidence_summary": "rule assets stronger than packaged JS stub",
"source_refs": [],
"known_issues": []
},
"binding": {
"scene_id": "95598-repair-city-dispatch",
"skill_package": "95598-repair-city-dispatch",
"tool": "collect_repair_orders"
},
"trigger": {
"observed": {},
"normalized": {},
"open_questions": []
},
"inputs": {
"observed": {},
"normalized": {},
"open_questions": []
},
"systems": {
"observed": {},
"normalized": {},
"open_questions": []
},
"workflow": {
"observed": [],
"normalized": [],
"open_questions": []
},
"result": {
"observed": {},
"normalized": {},
"open_questions": []
},
"downstream_effects": {
"observed": [],
"normalized": [],
"open_questions": []
},
"required_capabilities": {
"normalized": [],
"open_questions": []
},
"status_model": {
"declared": {},
"implemented_notes": []
},
"evidence_grades": {},
"open_questions": []
}
```
这个骨架的核心目标不是“把所有字段都填满”,而是强制区分:
- `observed`
- `normalized`
- `open_questions`
这样可避免把 future-facing target config 误写成 current-state。
---
## 六、报表类任务在目标 schema 中应如何表达
适用对象:
- `fault-details-report`
- `jinchang-business-environment-weekly-report`
- `95598-weekly-monitor-report`
### 6.1 当前证据对目标 schema 的约束
这 3 个任务当前最强直接证据主要是:
- 已有 `report-artifact` 结构壳
- 已有 section/template 定义
- 已有 `status` / `partial_reasons` 字段壳
但它们共同缺少同等强度的 live collection 证据。因此若采用该目标 schema建议保留一个明确的 current-state 提示,例如:
```json
"current_state": {
"primary_evidence_summary": "packaged script mainly confirms artifact schema / section template; live collection remains contract-defined or weaker"
}
```
### 6.2 报表类字段分层
#### A. evidence-derived fields
- `binding.scene_id`
- `binding.skill_package`
- `binding.tool`
- `result.observed.artifact_type`
- `result.observed.key_fields`
- `systems.observed.browser_pages`
- `source_refs`
#### B. normalization choices
- `trigger.normalized.natural_language_examples`
- `inputs.normalized.runtime_context`
- `workflow.normalized`
- `required_capabilities.normalized`
- `downstream_effects.normalized`
#### C. open / candidate fields
- `period_model`
- `section_semantics`
- `region_scope`
- `alignment_rule`
- `report_export_policy`
### 6.3 各报表任务的特别约束
#### `fault-details-report`
- 若采用该目标 schema建议对外保留 `period`,但执行层最好允许展开为 `startTime/endTime`
- `summary-sheet` 建议标记为“template confirmed”不要误写成“summary derivation implemented”。
#### `jinchang-business-environment-weekly-report`
- 若采用该目标 schema建议把“4 个固定 section 模板已观察到”与“真实多源采集已实现”分开表达。
- `region` 是否成为稳定字段,目前仍是 open item。
#### `95598-weekly-monitor-report`
- 若采用该目标 schema建议预留 `currentPeriod``cumulativePeriod`,但必须注明这属于对当前建模冲突的修正提案。
- `period alignment` 建议单列为 schema group 或 `alignment_rule`,而不是默认已经在 runtime 中稳定存在。
---
## 七、监测类任务在目标 schema 中应如何表达
适用对象:
- `95598-repair-city-dispatch`
- `jiayuguan-meter-outage`
### 7.1 当前证据对目标 schema 的约束
这两个任务与报表类不同:
- packaged JS collector 已具备输入驱动的 `monitor-snapshot` 归一化 / 比较逻辑,并会附带规则来源、配置基础页角色、已知问题/身份模型说明
- 更强 workflow 证据主要来自规则资产(当前按盘点口径以 `D:/desk/智能体资料/大四区报告监测项/*.txt` 规则脚本为主)
- `assets/scene-snapshot/index.html` 仅属于配置基础层,不应计入 workflow 主执行证据
因此若采用该目标 schema建议显式区分
```json
"current_state": {
"packaged_stub_strength": "code-confirmed",
"rule_asset_workflow_strength": "code-confirmed",
"notes": "workflow evidence is stronger in rule assets than in packaged JS stub"
}
```
### 7.2 监测类字段分层
#### A. evidence-derived fields
- `binding.*`
- `inputs.observed.explicit`
- `systems.observed.upstream_apis`
- `systems.observed.local_services`
- `workflow.observed`
- `result.observed`
- `downstream_effects.observed`
- `current_state.known_issues`
#### B. normalization choices
- `workflow.normalized`
- `required_capabilities.normalized`
- `canonical_snapshot_fields`
- `effect_channels`
#### C. open / candidate fields
- `identity_model`
- `downstream_policy`
- `alert_channel_split`
- `auto_processing_policy`
- `dependency_promotion_rules`
### 7.3 各监测任务的特别约束
#### `95598-repair-city-dispatch`
若采用该目标 schema建议保留以下说明
- workflow 强证据主要来自规则资产(当前盘点以 `D:/desk/智能体资料/大四区报告监测项/95598抢修-市指_业务检测配置.txt``D:/desk/智能体资料/大四区报告监测项/95598抢修-市指_自动处理配置.txt` 为主),而不是 packaged JS stub
- `pending` 分类存在 `status == "00" && status == "01"` bug
- `pending_ids/new_pending_ids` 更像 canonical target fields而不是当前规则层已严格同名产出字段
建议把这个 bug 直接纳入:
```json
"current_state": {
"known_issues": [
"pending classification bug: status == \"00\" && status == \"01\""
]
}
```
#### `jiayuguan-meter-outage`
若采用该目标 schema建议保留以下说明
- workflow 强证据主要来自规则资产(当前盘点以 `D:/desk/智能体资料/大四区报告监测项/户表失电-嘉峪关_业务监测配置.txt``D:/desk/智能体资料/大四区报告监测项/户表失电-嘉峪关_自动处理配置.txt` 为主),而不是 packaged JS stub
- marketing token 是自动处理链路的强依赖
- monitor pending list 用 `consNo`dispose dedupe 用 `eventId`,身份模型不一致
因此在该目标 schema 提案中,建议单列:
```json
"identity_model": {
"monitor_pending_identity": "consNo",
"dispose_dedupe_identity": "eventId",
"status": "implementation intent exists but not rigorous / buggy"
}
```
这类字段不应被伪装成“已经统一好的 snapshot identity model”。
---
## 八、推荐统一字段清单与证据边界
下面给出一个更严格的统一字段视图。
### 1. 元数据层
较适合作为稳定 target schema 的字段:
- `id`
- `name`
- `category`
- `binding.scene_id`
- `binding.skill_package`
- `binding.tool`
其中:
- `binding.*` 更偏 evidence-derived
- `id/name/category` 更偏 normalization choice
### 2. 现状映射层
建议新增并长期保留:
- `current_state.primary_evidence_summary`
- `current_state.source_refs`
- `current_state.known_issues`
- `current_state.notes`
这是本次重写后最重要的新增设计点之一。没有这层target schema 很容易再次把“目标结构”和“现状证据”混在一起。
### 3. 触发层
- `trigger.observed`
- `trigger.normalized`
- `trigger.open_questions`
### 4. 输入层
- `inputs.observed`
- `inputs.normalized`
- `inputs.open_questions`
### 5. 系统层
- `systems.observed`
- `systems.normalized`
- `systems.open_questions`
### 6. 流程层
- `workflow.observed`
- `workflow.normalized`
- `workflow.open_questions`
### 7. 结果层
- `result.observed`
- `result.normalized`
- `result.open_questions`
### 8. 下游动作层
- `downstream_effects.observed`
- `downstream_effects.normalized`
- `downstream_effects.open_questions`
### 9. 能力层
- `required_capabilities.normalized`
- `required_capabilities.open_questions`
### 10. 证据层
- `evidence_grades`
- `source_refs`
### 11. 人工确认层
- `open_questions`
- `known_issues`
---
## 九、为什么这次建议在 target schema 中显式保留“现状层”
旧版结构容易出现的问题是:
- 把 aggregate inventory 直接写成“标准配置已经长这样”
-`required_capabilities``downstream_effects` 这样的归一化字段误读成 runtime 现状
- 把规则资产中的 workflow 直接等价成 packaged script 实现
因此这次建议最关键的修订不是多加几个字段,而是要求 target schema 同时携带:
1. `observed current state`
2. `normalized target structure`
3. `open / candidate items`
只有这样,后续继续扩展新 scene 时,文档才不会再次把三类内容混在一起。
---
## 十、建议的落地顺序
1. 先把 current-state inventory 保持为证据分级后的事实盘点。
2. 再基于 inventory 生成目标态 `employee.json` / `capabilities.json` / `tasks/*.json` 草案。
3. 落地草案时,强制为每个 major group 补齐:
- `observed`
- `normalized`
- `open_questions`
4. 先优先收敛已知关键不严谨点:
- `fault-details-report``period` vs `startTime/endTime`
- `95598-weekly-monitor-report` 的双周期 / period alignment
- `95598-repair-city-dispatch` 的 pending classification bug
- `jiayuguan-meter-outage``consNo` vs `eventId` 身份不一致
5. 最后再考虑是否把能力词表与 target config 接入真实消费链路。
注意:在这些问题未收敛前,不应把目标配置字段写成“已经稳定”。
---
## 十一、推荐结论
如果目标是形成“指挥中心虚拟员工的标准配置清单”,那么未来仍然可以采用:
- `employee.json`
- `capabilities.json`
- `tasks/*.json`
这样的三层结构。
但和旧版不同的是,这套结构必须显式承认:
- 它是 target architecture proposal不是现状复述
- 每个 major schema group 都要区分 evidence-derived fields、normalization choices、open / candidate fields
- evidence-graded current-state docs 才是现状依据
- 报表类 3 个 scene 当前主要是 schema/template stub
- `95598-repair-city-dispatch``jiayuguan-meter-outage` 的 workflow 强证据主要在规则资产
- `95598-repair-city-dispatch` 存在 pending classification bug
- `jiayuguan-meter-outage` 存在 `consNo` / `eventId` 身份不一致问题
- 任何地方都不应宣称 runtime verification
只有在保持这些边界的前提下,这份“标准配置结构”才是严谨可持续的目标态提案,而不是再次把现状、推断和目标混写在一起。

121
docs/superpowers/specs/2026-04-08-command-center-virtual-employee-inventory-table.md Normal file
View File

@@ -0,0 +1,121 @@
# 指挥中心虚拟员工业务盘点清单(表格版)
> 说明:本文件是“当前状态总览”,不是目标配置 schema。自本次重写起所有判断统一采用 `code-confirmed`、`contract-defined`、`implementation intent exists but not rigorous / buggy`、`no direct evidence / candidate only` 四级证据模型;结论仅基于已暂存/已落库资产的静态检查结果,不代表任何运行时验证。
## 盘点范围
本表覆盖当前已整理的 5 个 staged scene / skill
- `fault-details-report`
- `jinchang-business-environment-weekly-report`
- `95598-weekly-monitor-report`
- `95598-repair-city-dispatch`
- `jiayuguan-meter-outage`
## 虚拟员工定位
以下“虚拟员工定位”是对当前 5 个 scene 的归一化汇总视角,不是当前仓库里已存在统一员工对象的直接事实;证据等级:`no direct evidence / candidate only`。在这个归一化视角下,可把它理解为“面向电力业务指挥中心的任务型虚拟运营员工”,其职责边界可概括为:
- 以报表模板或监测快照形式承载结构化结果
- 对工单/事件队列做规则化监测与历史比较
- 为提醒、日志、外呼、自动派单、自动处理等下游动作提供输入语义
- 为未来统一配置清单提供归一化抽象基础
但必须强调:以上职责并不等于所有场景都已由统一 packaged runtime 严格实现,更不等于已完成运行时验证。
## 证据标签速记
| 标签 | 严格含义 |
| --- | --- |
| `code-confirmed` | 当前仓库代码、规则资产、静态配置中可直接定位到的事实 |
| `contract-defined` | 由场景说明、参考流程、接口/文档契约明确规定的事实 |
| `implementation intent exists but not rigorous / buggy` | 已看到实现方向或局部链路,但不够严谨、存在缺口或已知 bug |
| `no direct evidence / candidate only` | 当前没有直接证据,只能作为候选抽象、候选结构或待确认项 |
## 业务盘点表
| 名称 | 场景 ID | 类别 | 当前任务目标 | 已观察系统 / 证据基础 | 证据分级摘要 | 严格说明 / 未解决问题 | 对应分析文档 |
| --- | --- | --- | --- | --- | --- | --- | --- |
| 故障明细 | `fault-details-report` | 报表 | 以“故障明细主表 + summary-sheet 分区”形式承载故障明细报表结果。 | `scene.json``SKILL.md``scripts/collect_fault_details.js``references/collection-flow.md``references/data-quality.md` | `code-confirmed`:已直接定义 `report-artifact` 外壳、主表列、`summary-sheet` 模板、`status`/`partial_reasons` 字段。`contract-defined`:页面时间读取、故障查询、字段归一、汇总派生、导出/日志语义。`implementation intent exists but not rigorous / buggy``period``startTime/endTime` 建模不严谨,状态细分只停留在契约层。 | 当前更像“报表 schema/template stub”不能写成已严格实现实时浏览器采集器不得表述为已运行验证。 | `D:/data/ideaSpace/rust/sgClaw/claw-new/docs/superpowers/specs/2026-04-08-fault-details-report-operation-analysis.md` |
| 国网金昌供电公司营商环境周例会报告 | `jinchang-business-environment-weekly-report` | 报表 | 以四个固定 section 模板承载营商环境周报。 | `scene.json``SKILL.md``scripts/collect_business_environment_metrics.js``references/collection-flow.md``references/data-quality.md` | `code-confirmed`:四个 section template、空 artifact、`period`、基础状态字段已存在。`contract-defined`多来源指标采集、周范围读取、section 聚合、导出/日志语义。`implementation intent exists but not rigorous / buggy``region` 仅在文案层出现,未进入稳定 schema。 | 这是“分区化周报模板”而不是已证实的 live collector不能写成已稳定采集多个业务系统。 | `D:/data/ideaSpace/rust/sgClaw/claw-new/docs/superpowers/specs/2026-04-08-jinchang-business-environment-weekly-report-operation-analysis.md` |
| 95598、12398及配网设备监控情况周统计 | `95598-weekly-monitor-report` | 报表 | 以六个固定 section 模板承载周统计结果。 | `scene.json``SKILL.md``scripts/collect_weekly_metrics.js``references/collection-flow.md``references/data-quality.md` | `code-confirmed`:六个 section template、空 artifact、顶层 `period`、基础状态字段已存在。`contract-defined`双周期输入、period alignment、多来源周统计采集。`implementation intent exists but not rigorous / buggy``period` vs `currentPeriod/cumulativePeriod` 冲突明显period alignment 只在元数据/文档层被要求。 | 三个报表 scene 都更接近“已打包的 schema/template stub”不应写成已实现 live collector本场景还存在双周期建模未闭合问题。 | `D:/data/ideaSpace/rust/sgClaw/claw-new/docs/superpowers/specs/2026-04-08-95598-weekly-monitor-report-operation-analysis.md` |
| 95598抢修-市指 | `95598-repair-city-dispatch` | 监测 | 监测抢修工单队列,识别待处理/审核/已处理,并为提醒、日志、自动派单等链路提供输入。 | `scene.json``SKILL.md``scripts/collect_repair_orders.js``D:/desk/智能体资料/大四区报告监测项/95598抢修-市指_业务检测配置.txt``D:/desk/智能体资料/大四区报告监测项/95598抢修-市指_自动处理配置.txt` | `code-confirmed`packaged JS 现已直接实现输入驱动的 `monitor-snapshot` collector可做 repair-order 分类、monitor/dispose log 比较、`new_pending_ids` 推导、`success/partial/empty/blocked` 状态判定,并携带 `workflow_rule_sources``config_base_page/config_base_role``known_issues` 元数据;更强的队列采集、日志比较、音频提醒、短信、外呼、自动派单、处置日志写入证据直接存在于 desk 规则脚本。`contract-defined`:快照语义与下游副作用需分开表达。`implementation intent exists but not rigorous / buggy`desk 规则内存在 `status == "00" && status == "01"` 的待处理分类 bug规则层 `new_pending_ids` 仍更像归一化目标而非同名稳定字段。 | 本场景 desk workflow 证据仍强于 packaged collector且当前实际定时执行证据以 desk 规则脚本为主;`assets/scene-snapshot/index.html` 仅是配置基础页。仍不能宣称任何运行时成功。 | `D:/data/ideaSpace/rust/sgClaw/claw-new/docs/superpowers/specs/2026-04-08-95598-repair-city-dispatch-operation-analysis.md` |
| 户表失电-嘉峪关 | `jiayuguan-meter-outage` | 监测 | 监测户表失电事件,结合服务工单状态与历史日志识别待处理对象,并为自动处理链路提供输入。 | `scene.json``SKILL.md``scripts/collect_outage_events.js``D:/desk/智能体资料/大四区报告监测项/户表失电-嘉峪关_业务监测配置.txt``D:/desk/智能体资料/大四区报告监测项/户表失电-嘉峪关_自动处理配置.txt` | `code-confirmed`packaged JS 现已直接实现输入驱动的 `monitor-snapshot` collector可从 outage/service-order 数据计算 `pending/audit/processed`、比较 monitor/dispose logs、推导 `new_pending_ids`、输出 `success/partial/empty/blocked`,并携带 `workflow_rule_sources``config_base_page/config_base_role``identity_model` 元数据;更强的 outage collection、service-order enrichment、monitor/dispose log 比较、营销 token 依赖自动处理与派单分支直接存在于 desk 规则脚本。`contract-defined`:快照与下游自动处理需分开理解。`implementation intent exists but not rigorous / buggy`:监测 pending 列表用 `consNo`,处置去重用 `eventId`,身份模型不一致;短信通道只看到保留意图/注释代码。 | 本场景 desk workflow 证据也强于 packaged collector且当前实际定时执行证据以 desk 规则脚本为主;`assets/scene-snapshot/index.html` 仅是配置基础页。必须保留身份不一致问题,不能把 `pending_ids/new_pending_ids` 写成已被严格统一定义。 | `D:/data/ideaSpace/rust/sgClaw/claw-new/docs/superpowers/specs/2026-04-08-jiayuguan-meter-outage-operation-analysis.md` |
## 当前状态汇总
### 1. 报表类场景的共同结论
- `fault-details-report`
- `jinchang-business-environment-weekly-report`
- `95598-weekly-monitor-report`
这 3 个 scene 当前最强直接证据都集中在“已打包脚本定义了 artifact schema / section template / 基础状态字段”。
因此,对这 3 个 scene 的严谨表述应是:
- `code-confirmed`:已存在结构模板、字段壳和分区定义
- `contract-defined`:存在明确的目标采集流程与质量要求
- `implementation intent exists but not rigorous / buggy`:运行时采集、周期对齐、状态细分、导出/日志等链路没有被 packaged JS 同等强度证实
换言之,它们当前主要是“结构化报表模板场景”,不应表述为“已验证的 live collector”。
### 2. 监测类场景的共同结论
- `95598-repair-city-dispatch`
- `jiayuguan-meter-outage`
这 2 个 scene 的情况与报表类不同:
- packaged JS collector 已具备输入驱动的 `monitor-snapshot` 归一化 / 比较逻辑
- 更强 workflow 证据主要存在于 desk 规则资产
- 规则资产直接展示了采集、比较、提醒、日志、派单等流程分支
因此,对这 2 个 scene 的严谨表述应是:
- `code-confirmed`:规则资产中确有较强监测/自动处理链路定义
- 但这仍只证明“规则层存在这些实现分支”
- 不得进一步写成“运行时已稳定成功”
### 3. 当前全局未闭合问题
- `fault-details-report``period``startTime/endTime` 的关系未闭合
- `jinchang-business-environment-weekly-report``region` 语义只在文案层出现,未形成稳定字段
- `95598-weekly-monitor-report``period``currentPeriod/cumulativePeriod`、period alignment 之间的关系未闭合
- `95598-repair-city-dispatch`:待处理分类规则存在 `status == "00" && status == "01"` bug
- `jiayuguan-meter-outage`monitor pending 使用 `consNo`dispose dedupe 使用 `eventId`,身份模型不一致
## 按证据等级整理的能力视图
### `code-confirmed`
- 报表 artifact / monitor snapshot 的基础结构壳
- 报表 scene 的固定 section/template 定义
- 两个监测 scene 规则资产中的采集、比较、日志、提醒、派单分支存在性
### `contract-defined`
- 报表类 scene 的目标采集流程、导出语义、质量约束
- 监测类 scene 的“快照成功”与“副作用成功”分离原则
- 周报类双周期/多来源/对齐语义
### `implementation intent exists but not rigorous / buggy`
- 报表类 scene 中对 live collector、period alignment、状态细分的实现意图
- `95598-repair-city-dispatch` 的 pending 分类 bug
- `jiayuguan-meter-outage` 的身份键不一致
- 若干下游通道存在定义或注释代码,但不足以提升为稳定现状
### `no direct evidence / candidate only`
- 统一 capability 名称本身
- 未来标准配置里的字段拆分方案
- `email` 等当前未见直接证据的候选通道
## 使用边界
本文件只用于帮助人快速理解“当前观察到的业务盘点状态”。如需:
- 看每个场景的证据出处与分级理由,读对应 operation-analysis 文档
- 看机器可读盘点结构,读 `2026-04-08-command-center-virtual-employee-inventory.json`
- 看未来目标配置结构提案,读 `2026-04-08-command-center-standard-config-structure.md`

BIN
docs/superpowers/specs/2026-04-08-command-center-virtual-employee-inventory-table.rebuilt.xlsx Normal file
View File

Binary file not shown.

BIN
docs/superpowers/specs/2026-04-08-command-center-virtual-employee-inventory-table.xlsx Normal file
View File

Binary file not shown.

1280
docs/superpowers/specs/2026-04-08-command-center-virtual-employee-inventory.json Normal file
View File

File diff suppressed because it is too large Load Diff

142
docs/superpowers/specs/2026-04-08-fault-details-report-operation-analysis.md Normal file
View File

@@ -0,0 +1,142 @@
# fault-details-report 操作分析
## 1. 场景概述
`fault-details-report` 对应“故障明细”场景,目标表述为查询故障明细并生成包含明细与汇总分区的结构化报表。根据 `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\fault-details-report\scene.json``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\fault-details-report\SKILL.md``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\fault-details-report\scripts\collect_fault_details.js`,当前最强直接证据在于:已打包脚本明确了报表 artifact 的列结构、汇总 section 名称、空结果形态与 `status: "ok"` 默认值,证据等级:`code-confirmed`
但同一批证据并没有展示真实浏览器页面抓取、请求触发、行级归一化或汇总派生的实际执行代码。也就是说,当前 packaged script 对 artifact schema / section template 的定义,明显强于对实时浏览器采集行为的证明,证据等级:`code-confirmed`
## 2. 证据来源
本分析统一只使用四个证据等级标签:`code-confirmed``contract-defined``implementation intent exists but not rigorous / buggy``no direct evidence / candidate only`。其中,脚本直接定义的 artifact schema / section template 归入 `code-confirmed`;未见脚本直接实现的运行语义与下游动作,不拔高于其对应较弱标签。
1. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\fault-details-report\scripts\collect_fault_details.js`
- 直接定义 `DETAIL_COLUMNS``SUMMARY_COLUMNS`、返回对象字段、空 `rows`、空 `sections[0].rows``status: "ok"``partial_reasons: []`,证据等级:`code-confirmed`
2. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\fault-details-report\SKILL.md`
- 说明预期工作流为读取时间范围、收集原始故障明细、按规范列顺序归一、派生汇总 sheet、返回 artifact这是技能说明与目标运行契约能证明意图与期望输出但不能单独证明脚本已实现全部步骤整体证据等级以 `contract-defined``implementation intent exists but not rigorous / buggy` 并存描述更严谨。
3. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\fault-details-report\scene.json`
- 定义场景输入为 `period`、依赖为 `browser` / `report-history` / `local-report-service`、动作包括 `query` / `collect-report` / `build-summary-section`,属于场景元数据定义,证据等级:`code-confirmed`
4. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\fault-details-report\references\collection-flow.md`
- 给出“读取开始结束时间、触发 repair-order query、收集明细、按 `excleIni[0].cols` 归一、派生 summary-sheet、再返回 artifact”的参考流程它定义了预期采集语义证据等级`contract-defined`
5. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\fault-details-report\references\data-quality.md`
- 给出必填列、可空列、summary 派生期望、partial 规则与 empty/failure 区分,属于质量约束参考,证据等级:`contract-defined`
6. `D:\data\ideaSpace\rust\sgClaw\claw-new\docs\superpowers\specs\2026-04-08-command-center-virtual-employee-inventory.json`
- 已把该场景整理为 `workflow``result.key_fields``status_model``open_questions`,可作为当前 command-center 侧归纳结果,但其中部分内容是对 scene/skill/reference 的再整理,不应反向当作新实现证据;证据等级:`no direct evidence / candidate only`(仅限 inventory 不能单独证明 packaged script 已实现的部分)。
## 3. 实际入口与运行边界
实际入口已在 `scene.json` 中声明为浏览器场景 `index.html`,技能包工具名为 `fault-details-report.collect_fault_details`artifact 类型为 `report-artifact`,这些都是当前仓库可直接定位的定义,证据等级:`code-confirmed`
运行边界方面:
- 场景元数据只声明了 `inputs: ["period"]`,证据等级:`code-confirmed`
- 参考流程却明确要求从页面 datetime range control 读取 `start` / `end` 时间,证据等级:`contract-defined`
- 因而“外部统一输入叫 `period`,但页面真实业务输入更像 `startTime/endTime` 二元组”这一判断是当前最严谨的归纳,且 inventory 文件也把它列入 `open_questions`,证据等级:`implementation intent exists but not rigorous / buggy`
还要强调:当前可直接运行的打包脚本并未包含浏览器操作、请求调用、页面解析或 localhost 导出调用代码,因此它的实际边界更接近“返回一个预定义空 artifact 的 schema stub”而不是“已严格实现端到端浏览器采集器”证据等级`code-confirmed`
## 4. 代码已证实的实际操作流程
当前代码真正能严格确认的流程只有以下最小闭环:
1. 调用 `collectFaultDetails(input)`
2. 读取 `input.period || ""` 填入返回对象的 `period` 字段。
3.`DETAIL_COLUMNS` 写入主表 `columns`
4. 将空数组写入主表 `rows`
5. 构造一个名为 `summary-sheet` 的 section并写入 `SUMMARY_COLUMNS` 与空 `rows`
6. 返回 `type: "report-artifact"``report_name: "fault-details-report"``status: "ok"``partial_reasons: []`
以上每一步都能在 `collect_fault_details.js` 中直接定位,证据等级:`code-confirmed`
至于以下操作:读取页面时间、触发 repair-order 查询、抓取故障行、归一字段、按明细派生汇总、判断 partial/empty/blocked、调用导出服务或报告日志服务目前在 packaged script 中没有对应实现代码,只在 skill/reference 文本里出现,证据等级最多是 `contract-defined``implementation intent exists but not rigorous / buggy`,不能写成当前代码已证实的实际流程。
## 5. 标准化抽象流程
若为 command-center 做严格抽象,当前更合理的标准化流程应写成:
1. 解析外部任务输入。
2. 将业务时间范围映射到页面查询参数。
3. 执行浏览器态查询并收集故障明细行。
4. 按约定列顺序归一主表数据。
5. 基于明细结果派生 `summary-sheet`
6. 生成 `report-artifact`
7. 如有需要再执行导出/日志等下游动作。
其中第 6 步“生成具有主表+summary-sheet 的 artifact 结构”可由脚本直接支撑,证据等级:`code-confirmed`。第 2、3、4、5、7 步主要来自场景说明与 reference 文档,不是当前脚本已实现事实,证据等级应分别按 `contract-defined``implementation intent exists but not rigorous / buggy` 标注。
## 6. 输入、上下文与依赖
### 输入
- `period` 被 scene 元数据与脚本入参直接使用,证据等级:`code-confirmed`
- “页面实际读取开始时间与结束时间”来自 `references/collection-flow.md``SKILL.md` 的 workflow 描述,证据等级:`contract-defined`
- 因此 `period``startTime/endTime` 的关系当前并不严谨:很可能 `period` 只是上层统一抽象,而底层真实 collector 需要双时间字段,证据等级:`implementation intent exists but not rigorous / buggy`
### 运行上下文
- 浏览器页面可访问、页面日期控件存在、会话已登录,来自 scene/inventory/reference 的联合描述,证据等级以 `code-confirmed`(元数据存在)和 `contract-defined`(具体语义)共同成立。
- `report-history``local-report-service` 被声明为依赖,但 reference 同时强调历史报告不是主数据源、localhost 服务是下游依赖,证据等级:`code-confirmed``contract-defined`
### 依赖
- `browser``fault-detail-query-source``local-report-service` 等依赖名称或整理项可直接在 scene 或 inventory 中定位,证据等级:`code-confirmed`
- `/a_js/YPTAPI.js``http://localhost:13313/ReportServices/*``faultDetailsExportXLSXS` 等更具体依赖来自 reference证据等级`contract-defined`
## 7. 输出结构
当前输出结构是本场景最硬的直接证据。`collect_fault_details.js` 已直接定义:
- `type: "report-artifact"`
- `report_name: "fault-details-report"`
- `period`
- 主表 `columns` = `DETAIL_COLUMNS`
- 主表 `rows` = `[]`
- `sections[0].name = "summary-sheet"`
- `sections[0].columns = SUMMARY_COLUMNS`
- `sections[0].rows = []`
- `status = "ok"`
- `partial_reasons = []`
以上全部属于 `code-confirmed`
`SKILL.md``data-quality.md` 还要求输出中体现 detail row count、summary row count、required column coverage、complete/partial status、missing columns、weak mappings、downstream failures 等诊断信息。除了 `status``partial_reasons` 字段壳子已经存在,其他诊断性内容并未在脚本中实现,证据等级:`implementation intent exists but not rigorous / buggy`
## 8. 下游动作证据表
| 下游动作 | 当前证据 | 证据等级 | 严谨结论 |
| --- | --- | --- | --- |
| 生成 `report-artifact` 返回给上游 | `collect_fault_details.js` 直接返回对象 | `code-confirmed` | 已有稳定的 artifact 结构桩实现,但当前返回为空数据模板。 |
| 明细列顺序标准化 | `DETAIL_COLUMNS` 明确定义 | `code-confirmed` | 只能确认列 schema 被定义,不能确认真实行数据已按此顺序完成映射。 |
| `summary-sheet` 分区存在 | `sections` 中直接构造 `summary-sheet` | `code-confirmed` | 只能确认 section 模板存在,不能确认真实汇总派生逻辑已实现。 |
| 页面采集故障明细行 | 只在 `SKILL.md` / `collection-flow.md` 中描述 | `contract-defined` | 存在明确目标流程,但当前 packaged script 未直接证明已实现。 |
| 汇总派生 | 只在 `SKILL.md` / `collection-flow.md` / `data-quality.md` 中描述 | `contract-defined` | 有契约与质量要求,但没有脚本级派生代码证据。 |
| 导出 Excel | scene 依赖与 reference 提到 localhost export service | `contract-defined` | 这是下游依赖定义,不等于本 skill 当前已实际执行导出。 |
| 写报告日志 | scene 依赖 `report-history`reference 提到 report-log | `contract-defined` | 只能确认体系中有该下游概念,当前脚本未直接实现日志写入。 |
| partial / empty / blocked 状态细分 | skill/reference 有规则,脚本固定 `status: "ok"` | `implementation intent exists but not rigorous / buggy` | 状态模型意图存在,但 packaged script 目前未严格承载这些分支。 |
## 9. 当前代码疑点 / 不严谨点
1. `period``startTime/endTime` 的建模不一致。scene 与脚本只保留 `period`reference 却明确要求读取开始/结束时间;这会让 command-center 难以判断标准输入究竟是一段字符串还是两个独立时间字段,证据等级:`implementation intent exists but not rigorous / buggy`
2. 脚本把 `status` 固定为 `"ok"`,但 reference 与 `SKILL.md` 明确区分 success / partial / empty / blocked当前实现无法承载这些语义证据等级`code-confirmed` 对现状成立,而“应支持细分状态”属于 `contract-defined`
3. `partial_reasons` 虽存在字段,但脚本没有任何填充逻辑,只能算 schema 占位,证据等级:`code-confirmed`
4. `DETAIL_COLUMNS``SUMMARY_COLUMNS` 已定义,但没有任何从页面数据到列值的映射代码;“字段归一化能力已落地”不能成立,证据等级最多为 `implementation intent exists but not rigorous / buggy`
5. 下游导出与日志在参考资料中存在,但当前 skill 脚本并未调用相关服务,因此“报表可直接生成 Excel”不能写成当前代码事实证据等级`no direct evidence / candidate only`(就 packaged script 内实际执行而言)。
## 10. 对 command-center 标准配置的修订建议
1. 将本场景输入从单一 `period` 修订为更严谨的双层表达:
- 对外统一层可保留 `period` 便于路由;
- 执行层建议显式展开 `startTime` / `endTime`
其中“需要展开”的结论来自 scene 与 reference 的冲突修正,证据等级:`implementation intent exists but not rigorous / buggy`
2. 在标准配置里把“artifact schema 已明确、live collector 未证实”作为单独字段或备注保留,避免 command-center 误把 schema stub 当成已实现采集器,证据等级:`code-confirmed`
3.`summary-sheet` 标记为 `section template confirmed`,而不是 `summary derivation implemented`。前者是 `code-confirmed`,后者当前没有同等强度证据。
4. 状态模型建议分成两层:
- `declared_status_model`: success / partial / empty / blocked来源于 skill/reference证据等级`contract-defined`
- `implemented_status_behavior`: 当前仅看到固定 `ok` 成功壳,证据等级:`code-confirmed`
5. 对下游动作增加 `evidence_note`,明确 report-export / report-log 目前主要来自场景与参考定义,不是当前 packaged script 已证实行为。
## 11. 最终严谨结论
关于 `fault-details-report`,当前最可靠的结论是:仓库已经具备一个明确的报表 artifact 模板实现,能够稳定返回故障明细主表列定义、`summary-sheet` 汇总分区模板、空结果数组以及基础状态字段,证据等级:`code-confirmed`
但如果把结论提升为“已经实现真实浏览器故障明细采集、列归一化、汇总派生、导出与日志闭环”,则证据并不充分。相关行为主要存在于 `SKILL.md``references/collection-flow.md``references/data-quality.md` 与 scene 元数据中,能够证明的是目标流程与契约要求,而不是当前 packaged script 已严格完成这些逻辑。因此本场景目前应被描述为“artifact schema / section template 定义强live browser collection 行为证据弱”的 staged report scene而不能被描述为已严谨落地的实时采集器。

225
docs/superpowers/specs/2026-04-08-jiayuguan-meter-outage-operation-analysis.md Normal file
View File

@@ -0,0 +1,225 @@
# jiayuguan-meter-outage 操作分析
## 1. 场景概述
`jiayuguan-meter-outage` 对应“户表失电-嘉峪关”场景,目标是采集户表失电事件、关联服务工单状态、对比历史监测 / 处置日志,并在必要时触发音频提醒或自动派单等后续动作。根据 `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\jiayuguan-meter-outage\scene.json``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jiayuguan-meter-outage\SKILL.md``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jiayuguan-meter-outage\scripts\collect_outage_events.js` 以及两份规则资产当前最严谨的结论是packaged JS collector 已经实现输入驱动的 `monitor-snapshot` 归一化 / 比较逻辑,会从 outage events 与 service orders 计算 `pending/audit/processed`、解析 monitor/dispose logs、推导 `pending_ids` / `new_pending_ids`、输出 `success/partial/empty/blocked` 状态,并附带 source endpoint 常量、localhost 端点、desk 规则来源、配置基础页标记与身份模型元数据;更强的业务工作流证据则主要存在于 desk 规则资产中,证据等级分别为 `code-confirmed`
必须明确区分以下几层:
1. packaged runtime-snapshot-collector`collect_outage_events.js` 已直接实现 outage/service-order 归一化、历史比较、身份模型暴露与标准快照输出,并显式携带 `workflow_rule_sources``config_base_page``config_base_role``packaged_collector_role``identity_model` 元数据,证据等级:`code-confirmed`
2. outage collection业务监测规则直接请求 `outage/dhsd/dhsdList` 收集失电事件,证据等级:`code-confirmed`
3. service-order enrichment业务监测规则再请求 `gdgl/active/service/order/list` 收集服务工单状态并补全 `audit` / `processed`,证据等级:`code-confirmed`
4. monitor-log comparison业务监测规则通过 `getMonitorLog` 对比历史待处理列表并决定是否音频提醒,证据等级:`code-confirmed`
5. dispose-log dedupe业务监测规则通过 `getDisposeLog` 做已派单去重并决定是否进入自动处理,证据等级:`code-confirmed`
6. marketing-token-dependent auto-processing and dispatch自动处理规则显式读取营销系统 token并基于营销系统查询结果、班组配置和自动派单接口推进派单证据等级`code-confirmed`
但这些 `code-confirmed` 仍只证明“代码或规则资产中存在这些实现链路”,不代表运行时已验证成功。本文不声称任何运行时验证结论。
## 2. 证据来源
本分析统一只使用四个证据等级标签:`code-confirmed``contract-defined``implementation intent exists but not rigorous / buggy``no direct evidence / candidate only`
1. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jiayuguan-meter-outage\scripts\collect_outage_events.js`
- 直接定义 `SOURCE_GROUPS``LOCAL_SERVICE_ENDPOINTS``WORKFLOW_RULE_SOURCES``CONFIG_BASE_PAGE``IDENTITY_MODEL`,并实现 outage/service-order 分类、monitor/dispose log 解析比较、`new_pending_ids` 推导、`success/partial/empty/blocked` 状态判定,以及带 `evidence` / `identity_model``monitor-snapshot` 输出,证据等级:`code-confirmed`
2. `D:\desk\智能体资料\大四区报告监测项\户表失电-嘉峪关_业务监测配置.txt`
- 直接实现失电事件采集、服务工单状态补充、monitor log 比较、dispose log 去重、音频提醒与监测日志写入,证据等级:`code-confirmed`
3. `D:\desk\智能体资料\大四区报告监测项\户表失电-嘉峪关_自动处理配置.txt`
- 直接实现营销 token 读取、营销系统用户查询、工单编号获取、班组分配、自动派单请求、音频提醒、处置日志写入,以及备用短信函数定义,证据等级:`code-confirmed`
4. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jiayuguan-meter-outage\SKILL.md`
- 定义“失电事件采集与工单状态采集要分开,再组合成一份快照;下游提醒与自动派单不应重定义采集成功”的运行契约,证据等级:`contract-defined`
5. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jiayuguan-meter-outage\references\collection-flow.md`
- 定义以配置页为入口、组合 outage-event collection、service-order enrichment、历史比较和 auto-processing context 的流程,证据等级:`contract-defined`
6. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jiayuguan-meter-outage\references\data-quality.md`
- 定义 pending / audit / processed 的来源语义、partial 规则与依赖告警,证据等级:`contract-defined`
7. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\jiayuguan-meter-outage\scene.json`
- 声明场景分类、输入 `time`、依赖与动作,证据等级:`code-confirmed`
8. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\jiayuguan-meter-outage\scene.draft.json`
- 暴露对 marketing token context 和 `trigger-alert` / `auto-processing` 是否进一步拆分的待定整理,证据等级:`no direct evidence / candidate only`
## 3. 实际入口与运行边界
实际入口在 `scene.json` 中已固定:场景页面入口为 `index.html`,技能工具名为 `jiayuguan-meter-outage.collect_outage_events`,输出类型为 `monitor-snapshot`,输入为 `time`,这些都属于 `code-confirmed`
其中 `assets/scene-snapshot/index.html` 只应被视为配置基础页(例如班组、联系人、范围维护),不应被当作规则 workflow 的主执行证据。
运行边界方面,需要特别强调 packaged collector 与 rule workflow 的分层:
- packaged JS runtime collector 的直接能力边界:它已经能基于输入 `outage_events``service_orders``monitor_logs``dispose_logs``pending/audit/processed` 归一化、历史比较、`new_pending_ids` 推导与 `success/partial/empty/blocked` 判定,并公开两个上游 source endpoint、一组 localhost endpoint、desk 规则来源、配置基础页角色与身份模型元数据;但它仍是输入驱动归一化 collector不直接发起浏览器请求也不直接承载完整业务 workflow证据等级`code-confirmed`
- 更强的业务流程边界,主要体现在 desk 规则资产:先采集户表失电事件,再请求服务工单列表补充状态,再做 monitor/dispose 日志比较,最后才决定提醒或自动处理,证据等级:`code-confirmed`
因此本场景不能被描述成“packaged collector 已完整实现嘉峪关户表失电实时工作流”。更严谨的说法是packaged collector 已实现可测试的输入驱动快照归一化 / 比较逻辑;较强 workflow 证据主要在 desk 规则资产中,证据等级:`code-confirmed`
此外,`collection-flow.md``SKILL.md` 都明确要求把 outage collection、service-order enrichment、历史比较与下游 auto-processing 分开理解;这是运行边界契约,证据等级:`contract-defined`
## 4. 代码已证实的实际操作流程
### 4.1 packaged runtime-snapshot-collector 已证实流程
`collect_outage_events.js` 中现在能严格确认:
1. 调用 `collectOutageEvents(input)`,读取 `input.outage_events``input.service_orders``input.monitor_logs || input.monitor_log``input.dispose_logs || input.dispose_log``input.local_write_failures``input.blocked_reason` 等输入。
2. 通过 `buildOutageContext(...)` 从 outage events 提取 `pending_ids``eventIds``eventIdsByConsNo`,并通过 `classifyServiceOrders(...)` 基于 `gdztmc` 计算 `audit` / `processed`
3. 解析 monitor/dispose logs识别 malformed payload并结合 `consNo``eventId` 的映射推导 `new_pending_ids`
4. 对未知工单状态、日志缺失、日志解析失败、缺失 event identity、identity crosswalk ambiguity、本地写失败等情况记录 `partial_reasons`
5.`blocked > partial > empty > success` 的优先级计算 `status`,返回 `type: "monitor-snapshot"``scene: "jiayuguan-meter-outage"``pending``audit``processed``pending_ids``new_pending_ids``status``partial_reasons`
6. 在返回对象中附带 `evidence.workflow_rule_sources``evidence.config_base_page``evidence.config_base_role``evidence.packaged_collector_role = "runtime-snapshot-collector"`,以及 `identity_model`
7. 模块额外导出 `SOURCE_GROUPS``LOCAL_SERVICE_ENDPOINTS``WORKFLOW_RULE_SOURCES``CONFIG_BASE_PAGE``IDENTITY_MODEL`
以上都属于 `code-confirmed`
### 4.2 业务监测规则已证实流程
`户表失电-嘉峪关_业务监测配置.txt` 直接证实了以下分段流程:
1. outage collection通过 `BrowserAction(... outage/dhsd/dhsdList ...)` 查询近两天到当天的失电事件,并把每条 `consNo` 放入 `idList`,证据等级:`code-confirmed`
2. service-order enrichment随后通过 `BrowserAction(... gdgl/active/service/order/list ...)` 查询当天工单列表,并按 `gdztmc == "待审核"` / `gdztmc == "已归档"` 分别累计 `audit``processed`,证据等级:`code-confirmed`
3. monitor-log comparison通过 `getMonitorLog` 读取历史 `pendingList`,对比当前 `idList`,如发现新增待处理则触发音频提醒,并把快照写入 `setMonitorData` / `setMonitorLog`,证据等级:`code-confirmed`
4. dispose-log dedupe通过 `getDisposeLog` 读取历史处置日志,解析 `orderID` 后提取其中 `id`,再以 `eventId` 为键从当前失电事件中筛出未处置事件 `pendingList`,证据等级:`code-confirmed`
5. 若存在未处置事件,则把 `pendingList` 塞给 `_this.queueObj.pendingList` 并触发 `_this.autoTask()`;否则直接 `_this.processQueue()`,证据等级:`code-confirmed`
### 4.3 自动处理规则已证实流程
`户表失电-嘉峪关_自动处理配置.txt` 直接证实:
1. 自动处理依赖营销系统 token代码从 `localStorage["markYXObj"]` 中读取 `token``loginUserInfo`,证据等级:`code-confirmed`
2. 自动处理先按 `eqPsrName` 合并事件,再读取 `getClassList` 获取班组配置,证据等级:`code-confirmed`
3. 用营销系统接口 `queryEleCust``consNo` 查询用户营销归属,再据此确定 `ecssMgtOrgCode`,证据等级:`code-confirmed`
4. 之后还会调用 `gdgl/zdfw/tgforderzdfw/gdbh` 获取工单编号,再调用 `gdgl/active/service/order/saveAndSend` 发起自动派单,证据等级:`code-confirmed`
5. 自动派单成功 / 失败 / 异常分支都会触发不同音频提醒,并写 `setDisposeLog`,证据等级:`code-confirmed`
6. 短信函数 `msgFC` 在自动处理规则中被定义,但当前成功分支里的短信发送代码被整体注释掉,因此“短信通道已成为当前有效工作流”不能被写成稳定事实,证据等级:`implementation intent exists but not rigorous / buggy`
## 5. 标准化抽象流程
若为 command-center 做严格抽象,本场景更合理的标准化流程应写成:
1. 接收监测任务输入 `time`
2. 单独采集 outage events。
3. 单独采集 service-order states并用其补充 `audit` / `processed`
4. 使用 monitor log 做待处理比较,判断提醒语义。
5. 使用 dispose log 做已处置去重,筛出需要自动处理的事件集合。
6. 先形成或保留监测快照语义。
7. 若满足条件,再进入依赖营销 token 的自动处理 / 派单流程。
8. 记录音频、日志与处置结果等下游动作。
其中第 1 步可由 packaged collector 的显式输入 `time` 支撑,第 2、3、4、5、6 步可由 packaged collector 的输入驱动归一化 / 比较逻辑支撑,证据等级:`code-confirmed`;第 7、8 步主要由规则资产直接支撑,证据等级:`code-confirmed`;“这些步骤应被分离理解、下游动作不应覆盖采集成功语义”的边界来自 `SKILL.md` / references证据等级`contract-defined`
如果把上述流程进一步说成“已由 packaged collector 严格统一承载实时 outage 请求、service-order 查询与自动派单副作用”,则不严谨,因为这些更强 workflow 证据主要来自 desk 规则资产而不是 packaged collector证据等级只能降为 `implementation intent exists but not rigorous / buggy`
## 6. 输入、上下文与依赖
### 输入
- `time` 是 scene 与 packaged script 共同声明的显式输入,证据等级:`code-confirmed`
- 业务监测规则对失电事件使用“近两天到今天”的 `offTime` 查询窗,对服务工单使用“当天”的 `createTime` 查询窗,证据等级:`code-confirmed`
- “当前 outage 和 service-order query windows 都属于实际输入的一部分”在 reference 中被明确说明,证据等级:`contract-defined`
### 运行上下文
- 平台 session、org/user 上下文、浏览器 `BrowserAction` 能力在规则资产中直接使用,证据等级:`code-confirmed`
- marketing token context 在自动处理规则中是实际依赖,而不仅仅是文档说法,证据等级:`code-confirmed`
- reference 也把 marketing token context 明确列为 downstream enrichment / dispatch 依赖,证据等级:`contract-defined`
### 依赖
- `scene.json` 声明 `browser``local-service``outage-source``service-order-source``history-log`,证据等级:`code-confirmed`
- 业务监测规则直接使用 `outage/dhsd/dhsdList``gdgl/active/service/order/list``getMonitorLog``setMonitorData``setMonitorLog``getDisposeLog``setAudioPlayLog`,证据等级:`code-confirmed`
- 自动处理规则直接使用营销系统 `queryEleCust`、工单编号接口 `gdgl/zdfw/tgforderzdfw/gdbh`、自动派单接口 `gdgl/active/service/order/saveAndSend``setDisposeLog``setAudioPlayLog`,证据等级:`code-confirmed`
- `scene.draft.json` 中 marketing token context 是否应提升为正式 dependency 仍是待确认项,因此在标准配置整理上属于 `no direct evidence / candidate only`
## 7. 输出结构
当前输出结构需要分层描述。
### 7.1 packaged runtime collector 已直接定义的输出
`collect_outage_events.js` 直接定义:
- `type: "monitor-snapshot"`
- `scene: "jiayuguan-meter-outage"`
- `time`
- `pending`
- `audit`
- `processed`
- `pending_ids`
- `new_pending_ids`
- `status`
- `partial_reasons`
- `evidence.workflow_rule_sources`
- `evidence.config_base_page`
- `evidence.config_base_role`
- `evidence.packaged_collector_role`
- `identity_model`
以上全部属于 `code-confirmed`
### 7.2 业务监测规则已展示的实际快照字段语义
业务监测规则直接构造了:
- `time`
- `type: "户表失电-嘉峪关"`
- `pending`
- `pendingList`
- `audit`
- `processed`
这说明规则层快照对象与 packaged stub 的标准字段命名并不完全一致,尤其是 `pendingList` vs `pending_ids``type` vs `scene`,证据等级:`code-confirmed`
### 7.3 `new_pending_ids` 的证据强度与身份不一致问题
`SKILL.md`、reference 与 `data-quality.md``new_pending_ids` 当成目标输出的一部分,证据等级:`contract-defined`。但当前规则资产里更强的直接事实是:
- monitor pending list 使用的是 `consNo`,即 `idList.push(item.consNo)`,证据等级:`code-confirmed`
- dispose dedupe 使用的是 `eventId`,即比较 `resList.indexOf(y.eventId)`,证据等级:`code-confirmed`
这意味着当前实现存在明显身份不一致:监测 pending 列表是 `consNo` 视角,而处置去重是 `eventId` 视角。因而“`pending_ids` / `new_pending_ids` 已被当前实现严谨统一定义”不能成立,证据等级:`implementation intent exists but not rigorous / buggy`
## 8. 下游动作证据表
| 下游动作 | 当前证据 | 证据等级 | 严谨结论 |
| --- | --- | --- | --- |
| 返回 `monitor-snapshot` runtime collector 输出 | `collect_outage_events.js` 直接返回对象 | `code-confirmed` | packaged JS 直接证明标准 snapshot 字段、状态判定、身份说明与 collector metadata 已存在。 |
| 失电事件采集 | 业务监测规则调用 `outage/dhsd/dhsdList` | `code-confirmed` | outage collection 在规则资产中直接存在。 |
| 服务工单状态补充 | 业务监测规则调用 `service/order/list` 并按 `gdztmc` 分桶 | `code-confirmed` | service-order enrichment 直接存在。 |
| monitor-log 比较 | 业务监测规则调用 `getMonitorLog` 并对比 `consNo` 列表 | `code-confirmed` | 历史比较逻辑直接存在。 |
| dispose-log 去重 | 业务监测规则调用 `getDisposeLog` 并按 `eventId` 过滤 | `code-confirmed` | 去重逻辑直接存在,但身份键与 monitor pending list 不一致。 |
| 音频提醒调用 | 业务监测规则和自动处理规则都调用 `mac.audioPlay(...)` | `code-confirmed` | 只能确认规则层存在音频提醒调用。 |
| 自动派单请求 | 自动处理规则调用 `service/order/saveAndSend` | `code-confirmed` | 自动派单请求分支可直接定位。 |
| 依赖营销 token 的用户查询 | 自动处理规则调用营销系统 `queryEleCust`,请求头带 `auth_token` | `code-confirmed` | 自动处理对 marketing token 有明确硬依赖。 |
| `setDisposeLog` 成功 / 失败 / 异常写入 | 自动处理规则各分支都写 `setDisposeLog` | `code-confirmed` | 处置日志写入分支存在。 |
| 短信发送通道 | 自动处理规则定义 `msgFC`,但成功分支短信代码被注释 | `implementation intent exists but not rigorous / buggy` | 说明短信意图存在,但当前读取到的有效工作流未严格启用。 |
| `pending_ids` / `new_pending_ids` 严格统一 | skill/reference 有目标要求,但规则层 `consNo``eventId` 混用 | `implementation intent exists but not rigorous / buggy` | 当前身份模型不统一,不能写成严谨既成事实。 |
## 9. 当前代码疑点 / 不严谨点
1. 最关键的不严谨点是身份不一致monitor pending list 以 `consNo` 作为待处理标识,而 dispose dedupe 以 `eventId` 作为去重标识。这会让 `pending_ids``new_pending_ids` 与“已处置集合”的语义难以严格对齐,证据等级:`implementation intent exists but not rigorous / buggy`
2. packaged collector 与规则资产输出命名仍不一致collector 使用 `scene``pending_ids``new_pending_ids`,规则对象使用 `type``pendingList`,证据等级:`code-confirmed`
3. `SKILL.md` 明确要求把 outage collection 与 service-order enrichment 分离理解;当前规则确实这样做了,但 packaged stub 没有承载这层结构,因此如果 command-center 只读 packaged stub 会低估真实 workflow证据等级`code-confirmed`
4. 自动处理强依赖 marketing token`scene.json` 现有正式 dependencies 没把它显式列出;`scene.draft.json` 已把这点作为待确认项,说明标准依赖建模尚未闭合,证据等级:`implementation intent exists but not rigorous / buggy`
5. 自动处理规则中短信发送函数虽然存在,但主成功路径短信代码被注释,说明短信通道更像保留意图而非当前可靠工作流,证据等级:`implementation intent exists but not rigorous / buggy`
6. 本文不能根据规则中存在自动派单和音频分支,就声称这些分支已经过运行时验证;任何这种表述都应避免。
## 10. 对 command-center 标准配置的修订建议
1. 对本场景应显式拆分两层证据:
- `packaged_collector`: `collect_outage_events.js` 的 runtime snapshot collector、状态判定、历史比较与 metadata规则来源、配置基础页角色、身份模型证据等级`code-confirmed`
- `rule_asset_workflow`: 规则资产中的 outage collection、service-order enrichment、历史比较与自动处理流程证据等级`code-confirmed`
2. 标准工作流建议强制拆成五段:
- `outage_collection`
- `service_order_enrichment`
- `monitor_log_comparison`
- `dispose_log_dedupe`
- `marketing_token_dependent_auto_processing`
这些拆分都能由现有规则资产直接支撑,证据等级:`code-confirmed`
3. 标准配置中应单独增加 `identity_model_note`,明确当前监测 pending list 基于 `consNo`,而 dispose dedupe 基于 `eventId`,两者尚未统一,证据等级:`implementation intent exists but not rigorous / buggy`
4. 对 dependencies 建议把 `marketing-token-context` 提升为显式依赖项,因为自动处理规则确实直接读取并使用营销 token证据等级`code-confirmed`;但“如何在标准 scene schema 中表达”目前仍是配置整理问题,证据等级:`implementation intent exists but not rigorous / buggy`
5. 对输出 schema 建议区分:
- `canonical_snapshot_fields`: `pending_ids` / `new_pending_ids` 等标准字段;
- `observed_rule_fields`: `pendingList` / `type` 等规则字段。
并额外记录 `pending_identity = consNo``dispose_identity = eventId` 的差异,避免误建模。
## 11. 最终严谨结论
关于 `jiayuguan-meter-outage`,当前最可靠的结论是:仓库已经存在一个可测试的 packaged JS runtime collector以及两份更强的 desk 规则脚本实现(`D:\desk\智能体资料\大四区报告监测项\户表失电-嘉峪关_业务监测配置.txt``D:\desk\智能体资料\大四区报告监测项\户表失电-嘉峪关_自动处理配置.txt`)。其中 packaged collector 已直接实现 outage/service-order 归一化、monitor/dispose log 比较、`new_pending_ids` 推导与 `success/partial/empty/blocked` 状态判定;业务监测规则直接证实了 outage collection、service-order enrichment、monitor-log comparison、dispose-log dedupe 与音频提醒 / 监测日志写入;自动处理规则则直接证实了依赖 marketing token 的用户归属查询、工单编号获取、自动派单请求以及音频 / 处置日志副作用分支,证据等级:`code-confirmed`
但同样必须严格说明:更强 workflow 证据主要在 desk 规则资产中,而不是 packaged collector因此不能把本场景描述成“packaged collector 已严谨实现全部实时业务流程”。此外当前实现仍存在关键身份不一致问题monitor pending list 使用 `consNo`dispose dedupe 使用 `eventId`。这说明本场景虽然 workflow 证据较强,但 `pending_ids` / `new_pending_ids` 的统一身份模型仍不严谨最适合被描述为“packaged collector 已具备输入驱动快照归一化能力、desk rule-asset workflow 较强、且身份键需要在 command-center 标准配置中显式澄清”的 monitor scene。

143
docs/superpowers/specs/2026-04-08-jinchang-business-environment-weekly-report-operation-analysis.md Normal file
View File

@@ -0,0 +1,143 @@
# jinchang-business-environment-weekly-report 操作分析
## 1. 场景概述
`jinchang-business-environment-weekly-report` 对应“国网金昌供电公司营商环境周例会报告”场景,目标是采集多来源指标并组装为分区结构化周报。根据 `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\jinchang-business-environment-weekly-report\scene.json``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jinchang-business-environment-weekly-report\SKILL.md``D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jinchang-business-environment-weekly-report\scripts\collect_business_environment_metrics.js`,当前已被代码直接证实的是:打包脚本定义了四个 section template、空主表、`period` 字段、`status: "ok"``partial_reasons: []`,证据等级:`code-confirmed`
同时必须明确说明:当前 packaged script 更强地定义了 artifact schema / section template而没有同等强度地定义真实浏览器采集、跨系统查询、period 对齐或导出执行逻辑。换言之,本场景当前更像“结构化周报模板脚本”,而不是“已被脚本严格实现的多源实时采集器”,证据等级:`code-confirmed`
## 2. 证据来源
本分析统一只使用四个证据等级标签:`code-confirmed``contract-defined``implementation intent exists but not rigorous / buggy``no direct evidence / candidate only`。凡涉及脚本直接定义的 schema / section template标为 `code-confirmed`;凡涉及将真实采集结果映射进这些结构的运行语义,如脚本未直接实现,则不高于 `contract-defined`
1. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jinchang-business-environment-weekly-report\scripts\collect_business_environment_metrics.js`
- 直接定义四个 section template`abnormal-transformer-monitoring``power-outage-monitoring``work-order-acceptance``dispatch-summary`,并返回空 artifact证据等级`code-confirmed`
2. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jinchang-business-environment-weekly-report\SKILL.md`
- 说明应读取周范围、校验会话、收集多个 metric group、映射到 report sections、必要时标记 partial并在输出里返回 `region``period`、缺失 section、周期对齐问题等。它主要定义目标契约与运行意图证据等级以 `contract-defined``implementation intent exists but not rigorous / buggy` 为主。
3. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\scenes\jinchang-business-environment-weekly-report\scene.json`
- 声明场景输入为 `period`,依赖包括 `browser``multi-source``local-report-service`,动作包括 `query` / `collect-report` / `aggregate-sections`,证据等级:`code-confirmed`
4. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jinchang-business-environment-weekly-report\references\collection-flow.md`
- 描述周范围读取、跨系统会话校验、多指标组采集、section 装配与下游导出关系,证据等级:`contract-defined`
5. `D:\data\ideaSpace\rust\sgClaw\claw\claw\skills\skill_staging\skills\jinchang-business-environment-weekly-report\references\data-quality.md`
- 描述完整结果、partial 规则、弱点区域与 empty/failure 区分,证据等级:`contract-defined`
6. `D:\data\ideaSpace\rust\sgClaw\claw-new\docs\superpowers\specs\2026-04-08-command-center-virtual-employee-inventory.json`
- 归纳出 workflow、key_fields、status_model 等 command-center 视图;它能帮助识别当前整理结果,但不应被当成比原始 scene/skill/script 更强的实现证据,证据等级:`no direct evidence / candidate only`(仅限 inventory 不能单独证明 packaged script 已实现的部分)。
## 3. 实际入口与运行边界
实际入口在 `scene.json` 中已固定:场景页面入口为 `index.html`,技能调用为 `jinchang-business-environment-weekly-report.collect_business_environment_metrics`,输出 artifact 类型为 `report-artifact`,这些都属于 `code-confirmed`
运行边界方面,当前仓库能确认的内容是:
- 对外输入名为 `period`,证据等级:`code-confirmed`
- 需要浏览器页面、多源系统访问与本地报告服务,证据等级:`code-confirmed`
- 参考资料要求按周范围收集多个指标组并组装 section证据等级`contract-defined`
但“真实 collector 已在 packaged script 中实现多源访问、登录态校验、周期一致性检查”这一说法并不成立。当前脚本只返回空 section 模板,因而其可直接证明的运行边界仍是 schema stub多源采集与组装仅体现为明确实现意图而非已严格落地逻辑证据等级`implementation intent exists but not rigorous / buggy`
## 4. 代码已证实的实际操作流程
当前代码能严格确认的实际操作流程如下:
1. 调用 `collectBusinessEnvironmentMetrics(input)`
2. 读取 `input.period || ""` 写入 artifact 的 `period`
3. 构造空主表:`columns: []``rows: []`
4. 基于 `SECTION_TEMPLATES` 复制出 4 个 section并确保每个 section 的 `rows: []`
5. 返回 `type: "report-artifact"``report_name``status: "ok"``partial_reasons: []`
这些步骤均可在 `collect_business_environment_metrics.js` 中直接定位,证据等级:`code-confirmed`
以下步骤虽然在 `SKILL.md` 与 reference 中多次出现,但并未被脚本直接实现:读取页面周范围、校验多源 token/session、采集变压器监测/停电监测/工单受理/调度总结等真实数据、检查 period alignment、生成最终文档或导出结果。这些内容不能写成“代码已证实的实际流程”最多只能分别标记为 `contract-defined``implementation intent exists but not rigorous / buggy`
## 5. 标准化抽象流程
若做 command-center 的标准化抽象,本场景可整理为:
1. 接收周报任务输入。
2. 解析页面周范围并绑定会话上下文。
3. 访问多个业务来源,按指标组采集数据。
4. 按四类 section 模板/列结构承载结果。
5. 形成统一 `report-artifact`
6. 视情况执行导出/日志等下游动作。
其中第 4 步仅“四类 section 名称与列结构存在”是 `code-confirmed`;“真实采集结果已被映射进四类 section”仍只属于 `contract-defined` 的流程约定。第 2、3、6 步主要来自 skill/reference 的运行说明,证据等级应为 `contract-defined`。如果把这些步骤进一步写成“当前 packaged script 已可靠执行”,就会过度推断,证据等级只能降为 `implementation intent exists but not rigorous / buggy`
## 6. 输入、上下文与依赖
### 输入
- `period` 是 scene 与脚本已共同声明的业务输入,证据等级:`code-confirmed`
- `SKILL.md` 还要求输出中包含 `region`,但 scene 输入与 script 返回结构都未显式声明 `region` 字段,证据等级:`implementation intent exists but not rigorous / buggy`
### 运行上下文
- `session`、多源系统可访问性、缓存 token 可用性等在 scene/reference 中被描述scene 元数据层面的存在是 `code-confirmed`,更具体的业务语义是 `contract-defined`
- 页面历史报告区、执行日志区被 reference 提到,但被明确描述为下游历史/辅助区域,而非主数据源,证据等级:`contract-defined`
### 依赖
- `browser``multi-source``local-report-service` 可直接在 scene 中定位,证据等级:`code-confirmed`
- `/a_js/YPTAPI.js``http://localhost:13313/ReportServices/*`、导出或 surface 服务来自 reference证据等级`contract-defined`
## 7. 输出结构
当前脚本直接证实的输出结构包括:
- `type: "report-artifact"`
- `report_name: "jinchang-business-environment-weekly-report"`
- `period`
- `columns: []`
- `rows: []`
- `sections` 包含 4 个固定模板
- `status: "ok"`
- `partial_reasons: []`
这些均属于 `code-confirmed`
四个固定 section template 分别为:
1. `abnormal-transformer-monitoring`
2. `power-outage-monitoring`
3. `work-order-acceptance`
4. `dispatch-summary`
它们的列结构也都在脚本中已明确定义,证据等级:`code-confirmed`
`SKILL.md` 输出部分提到应返回 `region`、missing sections、period alignment issues、downstream export/logging failures。除 `period` 与空 `partial_reasons` 字段外,其余诊断信息都没有在脚本中被明确建模。尤其是 `region` 出现在输出文案中,却没有进入 artifact schema这是一处场景特定的不一致点证据等级`implementation intent exists but not rigorous / buggy`
## 8. 下游动作证据表
| 下游动作 | 当前证据 | 证据等级 | 严谨结论 |
| --- | --- | --- | --- |
| 返回分区化 `report-artifact` | `collect_business_environment_metrics.js` 直接返回对象 | `code-confirmed` | 已有稳定 artifact 壳,但内容为空模板。 |
| 四类 section 模板存在 | 脚本直接定义 `SECTION_TEMPLATES` | `code-confirmed` | 只能确认 section schema 已确定,不能确认 section 数据采集已实现。 |
| 多源指标采集 | 只在 `SKILL.md` / `collection-flow.md` 中描述 | `contract-defined` | 契约上明确需要多源采集,但当前 packaged script 未直接证明。 |
| 周期一致性判断 | `SKILL.md` / `data-quality.md` 提到 period alignment | `contract-defined` | 存在质量要求,但脚本没有 period alignment 逻辑。 |
| 导出周报文档 | reference 提到 localhost export/surface services | `contract-defined` | 属于下游依赖定义,不等于当前 skill 已执行文档导出。 |
| 报告日志写入 | `SKILL.md` / reference 提到 report-log | `contract-defined` | 只能确认有该下游概念,当前脚本没有调用证据。 |
| `partial` 结果建模 | 脚本保留 `partial_reasons`reference 定义 partial 语义 | `implementation intent exists but not rigorous / buggy` | 字段壳子存在,但没有真实 partial 分支。 |
| `region` 输出 | 只在 `SKILL.md` 输出说明中出现 | `implementation intent exists but not rigorous / buggy` | 表达上存在地区语义,但未进入 scene 输入或 artifact schema。 |
## 9. 当前代码疑点 / 不严谨点
1. `region` 出现在 `SKILL.md` 的输出项中,但 scene.json 与脚本 schema 都没有显式 `region` 字段;这意味着“金昌”可能只是场景名称隐含语义,而非可追踪输出字段,证据等级:`implementation intent exists but not rigorous / buggy`
2. 脚本固定返回空 `columns` 与空 `rows`,说明主表并不是核心结构,真正的核心是 4 个 section template如果 command-center 仍把它当通用主表型报表,容易误建模,证据等级:`code-confirmed`
3. `status` 固定为 `"ok"`,与 skill/reference 所要求的 partial / empty / blocked 区分不一致,证据等级:`code-confirmed` 对现状成立,而目标状态模型仅为 `contract-defined`
4. 参考资料强调多源系统会话与 token 缓存,但脚本完全没有这些依赖的执行路径,因此“多源采集能力已落地”不能被提升为当前代码事实,证据等级:`implementation intent exists but not rigorous / buggy`
5. 导出与报告历史区域在 reference 中存在,但未被脚本直接接入;若在 command-center 中直接把它配置为“可导出 Word/Excel”现状将属于过度推断证据等级`no direct evidence / candidate only`(就 packaged script 执行层而言)。
## 10. 对 command-center 标准配置的修订建议
1. 本场景应把核心输出建模为 `section-based report artifact`,而不是普通二维表。原因是脚本对四个 section template 的定义明显强于对主表的定义,证据等级:`code-confirmed`
2. 在标准配置中补充 `region_semantics``fixed_region` 字段,明确“金昌”究竟只是场景命名,还是应成为可展示/可审计输出的一部分。目前这是未闭合问题,证据等级:`implementation intent exists but not rigorous / buggy`
3. 状态模型建议拆分:
- 契约层声明 success / partial / empty / blocked证据等级`contract-defined`
- 实现层当前只有固定 `ok` artifact stub证据等级`code-confirmed`
4. 给配置增加 `collection_evidence` 备注,明确当前 packaged script 更偏向 section schema 模板,而不是 live browser collector避免后续调度器把它误当已完成的实时采集技能。
5.`downstream_effects` 建议增加 `implemented: false / not-directly-proven` 之类标记,以区分“场景上需要导出”与“脚本里已执行导出”。
## 11. 最终严谨结论
关于 `jinchang-business-environment-weekly-report`,当前最可靠的现状判断是:仓库已经存在一个四分区结构化周报 artifact 模板,四个 section 的名称与列 schema 已由 packaged script 直接定义,证据等级:`code-confirmed`
但“已经实现真实浏览器多源采集、周期一致性校验、section 数据组装、最终导出与日志闭环”这一更强表述没有被脚本直接证明。相关行为主要由 `SKILL.md``collection-flow.md``data-quality.md` 与 scene 元数据定义目标流程和质量要求,因此应把它理解为“有明确契约和实现意图,但当前 packaged script 主要还是 schema/section stub”。此外`region` 在输出话术中出现、却未进入 artifact schema是本场景当前最需要在 command-center 标准配置中澄清的不严谨点。

BIN
docs/多核浏览器管道API接口文档.docx Normal file
View File

Binary file not shown.

632
frontend/service-console/sg_claw_service_console.html Normal file
View File

@@ -0,0 +1,632 @@
<!doctype html>
<html lang="zh-CN">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>sgClaw Service Console</title>
<style>
:root {
--bg: #f3efe4;
--panel: rgba(255, 252, 247, 0.88);
--panel-strong: #fffaf2;
--text: #1f2329;
--muted: #636b74;
--line: rgba(31, 35, 41, 0.12);
--accent: #0f766e;
--accent-strong: #115e59;
--warn: #b45309;
--error: #b42318;
--success: #166534;
--shadow: 0 24px 60px rgba(34, 42, 53, 0.14);
}
* {
box-sizing: border-box;
}
body {
margin: 0;
min-height: 100vh;
font-family: "Microsoft YaHei", "PingFang SC", "Segoe UI", sans-serif;
color: var(--text);
background:
radial-gradient(circle at top left, rgba(15, 118, 110, 0.18), transparent 32%),
radial-gradient(circle at right, rgba(180, 83, 9, 0.14), transparent 28%),
linear-gradient(160deg, #f5f0e6 0%, #eef5f4 56%, #f7f3eb 100%);
padding: 24px;
}
.shell {
width: min(1040px, 100%);
margin: 0 auto;
background: var(--panel);
backdrop-filter: blur(14px);
border: 1px solid rgba(255, 255, 255, 0.7);
border-radius: 28px;
box-shadow: var(--shadow);
overflow: hidden;
}
.hero {
padding: 28px 28px 18px;
border-bottom: 1px solid var(--line);
background: linear-gradient(135deg, rgba(255, 250, 242, 0.96), rgba(237, 246, 243, 0.92));
}
.hero h1 {
margin: 0;
font-size: clamp(1.8rem, 4vw, 2.6rem);
line-height: 1.05;
letter-spacing: 0.02em;
}
.hero p {
margin: 10px 0 0;
max-width: 60ch;
color: var(--muted);
line-height: 1.6;
}
.content {
display: grid;
grid-template-columns: minmax(280px, 320px) minmax(0, 1fr);
gap: 0;
}
.sidebar,
.stream-panel {
padding: 24px;
}
.sidebar {
border-right: 1px solid var(--line);
background: rgba(255, 255, 255, 0.38);
}
.section-label {
margin: 0 0 14px;
font-size: 0.83rem;
font-weight: 700;
letter-spacing: 0.14em;
text-transform: uppercase;
color: var(--muted);
}
.field {
margin-bottom: 18px;
}
.field label {
display: block;
margin-bottom: 8px;
font-size: 0.92rem;
color: var(--muted);
}
input,
textarea,
button {
width: 100%;
border: 1px solid var(--line);
border-radius: 16px;
font: inherit;
}
input,
textarea {
background: rgba(255, 255, 255, 0.92);
color: var(--text);
padding: 14px 16px;
outline: none;
transition: border-color 140ms ease, box-shadow 140ms ease, transform 140ms ease;
}
input:focus,
textarea:focus {
border-color: rgba(15, 118, 110, 0.5);
box-shadow: 0 0 0 4px rgba(15, 118, 110, 0.12);
}
textarea {
min-height: 180px;
resize: vertical;
line-height: 1.6;
}
button {
border: 0;
padding: 14px 16px;
font-weight: 700;
cursor: pointer;
transition: transform 140ms ease, opacity 140ms ease, background 140ms ease;
}
button:hover:not(:disabled) {
transform: translateY(-1px);
}
button:disabled {
cursor: not-allowed;
opacity: 0.45;
}
.primary-btn {
background: linear-gradient(135deg, var(--accent), var(--accent-strong));
color: #f6fffd;
box-shadow: 0 14px 28px rgba(15, 118, 110, 0.18);
}
.ghost-btn {
background: rgba(255, 255, 255, 0.9);
color: var(--text);
border: 1px solid var(--line);
}
.status-card {
display: grid;
gap: 8px;
padding: 16px;
border-radius: 20px;
background: var(--panel-strong);
border: 1px solid var(--line);
margin-bottom: 18px;
}
.state-chip {
display: inline-flex;
align-items: center;
width: fit-content;
padding: 6px 10px;
border-radius: 999px;
font-size: 0.85rem;
font-weight: 700;
background: rgba(99, 107, 116, 0.12);
color: var(--muted);
}
.state-chip[data-state="connected"] {
background: rgba(22, 101, 52, 0.12);
color: var(--success);
}
.state-chip[data-state="connecting"] {
background: rgba(180, 83, 9, 0.12);
color: var(--warn);
}
.validation {
min-height: 1.4em;
margin: 10px 0 14px;
color: var(--error);
font-size: 0.92rem;
}
.stream-panel {
display: grid;
grid-template-rows: auto minmax(320px, 1fr);
gap: 18px;
}
.stream-head {
display: flex;
justify-content: space-between;
align-items: end;
gap: 16px;
}
.stream-head h2 {
margin: 0;
font-size: 1.35rem;
}
.stream-head p {
margin: 6px 0 0;
color: var(--muted);
font-size: 0.94rem;
}
.stream {
display: grid;
gap: 12px;
align-content: start;
min-height: 320px;
max-height: 70vh;
overflow: auto;
padding: 4px;
}
.empty-state {
padding: 22px;
border-radius: 20px;
background: rgba(255, 255, 255, 0.52);
border: 1px dashed rgba(31, 35, 41, 0.16);
color: var(--muted);
line-height: 1.6;
}
.row {
display: grid;
grid-template-columns: auto 1fr;
gap: 12px;
align-items: start;
padding: 14px 16px;
border-radius: 18px;
background: rgba(255, 255, 255, 0.76);
border: 1px solid rgba(31, 35, 41, 0.08);
animation: rise 180ms ease;
}
.row-badge {
display: inline-flex;
align-items: center;
justify-content: center;
min-width: 76px;
padding: 6px 10px;
border-radius: 999px;
font-size: 0.76rem;
font-weight: 700;
text-transform: uppercase;
letter-spacing: 0.08em;
background: rgba(99, 107, 116, 0.14);
color: var(--muted);
}
.row.status .row-badge {
background: rgba(15, 118, 110, 0.14);
color: var(--accent-strong);
}
.row.log .row-badge {
background: rgba(57, 91, 163, 0.14);
color: #315aa2;
}
.row.complete .row-badge {
background: rgba(22, 101, 52, 0.14);
color: var(--success);
}
.row.error .row-badge {
background: rgba(180, 35, 24, 0.14);
color: var(--error);
}
.row-text {
margin: 0;
line-height: 1.6;
white-space: pre-wrap;
word-break: break-word;
}
@keyframes rise {
from {
opacity: 0;
transform: translateY(6px);
}
to {
opacity: 1;
transform: translateY(0);
}
}
@media (max-width: 900px) {
body {
padding: 16px;
}
.content {
grid-template-columns: 1fr;
}
.sidebar {
border-right: 0;
border-bottom: 1px solid var(--line);
}
.stream {
max-height: none;
}
}
</style>
</head>
<body>
<div class="shell" id="app">
<div class="hero">
<h1>sgClaw Service Console</h1>
<p>直接连接现有 service websocket提交自然语言任务并持续查看 service 返回的状态、日志和完成结果。</p>
</div>
<div class="content">
<div class="sidebar">
<p class="section-label">Connection</p>
<div class="status-card">
<span id="connectionState" class="state-chip" data-state="disconnected">未连接</span>
<span>默认地址使用现有 service websocket。</span>
</div>
<div class="field">
<label for="wsUrl">WebSocket 地址</label>
<input id="wsUrl" value="ws://127.0.0.1:42321" />
</div>
<button id="connectBtn" class="ghost-btn">连接</button>
<p class="section-label" style="margin-top: 26px;">Composer</p>
<div class="field">
<label for="instructionInput">任务内容</label>
<textarea id="instructionInput" placeholder="例如:打开百度"></textarea>
</div>
<div id="validationText" class="validation"></div>
<button id="sendBtn" class="primary-btn" disabled>发送任务</button>
</div>
<div class="stream-panel">
<div class="stream-head">
<div>
<p class="section-label">Service Stream</p>
<h2>消息流</h2>
<p>只展示本地连接状态与现有 service message。</p>
</div>
</div>
<div id="messageStream" class="stream">
<div class="empty-state" id="emptyState">尚无消息。先连接 service websocket再发送一条自然语言任务。</div>
</div>
</div>
</div>
</div>
<script>
const defaultWsUrl = "ws://127.0.0.1:42321";
const elements = {
wsUrl: document.getElementById("wsUrl"),
connectBtn: document.getElementById("connectBtn"),
connectionState: document.getElementById("connectionState"),
messageStream: document.getElementById("messageStream"),
instructionInput: document.getElementById("instructionInput"),
validationText: document.getElementById("validationText"),
sendBtn: document.getElementById("sendBtn"),
emptyState: document.getElementById("emptyState")
};
let socket = null;
let reconnectTimer = null;
let connectTimeoutTimer = null;
let heartbeatTimer = null;
let shouldReconnect = false;
let lastHeartbeatAt = 0;
const reconnectDelayMs = 1500;
const reconnectCloseCode = 4000;
const reconnectCloseReason = "manual_disconnect";
const heartbeatIntervalMs = 15000;
const heartbeatTimeoutMs = 30000;
const connectTimeoutMs = 5000;
function appendRow(kind, text) {
if (elements.emptyState) {
elements.emptyState.remove();
elements.emptyState = null;
}
const row = document.createElement("div");
row.className = "row " + kind;
const badge = document.createElement("span");
badge.className = "row-badge";
badge.textContent = kind;
const content = document.createElement("p");
content.className = "row-text";
content.textContent = text;
row.appendChild(badge);
row.appendChild(content);
elements.messageStream.appendChild(row);
elements.messageStream.scrollTop = elements.messageStream.scrollHeight;
}
function clearReconnectTimer() {
if (reconnectTimer) {
clearTimeout(reconnectTimer);
reconnectTimer = null;
}
}
function clearConnectTimeoutTimer() {
if (connectTimeoutTimer) {
clearTimeout(connectTimeoutTimer);
connectTimeoutTimer = null;
}
}
function stopHeartbeat() {
if (heartbeatTimer) {
clearInterval(heartbeatTimer);
heartbeatTimer = null;
}
}
function startHeartbeat() {
stopHeartbeat();
lastHeartbeatAt = Date.now();
heartbeatTimer = setInterval(() => {
if (!socket || socket.readyState !== WebSocket.OPEN) {
return;
}
if (Date.now() - lastHeartbeatAt > heartbeatTimeoutMs) {
appendRow("error", "heartbeat missed, forcing reconnect");
const activeSocket = socket;
socket = null;
stopHeartbeat();
clearConnectTimeoutTimer();
activeSocket.close();
scheduleReconnect();
return;
}
socket.send(JSON.stringify({ type: "ping" }));
}, heartbeatIntervalMs);
}
function scheduleReconnect() {
clearReconnectTimer();
clearConnectTimeoutTimer();
if (!shouldReconnect) {
return;
}
appendRow("status", "service websocket disconnected, retrying");
reconnectTimer = setTimeout(() => connectOrDisconnectService(true), reconnectDelayMs);
updateUiState();
}
function setValidation(message) {
elements.validationText.textContent = message;
}
function updateUiState() {
const readyState = socket ? socket.readyState : WebSocket.CLOSED;
const connected = readyState === WebSocket.OPEN;
const connecting = readyState === WebSocket.CONNECTING || Boolean(reconnectTimer);
let stateText = "未连接";
let stateValue = "disconnected";
if (connected) {
stateText = "已连接";
stateValue = "connected";
} else if (connecting) {
stateText = "连接中";
stateValue = "connecting";
}
elements.connectBtn.textContent = connected || connecting ? "断开" : "连接";
elements.sendBtn.disabled = !connected;
elements.connectionState.textContent = stateText;
elements.connectionState.dataset.state = stateValue;
}
function connectOrDisconnectService(forceConnect = false) {
if (!forceConnect && socket && (socket.readyState === WebSocket.OPEN || socket.readyState === WebSocket.CONNECTING)) {
shouldReconnect = false;
clearReconnectTimer();
clearConnectTimeoutTimer();
stopHeartbeat();
socket.close(reconnectCloseCode, reconnectCloseReason);
return;
}
clearReconnectTimer();
clearConnectTimeoutTimer();
const url = elements.wsUrl.value.trim() || defaultWsUrl;
elements.wsUrl.value = url;
shouldReconnect = true;
const nextSocket = new WebSocket(url);
socket = nextSocket;
updateUiState();
connectTimeoutTimer = setTimeout(() => {
if (socket !== nextSocket || nextSocket.readyState !== WebSocket.CONNECTING) {
return;
}
appendRow("error", "service websocket connect timed out");
socket = null;
nextSocket.close();
scheduleReconnect();
}, connectTimeoutMs);
nextSocket.addEventListener("open", () => {
if (socket !== nextSocket) {
return;
}
clearReconnectTimer();
clearConnectTimeoutTimer();
lastHeartbeatAt = Date.now();
startHeartbeat();
appendRow("status", "service websocket connected");
updateUiState();
});
nextSocket.addEventListener("close", (event) => {
if (socket !== nextSocket) {
return;
}
socket = null;
clearConnectTimeoutTimer();
stopHeartbeat();
const manualClose = event.code === reconnectCloseCode || event.reason === reconnectCloseReason;
if (manualClose) {
shouldReconnect = false;
appendRow("status", "service websocket disconnected");
updateUiState();
return;
}
scheduleReconnect();
});
nextSocket.addEventListener("error", () => {
if (socket !== nextSocket) {
return;
}
appendRow("error", "service websocket error");
});
nextSocket.addEventListener("message", handleMessage);
}
function handleMessage(event) {
lastHeartbeatAt = Date.now();
let message;
try {
message = JSON.parse(event.data);
} catch (_error) {
appendRow("error", "invalid service message: " + event.data);
return;
}
switch (message.type) {
case "status_changed":
appendRow("status", message.state);
break;
case "log_entry":
appendRow("log", message.message);
break;
case "task_complete":
appendRow(message.success ? "complete" : "error", message.summary);
break;
case "busy":
appendRow("error", message.message);
break;
case "pong":
break;
default:
appendRow("error", "unknown service message: " + event.data);
}
}
function sendTask() {
const instruction = elements.instructionInput.value.trim();
if (!socket || socket.readyState !== WebSocket.OPEN) {
return;
}
if (!instruction) {
setValidation("请输入任务内容。");
return;
}
setValidation("");
socket.send(JSON.stringify({
type: "submit_task",
instruction,
conversation_id: "",
messages: [],
page_url: "",
page_title: ""
}));
}
elements.connectBtn.addEventListener("click", connectOrDisconnectService);
elements.sendBtn.addEventListener("click", sendTask);
elements.instructionInput.addEventListener("input", () => {
if (elements.instructionInput.value.trim()) {
setValidation("");
}
});
updateUiState();
</script>
</body>
</html>

2
resources/rules.json
View File

@@ -6,6 +6,8 @@
"oa.example.com",
"erp.example.com",
"hr.example.com",
"sgcc.example.invalid",
"95598.example.invalid",
"baidu.com",
"www.baidu.com",
"zhihu.com",

10
skills-lock.json Normal file
View File

@@ -0,0 +1,10 @@
{
"version": 1,
"skills": {
"ui-ux-pro-max": {
"source": "nextlevelbuilder/ui-ux-pro-max-skill",
"sourceType": "github",
"computedHash": "6337038fe1fe6bbe1b9f252ab678ee575859190bab6f0f246f4061824eb40875"
}
}
}

363
src/agent/mod.rs
View File

@@ -1,142 +1,63 @@
pub mod planner;
pub mod runtime;
pub mod task_runner;
use std::ffi::OsString;
use std::path::PathBuf;
use std::sync::Arc;
use crate::compat::config_adapter::resolve_skills_dir_from_sgclaw_settings;
use crate::compat::runtime::CompatTaskContext;
use crate::config::SgClawSettings;
use crate::pipe::{AgentMessage, BrowserMessage, BrowserPipeTool, PipeError, Transport};
use crate::browser::ws_backend::WsBrowserBackend;
use crate::browser::{BrowserBackend, PipeBrowserBackend};
use crate::pipe::{BrowserMessage, BrowserPipeTool, PipeError, Transport};
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct AgentRuntimeContext {
config_path: Option<PathBuf>,
workspace_root: PathBuf,
pub use task_runner::{
run_submit_task, run_submit_task_with_browser_backend, AgentEventSink, AgentRuntimeContext,
SubmitTaskRequest,
};
fn normalize_optional_submit_field(value: String) -> Option<String> {
let trimmed = value.trim();
(!trimmed.is_empty()).then(|| trimmed.to_string())
}
impl AgentRuntimeContext {
pub fn new(config_path: Option<PathBuf>, workspace_root: PathBuf) -> Self {
Self {
config_path,
workspace_root,
}
fn browser_backend_for_submit<T: Transport + 'static>(
browser_tool: &BrowserPipeTool<T>,
context: &AgentRuntimeContext,
request: &SubmitTaskRequest,
) -> Result<Arc<dyn BrowserBackend>, PipeError> {
if let Some(browser_ws_url) = configured_browser_ws_url(context) {
return Ok(Arc::new(
WsBrowserBackend::new(
Arc::new(crate::service::browser_ws_client::ServiceWsClient::connect(
&browser_ws_url,
)?),
browser_tool.mac_policy().clone(),
crate::service::browser_ws_client::initial_request_url_for_submit_task(request),
)
.with_response_timeout(browser_tool.response_timeout()),
));
}
pub fn from_process_args<I, S>(args: I) -> Result<Self, PipeError>
where
I: IntoIterator<Item = S>,
S: Into<OsString>,
{
let mut config_path = None;
let mut args = args.into_iter().map(Into::into);
let _ = args.next();
while let Some(arg) = args.next() {
if arg == OsString::from("--config-path") {
let Some(value) = args.next() else {
return Err(PipeError::Protocol(
"missing value for --config-path".to_string(),
));
};
config_path = Some(PathBuf::from(value));
continue;
}
let arg_string = arg.to_string_lossy();
if let Some(value) = arg_string.strip_prefix("--config-path=") {
config_path = Some(PathBuf::from(value));
}
}
let workspace_root = config_path
.as_ref()
.and_then(|path| path.parent().map(|parent| parent.to_path_buf()))
.unwrap_or_else(default_workspace_root);
Ok(Self::new(config_path, workspace_root))
}
fn load_sgclaw_settings(&self) -> Result<Option<SgClawSettings>, PipeError> {
SgClawSettings::load(self.config_path.as_deref())
.map_err(|err| PipeError::Protocol(err.to_string()))
}
fn settings_source_label(&self) -> String {
match &self.config_path {
Some(path) if path.exists() => path.display().to_string(),
_ => "environment".to_string(),
}
}
Ok(Arc::new(PipeBrowserBackend::from_inner(browser_tool.clone())))
}
impl Default for AgentRuntimeContext {
fn default() -> Self {
Self::new(None, default_workspace_root())
}
fn configured_browser_ws_url(context: &AgentRuntimeContext) -> Option<String> {
std::env::var("SGCLAW_BROWSER_WS_URL")
.ok()
.filter(|value| !value.trim().is_empty())
.or_else(|| {
context
.load_sgclaw_settings()
.ok()
.flatten()
.and_then(|settings| settings.browser_ws_url)
.map(|value| value.trim().to_string())
.filter(|value| !value.is_empty())
})
}
fn default_workspace_root() -> PathBuf {
std::env::current_dir().unwrap_or_else(|_| PathBuf::from("."))
}
fn send_mode_log<T: Transport>(transport: &T, mode: &str) -> Result<(), PipeError> {
transport.send(&AgentMessage::LogEntry {
level: "mode".to_string(),
message: mode.to_string(),
fn send_status_changed<T: Transport>(transport: &T, state: &str) -> Result<(), PipeError> {
transport.send(&crate::pipe::AgentMessage::StatusChanged {
state: state.to_string(),
})
}
fn missing_llm_configuration_summary() -> String {
"未配置大语言模型。请先在 sgclaw_config.json 或环境变量中配置 apiKey、baseUrl 与 model。"
.to_string()
}
fn runtime_version_log_message() -> String {
format!(
"sgclaw runtime version={} protocol={}",
env!("CARGO_PKG_VERSION"),
crate::pipe::protocol::PROTOCOL_VERSION
)
}
fn execute_plan<T: Transport>(
transport: &T,
browser_tool: &BrowserPipeTool<T>,
plan: &planner::TaskPlan,
) -> Result<String, PipeError> {
for step in &plan.steps {
transport.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: step.log_message.clone(),
})?;
let result = browser_tool.invoke(
step.action.clone(),
step.params.clone(),
&step.expected_domain,
)?;
if !result.success {
return Err(PipeError::Protocol(format!(
"browser action failed: {}",
result.data
)));
}
}
Ok(plan.summary.clone())
}
pub fn execute_task<T: Transport>(
transport: &T,
browser_tool: &BrowserPipeTool<T>,
instruction: &str,
) -> Result<String, PipeError> {
let plan = planner::plan_instruction(instruction)
.map_err(|err| PipeError::Protocol(err.to_string()))?;
execute_plan(transport, browser_tool, &plan)
}
pub fn handle_browser_message<T: Transport + 'static>(
transport: &T,
browser_tool: &BrowserPipeTool<T>,
@@ -157,6 +78,9 @@ pub fn handle_browser_message_with_context<T: Transport + 'static>(
message: BrowserMessage,
) -> Result<(), PipeError> {
match message {
BrowserMessage::Connect => send_status_changed(transport, "connected"),
BrowserMessage::Start => send_status_changed(transport, "started"),
BrowserMessage::Stop => send_status_changed(transport, "stopped"),
BrowserMessage::SubmitTask {
instruction,
conversation_id,
@@ -164,149 +88,25 @@ pub fn handle_browser_message_with_context<T: Transport + 'static>(
page_url,
page_title,
} => {
let instruction = instruction.trim().to_string();
if instruction.is_empty() {
return transport.send(&AgentMessage::TaskComplete {
success: false,
summary: "请输入任务内容。".to_string(),
});
}
let task_context = CompatTaskContext {
conversation_id: (!conversation_id.trim().is_empty())
.then_some(conversation_id.clone()),
let request = SubmitTaskRequest {
instruction,
conversation_id: normalize_optional_submit_field(conversation_id),
messages,
page_url: (!page_url.trim().is_empty()).then_some(page_url),
page_title: (!page_title.trim().is_empty()).then_some(page_title),
page_url: normalize_optional_submit_field(page_url),
page_title: normalize_optional_submit_field(page_title),
};
let _ = transport.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: runtime_version_log_message(),
});
if !task_context.messages.is_empty() {
let _ = transport.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"continuing conversation with {} prior turns",
task_context.messages.len()
),
});
if configured_browser_ws_url(context).is_some() {
let browser_backend = browser_backend_for_submit(browser_tool, context, &request)?;
run_submit_task_with_browser_backend(
transport,
transport,
browser_backend,
context,
request,
)
} else {
run_submit_task(transport, transport, browser_tool, context, request)
}
let completion = match context.load_sgclaw_settings() {
Ok(Some(settings)) => {
let resolved_skills_dir =
resolve_skills_dir_from_sgclaw_settings(&context.workspace_root, &settings);
let _ = transport.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"DeepSeek config loaded from {} model={} base_url={}",
context.settings_source_label(),
settings.provider_model,
settings.provider_base_url
),
});
let _ = transport.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"skills dir resolved to {}",
resolved_skills_dir.display()
),
});
let _ = transport.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"runtime profile={:?} skills_prompt_mode={:?}",
settings.runtime_profile, settings.skills_prompt_mode
),
});
if settings
.direct_submit_skill
.as_deref()
.map(str::trim)
.is_some_and(|value| !value.is_empty())
{
let _ = send_mode_log(transport, "direct_skill_primary");
let completion = match crate::compat::direct_skill_runtime::execute_direct_submit_skill(
browser_tool.clone(),
&instruction,
&task_context,
&context.workspace_root,
&settings,
) {
Ok(outcome) => AgentMessage::TaskComplete {
success: outcome.success,
summary: outcome.summary,
},
Err(err) => AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
},
};
return transport.send(&completion);
}
if crate::compat::orchestration::should_use_primary_orchestration(
&instruction,
task_context.page_url.as_deref(),
task_context.page_title.as_deref(),
) {
let _ = send_mode_log(transport, "zeroclaw_process_message_primary");
match crate::compat::orchestration::execute_task_with_sgclaw_settings(
transport,
browser_tool.clone(),
&instruction,
&task_context,
&context.workspace_root,
&settings,
) {
Ok(summary) => {
return transport.send(&AgentMessage::TaskComplete {
success: true,
summary,
})
}
Err(err) => {
return transport.send(&AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
})
}
}
}
let _ = send_mode_log(transport, "compat_llm_primary");
match crate::compat::runtime::execute_task_with_sgclaw_settings(
transport,
browser_tool.clone(),
&instruction,
&task_context,
&context.workspace_root,
&settings,
) {
Ok(summary) => AgentMessage::TaskComplete {
success: true,
summary,
},
Err(err) => AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
},
}
}
Ok(None) => AgentMessage::TaskComplete {
success: false,
summary: missing_llm_configuration_summary(),
},
Err(err) => {
let _ = transport.send(&AgentMessage::LogEntry {
level: "error".to_string(),
message: format!("failed to load DeepSeek config: {err}"),
});
AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
}
}
};
transport.send(&completion)
}
BrowserMessage::Init { .. } => {
eprintln!("ignoring duplicate init after handshake");
@@ -318,3 +118,36 @@ pub fn handle_browser_message_with_context<T: Transport + 'static>(
}
}
}
#[cfg(test)]
mod tests {
use super::normalize_optional_submit_field;
use std::fs;
use std::path::PathBuf;
#[test]
fn normalize_optional_submit_field_trims_and_drops_blank_values() {
assert_eq!(normalize_optional_submit_field(" \n\t ".to_string()), None);
assert_eq!(
normalize_optional_submit_field(" https://example.com/page ".to_string()),
Some("https://example.com/page".to_string())
);
}
#[test]
fn agent_module_cleanup_removes_legacy_runtime_and_planner_sources() {
let manifest_dir = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
let agent_module = fs::read_to_string(manifest_dir.join("src/agent/mod.rs")).unwrap();
let top_lines = agent_module
.lines()
.take(10)
.map(str::trim)
.collect::<Vec<_>>();
assert!(!manifest_dir.join("src/agent/runtime.rs").exists());
assert!(!manifest_dir.join("src/agent/planner.rs").exists());
assert!(!top_lines.iter().any(|line| *line == "pub mod runtime;"));
assert!(!top_lines.iter().any(|line| *line == "pub mod planner;"));
assert!(top_lines.iter().any(|line| *line == "pub mod task_runner;"));
}
}

216
src/agent/planner.rs
View File

@@ -1,216 +0,0 @@
use reqwest::Url;
use serde_json::{json, Value};
use thiserror::Error;
use crate::config::PlannerMode;
use crate::pipe::Action;
/// Legacy deterministic planner kept for dev-only verification and fixture coverage.
/// Production browser submit flow no longer routes into this planner.
pub const LEGACY_DEV_ONLY: bool = true;
const BAIDU_URL: &str = "https://www.baidu.com";
const BAIDU_DOMAIN: &str = "www.baidu.com";
const BAIDU_INPUT_SELECTOR: &str = "#kw";
const BAIDU_SEARCH_BUTTON_SELECTOR: &str = "#su";
const ZHIHU_HOME_URL: &str = "https://www.zhihu.com";
const ZHIHU_SEARCH_URL: &str = "https://www.zhihu.com/search";
const ZHIHU_DOMAIN: &str = "www.zhihu.com";
#[derive(Debug, Clone, PartialEq)]
pub struct PlannedStep {
pub action: Action,
pub params: Value,
pub expected_domain: String,
pub log_message: String,
}
#[derive(Debug, Clone, PartialEq)]
pub struct TaskPlan {
pub summary: String,
pub steps: Vec<PlannedStep>,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct ExecutionPreview {
pub summary: String,
pub steps: Vec<String>,
}
#[derive(Debug, Error, Clone, PartialEq, Eq)]
pub enum PlannerError {
#[error("unsupported instruction: {0}")]
UnsupportedInstruction(String),
#[error("missing search query in instruction")]
MissingQuery,
}
pub fn plan_instruction(instruction: &str) -> Result<TaskPlan, PlannerError> {
let trimmed = instruction.trim();
if matches_exact(trimmed, &["打开百度"]) {
return Ok(plan_homepage("已打开百度首页", BAIDU_URL, BAIDU_DOMAIN));
}
if let Some(query) = extract_query(trimmed, &["打开百度搜索", "打开百度并搜索"])? {
return Ok(plan_baidu_search(query));
}
if matches_exact(trimmed, &["打开知乎"]) {
return Ok(plan_homepage(
"已打开知乎首页",
ZHIHU_HOME_URL,
ZHIHU_DOMAIN,
));
}
if let Some(query) = extract_query(trimmed, &["打开知乎搜索", "打开知乎并搜索"])? {
return Ok(plan_zhihu_search(query));
}
Err(PlannerError::UnsupportedInstruction(trimmed.to_string()))
}
pub fn build_execution_preview(
mode: PlannerMode,
instruction: &str,
page_url: Option<&str>,
page_title: Option<&str>,
) -> Option<ExecutionPreview> {
if matches!(mode, PlannerMode::LegacyDeterministic) {
return None;
}
let trimmed = instruction.trim();
if crate::runtime::is_zhihu_hotlist_task(trimmed, page_url, page_title) {
return Some(build_zhihu_hotlist_preview(trimmed));
}
if let Ok(plan) = plan_instruction(trimmed) {
return Some(ExecutionPreview {
summary: format!("先规划再执行:{}", plan.summary),
steps: plan
.steps
.into_iter()
.map(|step| step.log_message)
.collect(),
});
}
Some(ExecutionPreview {
summary: "先规划再执行当前任务".to_string(),
steps: vec![
"inspect current browser context".to_string(),
"choose the required sgclaw runtime tools".to_string(),
"execute and return the concrete result".to_string(),
],
})
}
fn extract_query<'a>(
instruction: &'a str,
prefixes: &[&str],
) -> Result<Option<&'a str>, PlannerError> {
let Some(query) = prefixes
.iter()
.find_map(|prefix| instruction.strip_prefix(prefix))
else {
return Ok(None);
};
let query = query.trim();
if query.is_empty() {
return Err(PlannerError::MissingQuery);
}
Ok(Some(query))
}
fn matches_exact(instruction: &str, candidates: &[&str]) -> bool {
candidates.iter().any(|candidate| instruction == *candidate)
}
fn plan_homepage(summary: &str, url: &str, domain: &str) -> TaskPlan {
TaskPlan {
summary: summary.to_string(),
steps: vec![PlannedStep {
action: Action::Navigate,
params: json!({ "url": url }),
expected_domain: domain.to_string(),
log_message: format!("navigate {url}"),
}],
}
}
fn plan_baidu_search(query: &str) -> TaskPlan {
TaskPlan {
summary: format!("已在百度搜索{query}"),
steps: vec![
PlannedStep {
action: Action::Navigate,
params: json!({ "url": BAIDU_URL }),
expected_domain: BAIDU_DOMAIN.to_string(),
log_message: "navigate https://www.baidu.com".to_string(),
},
PlannedStep {
action: Action::Type,
params: json!({
"selector": BAIDU_INPUT_SELECTOR,
"text": query,
"clear_first": true
}),
expected_domain: BAIDU_DOMAIN.to_string(),
log_message: format!("type {query} into {BAIDU_INPUT_SELECTOR}"),
},
PlannedStep {
action: Action::Click,
params: json!({ "selector": BAIDU_SEARCH_BUTTON_SELECTOR }),
expected_domain: BAIDU_DOMAIN.to_string(),
log_message: format!("click {BAIDU_SEARCH_BUTTON_SELECTOR}"),
},
],
}
}
fn plan_zhihu_search(query: &str) -> TaskPlan {
let url = Url::parse_with_params(ZHIHU_SEARCH_URL, &[("type", "content"), ("q", query)])
.expect("valid Zhihu search URL");
let url: String = url.into();
TaskPlan {
summary: format!("已在知乎搜索{query}"),
steps: vec![PlannedStep {
action: Action::Navigate,
params: json!({ "url": url }),
expected_domain: ZHIHU_DOMAIN.to_string(),
log_message: format!("navigate {url}"),
}],
}
}
fn build_zhihu_hotlist_preview(instruction: &str) -> ExecutionPreview {
let normalized = instruction.to_ascii_lowercase();
if normalized.contains("dashboard")
|| instruction.contains("大屏")
|| instruction.contains("新标签页")
{
return ExecutionPreview {
summary: "先规划再执行知乎热榜大屏生成".to_string(),
steps: vec![
"navigate https://www.zhihu.com/hot".to_string(),
"getText main".to_string(),
"call screen_html_export".to_string(),
"return generated local .html path".to_string(),
],
};
}
ExecutionPreview {
summary: "先规划再执行知乎热榜 Excel 导出".to_string(),
steps: vec![
"navigate https://www.zhihu.com/hot".to_string(),
"getText main".to_string(),
"call openxml_office".to_string(),
"return generated local .xlsx path".to_string(),
],
}
}

155
src/agent/runtime.rs
View File

@@ -1,155 +0,0 @@
use serde_json::{json, Map, Value};
use crate::llm::{ChatMessage, LlmError, LlmProvider, ToolDefinition, ToolFunctionCall};
use crate::pipe::{Action, AgentMessage, BrowserPipeTool, PipeError, Transport};
/// Legacy browser-only runtime kept for dev-only validation and narrow regression coverage.
/// Production browser submit flow uses `compat::runtime` plus `runtime::engine`.
pub const LEGACY_DEV_ONLY: bool = true;
const BROWSER_ACTION_TOOL_NAME: &str = "browser_action";
#[derive(Debug, Clone, PartialEq)]
struct BrowserActionCall {
action: Action,
expected_domain: String,
params: Value,
}
pub fn execute_task_with_provider<P: LlmProvider, T: Transport>(
transport: &T,
browser_tool: &BrowserPipeTool<T>,
provider: &P,
instruction: &str,
) -> Result<String, PipeError> {
let messages = vec![
ChatMessage {
role: "system".to_string(),
content: "You are sgClaw. Use browser_action to complete the browser task.".to_string(),
},
ChatMessage {
role: "user".to_string(),
content: instruction.to_string(),
},
];
let tools = vec![browser_action_tool_definition()];
let calls = provider
.chat(&messages, &tools)
.map_err(map_llm_error_to_pipe_error)?;
for call in calls {
let browser_call =
parse_browser_action_call(call).map_err(|err| PipeError::Protocol(err.to_string()))?;
transport.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"{} {}",
browser_call.action.as_str(),
browser_call.expected_domain
),
})?;
let result = browser_tool.invoke(
browser_call.action,
browser_call.params,
&browser_call.expected_domain,
)?;
if !result.success {
return Err(PipeError::Protocol(format!(
"browser action failed: {}",
result.data
)));
}
}
Ok(format!("已通过 Agent 执行任务: {instruction}"))
}
pub fn browser_action_tool_definition() -> ToolDefinition {
ToolDefinition {
name: BROWSER_ACTION_TOOL_NAME.to_string(),
description: "Execute browser actions in SuperRPA".to_string(),
parameters: json!({
"type": "object",
"required": ["action", "expected_domain"],
"properties": {
"action": { "type": "string", "enum": ["click", "type", "navigate", "getText"] },
"expected_domain": { "type": "string" },
"selector": { "type": "string" },
"text": { "type": "string" },
"url": { "type": "string" },
"clear_first": { "type": "boolean" }
}
}),
}
}
fn parse_browser_action_call(call: ToolFunctionCall) -> Result<BrowserActionCall, RuntimeError> {
if call.name != BROWSER_ACTION_TOOL_NAME {
return Err(RuntimeError::UnsupportedTool(call.name));
}
let mut args = match call.arguments {
Value::Object(args) => args,
other => {
return Err(RuntimeError::InvalidArguments(format!(
"expected object arguments, got {other}"
)))
}
};
let action_name = take_required_string(&mut args, "action")?;
let expected_domain = take_required_string(&mut args, "expected_domain")?;
let action = parse_action(&action_name)?;
let params = Value::Object(action_params_from_args(args));
Ok(BrowserActionCall {
action,
expected_domain,
params,
})
}
fn map_llm_error_to_pipe_error(err: LlmError) -> PipeError {
PipeError::Protocol(err.to_string())
}
fn parse_action(action_name: &str) -> Result<Action, RuntimeError> {
match action_name {
"click" => Ok(Action::Click),
"type" => Ok(Action::Type),
"navigate" => Ok(Action::Navigate),
"getText" => Ok(Action::GetText),
other => Err(RuntimeError::UnsupportedAction(other.to_string())),
}
}
fn take_required_string(
args: &mut Map<String, Value>,
key: &'static str,
) -> Result<String, RuntimeError> {
match args.remove(key) {
Some(Value::String(value)) if !value.trim().is_empty() => Ok(value),
Some(other) => Err(RuntimeError::InvalidArguments(format!(
"{key} must be a non-empty string, got {other}"
))),
None => Err(RuntimeError::MissingField(key)),
}
}
fn action_params_from_args(args: Map<String, Value>) -> Map<String, Value> {
args
}
#[derive(Debug, thiserror::Error)]
enum RuntimeError {
#[error("unsupported tool: {0}")]
UnsupportedTool(String),
#[error("unsupported action: {0}")]
UnsupportedAction(String),
#[error("missing required field: {0}")]
MissingField(&'static str),
#[error("invalid tool arguments: {0}")]
InvalidArguments(String),
}

452
src/agent/task_runner.rs Normal file
View File

@@ -0,0 +1,452 @@
use std::ffi::OsString;
use std::path::PathBuf;
use std::sync::Arc;
use crate::browser::BrowserBackend;
use crate::compat::config_adapter::resolve_skills_dir_from_sgclaw_settings;
use crate::compat::runtime::CompatTaskContext;
use crate::config::SgClawSettings;
use crate::pipe::{
AgentMessage, BrowserPipeTool, ConversationMessage, PipeError, Transport,
};
use crate::runtime::RuntimeEngine;
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct AgentRuntimeContext {
config_path: Option<PathBuf>,
workspace_root: PathBuf,
}
impl AgentRuntimeContext {
pub fn new(config_path: Option<PathBuf>, workspace_root: PathBuf) -> Self {
Self {
config_path,
workspace_root,
}
}
pub fn from_process_args<I, S>(args: I) -> Result<Self, PipeError>
where
I: IntoIterator<Item = S>,
S: Into<OsString>,
{
let mut config_path = None;
let mut args = args.into_iter().map(Into::into);
let _ = args.next();
while let Some(arg) = args.next() {
if arg == OsString::from("--config-path") {
let Some(value) = args.next() else {
return Err(PipeError::Protocol(
"missing value for --config-path".to_string(),
));
};
config_path = Some(resolve_process_path(PathBuf::from(value)));
continue;
}
let arg_string = arg.to_string_lossy();
if let Some(value) = arg_string.strip_prefix("--config-path=") {
config_path = Some(resolve_process_path(PathBuf::from(value)));
}
}
let workspace_root = config_path
.as_ref()
.and_then(|path| path.parent().map(|parent| parent.to_path_buf()))
.unwrap_or_else(default_workspace_root);
Ok(Self::new(config_path, workspace_root))
}
pub(crate) fn load_sgclaw_settings(&self) -> Result<Option<SgClawSettings>, PipeError> {
SgClawSettings::load(self.config_path.as_deref())
.map_err(|err| PipeError::Protocol(err.to_string()))
}
fn settings_source_label(&self) -> String {
match &self.config_path {
Some(path) if path.exists() => path.display().to_string(),
_ => "environment".to_string(),
}
}
}
impl Default for AgentRuntimeContext {
fn default() -> Self {
Self::new(None, default_workspace_root())
}
}
fn default_workspace_root() -> PathBuf {
std::env::current_dir().unwrap_or_else(|_| PathBuf::from("."))
}
fn resolve_process_path(path: PathBuf) -> PathBuf {
if path.is_absolute() {
path
} else {
default_workspace_root().join(path)
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn from_process_args_resolves_relative_config_path_against_current_dir() {
let current_dir = std::env::current_dir().unwrap();
let context = AgentRuntimeContext::from_process_args([
OsString::from("sg_claw"),
OsString::from("--config-path"),
OsString::from("../tmp/sgclaw_config.json"),
])
.unwrap();
assert_eq!(
context.config_path,
Some(current_dir.join("../tmp/sgclaw_config.json"))
);
assert_eq!(context.workspace_root, current_dir.join("../tmp"));
assert!(context.workspace_root.is_absolute());
}
}
#[derive(Debug, Clone, Default, PartialEq, Eq)]
pub struct SubmitTaskRequest {
pub instruction: String,
pub conversation_id: Option<String>,
pub messages: Vec<ConversationMessage>,
pub page_url: Option<String>,
pub page_title: Option<String>,
}
pub trait AgentEventSink: Send + Sync {
fn send(&self, message: &AgentMessage) -> Result<(), PipeError>;
}
impl<T: Transport + ?Sized> AgentEventSink for T {
fn send(&self, message: &AgentMessage) -> Result<(), PipeError> {
Transport::send(self, message)
}
}
pub fn run_submit_task<T: Transport + 'static>(
transport: &T,
sink: &dyn AgentEventSink,
browser_tool: &BrowserPipeTool<T>,
context: &AgentRuntimeContext,
request: SubmitTaskRequest,
) -> Result<(), PipeError> {
let SubmitTaskRequest {
instruction,
conversation_id,
messages,
page_url,
page_title,
} = request;
let instruction = instruction.trim().to_string();
if instruction.is_empty() {
return sink.send(&AgentMessage::TaskComplete {
success: false,
summary: "请输入任务内容。".to_string(),
});
}
let task_context = CompatTaskContext {
conversation_id,
messages,
page_url,
page_title,
};
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: runtime_version_log_message(),
});
if !task_context.messages.is_empty() {
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"continuing conversation with {} prior turns",
task_context.messages.len()
),
});
}
let completion = match context.load_sgclaw_settings() {
Ok(Some(settings)) => {
let resolved_skills_dir =
resolve_skills_dir_from_sgclaw_settings(&context.workspace_root, &settings);
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"DeepSeek config loaded from {} model={} base_url={}",
context.settings_source_label(),
settings.provider_model,
settings.provider_base_url
),
});
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!("skills dir resolved to {}", resolved_skills_dir.display()),
});
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"runtime profile={:?} skills_prompt_mode={:?}",
settings.runtime_profile, settings.skills_prompt_mode
),
});
if settings.direct_submit_skill.is_some() {
match crate::compat::direct_skill_runtime::execute_direct_submit_skill(
browser_tool.clone(),
&instruction,
&task_context,
&context.workspace_root,
&settings,
) {
Ok(outcome) => {
let _ = send_mode_log(sink, "direct_skill_primary");
return sink.send(&AgentMessage::TaskComplete {
success: outcome.success,
summary: outcome.summary,
});
}
Err(PipeError::Protocol(message))
if message.contains("must use skill.tool format") =>
{
return sink.send(&AgentMessage::TaskComplete {
success: false,
summary: message,
});
}
Err(err) => {
return sink.send(&AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
});
}
}
}
if RuntimeEngine::new(settings.runtime_profile).browser_surface_enabled()
&& crate::compat::orchestration::should_use_primary_orchestration(
&instruction,
task_context.page_url.as_deref(),
task_context.page_title.as_deref(),
)
{
let _ = send_mode_log(sink, "zeroclaw_process_message_primary");
match crate::compat::orchestration::execute_task_with_sgclaw_settings(
transport,
browser_tool.clone(),
&instruction,
&task_context,
&context.workspace_root,
&settings,
) {
Ok(summary) => {
return sink.send(&AgentMessage::TaskComplete {
success: true,
summary,
});
}
Err(err) => {
return sink.send(&AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
});
}
}
}
let _ = send_mode_log(sink, "compat_llm_primary");
match crate::compat::runtime::execute_task_with_sgclaw_settings(
transport,
browser_tool.clone(),
&instruction,
&task_context,
&context.workspace_root,
&settings,
) {
Ok(summary) => AgentMessage::TaskComplete {
success: true,
summary,
},
Err(err) => AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
},
}
}
Ok(None) => AgentMessage::TaskComplete {
success: false,
summary: missing_llm_configuration_summary(),
},
Err(err) => {
let _ = sink.send(&AgentMessage::LogEntry {
level: "error".to_string(),
message: format!("failed to load DeepSeek config: {err}"),
});
AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
}
}
};
sink.send(&completion)
}
pub fn run_submit_task_with_browser_backend<T: Transport + 'static>(
_transport: &T,
sink: &dyn AgentEventSink,
browser_backend: Arc<dyn BrowserBackend>,
context: &AgentRuntimeContext,
request: SubmitTaskRequest,
) -> Result<(), PipeError> {
let SubmitTaskRequest {
instruction,
conversation_id,
messages,
page_url,
page_title,
} = request;
let instruction = instruction.trim().to_string();
if instruction.is_empty() {
return sink.send(&AgentMessage::TaskComplete {
success: false,
summary: "请输入任务内容。".to_string(),
});
}
let task_context = CompatTaskContext {
conversation_id,
messages,
page_url,
page_title,
};
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: runtime_version_log_message(),
});
if !task_context.messages.is_empty() {
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"continuing conversation with {} prior turns",
task_context.messages.len()
),
});
}
let completion = match context.load_sgclaw_settings() {
Ok(Some(settings)) => {
let resolved_skills_dir =
resolve_skills_dir_from_sgclaw_settings(&context.workspace_root, &settings);
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"DeepSeek config loaded from {} model={} base_url={}",
context.settings_source_label(),
settings.provider_model,
settings.provider_base_url
),
});
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!("skills dir resolved to {}", resolved_skills_dir.display()),
});
let _ = sink.send(&AgentMessage::LogEntry {
level: "info".to_string(),
message: format!(
"runtime profile={:?} skills_prompt_mode={:?}",
settings.runtime_profile, settings.skills_prompt_mode
),
});
if RuntimeEngine::new(settings.runtime_profile).browser_surface_enabled()
&& crate::compat::orchestration::should_use_primary_orchestration(
&instruction,
task_context.page_url.as_deref(),
task_context.page_title.as_deref(),
)
{
let _ = send_mode_log(sink, "zeroclaw_process_message_primary");
match crate::compat::orchestration::execute_task_with_browser_backend(
sink,
browser_backend.clone(),
&instruction,
&task_context,
&context.workspace_root,
&settings,
) {
Ok(summary) => {
return sink.send(&AgentMessage::TaskComplete {
success: true,
summary,
});
}
Err(err) => {
return sink.send(&AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
});
}
}
}
let _ = send_mode_log(sink, "compat_llm_primary");
match crate::compat::runtime::execute_task_with_browser_backend(
sink,
browser_backend,
&instruction,
&task_context,
&context.workspace_root,
&settings,
) {
Ok(summary) => AgentMessage::TaskComplete {
success: true,
summary,
},
Err(err) => AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
},
}
}
Ok(None) => AgentMessage::TaskComplete {
success: false,
summary: missing_llm_configuration_summary(),
},
Err(err) => {
let _ = sink.send(&AgentMessage::LogEntry {
level: "error".to_string(),
message: format!("failed to load DeepSeek config: {err}"),
});
AgentMessage::TaskComplete {
success: false,
summary: err.to_string(),
}
}
};
sink.send(&completion)
}
fn send_mode_log(sink: &dyn AgentEventSink, mode: &str) -> Result<(), PipeError> {
sink.send(&AgentMessage::LogEntry {
level: "mode".to_string(),
message: mode.to_string(),
})
}
fn missing_llm_configuration_summary() -> String {
"未配置大语言模型。请先在 sgclaw_config.json 或环境变量中配置 apiKey、baseUrl 与 model。"
.to_string()
}
fn runtime_version_log_message() -> String {
format!(
"sgclaw runtime version={} protocol={}",
env!("CARGO_PKG_VERSION"),
crate::pipe::protocol::PROTOCOL_VERSION
)
}

10
src/bin/sg_claw.rs Normal file
View File

@@ -0,0 +1,10 @@
use std::process::ExitCode;
fn main() -> ExitCode {
if let Err(err) = sgclaw::service::run() {
eprintln!("sg_claw failed: {err}");
return ExitCode::FAILURE;
}
ExitCode::SUCCESS
}

98
src/bin/sg_claw_client.rs Normal file
View File

@@ -0,0 +1,98 @@
use std::io::{self, BufRead};
use sgclaw::service::{ClientMessage, ServiceMessage};
use tungstenite::{connect, Message};
fn main() -> std::process::ExitCode {
match run() {
Ok(()) => std::process::ExitCode::SUCCESS,
Err(err) => {
eprintln!("sg_claw_client failed: {err}");
std::process::ExitCode::FAILURE
}
}
}
fn parse_request(input: &str) -> (ClientMessage, bool) {
match input.trim() {
"/connect" => (ClientMessage::Connect, true),
"/start" => (ClientMessage::Start, true),
"/stop" => (ClientMessage::Stop, true),
instruction => (
ClientMessage::SubmitTask {
instruction: instruction.to_string(),
conversation_id: String::new(),
messages: vec![],
page_url: String::new(),
page_title: String::new(),
},
false,
),
}
}
fn run() -> Result<(), String> {
let service_url = std::env::var("SG_CLAW_SERVICE_WS_URL")
.unwrap_or_else(|_| "ws://127.0.0.1:42321".to_string());
let (mut socket, _) = connect(service_url.as_str()).map_err(|err| err.to_string())?;
let stdin = io::stdin();
loop {
eprint!("> ");
let mut input = String::new();
let bytes_read = stdin
.lock()
.read_line(&mut input)
.map_err(|err| err.to_string())?;
if bytes_read == 0 {
break; // EOF — graceful exit
}
if input.trim().is_empty() {
continue;
}
let (request, exit_on_status) = parse_request(&input);
let payload = serde_json::to_string(&request).map_err(|err| err.to_string())?;
socket
.send(Message::Text(payload.into()))
.map_err(|err| err.to_string())?;
// Inner loop: consume service messages until the task finishes.
loop {
match socket.read().map_err(|err| err.to_string())? {
Message::Text(text) => {
let message: ServiceMessage =
serde_json::from_str(&text).map_err(|err| err.to_string())?;
match message {
ServiceMessage::StatusChanged { state } => {
println!("status: {state}");
if exit_on_status {
break;
}
}
ServiceMessage::LogEntry { level: _, message } => {
println!("{message}");
}
ServiceMessage::TaskComplete { success: _, summary } => {
println!("{summary}");
break;
}
ServiceMessage::Busy { message } => {
eprintln!("busy: {message}");
break;
}
ServiceMessage::Pong => {}
}
}
Message::Close(_) => {
return Err("service disconnected".to_string());
}
_ => {}
}
}
}
Ok(())
}

70
src/bin/sgbrowser_ws_probe.rs Normal file
View File

@@ -0,0 +1,70 @@
use std::env;
use std::process::ExitCode;
use std::time::Duration;
use sgclaw::{parse_probe_args, run_probe_script, ProbeOutcome};
fn main() -> ExitCode {
match run() {
Ok(()) => ExitCode::SUCCESS,
Err(err) => {
eprintln!("sgbrowser_ws_probe failed: {err}");
ExitCode::FAILURE
}
}
}
fn run() -> Result<(), String> {
let args: Vec<String> = env::args().skip(1).collect();
let config = match parse_probe_args(&args) {
Ok(config) => config,
Err(err) => return Err(err.to_string()),
};
let results = match run_probe_script(
&config.ws_url,
Duration::from_millis(config.timeout_ms),
config.steps,
) {
Ok(results) => results,
Err(err) => return Err(err.to_string()),
};
for (index, result) in results.iter().enumerate() {
println!("STEP {} {}", index + 1, result.label);
println!("SEND: {}", result.sent);
match &result.outcome {
ProbeOutcome::Received(frames) => {
if frames.is_empty() {
println!("RECV: <none>");
} else {
for frame in frames {
println!("RECV: {}", frame);
}
}
println!("OUTCOME: received");
}
ProbeOutcome::NoReplyExpected => {
println!("RECV: <none>");
println!("OUTCOME: no-reply-expected");
}
ProbeOutcome::TimedOut => {
println!("RECV: <none>");
println!("OUTCOME: timeout");
}
ProbeOutcome::Closed => {
println!("RECV: <none>");
println!("OUTCOME: closed");
}
ProbeOutcome::ConnectFailed(message) => {
println!("RECV: <none>");
println!("OUTCOME: connect-failed");
println!("DETAIL: {}", message);
}
}
if index + 1 < results.len() {
println!();
}
}
Ok(())
}

47
src/browser/backend.rs Normal file
View File

@@ -0,0 +1,47 @@
use std::sync::Arc;
use serde_json::Value;
use crate::pipe::{Action, CommandOutput, ExecutionSurfaceMetadata, PipeError};
pub trait BrowserBackend: Send + Sync {
fn invoke(
&self,
action: Action,
params: Value,
expected_domain: &str,
) -> Result<CommandOutput, PipeError>;
fn surface_metadata(&self) -> ExecutionSurfaceMetadata;
fn supports_eval(&self) -> bool {
true
}
fn supports_live_input(&self) -> bool {
false
}
}
impl<T: BrowserBackend + ?Sized> BrowserBackend for Arc<T> {
fn invoke(
&self,
action: Action,
params: Value,
expected_domain: &str,
) -> Result<CommandOutput, PipeError> {
self.as_ref().invoke(action, params, expected_domain)
}
fn surface_metadata(&self) -> ExecutionSurfaceMetadata {
self.as_ref().surface_metadata()
}
fn supports_eval(&self) -> bool {
self.as_ref().supports_eval()
}
fn supports_live_input(&self) -> bool {
self.as_ref().supports_live_input()
}
}

66
src/browser/bridge_backend.rs Normal file
View File

@@ -0,0 +1,66 @@
use std::sync::Arc;
use std::sync::atomic::{AtomicU64, Ordering};
use serde_json::Value;
use crate::browser::backend::BrowserBackend;
use crate::browser::bridge_contract::{BridgeBrowserActionReply, BridgeBrowserActionRequest};
use crate::browser::bridge_transport::BridgeActionTransport;
use crate::pipe::{Action, CommandOutput, ExecutionSurfaceMetadata, PipeError};
use crate::security::MacPolicy;
pub struct BridgeBrowserBackend {
transport: Arc<dyn BridgeActionTransport>,
mac_policy: MacPolicy,
next_seq: AtomicU64,
}
impl BridgeBrowserBackend {
pub fn new(transport: Arc<dyn BridgeActionTransport>, mac_policy: MacPolicy) -> Self {
Self {
transport,
mac_policy,
next_seq: AtomicU64::new(1),
}
}
}
impl BrowserBackend for BridgeBrowserBackend {
fn invoke(
&self,
action: Action,
params: Value,
expected_domain: &str,
) -> Result<CommandOutput, PipeError> {
self.mac_policy.validate(&action, expected_domain)?;
let seq = self.next_seq.fetch_add(1, Ordering::Relaxed);
let reply = self.transport.execute(BridgeBrowserActionRequest::new(
action.as_str(),
params,
expected_domain,
))?;
match reply {
BridgeBrowserActionReply::Success(success) => Ok(CommandOutput {
seq,
success: true,
data: success.data,
aom_snapshot: success.aom_snapshot,
timing: success.timing,
}),
BridgeBrowserActionReply::Error(error) => Err(PipeError::Protocol(format!(
"bridge action failed: {}",
error.message
))),
}
}
fn surface_metadata(&self) -> ExecutionSurfaceMetadata {
self.mac_policy.privileged_surface_metadata()
}
fn supports_eval(&self) -> bool {
self.mac_policy.supports_pipe_action(&Action::Eval)
}
}

63
src/browser/bridge_contract.rs Normal file
View File

@@ -0,0 +1,63 @@
use serde::{Deserialize, Serialize};
use serde_json::Value;
use crate::pipe::Timing;
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum BridgeLifecycleCall {
Connect,
Start,
Stop,
SubmitTask,
}
impl BridgeLifecycleCall {
pub fn bridge_name(self) -> &'static str {
match self {
Self::Connect => "sgclawConnect",
Self::Start => "sgclawStart",
Self::Stop => "sgclawStop",
Self::SubmitTask => "sgclawSubmitTask",
}
}
}
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct BridgeBrowserActionRequest {
pub action: String,
pub params: Value,
pub expected_domain: String,
}
impl BridgeBrowserActionRequest {
pub fn new(
action: impl Into<String>,
params: Value,
expected_domain: impl Into<String>,
) -> Self {
Self {
action: action.into(),
params,
expected_domain: expected_domain.into(),
}
}
}
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub enum BridgeBrowserActionReply {
Success(BridgeBrowserActionSuccess),
Error(BridgeBrowserActionError),
}
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct BridgeBrowserActionSuccess {
pub data: Value,
pub aom_snapshot: Vec<Value>,
pub timing: Timing,
}
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct BridgeBrowserActionError {
pub message: String,
pub details: Value,
}

9
src/browser/bridge_transport.rs Normal file
View File

@@ -0,0 +1,9 @@
use crate::browser::bridge_contract::{BridgeBrowserActionReply, BridgeBrowserActionRequest};
use crate::pipe::PipeError;
pub trait BridgeActionTransport: Send + Sync {
fn execute(
&self,
request: BridgeBrowserActionRequest,
) -> Result<BridgeBrowserActionReply, PipeError>;
}

970
src/browser/callback_backend.rs Normal file
View File

@@ -0,0 +1,970 @@
use std::sync::atomic::{AtomicU64, Ordering};
use std::sync::{Arc, Mutex};
use serde::{Deserialize, Serialize};
use serde_json::{json, Value};
use crate::browser::backend::BrowserBackend;
use crate::pipe::{Action, CommandOutput, ExecutionSurfaceMetadata, PipeError, Timing};
use crate::security::MacPolicy;
const CLICK_PROBE_CALLBACK_NAME: &str = "sgclawOnClickProbe";
const TYPE_PROBE_CALLBACK_NAME: &str = "sgclawOnTypeProbe";
const GET_TEXT_CALLBACK_NAME: &str = "sgclawOnGetText";
const EVAL_CALLBACK_NAME: &str = "sgclawOnEval";
const SHOW_AREA: &str = "show";
const LOCAL_DASHBOARD_EXPECTED_DOMAIN: &str = "__sgclaw_local_dashboard__";
const LOCAL_DASHBOARD_SOURCE: &str = "compat.workflow_executor";
const LOCAL_DASHBOARD_KIND_ZHIHU_HOTLIST_SCREEN: &str = "zhihu_hotlist_screen";
pub trait BrowserCallbackHost: Send + Sync {
fn execute(&self, request: BrowserCallbackRequest) -> Result<BrowserCallbackResponse, PipeError>;
}
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct BrowserCallbackRequest {
pub seq: u64,
pub request_url: String,
pub expected_domain: String,
pub action: String,
pub command: Value,
}
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub enum BrowserCallbackResponse {
Success(BrowserCallbackSuccess),
Error(BrowserCallbackError),
}
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct BrowserCallbackSuccess {
pub success: bool,
pub data: Value,
pub aom_snapshot: Vec<Value>,
pub timing: Timing,
}
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct BrowserCallbackError {
pub message: String,
pub details: Value,
}
pub struct BrowserCallbackBackend {
host: Arc<dyn BrowserCallbackHost>,
mac_policy: MacPolicy,
helper_page_url: String,
current_target_url: Mutex<Option<String>>,
next_seq: AtomicU64,
}
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
enum CallbackInputMode {
Click,
Type,
}
impl BrowserCallbackBackend {
pub fn new(
host: Arc<dyn BrowserCallbackHost>,
mac_policy: MacPolicy,
helper_page_url: impl Into<String>,
) -> Self {
Self {
host,
mac_policy,
helper_page_url: helper_page_url.into(),
current_target_url: Mutex::new(None),
next_seq: AtomicU64::new(1),
}
}
fn build_command(&self, action: &Action, params: &Value) -> Result<Value, PipeError> {
match action {
Action::Navigate => {
let target_url = required_string(params, "url")?;
// Use sgBrowerserOpenPage to open the target URL in a **new**
// visible browser tab. This keeps the helper page alive so its
// WebSocket connection, command polling, and callback functions
// remain functional for subsequent GetText / Eval commands.
//
// sgBrowserCallAfterLoaded would navigate the helper page tab
// itself to the target URL, destroying all helper-page JS
// context and making further communication impossible.
//
// sgBrowerserOpenPage does not fire a JS callback; the callback
// host will treat the navigate action as fire-and-forget and
// return success once the command has been forwarded.
Ok(json!([
self.helper_page_url,
"sgBrowerserOpenPage",
target_url,
]))
}
Action::Click => self.build_input_command(action, params, CallbackInputMode::Click),
Action::Type => self.build_input_command(action, params, CallbackInputMode::Type),
Action::GetText => {
let target_url = self.target_url(action, params)?;
let domain = extract_domain(&target_url)?;
let selector = required_string(params, "selector")?;
let js_code = build_get_text_js(&self.helper_page_url, &selector);
// Use sgBrowserExcuteJsCodeByDomain (API #25) which matches
// pages by domain rather than exact URL. This is far more
// robust than sgBrowserExcuteJsCodeByArea because the actual
// page URL may differ from what we navigated to (redirects,
// query parameters, etc.).
Ok(json!([
self.helper_page_url,
"sgBrowserExcuteJsCodeByDomain",
domain,
js_code,
SHOW_AREA,
]))
}
Action::Eval => {
let target_url = self.target_url(action, params)?;
let domain = extract_domain(&target_url)?;
let script = required_string(params, "script")?;
let js_code = build_eval_js(&self.helper_page_url, &script);
Ok(json!([
self.helper_page_url,
"sgBrowserExcuteJsCodeByDomain",
domain,
js_code,
SHOW_AREA,
]))
}
_ => Err(PipeError::Protocol(format!(
"unsupported callback-host browser action: {}",
action.as_str()
))),
}
}
fn build_input_command(
&self,
action: &Action,
params: &Value,
mode: CallbackInputMode,
) -> Result<Value, PipeError> {
let target_url = self.target_url(action, params)?;
let domain = extract_domain(&target_url)?;
let selector = optional_string(params, "selector");
let probe_script = optional_string(params, "probe_script");
let text = matches!(mode, CallbackInputMode::Type)
.then(|| required_string(params, "text"))
.transpose()?;
let js_code = build_input_probe_js(
mode,
&self.helper_page_url,
selector.as_deref(),
probe_script.as_deref(),
text.as_deref(),
)?;
Ok(json!([
self.helper_page_url,
"sgBrowserExcuteJsCodeByDomain",
domain,
js_code,
SHOW_AREA,
]))
}
fn target_url(&self, action: &Action, params: &Value) -> Result<String, PipeError> {
if let Some(target_url) = params
.get("target_url")
.and_then(Value::as_str)
.map(str::trim)
.filter(|value| !value.is_empty())
.map(ToString::to_string)
{
return Ok(target_url);
}
self.current_target_url
.lock()
.map_err(|_| PipeError::Protocol("callback backend target url lock poisoned".to_string()))?
.clone()
.ok_or_else(|| PipeError::Protocol(format!("target_url is required for {}", action.as_str())))
}
fn execute_simulated_click(
&self,
seq: u64,
expected_domain: &str,
success: &BrowserCallbackSuccess,
) -> Result<BrowserCallbackSuccess, PipeError> {
let probe = success
.data
.get("probe")
.ok_or_else(|| PipeError::Protocol("callback click probe payload missing".to_string()))?;
let x = probe
.get("x")
.and_then(Value::as_f64)
.ok_or_else(|| PipeError::Protocol("callback click probe missing x".to_string()))?;
let y = probe
.get("y")
.and_then(Value::as_f64)
.ok_or_else(|| PipeError::Protocol("callback click probe missing y".to_string()))?;
let timing = success.timing.clone();
match self.host.execute(BrowserCallbackRequest {
seq,
request_url: self.helper_page_url.clone(),
expected_domain: expected_domain.to_string(),
action: Action::Click.as_str().to_string(),
command: json!([
self.helper_page_url,
"sgBroewserSimulateMouse",
x,
y,
"left",
"",
""
]),
}) {
Ok(BrowserCallbackResponse::Error(error)) => Err(PipeError::Protocol(format!(
"callback host browser action failed: {} ({})",
error.message, error.details
))),
Ok(BrowserCallbackResponse::Success(_)) | Err(PipeError::Timeout) => {
Ok(BrowserCallbackSuccess {
success: true,
data: json!({
"clicked": true,
"probe": { "x": x, "y": y },
}),
aom_snapshot: vec![],
timing,
})
}
Err(error) => Err(error),
}
}
fn execute_simulated_type(
&self,
seq: u64,
expected_domain: &str,
params: &Value,
success: &BrowserCallbackSuccess,
) -> Result<BrowserCallbackSuccess, PipeError> {
let probe = success
.data
.get("probe")
.ok_or_else(|| PipeError::Protocol("callback type probe payload missing".to_string()))?;
let x = probe
.get("x")
.and_then(Value::as_f64)
.ok_or_else(|| PipeError::Protocol("callback type probe missing x".to_string()))?;
let y = probe
.get("y")
.and_then(Value::as_f64)
.ok_or_else(|| PipeError::Protocol("callback type probe missing y".to_string()))?;
let text = params
.get("text")
.and_then(Value::as_str)
.map(str::trim)
.filter(|value| !value.is_empty())
.ok_or_else(|| PipeError::Protocol("text is required".to_string()))?;
let timing = success.timing.clone();
match self.host.execute(BrowserCallbackRequest {
seq,
request_url: self.helper_page_url.clone(),
expected_domain: expected_domain.to_string(),
action: Action::Type.as_str().to_string(),
command: json!([
self.helper_page_url,
"sgBroewserSimulateKeyborad",
x,
y,
text
]),
}) {
Ok(BrowserCallbackResponse::Error(error)) => Err(PipeError::Protocol(format!(
"callback host browser action failed: {} ({})",
error.message, error.details
))),
Ok(BrowserCallbackResponse::Success(_)) | Err(PipeError::Timeout) => {
Ok(BrowserCallbackSuccess {
success: true,
data: json!({
"typed": true,
"probe": { "x": x, "y": y, "text": text },
}),
aom_snapshot: vec![],
timing,
})
}
Err(error) => Err(error),
}
}
}
impl BrowserBackend for BrowserCallbackBackend {
fn invoke(
&self,
action: Action,
params: Value,
expected_domain: &str,
) -> Result<CommandOutput, PipeError> {
if let Some(local_dashboard) = approved_local_dashboard_request(&action, &params, expected_domain)
{
self.mac_policy
.validate_local_dashboard_presentation(
&action,
expected_domain,
&local_dashboard.presentation_url,
&local_dashboard.output_path,
)
.map_err(PipeError::Security)?;
} else {
self.mac_policy
.validate(&action, expected_domain)
.map_err(PipeError::Security)?;
}
let seq = self.next_seq.fetch_add(1, Ordering::Relaxed);
let reply = self.host.execute(BrowserCallbackRequest {
seq,
request_url: self.helper_page_url.clone(),
expected_domain: expected_domain.to_string(),
action: action.as_str().to_string(),
command: self.build_command(&action, &params)?,
})?;
match reply {
BrowserCallbackResponse::Success(success) => {
let success = match action {
Action::Click => self.execute_simulated_click(seq, expected_domain, &success)?,
Action::Type => {
self.execute_simulated_type(seq, expected_domain, &params, &success)?
}
_ => success,
};
if matches!(action, Action::Navigate) {
if let Some(url) = params
.get("url")
.and_then(Value::as_str)
.map(str::trim)
.filter(|value| !value.is_empty())
{
*self.current_target_url.lock().map_err(|_| {
PipeError::Protocol("callback backend target url lock poisoned".to_string())
})? = Some(url.to_string());
}
}
Ok(CommandOutput {
seq,
success: success.success,
data: success.data,
aom_snapshot: success.aom_snapshot,
timing: success.timing,
})
}
BrowserCallbackResponse::Error(error) => Err(PipeError::Protocol(format!(
"callback host browser action failed: {} ({})",
error.message, error.details
))),
}
}
fn surface_metadata(&self) -> ExecutionSurfaceMetadata {
self.mac_policy.privileged_surface_metadata()
}
fn supports_eval(&self) -> bool {
self.mac_policy.supports_pipe_action(&Action::Eval)
}
fn supports_live_input(&self) -> bool {
self.mac_policy.supports_pipe_action(&Action::Click)
&& self.mac_policy.supports_pipe_action(&Action::Type)
}
}
fn required_string(params: &Value, key: &str) -> Result<String, PipeError> {
params
.get(key)
.and_then(Value::as_str)
.map(str::trim)
.filter(|value| !value.is_empty())
.map(ToString::to_string)
.ok_or_else(|| PipeError::Protocol(format!("{key} is required")))
}
fn optional_string(params: &Value, key: &str) -> Option<String> {
params
.get(key)
.and_then(Value::as_str)
.map(str::trim)
.filter(|value| !value.is_empty())
.map(ToString::to_string)
}
fn build_get_text_js(source_url: &str, selector: &str) -> String {
let escaped_source_url = escape_js_single_quoted(source_url);
let escaped_selector = escape_js_single_quoted(selector);
let callback = GET_TEXT_CALLBACK_NAME;
let events_url = escape_js_single_quoted(&events_endpoint_url(source_url));
// Three delivery paths for getting the result back to the callback host:
//
// 1. callBackJsToCpp (API #40) — browser-native IPC that routes the
// callback function to the helper page.
// 2. XMLHttpRequest POST to callback host — localhost (127.0.0.1) is
// exempt from mixed-content restrictions in Chromium.
// 3. navigator.sendBeacon fallback — same localhost exemption.
//
// The XHR / sendBeacon paths POST the event DIRECTLY in the format the
// callback host expects (callback="sgclawOnGetText", payload={text:...})
// so normalize_callback_result can process it via Path A.
format!(
"(function(){{try{{\
var el=document.querySelector('{escaped_selector}');\
var t=el?((el.innerText||el.textContent||'').trim()):'';\
try{{callBackJsToCpp('{escaped_source_url}@_@'+window.location.href+'@_@{callback}@_@sgBrowserExcuteJsCodeByDomain@_@'+t)}}catch(_){{}}\
var j=JSON.stringify({{type:'callback',callback:'{callback}',request_url:'{escaped_source_url}',payload:{{text:t}}}});\
try{{var r=new XMLHttpRequest();r.open('POST','{events_url}',true);r.setRequestHeader('Content-Type','application/json');r.send(j)}}catch(_){{}}\
try{{navigator.sendBeacon('{events_url}',new Blob([j],{{type:'application/json'}}))}}catch(_){{}}\
}}catch(e){{}}}})()"
)
}
fn build_eval_js(source_url: &str, script: &str) -> String {
let escaped_source_url = escape_js_single_quoted(source_url);
let callback = EVAL_CALLBACK_NAME;
let events_url = escape_js_single_quoted(&events_endpoint_url(source_url));
format!(
"(function(){{try{{var v=(function(){{return {script}}})();\
var t=(typeof v==='string')?v:JSON.stringify(v);\
try{{callBackJsToCpp('{escaped_source_url}@_@'+window.location.href+'@_@{callback}@_@sgBrowserExcuteJsCodeByDomain@_@'+(t??''))}}catch(_){{}}\
var j=JSON.stringify({{type:'callback',callback:'{callback}',request_url:'{escaped_source_url}',payload:{{value:(t??'')}}}});\
try{{var r=new XMLHttpRequest();r.open('POST','{events_url}',true);r.setRequestHeader('Content-Type','application/json');r.send(j)}}catch(_){{}}\
try{{navigator.sendBeacon('{events_url}',new Blob([j],{{type:'application/json'}}))}}catch(_){{}}\
}}catch(e){{}}}})()"
)
}
fn build_input_probe_js(
mode: CallbackInputMode,
source_url: &str,
selector: Option<&str>,
probe_script: Option<&str>,
text: Option<&str>,
) -> Result<String, PipeError> {
let escaped_source_url = escape_js_single_quoted(source_url);
let callback = match mode {
CallbackInputMode::Click => CLICK_PROBE_CALLBACK_NAME,
CallbackInputMode::Type => TYPE_PROBE_CALLBACK_NAME,
};
let events_url = escape_js_single_quoted(&events_endpoint_url(source_url));
let payload_expression = match mode {
CallbackInputMode::Click => "JSON.stringify({x:x,y:y})".to_string(),
CallbackInputMode::Type => {
let escaped_text = escape_js_single_quoted(text.unwrap_or_default());
format!("JSON.stringify({{x:x,y:y,text:'{escaped_text}'}})")
}
};
let payload_object = match mode {
CallbackInputMode::Click => "{x:x,y:y}".to_string(),
CallbackInputMode::Type => {
let escaped_text = escape_js_single_quoted(text.unwrap_or_default());
format!("{{x:x,y:y,text:'{escaped_text}'}}")
}
};
let element_lookup = if let Some(script) = probe_script {
format!("(function(){{{script}}})()")
} else if let Some(selector) = selector {
let escaped_selector = escape_js_single_quoted(selector);
format!("document.querySelector('{escaped_selector}')")
} else {
return Err(PipeError::Protocol(
"selector or probe_script is required".to_string(),
));
};
let missing_hint = selector
.map(|value| format!("selector not found: {}", escape_js_single_quoted(value)))
.unwrap_or_else(|| "input probe target not found".to_string());
Ok(format!(
"(function(){{try{{\
var el={element_lookup};\
if(!el){{throw new Error('{missing_hint}');}}\
var rect=(typeof el.getBoundingClientRect==='function')?el.getBoundingClientRect():null;\
var x=rect?(rect.left+(rect.width/2)):0;\
var y=rect?(rect.top+(rect.height/2)):0;\
try{{callBackJsToCpp('{escaped_source_url}@_@'+window.location.href+'@_@{callback}@_@sgBrowserExcuteJsCodeByDomain@_@'+String({payload_expression}))}}catch(_){{}}\
var j=JSON.stringify({{type:'callback',callback:'{callback}',request_url:'{escaped_source_url}',payload:{payload_object}}});\
try{{var r=new XMLHttpRequest();r.open('POST','{events_url}',true);r.setRequestHeader('Content-Type','application/json');r.send(j)}}catch(_){{}}\
try{{navigator.sendBeacon('{events_url}',new Blob([j],{{type:'application/json'}}))}}catch(_){{}}\
}}catch(e){{}}}})()"
))
}
/// Derive the callback host events endpoint URL from the helper page URL.
/// e.g. "http://127.0.0.1:62819/sgclaw/browser-helper.html"
/// → "http://127.0.0.1:62819/sgclaw/callback/events"
fn events_endpoint_url(helper_page_url: &str) -> String {
let origin = helper_page_url
.find("://")
.and_then(|scheme_end| {
helper_page_url[scheme_end + 3..]
.find('/')
.map(|path_start| &helper_page_url[..scheme_end + 3 + path_start])
})
.unwrap_or(helper_page_url);
format!("{origin}/sgclaw/callback/events")
}
/// Extract the domain from a URL.
/// e.g. "https://www.zhihu.com/hot" → "www.zhihu.com"
fn extract_domain(url: &str) -> Result<String, PipeError> {
let after_scheme = url
.find("://")
.map(|i| &url[i + 3..])
.unwrap_or(url);
let domain = after_scheme
.split('/')
.next()
.unwrap_or(after_scheme)
.split(':')
.next()
.unwrap_or(after_scheme);
if domain.is_empty() {
return Err(PipeError::Protocol(format!(
"failed to extract domain from URL: {url}"
)));
}
Ok(domain.to_string())
}
fn escape_js_single_quoted(raw: &str) -> String {
raw.replace('\\', "\\\\")
.replace('\'', "\\'")
.replace('\n', "\\n")
.replace('\r', "\\r")
.replace('\0', "\\0")
.replace('\u{2028}', "\\u2028")
.replace('\u{2029}', "\\u2029")
}
struct LocalDashboardRequest {
presentation_url: String,
output_path: String,
}
fn approved_local_dashboard_request(
action: &Action,
params: &Value,
expected_domain: &str,
) -> Option<LocalDashboardRequest> {
if action != &Action::Navigate || expected_domain != LOCAL_DASHBOARD_EXPECTED_DOMAIN {
return None;
}
let presentation_url = params.get("url")?.as_str()?.trim();
let marker = params.get("sgclaw_local_dashboard_open")?.as_object()?;
let source = marker.get("source")?.as_str()?.trim();
let kind = marker.get("kind")?.as_str()?.trim();
let output_path = marker.get("output_path")?.as_str()?.trim();
let marker_presentation_url = marker.get("presentation_url")?.as_str()?.trim();
if source != LOCAL_DASHBOARD_SOURCE
|| kind != LOCAL_DASHBOARD_KIND_ZHIHU_HOTLIST_SCREEN
|| output_path.is_empty()
|| presentation_url.is_empty()
|| marker_presentation_url != presentation_url
{
return None;
}
Some(LocalDashboardRequest {
presentation_url: presentation_url.to_string(),
output_path: output_path.to_string(),
})
}
#[cfg(test)]
mod tests {
use super::*;
use std::collections::VecDeque;
fn test_policy() -> MacPolicy {
MacPolicy::from_json_str(
r#"{
"version": "1.0",
"domains": { "allowed": ["www.zhihu.com", "zhuanlan.zhihu.com"] },
"pipe_actions": {
"allowed": ["click", "type", "navigate", "getText", "eval"],
"blocked": []
}
}"#,
)
.unwrap()
}
struct FakeCallbackHost {
requests: Mutex<Vec<BrowserCallbackRequest>>,
replies: Mutex<VecDeque<Result<BrowserCallbackResponse, PipeError>>>,
}
impl FakeCallbackHost {
fn new(replies: Vec<Result<BrowserCallbackResponse, PipeError>>) -> Self {
Self {
requests: Mutex::new(Vec::new()),
replies: Mutex::new(VecDeque::from(replies)),
}
}
fn requests(&self) -> Vec<BrowserCallbackRequest> {
self.requests.lock().unwrap().clone()
}
}
impl BrowserCallbackHost for FakeCallbackHost {
fn execute(&self, request: BrowserCallbackRequest) -> Result<BrowserCallbackResponse, PipeError> {
self.requests.lock().unwrap().push(request);
self.replies
.lock()
.unwrap()
.pop_front()
.unwrap_or_else(|| Err(PipeError::Timeout))
}
}
fn success_reply(data: Value) -> Result<BrowserCallbackResponse, PipeError> {
Ok(BrowserCallbackResponse::Success(BrowserCallbackSuccess {
success: true,
data,
aom_snapshot: vec![],
timing: Timing {
queue_ms: 1,
exec_ms: 1,
},
}))
}
#[test]
fn callback_backend_click_treats_simulated_mouse_follow_up_as_fire_and_forget() {
let host = Arc::new(FakeCallbackHost::new(vec![success_reply(
json!({ "probe": { "x": 320.5, "y": 240.25 } }),
)]));
let backend = BrowserCallbackBackend::new(
host.clone(),
test_policy(),
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
);
let output = backend
.invoke(
Action::Click,
json!({
"target_url": "https://zhuanlan.zhihu.com/write",
"selector": "button"
}),
"zhuanlan.zhihu.com",
)
.unwrap();
assert!(output.success);
let requests = host.requests();
assert_eq!(requests.len(), 2);
assert_eq!(requests[1].command, json!([
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
"sgBroewserSimulateMouse",
320.5,
240.25,
"left",
"",
""
]));
}
#[test]
fn callback_backend_click_survives_simulated_mouse_timeout() {
let host = Arc::new(FakeCallbackHost::new(vec![
success_reply(json!({ "probe": { "x": 320.5, "y": 240.25 } })),
Err(PipeError::Timeout),
]));
let backend = BrowserCallbackBackend::new(
host.clone(),
test_policy(),
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
);
let output = backend
.invoke(
Action::Click,
json!({
"target_url": "https://zhuanlan.zhihu.com/write",
"selector": "button"
}),
"zhuanlan.zhihu.com",
)
.expect("simulated mouse timeout should be treated as fire-and-forget success");
assert!(output.success);
let requests = host.requests();
assert_eq!(requests.len(), 2);
}
#[test]
fn callback_backend_click_uses_domain_probe_then_simulated_mouse_input() {
let host = Arc::new(FakeCallbackHost::new(vec![
success_reply(json!({ "probe": { "x": 320.5, "y": 240.25 } })),
success_reply(json!({ "clicked": true })),
]));
let backend = BrowserCallbackBackend::new(
host.clone(),
test_policy(),
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
);
let output = backend
.invoke(
Action::Click,
json!({
"target_url": "https://zhuanlan.zhihu.com/write",
"selector": "button"
}),
"zhuanlan.zhihu.com",
)
.unwrap();
assert!(output.success);
let requests = host.requests();
assert_eq!(requests.len(), 2);
assert_eq!(requests[0].action, "click");
assert_eq!(requests[0].command[1], json!("sgBrowserExcuteJsCodeByDomain"));
assert_eq!(requests[0].command[2], json!("zhuanlan.zhihu.com"));
let script = requests[0].command[3].as_str().unwrap();
assert!(script.contains("document.querySelector('button')"));
assert!(script.contains("sgclawOnClick"));
assert_eq!(requests[1].action, "click");
assert_eq!(requests[1].command, json!([
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
"sgBroewserSimulateMouse",
320.5,
240.25,
"left",
"",
""
]));
}
#[test]
fn callback_backend_type_treats_simulated_keyboard_follow_up_as_fire_and_forget() {
let host = Arc::new(FakeCallbackHost::new(vec![success_reply(
json!({ "probe": { "x": 160.0, "y": 90.0, "text": "正文" } }),
)]));
let backend = BrowserCallbackBackend::new(
host.clone(),
test_policy(),
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
);
let output = backend
.invoke(
Action::Type,
json!({
"target_url": "https://zhuanlan.zhihu.com/write",
"selector": "div[contenteditable='true']",
"text": "正文"
}),
"zhuanlan.zhihu.com",
)
.unwrap();
assert!(output.success);
let requests = host.requests();
assert_eq!(requests.len(), 2);
assert_eq!(requests[1].command, json!([
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
"sgBroewserSimulateKeyborad",
160.0,
90.0,
"正文"
]));
}
#[test]
fn callback_backend_type_uses_custom_probe_script_when_provided() {
let host = Arc::new(FakeCallbackHost::new(vec![
success_reply(json!({ "probe": { "x": 160.0, "y": 90.0, "text": "正文" } })),
success_reply(json!({ "typed": true })),
]));
let backend = BrowserCallbackBackend::new(
host.clone(),
test_policy(),
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
);
let output = backend
.invoke(
Action::Type,
json!({
"target_url": "https://zhuanlan.zhihu.com/write",
"probe_script": "return document.body;",
"text": "正文"
}),
"zhuanlan.zhihu.com",
)
.unwrap();
assert!(output.success);
let requests = host.requests();
assert_eq!(requests.len(), 2);
let script = requests[0].command[3].as_str().unwrap();
assert!(script.contains("return document.body;"));
assert!(!script.contains("selector not found: div[contenteditable='true']"));
assert_eq!(requests[1].command, json!([
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
"sgBroewserSimulateKeyborad",
160.0,
90.0,
"正文"
]));
}
#[test]
fn callback_backend_type_uses_domain_probe_then_simulated_keyboard_input() {
let host = Arc::new(FakeCallbackHost::new(vec![
success_reply(json!({ "probe": { "x": 160.0, "y": 90.0, "text": "正文" } })),
success_reply(json!({ "typed": true })),
]));
let backend = BrowserCallbackBackend::new(
host.clone(),
test_policy(),
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
);
let output = backend
.invoke(
Action::Type,
json!({
"target_url": "https://zhuanlan.zhihu.com/write",
"selector": "div[contenteditable='true']",
"text": "正文"
}),
"zhuanlan.zhihu.com",
)
.unwrap();
assert!(output.success);
let requests = host.requests();
assert_eq!(requests.len(), 2);
assert_eq!(requests[0].action, "type");
assert_eq!(requests[0].command[1], json!("sgBrowserExcuteJsCodeByDomain"));
assert_eq!(requests[0].command[2], json!("zhuanlan.zhihu.com"));
let script = requests[0].command[3].as_str().unwrap();
assert!(script.contains("document.querySelector('div[contenteditable=\\'true\\']')"));
assert!(script.contains("sgclawOnType"));
assert!(!script.contains("el.value="));
assert_eq!(requests[1].action, "type");
assert_eq!(requests[1].command, json!([
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
"sgBroewserSimulateKeyborad",
160.0,
90.0,
"正文"
]));
}
#[test]
fn callback_backend_accepts_approved_local_dashboard_navigate_request() {
let host = Arc::new(FakeCallbackHost::new(vec![success_reply(json!({
"navigated": true
}))]));
let backend = BrowserCallbackBackend::new(
host.clone(),
test_policy(),
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
);
let output = backend
.invoke(
Action::Navigate,
json!({
"url": "file:///C:/tmp/zhihu-hotlist-screen.html",
"sgclaw_local_dashboard_open": {
"source": "compat.workflow_executor",
"kind": "zhihu_hotlist_screen",
"output_path": "C:/tmp/zhihu-hotlist-screen.html",
"presentation_url": "file:///C:/tmp/zhihu-hotlist-screen.html"
}
}),
"__sgclaw_local_dashboard__",
)
.expect("approved local dashboard request should be accepted");
assert!(output.success);
let requests = host.requests();
assert_eq!(requests.len(), 1);
assert_eq!(requests[0].command, json!([
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
"sgBrowerserOpenPage",
"file:///C:/tmp/zhihu-hotlist-screen.html"
]));
}
#[test]
fn callback_backend_rejects_local_dashboard_navigate_without_required_marker_fields() {
let host = Arc::new(FakeCallbackHost::new(vec![]));
let backend = BrowserCallbackBackend::new(
host.clone(),
test_policy(),
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
);
let err = backend
.invoke(
Action::Navigate,
json!({
"url": "file:///C:/tmp/zhihu-hotlist-screen.html",
"sgclaw_local_dashboard_open": {
"source": "compat.workflow_executor",
"kind": "zhihu_hotlist_screen",
"presentation_url": "file:///C:/tmp/zhihu-hotlist-screen.html"
}
}),
"__sgclaw_local_dashboard__",
)
.unwrap_err();
assert!(host.requests().is_empty());
assert!(err.to_string().contains("domain is not allowed"));
}
#[test]
fn escape_js_single_quoted_escapes_newlines_and_control_chars() {
let raw = "第一行\n第二行\r\n第三行";
let escaped = escape_js_single_quoted(raw);
assert!(!escaped.contains('\n'), "literal newline must be escaped");
assert!(!escaped.contains('\r'), "literal carriage return must be escaped");
assert!(escaped.contains("\\n"), "should contain escaped newline");
assert!(escaped.contains("\\r"), "should contain escaped carriage return");
assert_eq!(escaped, "第一行\\n第二行\\r\\n第三行");
}
#[test]
fn type_probe_script_with_multiline_text_is_valid_js() {
let text_with_newlines = "标题\n\n正文第一段\n正文第二段";
let js = build_input_probe_js(
CallbackInputMode::Type,
"http://127.0.0.1:17888/sgclaw/browser-helper.html",
Some("div[contenteditable='true']"),
None,
Some(text_with_newlines),
)
.unwrap();
// The generated JS must NOT contain literal newlines inside single-quoted strings.
// Split on single quotes and check inner segments.
assert!(
!js.contains("标题\n"),
"literal newline must not appear in the JS probe script"
);
assert!(js.contains("标题\\n"));
assert!(js.contains("sgclawOnTypeProbe"));
}
}

1438
src/browser/callback_host.rs Normal file
View File

File diff suppressed because it is too large Load Diff

19
src/browser/mod.rs Normal file
View File

@@ -0,0 +1,19 @@
pub mod bridge_backend;
pub mod bridge_contract;
pub mod bridge_transport;
pub mod callback_backend;
mod backend;
pub(crate) mod callback_host;
mod pipe_backend;
pub mod ws_backend;
pub mod ws_probe;
pub mod ws_protocol;
pub use backend::BrowserBackend;
pub use bridge_backend::BridgeBrowserBackend;
pub use callback_backend::{
BrowserCallbackBackend, BrowserCallbackError, BrowserCallbackHost,
BrowserCallbackRequest, BrowserCallbackResponse, BrowserCallbackSuccess,
};
pub use pipe_backend::PipeBrowserBackend;
pub use ws_backend::WsBrowserBackend;

55
src/browser/pipe_backend.rs Normal file
View File

@@ -0,0 +1,55 @@
use std::sync::Arc;
use serde_json::Value;
use crate::browser::BrowserBackend;
use crate::pipe::{Action, BrowserPipeTool, CommandOutput, ExecutionSurfaceMetadata, PipeError, Transport};
use crate::security::MacPolicy;
pub struct PipeBrowserBackend<T: Transport> {
inner: BrowserPipeTool<T>,
}
impl<T: Transport> PipeBrowserBackend<T> {
pub fn new(transport: Arc<T>, mac_policy: MacPolicy, session_key: Vec<u8>) -> Self {
Self {
inner: BrowserPipeTool::new(transport, mac_policy, session_key),
}
}
pub fn from_inner(inner: BrowserPipeTool<T>) -> Self {
Self { inner }
}
pub fn with_response_timeout(mut self, response_timeout: std::time::Duration) -> Self {
self.inner = self.inner.with_response_timeout(response_timeout);
self
}
}
impl<T: Transport> Clone for PipeBrowserBackend<T> {
fn clone(&self) -> Self {
Self {
inner: self.inner.clone(),
}
}
}
impl<T: Transport> BrowserBackend for PipeBrowserBackend<T> {
fn invoke(
&self,
action: Action,
params: Value,
expected_domain: &str,
) -> Result<CommandOutput, PipeError> {
self.inner.invoke(action, params, expected_domain)
}
fn surface_metadata(&self) -> ExecutionSurfaceMetadata {
self.inner.surface_metadata()
}
fn supports_eval(&self) -> bool {
self.inner.supports_eval()
}
}

158
src/browser/ws_backend.rs Normal file
View File

@@ -0,0 +1,158 @@
use std::sync::atomic::{AtomicU64, Ordering};
use std::sync::{Arc, Mutex};
use std::time::Duration;
use serde_json::{json, Value};
use crate::browser::{ws_protocol, BrowserBackend};
use crate::pipe::{Action, CommandOutput, ExecutionSurfaceMetadata, PipeError, Timing};
use crate::security::MacPolicy;
pub trait WsClient: Send + Sync {
fn send_text(&self, payload: &str) -> Result<(), PipeError>;
fn recv_text_timeout(&self, timeout: Duration) -> Result<String, PipeError>;
}
pub struct WsBrowserBackend<C: WsClient> {
client: Arc<C>,
mac_policy: MacPolicy,
request_url: Mutex<String>,
next_seq: AtomicU64,
response_timeout: Duration,
in_flight: Mutex<()>,
}
impl<C: WsClient> WsBrowserBackend<C> {
pub fn new(client: Arc<C>, mac_policy: MacPolicy, request_url: impl Into<String>) -> Self {
Self {
client,
mac_policy,
request_url: Mutex::new(request_url.into()),
next_seq: AtomicU64::new(1),
response_timeout: Duration::from_secs(30),
in_flight: Mutex::new(()),
}
}
pub fn with_response_timeout(mut self, response_timeout: Duration) -> Self {
self.response_timeout = response_timeout;
self
}
}
impl<C: WsClient> BrowserBackend for WsBrowserBackend<C> {
fn invoke(
&self,
action: Action,
params: Value,
expected_domain: &str,
) -> Result<CommandOutput, PipeError> {
let _guard = self
.in_flight
.lock()
.map_err(|_| PipeError::Protocol("browser ws request lock poisoned".to_string()))?;
self.mac_policy.validate(&action, expected_domain)?;
let seq = self.next_seq.fetch_add(1, Ordering::Relaxed);
let request_id = seq.to_string();
let request_url = self
.request_url
.lock()
.map_err(|_| PipeError::Protocol("browser ws request url lock poisoned".to_string()))?
.clone();
let encoded = ws_protocol::encode_v1_action(
&action,
&params,
&request_url,
Some(request_id.as_str()),
)?;
self.client.send_text(&encoded.payload)?;
let status = Some(recv_status_frame(&*self.client, self.response_timeout)?);
if let Some(status) = status {
let status_code = parse_status_code(&status)?;
if status_code != 0 {
return Err(PipeError::Protocol(format!(
"browser returned non-zero status: {status_code}"
)));
}
}
if action == Action::Navigate {
if let Some(url) = params.get("url").and_then(Value::as_str) {
let mut request_url = self.request_url.lock().map_err(|_| {
PipeError::Protocol("browser ws request url lock poisoned".to_string())
})?;
*request_url = url.to_string();
}
}
if let Some(callback) = encoded.callback {
loop {
let frame = self.client.recv_text_timeout(self.response_timeout)?;
let decoded = ws_protocol::decode_callback_frame(&frame)?;
if decoded.callback_name == callback.callback_name {
return Ok(CommandOutput {
seq,
success: true,
data: json!({ "text": decoded.response_text }),
aom_snapshot: vec![],
timing: Timing {
queue_ms: 0,
exec_ms: 0,
},
});
}
}
}
Ok(CommandOutput {
seq,
success: true,
data: json!({}),
aom_snapshot: vec![],
timing: Timing {
queue_ms: 0,
exec_ms: 0,
},
})
}
fn surface_metadata(&self) -> ExecutionSurfaceMetadata {
self.mac_policy.privileged_surface_metadata()
}
fn supports_eval(&self) -> bool {
self.mac_policy.supports_pipe_action(&Action::Eval)
}
}
fn parse_status_code(raw: &str) -> Result<i64, PipeError> {
raw.trim()
.parse::<i64>()
.map_err(|_| PipeError::Protocol(format!("invalid browser status frame: {raw}")))
}
fn recv_status_frame(client: &dyn WsClient, timeout: Duration) -> Result<String, PipeError> {
loop {
let frame = client.recv_text_timeout(timeout)?;
if is_ignorable_status_prelude(&frame) {
continue;
}
return Ok(frame);
}
}
fn is_ignorable_status_prelude(frame: &str) -> bool {
let trimmed = frame.trim();
if trimmed.starts_with("Welcome!") || trimmed.starts_with("Welcome ") {
return true;
}
serde_json::from_str::<Value>(trimmed)
.ok()
.and_then(|value| value.get("type").and_then(Value::as_str).map(str::to_string))
.is_some_and(|kind| kind == "welcome")
}

307
src/browser/ws_probe.rs Normal file
View File

@@ -0,0 +1,307 @@
use std::net::TcpStream;
use std::time::Duration;
use thiserror::Error;
use tungstenite::stream::MaybeTlsStream;
use tungstenite::{connect, Message, WebSocket};
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct ProbeStep {
pub label: String,
pub payload: String,
pub expect_reply: bool,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum ProbeOutcome {
Received(Vec<String>),
NoReplyExpected,
TimedOut,
Closed,
ConnectFailed(String),
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct ProbeStepResult {
pub label: String,
pub sent: String,
pub outcome: ProbeOutcome,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct ProbeCliConfig {
pub ws_url: String,
pub timeout_ms: u64,
pub steps: Vec<ProbeStep>,
}
const DEFAULT_TIMEOUT_MS: u64 = 1500;
const DEFAULT_REGISTER_STEP_LABEL: &str = "register";
const DEFAULT_REGISTER_STEP_PAYLOAD: &str = r#"{"type":"register","role":"web"}"#;
#[derive(Debug, Error)]
pub enum ProbeError {
#[error("io error: {0}")]
Io(#[from] std::io::Error),
#[error("probe timeout while waiting for websocket frame")]
Timeout,
#[error("probe websocket closed")]
Closed,
#[error("probe protocol error: {0}")]
Protocol(String),
#[error("probe argument error: {0}")]
Args(String),
}
pub fn parse_probe_args(args: &[String]) -> Result<ProbeCliConfig, ProbeError> {
let mut ws_url = None;
let mut timeout_ms = None;
let mut steps = Vec::new();
let mut index = 0;
while index < args.len() {
match args[index].as_str() {
"--ws-url" => {
index += 1;
let value = args
.get(index)
.ok_or_else(|| ProbeError::Args("missing value for --ws-url".to_string()))?;
ws_url = Some(value.clone());
}
"--timeout-ms" => {
index += 1;
let value = args.get(index).ok_or_else(|| {
ProbeError::Args("missing value for --timeout-ms".to_string())
})?;
let parsed = value.parse::<u64>().map_err(|_| {
ProbeError::Args(format!("invalid --timeout-ms value: {value}"))
})?;
timeout_ms = Some(parsed);
}
"--step" => {
index += 1;
let value = args
.get(index)
.ok_or_else(|| ProbeError::Args("missing value for --step".to_string()))?;
let (label, payload) = value.split_once("::").ok_or_else(|| {
ProbeError::Args(format!(
"invalid --step value (expected <label>::<payload>): {value}"
))
})?;
if label.is_empty() {
return Err(ProbeError::Args("step label must not be empty".to_string()));
}
if payload.is_empty() {
return Err(ProbeError::Args("step payload must not be empty".to_string()));
}
steps.push(ProbeStep {
label: label.to_string(),
payload: payload.to_string(),
expect_reply: true,
});
}
flag => {
return Err(ProbeError::Args(format!("unknown argument: {flag}")));
}
}
index += 1;
}
let ws_url = ws_url.ok_or_else(|| ProbeError::Args("missing required --ws-url".to_string()))?;
validate_ws_url(&ws_url)?;
let timeout_ms = timeout_ms.unwrap_or(DEFAULT_TIMEOUT_MS);
if steps.is_empty() {
steps.push(ProbeStep {
label: DEFAULT_REGISTER_STEP_LABEL.to_string(),
payload: DEFAULT_REGISTER_STEP_PAYLOAD.to_string(),
expect_reply: true,
});
}
Ok(ProbeCliConfig {
ws_url,
timeout_ms,
steps,
})
}
fn validate_ws_url(ws_url: &str) -> Result<(), ProbeError> {
if ws_url.starts_with("ws://") {
return Ok(());
}
Err(ProbeError::Args(format!(
"unsupported --ws-url scheme (only ws:// is supported for this probe): {ws_url}"
)))
}
pub fn run_probe_script(
ws_url: &str,
timeout: Duration,
steps: Vec<ProbeStep>,
) -> Result<Vec<ProbeStepResult>, ProbeError> {
let mut socket = match connect(ws_url) {
Ok((socket, _)) => socket,
Err(err) => {
let message = err.to_string();
return Ok(steps
.into_iter()
.map(|step| ProbeStepResult {
label: step.label,
sent: step.payload,
outcome: ProbeOutcome::ConnectFailed(message.clone()),
})
.collect());
}
};
configure_socket_timeout(&mut socket, timeout)?;
let mut results = Vec::with_capacity(steps.len());
for step in steps {
let ProbeStep {
label,
payload,
expect_reply,
} = step;
let send_outcome = match socket.send(Message::Text(payload.clone().into())) {
Ok(()) => None,
Err(err) => Some(map_websocket_error(err, "browser websocket send")),
};
let outcome = match send_outcome {
Some(ProbeError::Timeout) => ProbeOutcome::TimedOut,
Some(ProbeError::Closed) => ProbeOutcome::Closed,
Some(err) => return Err(err),
None if expect_reply => match read_probe_frames(&mut socket) {
Ok(frames) => ProbeOutcome::Received(frames),
Err(ProbeError::Timeout) => ProbeOutcome::TimedOut,
Err(ProbeError::Closed) => ProbeOutcome::Closed,
Err(err) => return Err(err),
},
None => ProbeOutcome::NoReplyExpected,
};
results.push(ProbeStepResult {
label,
sent: payload,
outcome,
});
}
Ok(results)
}
fn configure_socket_timeout(
websocket: &mut WebSocket<MaybeTlsStream<TcpStream>>,
timeout: Duration,
) -> Result<(), ProbeError> {
match websocket.get_mut() {
MaybeTlsStream::Plain(stream) => {
stream.set_read_timeout(Some(timeout))?;
stream.set_write_timeout(Some(timeout))?;
Ok(())
}
_ => Ok(()),
}
}
fn read_probe_frames(
websocket: &mut WebSocket<MaybeTlsStream<TcpStream>>,
) -> Result<Vec<String>, ProbeError> {
let first_frame = read_probe_frame(websocket)?;
let mut frames = vec![first_frame];
let Some(original_timeout) = get_plain_read_timeout(websocket)? else {
return Ok(frames);
};
set_plain_read_timeout(websocket, Some(Duration::from_millis(1)))?;
loop {
match read_probe_frame(websocket) {
Ok(frame) => frames.push(frame),
Err(ProbeError::Timeout) | Err(ProbeError::Closed) => break,
Err(err) => {
set_plain_read_timeout(websocket, original_timeout)?;
return Err(err);
}
}
}
set_plain_read_timeout(websocket, original_timeout)?;
Ok(frames)
}
fn get_plain_read_timeout(
websocket: &mut WebSocket<MaybeTlsStream<TcpStream>>,
) -> Result<Option<Option<Duration>>, ProbeError> {
match websocket.get_mut() {
MaybeTlsStream::Plain(stream) => Ok(Some(stream.read_timeout()?)),
_ => Ok(None),
}
}
fn set_plain_read_timeout(
websocket: &mut WebSocket<MaybeTlsStream<TcpStream>>,
timeout: Option<Duration>,
) -> Result<(), ProbeError> {
match websocket.get_mut() {
MaybeTlsStream::Plain(stream) => {
stream.set_read_timeout(timeout)?;
Ok(())
}
_ => Ok(()),
}
}
fn read_probe_frame(
websocket: &mut WebSocket<MaybeTlsStream<TcpStream>>,
) -> Result<String, ProbeError> {
loop {
match websocket.read() {
Ok(Message::Text(text)) => return Ok(text.to_string()),
Ok(Message::Close(_)) => return Err(ProbeError::Closed),
Ok(Message::Ping(payload)) => {
websocket
.send(Message::Pong(payload))
.map_err(|err| map_websocket_error(err, "browser websocket pong"))?;
}
Ok(_) => {}
Err(err) => return Err(map_websocket_error(err, "browser websocket read")),
}
}
}
fn map_websocket_error(err: tungstenite::Error, operation: &str) -> ProbeError {
match err {
tungstenite::Error::ConnectionClosed
| tungstenite::Error::AlreadyClosed
| tungstenite::Error::Protocol(tungstenite::error::ProtocolError::ResetWithoutClosingHandshake)
| tungstenite::Error::Protocol(tungstenite::error::ProtocolError::SendAfterClosing) => {
ProbeError::Closed
}
tungstenite::Error::Io(io_err)
if matches!(
io_err.kind(),
std::io::ErrorKind::TimedOut | std::io::ErrorKind::WouldBlock
) =>
{
ProbeError::Timeout
}
tungstenite::Error::Io(io_err)
if matches!(
io_err.kind(),
std::io::ErrorKind::ConnectionAborted
| std::io::ErrorKind::ConnectionReset
| std::io::ErrorKind::BrokenPipe
| std::io::ErrorKind::UnexpectedEof
) =>
{
ProbeError::Closed
}
tungstenite::Error::Io(io_err) => ProbeError::Io(io_err),
other => ProbeError::Protocol(format!("{operation} failed: {other}")),
}
}

306
src/browser/ws_protocol.rs Normal file
View File

@@ -0,0 +1,306 @@
use serde_json::{json, Value};
use crate::pipe::{Action, PipeError};
const CALLBACK_DELIMITER: &str = "@_@";
const CALLBACK_PREFIX: &str = "sgclaw_cb_";
const JS_AREA_HIDE: &str = "hide";
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct CallbackCorrelation {
pub request_id: String,
pub callback_name: String,
pub source_url: String,
pub target_url: String,
pub action_url: String,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct EncodedWsRequest {
pub payload: String,
pub callback: Option<CallbackCorrelation>,
}
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct DecodedCallback {
pub source_url: String,
pub target_url: String,
pub callback_name: String,
pub action_url: String,
pub response_text: String,
}
pub fn encode_v1_action(
action: &Action,
params: &Value,
request_url: &str,
request_id: Option<&str>,
) -> Result<EncodedWsRequest, PipeError> {
match action {
Action::Navigate => encode_navigate(params, request_url, request_id),
Action::Click => encode_click(params, request_url),
Action::Type => encode_type(params, request_url),
Action::GetText => encode_get_text(params, request_url, request_id),
Action::Eval => encode_eval(params, request_url, request_id),
_ => Err(PipeError::Protocol(format!(
"unsupported browser ws action: {}",
action.as_str()
))),
}
}
pub fn decode_callback_frame(frame: &str) -> Result<DecodedCallback, PipeError> {
let payload: Value = serde_json::from_str(frame)?;
let array = payload.as_array().ok_or_else(|| {
PipeError::Protocol("callback frame must be a JSON array".to_string())
})?;
if array.len() != 3 {
return Err(PipeError::Protocol(
"callback frame must contain [requesturl, function, payload]".to_string(),
));
}
let function_name = array[1].as_str().ok_or_else(|| {
PipeError::Protocol("callback frame function name must be a string".to_string())
})?;
if function_name != "callBackJsToCpp" {
return Err(PipeError::Protocol(
"callback frame must target callBackJsToCpp".to_string(),
));
}
let param = array[2].as_str().ok_or_else(|| {
PipeError::Protocol("callback payload must be a string".to_string())
})?;
let mut parts = param.splitn(5, CALLBACK_DELIMITER);
let source_url = parts.next().unwrap_or_default();
let target_url = parts.next().unwrap_or_default();
let callback_name = parts.next().unwrap_or_default();
let action_url = parts.next().unwrap_or_default();
let response_text = parts.next().unwrap_or_default();
if source_url.is_empty()
|| target_url.is_empty()
|| callback_name.is_empty()
|| action_url.is_empty()
|| response_text.is_empty() && !param.ends_with(CALLBACK_DELIMITER)
{
return Err(PipeError::Protocol(
"malformed callback payload".to_string(),
));
}
Ok(DecodedCallback {
source_url: source_url.to_string(),
target_url: target_url.to_string(),
callback_name: callback_name.to_string(),
action_url: action_url.to_string(),
response_text: response_text.to_string(),
})
}
fn encode_navigate(
params: &Value,
request_url: &str,
request_id: Option<&str>,
) -> Result<EncodedWsRequest, PipeError> {
let url = required_string(params, "url")?;
let callback = callback_metadata(
request_id,
request_url,
&url,
"sgHideBrowserCallAfterLoaded",
)?;
let callback_call = format!(
"callBackJsToCpp(\"{request_url}@_@{url}@_@{callback_name}@_@sgHideBrowserCallAfterLoaded@_@\")",
callback_name = callback.callback_name,
);
Ok(EncodedWsRequest {
payload: serde_json::to_string(&json!([
request_url,
"sgHideBrowserCallAfterLoaded",
url,
callback_call,
]))?,
callback: Some(callback),
})
}
fn encode_click(params: &Value, request_url: &str) -> Result<EncodedWsRequest, PipeError> {
let target_url = target_url(params, request_url)?;
let selector = required_string(params, "selector")?;
let script = format!(
"(function(){{const el=document.querySelector({selector:?});if(!el){{throw new Error(\"selector not found: {selector}\");}}el.click();}})();"
);
encode_js_in_area(request_url, &target_url, &script, None)
}
fn encode_type(params: &Value, request_url: &str) -> Result<EncodedWsRequest, PipeError> {
let target_url = target_url(params, request_url)?;
let selector = required_string(params, "selector")?;
let text = required_string(params, "text")?;
let script = format!(
"(function(){{const el=document.querySelector({selector:?});if(!el){{throw new Error(\"selector not found: {selector}\");}}el.value={text:?};el.dispatchEvent(new Event(\"input\",{{bubbles:true}}));el.dispatchEvent(new Event(\"change\",{{bubbles:true}}));}})();"
);
encode_js_in_area(request_url, &target_url, &script, None)
}
fn encode_get_text(
params: &Value,
request_url: &str,
request_id: Option<&str>,
) -> Result<EncodedWsRequest, PipeError> {
let target_url = target_url(params, request_url)?;
let selector = required_string(params, "selector")?;
let callback = callback_metadata(
request_id,
request_url,
&target_url,
"sgBrowserExcuteJsCodeByArea",
)?;
let script = format!(
"(function(){{const el=document.querySelector({selector:?});if(!el){{throw new Error(\"selector not found: {selector}\");}}const text=el.innerText ?? el.textContent ?? \"\";callBackJsToCpp(\"{request_url}@_@{target_url}@_@{callback_name}@_@sgBrowserExcuteJsCodeByArea@_@\"+String(text));}})();",
callback_name = callback.callback_name
);
encode_js_in_area(request_url, &target_url, &script, Some(callback))
}
fn encode_eval(
params: &Value,
request_url: &str,
request_id: Option<&str>,
) -> Result<EncodedWsRequest, PipeError> {
let target_url = target_url(params, request_url)?;
let source_script = required_string(params, "script")?;
let callback = callback_metadata(
request_id,
request_url,
&target_url,
"sgBrowserExcuteJsCodeByArea",
)?;
let script = format!(
"(function(){{const result=(function(){{{source_script}}})();callBackJsToCpp(\"{request_url}@_@{target_url}@_@{callback_name}@_@sgBrowserExcuteJsCodeByArea@_@\"+String(result));}})();",
callback_name = callback.callback_name
);
encode_js_in_area(request_url, &target_url, &script, Some(callback))
}
fn encode_js_in_area(
request_url: &str,
target_url: &str,
script: &str,
callback: Option<CallbackCorrelation>,
) -> Result<EncodedWsRequest, PipeError> {
Ok(EncodedWsRequest {
payload: serde_json::to_string(&json!([
request_url,
"sgBrowserExcuteJsCodeByArea",
target_url,
script,
JS_AREA_HIDE,
]))?,
callback,
})
}
fn callback_metadata(
request_id: Option<&str>,
request_url: &str,
target_url: &str,
action_url: &str,
) -> Result<CallbackCorrelation, PipeError> {
let request_id = request_id
.map(str::trim)
.filter(|value| !value.is_empty())
.ok_or_else(|| PipeError::Protocol("request_id is required".to_string()))?;
Ok(CallbackCorrelation {
request_id: request_id.to_string(),
callback_name: format!("{CALLBACK_PREFIX}{request_id}"),
source_url: request_url.to_string(),
target_url: target_url.to_string(),
action_url: action_url.to_string(),
})
}
fn target_url(params: &Value, request_url: &str) -> Result<String, PipeError> {
Ok(optional_string(params, "target_url")
.filter(|value| !value.trim().is_empty())
.unwrap_or_else(|| request_url.to_string()))
}
fn required_string(params: &Value, key: &str) -> Result<String, PipeError> {
optional_string(params, key)
.filter(|value| !value.trim().is_empty())
.ok_or_else(|| PipeError::Protocol(format!("{key} is required")))
}
fn optional_string(params: &Value, key: &str) -> Option<String> {
params.get(key)?.as_str().map(ToString::to_string)
}
#[cfg(test)]
mod tests {
use super::{decode_callback_frame, encode_v1_action};
use crate::pipe::Action;
use serde_json::{json, Value};
#[test]
fn get_text_callback_uses_documented_browser_opcode() {
let request = encode_v1_action(
&Action::GetText,
&json!({
"target_url": "https://www.zhihu.com/hot",
"selector": "#content"
}),
"https://www.zhihu.com/hot",
Some("req42"),
)
.unwrap();
let payload: Value = serde_json::from_str(&request.payload).unwrap();
assert_eq!(payload[1], json!("sgBrowserExcuteJsCodeByArea"));
assert_eq!(payload[4], json!("hide"));
assert_eq!(
request.callback.unwrap().action_url,
"sgBrowserExcuteJsCodeByArea"
);
assert!(payload[3].as_str().unwrap().contains(
"callBackJsToCpp(\"https://www.zhihu.com/hot@_@https://www.zhihu.com/hot@_@sgclaw_cb_req42@_@sgBrowserExcuteJsCodeByArea@_@\"+String(text))"
));
}
#[test]
fn eval_callback_uses_documented_browser_opcode() {
let request = encode_v1_action(
&Action::Eval,
&json!({
"target_url": "https://www.zhihu.com/hot",
"script": "2 + 2"
}),
"https://www.zhihu.com/hot",
Some("req-eval"),
)
.unwrap();
let payload: Value = serde_json::from_str(&request.payload).unwrap();
assert_eq!(payload[1], json!("sgBrowserExcuteJsCodeByArea"));
assert_eq!(
request.callback.unwrap().action_url,
"sgBrowserExcuteJsCodeByArea"
);
assert!(payload[3].as_str().unwrap().contains(
"callBackJsToCpp(\"https://www.zhihu.com/hot@_@https://www.zhihu.com/hot@_@sgclaw_cb_req-eval@_@sgBrowserExcuteJsCodeByArea@_@\"+String(result))"
));
}
#[test]
fn decodes_documented_callback_payload() {
let callback = decode_callback_frame(
r#"["https://www.zhihu.com/hot","callBackJsToCpp","https://www.zhihu.com/hot@_@https://www.zhihu.com/hot@_@sgclaw_cb_req42@_@sgBrowserExcuteJsCodeByArea@_@天气"]"#,
)
.unwrap();
assert_eq!(callback.action_url, "sgBrowserExcuteJsCodeByArea");
assert_eq!(callback.response_text, "天气");
}
}

267
src/compat/artifact_open.rs Normal file
View File

@@ -0,0 +1,267 @@
use std::path::Path;
use std::process::Command;
use serde_json::{json, Value};
use crate::browser::BrowserBackend;
use crate::pipe::{Action, CommandOutput};
pub const LOCAL_DASHBOARD_EXPECTED_DOMAIN: &str = "__sgclaw_local_dashboard__";
pub const LOCAL_DASHBOARD_SOURCE: &str = "compat.workflow_executor";
pub const LOCAL_DASHBOARD_KIND_ZHIHU_HOTLIST_SCREEN: &str = "zhihu_hotlist_screen";
const DISABLE_POST_EXPORT_OPEN_ENV: &str = "SGCLAW_DISABLE_POST_EXPORT_OPEN";
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum PostExportOpen {
Opened,
Failed(String),
}
pub fn open_exported_xlsx(output_path: &Path) -> PostExportOpen {
open_exported_xlsx_with(output_path, launch_with_default_xlsx_app)
}
fn open_exported_xlsx_with<F>(output_path: &Path, opener: F) -> PostExportOpen
where
F: FnOnce(&Path) -> Result<(), String>,
{
if !output_path.exists() {
return PostExportOpen::Failed(format!(
"导出的 Excel 文件不存在:{}",
output_path.display()
));
}
match opener(output_path) {
Ok(()) => PostExportOpen::Opened,
Err(reason) => PostExportOpen::Failed(reason),
}
}
pub fn open_local_dashboard(
browser_backend: &dyn BrowserBackend,
output_path: &Path,
presentation_url: &str,
) -> PostExportOpen {
if !output_path.exists() {
return PostExportOpen::Failed(format!(
"生成的大屏文件不存在:{}",
output_path.display()
));
}
if presentation_url.trim().is_empty() {
return PostExportOpen::Failed("screen_html_export did not return presentation.url".to_string());
}
let params = json!({
"url": presentation_url,
"sgclaw_local_dashboard_open": {
"source": LOCAL_DASHBOARD_SOURCE,
"kind": LOCAL_DASHBOARD_KIND_ZHIHU_HOTLIST_SCREEN,
"output_path": output_path.to_string_lossy(),
"presentation_url": presentation_url,
}
});
match browser_backend.invoke(Action::Navigate, params, LOCAL_DASHBOARD_EXPECTED_DOMAIN) {
Ok(output) if output.success => PostExportOpen::Opened,
Ok(output) => PostExportOpen::Failed(command_output_reason(&output)),
Err(err) => PostExportOpen::Failed(err.to_string()),
}
}
#[cfg(windows)]
fn launch_with_default_xlsx_app(output_path: &Path) -> Result<(), String> {
if std::env::var_os(DISABLE_POST_EXPORT_OPEN_ENV).is_some() {
return Ok(());
}
let output = Command::new("cmd")
.args(["/C", "start", "", &output_path.display().to_string()])
.output()
.map_err(|err| format!("启动 Excel 默认程序失败:{err}"))?;
if output.status.success() {
Ok(())
} else {
let stderr = String::from_utf8_lossy(&output.stderr).trim().to_string();
if stderr.is_empty() {
Err(format!(
"启动 Excel 默认程序失败exit status {}",
output.status
))
} else {
Err(format!("启动 Excel 默认程序失败:{stderr}"))
}
}
}
#[cfg(target_os = "macos")]
fn launch_with_default_xlsx_app(output_path: &Path) -> Result<(), String> {
if std::env::var_os(DISABLE_POST_EXPORT_OPEN_ENV).is_some() {
return Ok(());
}
let status = Command::new("open")
.arg(output_path)
.status()
.map_err(|err| format!("启动 Excel 默认程序失败:{err}"))?;
if status.success() {
Ok(())
} else {
Err(format!("启动 Excel 默认程序失败exit status {status}"))
}
}
#[cfg(all(unix, not(target_os = "macos")))]
fn launch_with_default_xlsx_app(output_path: &Path) -> Result<(), String> {
if std::env::var_os(DISABLE_POST_EXPORT_OPEN_ENV).is_some() {
return Ok(());
}
let status = Command::new("xdg-open")
.arg(output_path)
.status()
.map_err(|err| format!("启动 Excel 默认程序失败:{err}"))?;
if status.success() {
Ok(())
} else {
Err(format!("启动 Excel 默认程序失败exit status {status}"))
}
}
fn command_output_reason(output: &CommandOutput) -> String {
output
.data
.get("error")
.and_then(Value::as_str)
.or_else(|| output.data.get("message").and_then(Value::as_str))
.map(str::to_string)
.unwrap_or_else(|| output.data.to_string())
}
#[cfg(test)]
mod tests {
use super::*;
use std::collections::VecDeque;
use std::path::PathBuf;
use std::sync::Mutex;
use serde_json::json;
use crate::pipe::{ExecutionSurfaceMetadata, PipeError, Timing};
fn temp_file_path(name: &str) -> PathBuf {
let root = std::env::temp_dir().join(format!(
"sgclaw-artifact-open-{}-{}",
std::process::id(),
uuid::Uuid::new_v4()
));
std::fs::create_dir_all(&root).expect("temp root should exist");
root.join(name)
}
#[test]
fn open_exported_xlsx_with_passes_generated_path_to_launcher() {
let output_path = temp_file_path("zhihu-hotlist.xlsx");
std::fs::write(&output_path, b"xlsx").expect("xlsx fixture should be writable");
let seen = Mutex::new(None::<PathBuf>);
let result = open_exported_xlsx_with(&output_path, |path| {
*seen.lock().unwrap() = Some(path.to_path_buf());
Ok(())
});
assert!(matches!(result, PostExportOpen::Opened));
assert_eq!(seen.lock().unwrap().clone().unwrap(), output_path);
}
#[test]
fn open_exported_xlsx_with_reports_launcher_failure() {
let output_path = temp_file_path("zhihu-hotlist.xlsx");
std::fs::write(&output_path, b"xlsx").expect("xlsx fixture should be writable");
let result = open_exported_xlsx_with(&output_path, |_path| Err("launcher failed".to_string()));
assert!(matches!(result, PostExportOpen::Failed(reason) if reason.contains("launcher failed")));
}
#[derive(Default)]
struct FakeBrowserBackend {
responses: Mutex<VecDeque<Result<CommandOutput, PipeError>>>,
invocations: Mutex<Vec<(Action, Value, String)>>,
}
impl FakeBrowserBackend {
fn new(responses: Vec<Result<CommandOutput, PipeError>>) -> Self {
Self {
responses: Mutex::new(VecDeque::from(responses)),
invocations: Mutex::new(Vec::new()),
}
}
}
impl BrowserBackend for FakeBrowserBackend {
fn invoke(
&self,
action: Action,
params: Value,
expected_domain: &str,
) -> Result<CommandOutput, PipeError> {
self.invocations
.lock()
.unwrap()
.push((action, params, expected_domain.to_string()));
self.responses
.lock()
.unwrap()
.pop_front()
.unwrap_or_else(|| Err(PipeError::Timeout))
}
fn surface_metadata(&self) -> ExecutionSurfaceMetadata {
ExecutionSurfaceMetadata::privileged_browser_pipe("fake_backend")
}
}
#[test]
fn open_local_dashboard_uses_exact_approved_marker_payload() {
let output_path = temp_file_path("zhihu-hotlist-screen.html");
std::fs::write(&output_path, "<html></html>").expect("dashboard fixture should be writable");
let presentation_url = format!("file:///{}", output_path.display().to_string().replace('\\', "/"));
let backend = FakeBrowserBackend::new(vec![Ok(CommandOutput {
seq: 1,
success: true,
data: json!({ "navigated": true }),
aom_snapshot: vec![],
timing: Timing {
queue_ms: 1,
exec_ms: 1,
},
})]);
let result = open_local_dashboard(&backend, &output_path, &presentation_url);
let invocations = backend.invocations.lock().unwrap().clone();
assert!(matches!(result, PostExportOpen::Opened));
assert_eq!(invocations.len(), 1);
assert_eq!(invocations[0].0, Action::Navigate);
assert_eq!(invocations[0].2, LOCAL_DASHBOARD_EXPECTED_DOMAIN.to_string());
assert_eq!(invocations[0].1["url"], json!(presentation_url));
assert_eq!(
invocations[0].1["sgclaw_local_dashboard_open"]["source"],
json!(LOCAL_DASHBOARD_SOURCE)
);
assert_eq!(
invocations[0].1["sgclaw_local_dashboard_open"]["kind"],
json!(LOCAL_DASHBOARD_KIND_ZHIHU_HOTLIST_SCREEN)
);
assert_eq!(
invocations[0].1["sgclaw_local_dashboard_open"]["output_path"],
json!(output_path.to_string_lossy().to_string())
);
assert_eq!(
invocations[0].1["sgclaw_local_dashboard_open"]["presentation_url"],
invocations[0].1["url"]
);
}
}

100
src/compat/browser_script_skill_tool.rs
View File

@@ -1,6 +1,7 @@
use std::collections::HashMap;
use std::fs;
use std::path::{Path, PathBuf};
use std::sync::Arc;
use async_trait::async_trait;
use reqwest::Url;
@@ -8,23 +9,24 @@ use serde_json::{json, Value};
use zeroclaw::skills::{Skill, SkillTool};
use zeroclaw::tools::{Tool, ToolResult};
use crate::pipe::{Action, BrowserPipeTool, Transport};
use crate::browser::BrowserBackend;
use crate::pipe::Action;
pub struct BrowserScriptSkillTool<T: Transport> {
pub struct BrowserScriptSkillTool {
tool_name: String,
tool_description: String,
skill_root: PathBuf,
script_path: PathBuf,
args: HashMap<String, String>,
browser_tool: BrowserPipeTool<T>,
browser_tool: Arc<dyn BrowserBackend>,
}
impl<T: Transport> BrowserScriptSkillTool<T> {
impl BrowserScriptSkillTool {
pub fn new(
skill_name: &str,
tool: &SkillTool,
skill_root: &Path,
browser_tool: BrowserPipeTool<T>,
browser_tool: Arc<dyn BrowserBackend>,
) -> anyhow::Result<Self> {
let script_path = resolve_browser_script_path(skill_root, &tool.command)?;
@@ -70,7 +72,7 @@ impl<T: Transport> BrowserScriptSkillTool<T> {
}
#[async_trait]
impl<T: Transport + 'static> Tool for BrowserScriptSkillTool<T> {
impl Tool for BrowserScriptSkillTool {
fn name(&self) -> &str {
&self.tool_name
}
@@ -92,14 +94,48 @@ impl<T: Transport + 'static> Tool for BrowserScriptSkillTool<T> {
args: self.args.clone(),
};
execute_browser_script_tool(&tool, &self.skill_root, self.browser_tool.clone(), args).await
execute_browser_script_tool(&tool, &self.skill_root, self.browser_tool.as_ref(), args).await
}
}
pub async fn execute_browser_script_tool<T: Transport + 'static>(
pub fn build_browser_script_skill_tools(
skills: &[Skill],
browser_tool: Arc<dyn BrowserBackend>,
) -> Result<Vec<Box<dyn Tool>>, anyhow::Error> {
let mut tools: Vec<Box<dyn Tool>> = Vec::new();
if !browser_tool.supports_eval() {
return Ok(tools);
}
for skill in skills {
let Some(location) = skill.location.as_ref() else {
continue;
};
let Some(skill_root) = location.parent() else {
continue;
};
for tool in &skill.tools {
if tool.kind != "browser_script" {
continue;
}
tools.push(Box::new(BrowserScriptSkillTool::new(
&skill.name,
tool,
skill_root,
browser_tool.clone(),
)?));
}
}
Ok(tools)
}
pub async fn execute_browser_script_tool(
tool: &SkillTool,
skill_root: &Path,
browser_tool: BrowserPipeTool<T>,
browser_tool: &dyn BrowserBackend,
args: Value,
) -> anyhow::Result<ToolResult> {
if tool.kind != "browser_script" {
@@ -109,10 +145,24 @@ pub async fn execute_browser_script_tool<T: Transport + 'static>(
)));
}
execute_browser_script_impl(tool, skill_root, browser_tool, args)
}
fn execute_browser_script_impl(
tool: &SkillTool,
skill_root: &Path,
browser_tool: &dyn BrowserBackend,
args: Value,
) -> anyhow::Result<ToolResult> {
let script_path = resolve_browser_script_path(skill_root, &tool.command)?;
let mut args = match args {
Value::Object(args) => args,
other => return Ok(failed_tool_result(format!("expected object arguments, got {other}"))),
other => {
return Ok(failed_tool_result(format!(
"expected object arguments, got {other}"
)))
}
};
let raw_expected_domain = match args.remove("expected_domain") {
@@ -181,36 +231,6 @@ pub async fn execute_browser_script_tool<T: Transport + 'static>(
})
}
pub fn build_browser_script_skill_tools<T: Transport + 'static>(
skills: &[Skill],
browser_tool: BrowserPipeTool<T>,
) -> Result<Vec<Box<dyn Tool>>, anyhow::Error> {
let mut tools: Vec<Box<dyn Tool>> = Vec::new();
for skill in skills {
let Some(location) = skill.location.as_ref() else {
continue;
};
let Some(skill_root) = location.parent() else {
continue;
};
for tool in &skill.tools {
if tool.kind != "browser_script" {
continue;
}
tools.push(Box::new(BrowserScriptSkillTool::new(
&skill.name,
tool,
skill_root,
browser_tool.clone(),
)?));
}
}
Ok(tools)
}
fn wrap_browser_script(script_body: &str, args: &Value) -> String {
format!(
"(function() {{\nconst args = {};\n{}\n}})()",

19
src/compat/browser_tool_adapter.rs
View File

@@ -1,9 +1,12 @@
use std::sync::Arc;
use async_trait::async_trait;
use reqwest::Url;
use serde_json::{json, Map, Value};
use zeroclaw::tools::{Tool, ToolResult};
use crate::pipe::{Action, BrowserPipeTool, ExecutionSurfaceMetadata, Transport};
use crate::browser::BrowserBackend;
use crate::pipe::{Action, ExecutionSurfaceMetadata};
pub const BROWSER_ACTION_TOOL_NAME: &str = "browser_action";
pub const SUPERRPA_BROWSER_TOOL_NAME: &str = "superrpa_browser";
@@ -17,14 +20,14 @@ const MAX_DATA_ARRAY_ITEMS: usize = 12;
const MAX_DATA_OBJECT_FIELDS: usize = 24;
const MAX_DATA_RECURSION_DEPTH: usize = 4;
pub struct ZeroClawBrowserTool<T: Transport> {
browser_tool: BrowserPipeTool<T>,
pub struct ZeroClawBrowserTool {
browser_tool: Arc<dyn BrowserBackend>,
tool_name: &'static str,
description: &'static str,
}
impl<T: Transport> ZeroClawBrowserTool<T> {
pub fn new(browser_tool: BrowserPipeTool<T>) -> Self {
impl ZeroClawBrowserTool {
pub fn new(browser_tool: Arc<dyn BrowserBackend>) -> Self {
Self::named(
browser_tool,
BROWSER_ACTION_TOOL_NAME,
@@ -32,7 +35,7 @@ impl<T: Transport> ZeroClawBrowserTool<T> {
)
}
pub fn new_superrpa(browser_tool: BrowserPipeTool<T>) -> Self {
pub fn new_superrpa(browser_tool: Arc<dyn BrowserBackend>) -> Self {
Self::named(
browser_tool,
SUPERRPA_BROWSER_TOOL_NAME,
@@ -41,7 +44,7 @@ impl<T: Transport> ZeroClawBrowserTool<T> {
}
fn named(
browser_tool: BrowserPipeTool<T>,
browser_tool: Arc<dyn BrowserBackend>,
tool_name: &'static str,
description: &'static str,
) -> Self {
@@ -58,7 +61,7 @@ impl<T: Transport> ZeroClawBrowserTool<T> {
}
#[async_trait]
impl<T: Transport + 'static> Tool for ZeroClawBrowserTool<T> {
impl Tool for ZeroClawBrowserTool {
fn name(&self) -> &str {
self.tool_name
}

17
src/compat/config_adapter.rs
View File

@@ -88,14 +88,22 @@ pub fn zeroclaw_default_skills_dir(workspace_root: &Path) -> PathBuf {
}
pub fn resolve_skills_dir(workspace_root: &Path, settings: &DeepSeekSettings) -> PathBuf {
resolve_skills_dir_path(workspace_root, settings.skills_dir.as_deref())
settings
.skills_dir
.as_deref()
.map(normalize_configured_skills_dir)
.unwrap_or_else(|| zeroclaw_default_skills_dir(workspace_root))
}
pub fn resolve_skills_dir_from_sgclaw_settings(
workspace_root: &Path,
settings: &SgClawSettings,
) -> PathBuf {
resolve_skills_dir_path(workspace_root, settings.skills_dir.as_deref())
settings
.skills_dir
.as_deref()
.map(normalize_configured_skills_dir)
.unwrap_or_else(|| zeroclaw_default_skills_dir(workspace_root))
}
fn normalize_configured_skills_dir(configured_dir: &Path) -> PathBuf {
@@ -111,8 +119,3 @@ fn normalize_configured_skills_dir(configured_dir: &Path) -> PathBuf {
}
}
fn resolve_skills_dir_path(workspace_root: &Path, configured_dir: Option<&Path>) -> PathBuf {
configured_dir
.map(normalize_configured_skills_dir)
.unwrap_or_else(|| zeroclaw_default_skills_dir(workspace_root))
}

4
src/compat/direct_skill_runtime.rs
View File

@@ -4,6 +4,7 @@ use reqwest::Url;
use serde_json::{Map, Value};
use zeroclaw::skills::load_skills_from_directory;
use crate::browser::PipeBrowserBackend;
use crate::compat::browser_script_skill_tool::execute_browser_script_tool;
use crate::compat::config_adapter::resolve_skills_dir_from_sgclaw_settings;
use crate::compat::runtime::CompatTaskContext;
@@ -76,11 +77,12 @@ pub fn execute_direct_submit_skill<T: Transport + 'static>(
let runtime = tokio::runtime::Runtime::new()
.map_err(|err| PipeError::Protocol(format!("failed to create tokio runtime: {err}")))?;
let browser_backend = PipeBrowserBackend::from_inner(browser_tool);
let result = runtime
.block_on(execute_browser_script_tool(
tool,
skill_root,
browser_tool,
&browser_backend,
Value::Object(args),
))
.map_err(|err| PipeError::Protocol(err.to_string()))?;

1
src/compat/mod.rs
View File

@@ -1,3 +1,4 @@
pub mod artifact_open;
pub mod browser_script_skill_tool;
pub mod browser_tool_adapter;
pub mod config_adapter;

198
src/compat/openxml_office_tool.rs
View File

@@ -131,7 +131,8 @@ impl Tool for OpenXmlOfficeTool {
write_payload_json(&payload_path, &normalized_rows)?;
write_request_json(&request_path, &template_path, &payload_path, &output_path)?;
let rendered = run_openxml_cli(&request_path)?;
let rendered = run_openxml_cli(&request_path)
.or_else(|_| render_locally(&template_path, &payload_path, &output_path))?;
let artifact_path = rendered["data"]["artifact"]["path"]
.as_str()
.map(str::to_string)
@@ -161,9 +162,7 @@ fn failed_tool_result(error: String) -> ToolResult {
fn create_job_root(workspace_root: &Path) -> anyhow::Result<PathBuf> {
let nanos = SystemTime::now().duration_since(UNIX_EPOCH)?.as_nanos();
let path = workspace_root
.join(".sgclaw-openxml")
.join(format!("{nanos}"));
let path = workspace_root.join(".sgclaw-openxml").join(format!("{nanos}"));
fs::create_dir_all(&path)?;
Ok(path)
}
@@ -221,10 +220,7 @@ fn canonicalize_column_name(value: &str) -> Option<&'static str> {
}
fn reorder_row(row: &[Value], column_order: &[usize]) -> Vec<Value> {
column_order
.iter()
.map(|index| row[*index].clone())
.collect()
column_order.iter().map(|index| row[*index].clone()).collect()
}
fn write_payload_json(path: &Path, rows: &[Vec<Value>]) -> anyhow::Result<()> {
@@ -323,6 +319,84 @@ fn run_openxml_cli(request_path: &Path) -> anyhow::Result<Value> {
Ok(serde_json::from_str(&stdout)?)
}
fn render_locally(template_path: &Path, payload_path: &Path, output_path: &Path) -> anyhow::Result<Value> {
let payload: Value = serde_json::from_slice(&fs::read(payload_path)?)?;
let variables = payload["variables"]
.as_object()
.ok_or_else(|| anyhow::anyhow!("payload.variables must be an object"))?;
let worksheet = render_template_xml(&worksheet_xml_from_xlsx(template_path)?, variables);
write_rendered_xlsx(template_path, output_path, "xl/worksheets/sheet1.xml", &worksheet)?;
Ok(json!({
"data": {
"artifact": {
"path": output_path.to_string_lossy().to_string(),
}
}
}))
}
fn worksheet_xml_from_xlsx(path: &Path) -> anyhow::Result<String> {
let file = fs::File::open(path)?;
let mut archive = zip::ZipArchive::new(file)?;
let mut sheet = archive.by_name("xl/worksheets/sheet1.xml")?;
let mut xml = String::new();
sheet.read_to_string(&mut xml)?;
Ok(xml)
}
fn render_template_xml(template: &str, variables: &serde_json::Map<String, Value>) -> String {
let mut rendered = template.to_string();
for (key, value) in variables {
let placeholder = format!("{{{{{key}}}}}");
let replacement = value.as_str().unwrap_or_default();
rendered = rendered.replace(&placeholder, &xml_escape(replacement));
}
rendered
}
fn write_rendered_xlsx(
template_path: &Path,
output_path: &Path,
replaced_entry: &str,
replaced_body: &str,
) -> anyhow::Result<()> {
if let Some(parent) = output_path.parent() {
fs::create_dir_all(parent)?;
}
if output_path.exists() {
fs::remove_file(output_path)?;
}
let input = fs::File::open(template_path)?;
let mut archive = zip::ZipArchive::new(input)?;
let output = fs::File::create(output_path)?;
let mut writer = ZipWriter::new(output);
let options = FileOptions::default().compression_method(CompressionMethod::Stored);
for index in 0..archive.len() {
let mut entry = archive.by_index(index)?;
let name = entry.name().to_string();
writer.start_file(name.as_str(), options)?;
if name == replaced_entry {
writer.write_all(replaced_body.as_bytes())?;
} else {
std::io::copy(&mut entry, &mut writer)?;
}
}
writer.finish()?;
Ok(())
}
fn xml_escape(value: &str) -> String {
value
.replace('&', "&amp;")
.replace('<', "&lt;")
.replace('>', "&gt;")
}
fn resolve_openxml_cli_binary(manifest_path: &Path) -> Option<PathBuf> {
let cli_dir = manifest_path.parent()?;
openxml_cli_candidate_paths(cli_dir)
@@ -362,36 +436,63 @@ fn value_to_string(value: &Value) -> String {
}
fn write_hotlist_template(path: &Path, row_count: usize) -> anyhow::Result<()> {
let build_root = path
.parent()
.ok_or_else(|| anyhow::anyhow!("template path has no parent"))?
.join("template-build");
fs::create_dir_all(build_root.join("_rels"))?;
fs::create_dir_all(build_root.join("docProps"))?;
fs::create_dir_all(build_root.join("xl/_rels"))?;
fs::create_dir_all(build_root.join("xl/worksheets"))?;
fs::write(build_root.join("[Content_Types].xml"), content_types_xml())?;
fs::write(build_root.join("_rels/.rels"), root_rels_xml())?;
fs::write(build_root.join("docProps/app.xml"), app_xml())?;
fs::write(build_root.join("docProps/core.xml"), core_xml())?;
fs::write(build_root.join("xl/workbook.xml"), workbook_xml())?;
fs::write(
build_root.join("xl/_rels/workbook.xml.rels"),
workbook_rels_xml(),
)?;
fs::write(
build_root.join("xl/worksheets/sheet1.xml"),
worksheet_xml(row_count),
write_zip_file(
&path,
&[
Content {
path: "[Content_Types].xml",
body: content_types_xml().to_string(),
},
Content {
path: "_rels/.rels",
body: root_rels_xml().to_string(),
},
Content {
path: "docProps/app.xml",
body: app_xml().to_string(),
},
Content {
path: "docProps/core.xml",
body: core_xml().to_string(),
},
Content {
path: "xl/workbook.xml",
body: workbook_xml().to_string(),
},
Content {
path: "xl/_rels/workbook.xml.rels",
body: workbook_rels_xml().to_string(),
},
Content {
path: "xl/worksheets/sheet1.xml",
body: worksheet_xml(row_count),
},
],
)?;
Ok(())
}
struct Content<'a> {
path: &'a str,
body: String,
}
fn write_zip_file(path: &Path, entries: &[Content<'_>]) -> anyhow::Result<()> {
if let Some(parent) = path.parent() {
fs::create_dir_all(parent)?;
}
if path.exists() {
fs::remove_file(path)?;
}
zip_directory(&build_root, path)?;
let _ = fs::remove_dir_all(&build_root);
let file = fs::File::create(path)?;
let mut zip = ZipWriter::new(file);
let options = FileOptions::default().compression_method(CompressionMethod::Stored);
for entry in entries {
zip.start_file(entry.path, options)?;
zip.write_all(entry.body.as_bytes())?;
}
zip.finish()?;
Ok(())
}
@@ -427,39 +528,6 @@ mod tests {
}
}
fn zip_directory(source_root: &Path, zip_path: &Path) -> anyhow::Result<()> {
let file = fs::File::create(zip_path)?;
let mut writer = ZipWriter::new(file);
let options = FileOptions::default().compression_method(CompressionMethod::Stored);
add_directory_to_zip(&mut writer, source_root, source_root, options)?;
writer.finish()?;
Ok(())
}
fn add_directory_to_zip<W: Write + std::io::Seek>(
writer: &mut ZipWriter<W>,
source_root: &Path,
current_dir: &Path,
options: FileOptions,
) -> anyhow::Result<()> {
for entry in fs::read_dir(current_dir)? {
let entry = entry?;
let path = entry.path();
if path.is_dir() {
add_directory_to_zip(writer, source_root, &path, options)?;
continue;
}
let relative_path = path.strip_prefix(source_root)?;
writer.start_file(zip_entry_name(relative_path), options)?;
let mut input = fs::File::open(&path)?;
let mut buffer = Vec::new();
input.read_to_end(&mut buffer)?;
writer.write_all(&buffer)?;
}
Ok(())
}
fn zip_entry_name(path: &Path) -> String {
path.to_string_lossy().replace('\\', "/")
}

74
src/compat/orchestration.rs
View File

@@ -1,5 +1,7 @@
use std::path::Path;
use std::sync::Arc;
use crate::browser::BrowserBackend;
use crate::compat::config_adapter::resolve_skills_dir_from_sgclaw_settings;
use crate::compat::runtime::CompatTaskContext;
use crate::config::SgClawSettings;
@@ -27,6 +29,75 @@ pub fn should_use_primary_orchestration(
crate::runtime::is_zhihu_hotlist_task(instruction, page_url, page_title) && needs_export
}
pub fn execute_task_with_browser_backend(
transport: &dyn crate::agent::AgentEventSink,
browser_backend: Arc<dyn BrowserBackend>,
instruction: &str,
task_context: &CompatTaskContext,
workspace_root: &Path,
settings: &SgClawSettings,
) -> Result<String, PipeError> {
let skills_dir = resolve_skills_dir_from_sgclaw_settings(workspace_root, settings);
let route = crate::compat::workflow_executor::detect_route(
instruction,
task_context.page_url.as_deref(),
task_context.page_title.as_deref(),
);
if let Some(route) = route.clone() {
if crate::compat::workflow_executor::prefers_direct_execution(&route) {
return crate::compat::workflow_executor::execute_route_with_browser_backend(
transport,
browser_backend.clone(),
workspace_root,
&skills_dir,
instruction,
task_context,
route,
settings,
);
}
}
let primary_result = crate::compat::runtime::execute_task_with_browser_backend(
transport,
browser_backend.clone(),
instruction,
task_context,
workspace_root,
settings,
);
match (route, primary_result) {
(Some(route), Ok(summary))
if crate::compat::workflow_executor::should_fallback_after_summary(
&summary, &route,
) =>
{
crate::compat::workflow_executor::execute_route_with_browser_backend(
transport,
browser_backend,
workspace_root,
&skills_dir,
instruction,
task_context,
route,
settings,
)
}
(_, Ok(summary)) => Ok(summary),
(Some(route), Err(_)) => crate::compat::workflow_executor::execute_route_with_browser_backend(
transport,
browser_backend,
workspace_root,
&skills_dir,
instruction,
task_context,
route,
settings,
),
(None, Err(err)) => Err(err),
}
}
pub fn execute_task_with_sgclaw_settings<T: Transport + 'static>(
transport: &T,
browser_tool: BrowserPipeTool<T>,
@@ -51,6 +122,7 @@ pub fn execute_task_with_sgclaw_settings<T: Transport + 'static>(
instruction,
task_context,
route,
settings,
);
}
}
@@ -77,6 +149,7 @@ pub fn execute_task_with_sgclaw_settings<T: Transport + 'static>(
instruction,
task_context,
route,
settings,
)
}
(_, Ok(summary)) => Ok(summary),
@@ -88,6 +161,7 @@ pub fn execute_task_with_sgclaw_settings<T: Transport + 'static>(
instruction,
task_context,
route,
settings,
),
(None, Err(err)) => Err(err),
}

121
src/compat/runtime.rs
View File

@@ -1,5 +1,6 @@
use std::collections::HashMap;
use std::path::{Path, PathBuf};
use std::sync::Arc;
use async_trait::async_trait;
use futures_util::{stream, StreamExt};
@@ -8,12 +9,14 @@ use zeroclaw::config::Config as ZeroClawConfig;
use zeroclaw::providers::traits::{ProviderCapabilities, StreamEvent, StreamOptions, StreamResult};
use zeroclaw::providers::{self, ChatMessage, ChatRequest, ChatResponse, Provider};
use crate::browser::{BrowserBackend, PipeBrowserBackend};
use crate::compat::browser_script_skill_tool::build_browser_script_skill_tools;
use crate::compat::browser_tool_adapter::ZeroClawBrowserTool;
use crate::compat::config_adapter::{
build_zeroclaw_config_from_sgclaw_settings, resolve_skills_dir_from_sgclaw_settings,
};
use crate::compat::event_bridge::log_entry_for_turn_event;
use crate::compat::workflow_executor::parse_generated_article_draft;
use crate::compat::openxml_office_tool::OpenXmlOfficeTool;
use crate::compat::screen_html_export_tool::ScreenHtmlExportTool;
use crate::config::{DeepSeekSettings, OfficeBackend, SgClawSettings};
@@ -47,6 +50,32 @@ pub fn execute_task<T: Transport + 'static>(
)
}
pub fn execute_task_with_browser_backend(
transport: &dyn crate::agent::AgentEventSink,
browser_backend: Arc<dyn BrowserBackend>,
instruction: &str,
task_context: &CompatTaskContext,
workspace_root: &Path,
settings: &SgClawSettings,
) -> Result<String, PipeError> {
let config = build_zeroclaw_config_from_sgclaw_settings(workspace_root, settings);
let skills_dir = resolve_skills_dir_from_sgclaw_settings(workspace_root, settings);
let provider = build_provider(&config)?;
let runtime = tokio::runtime::Runtime::new()
.map_err(|err| PipeError::Protocol(format!("failed to create tokio runtime: {err}")))?;
runtime.block_on(execute_task_with_provider(
transport,
browser_backend,
provider,
instruction,
task_context,
config,
skills_dir,
settings.clone(),
))
}
pub fn execute_task_with_sgclaw_settings<T: Transport + 'static>(
transport: &T,
browser_tool: BrowserPipeTool<T>,
@@ -63,7 +92,7 @@ pub fn execute_task_with_sgclaw_settings<T: Transport + 'static>(
runtime.block_on(execute_task_with_provider(
transport,
browser_tool,
Arc::new(PipeBrowserBackend::from_inner(browser_tool)),
provider,
instruction,
task_context,
@@ -73,9 +102,46 @@ pub fn execute_task_with_sgclaw_settings<T: Transport + 'static>(
))
}
pub async fn execute_task_with_provider<T: Transport + 'static>(
transport: &T,
browser_tool: BrowserPipeTool<T>,
pub(crate) fn generate_zhihu_article_draft(
instruction: &str,
topic: &str,
_task_context: &CompatTaskContext,
workspace_root: &Path,
settings: &SgClawSettings,
) -> Result<crate::compat::workflow_executor::ArticleDraft, PipeError> {
let mut generation_settings = settings.clone();
generation_settings.runtime_profile = crate::runtime::RuntimeProfile::GeneralAssistant;
let config = build_zeroclaw_config_from_sgclaw_settings(workspace_root, &generation_settings);
let provider = build_provider(&config)?;
let runtime = tokio::runtime::Runtime::new()
.map_err(|err| PipeError::Protocol(format!("failed to create tokio runtime: {err}")))?;
let generation_prompt = format!(
"为知乎文章生成可直接发布的草稿。用户原始请求:{instruction}\n\n主题:{topic}\n\n请严格只输出以下格式,不要添加解释、前言、代码块或其他内容:\n标题:<简洁具体的中文标题>\n正文:<适合知乎发布的中文正文,使用自然段>"
);
let generated = runtime.block_on(async move {
provider
.chat_with_system(
Some("You write concise Chinese Zhihu article drafts. Return only the requested title/body format."),
&generation_prompt,
config.default_model.as_deref().unwrap_or("deepseek-chat"),
config.default_temperature,
)
.await
.map_err(map_anyhow_to_pipe_error)
})?;
parse_generated_article_draft(&generated).ok_or_else(|| {
PipeError::Protocol(format!(
"generated Zhihu article draft did not match 标题/正文 format: {generated}"
))
})
}
pub async fn execute_task_with_provider(
transport: &dyn crate::agent::AgentEventSink,
browser_backend: Arc<dyn BrowserBackend>,
provider: Box<dyn Provider>,
instruction: &str,
task_context: &CompatTaskContext,
@@ -85,23 +151,7 @@ pub async fn execute_task_with_provider<T: Transport + 'static>(
) -> Result<String, PipeError> {
let engine = RuntimeEngine::new(settings.runtime_profile);
let browser_surface_present = engine.browser_surface_enabled();
if let Some(preview) = crate::agent::planner::build_execution_preview(
settings.planner_mode,
instruction,
task_context.page_url.as_deref(),
task_context.page_title.as_deref(),
) {
let mut message = preview.summary;
if !preview.steps.is_empty() {
message.push('\n');
message.push_str(&preview.steps.join("\n"));
}
transport.send(&crate::pipe::AgentMessage::LogEntry {
level: "plan".to_string(),
message,
})?;
}
let loaded_skills = engine.loaded_skills(&config, &skills_dir);
let loaded_skills = engine.loaded_skills(&config, std::slice::from_ref(&skills_dir));
let loaded_skill_versions = loaded_skills
.iter()
.map(|skill| (skill.name.clone(), skill.version.clone()))
@@ -116,11 +166,13 @@ pub async fn execute_task_with_provider<T: Transport + 'static>(
message: format!("loaded skills: {}", loaded_skill_labels.join(", ")),
})?;
}
let browser_tool_for_scripts = browser_tool.clone();
let browser_tool_for_scripts = browser_backend.clone();
let browser_tool_for_superrpa = browser_backend.clone();
let browser_tool_for_browser_action = browser_backend;
let mut tools: Vec<Box<dyn zeroclaw::tools::Tool>> = if browser_surface_present {
vec![
Box::new(ZeroClawBrowserTool::new_superrpa(browser_tool.clone())),
Box::new(ZeroClawBrowserTool::new(browser_tool)),
Box::new(ZeroClawBrowserTool::new_superrpa(browser_tool_for_superrpa)),
Box::new(ZeroClawBrowserTool::new(browser_tool_for_browser_action)),
]
} else {
Vec::new()
@@ -146,7 +198,7 @@ pub async fn execute_task_with_provider<T: Transport + 'static>(
let mut agent = engine.build_agent(
provider,
&config,
&skills_dir,
std::slice::from_ref(&skills_dir),
tools,
browser_surface_present,
instruction,
@@ -308,3 +360,22 @@ fn to_chat_message(message: &ConversationMessage) -> Option<ChatMessage> {
_ => None,
}
}
#[cfg(test)]
mod tests {
use std::fs;
use std::path::PathBuf;
#[test]
fn compat_runtime_source_no_longer_references_legacy_planner_preview() {
let manifest_dir = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
let source = fs::read_to_string(manifest_dir.join("src/compat/runtime.rs")).unwrap();
let preview_prefix = ["if let Some(preview) = crate::agent::", "planner::build_execution_preview("].concat();
let plan_level_expr = ["level: ", "\"plan\".to_string(),"].concat();
assert!(!source
.lines()
.any(|line| line.trim_start().starts_with(&preview_prefix)));
assert!(!source.lines().any(|line| line.trim() == plan_level_expr));
}
}

87
src/compat/screen_html_export_tool.rs
View File

@@ -15,7 +15,7 @@ const TEMPLATE: &str = include_str!(concat!(
"/resources/zhihu-hotlist-echarts.html"
));
const PAYLOAD_START_MARKER: &str = " const defaultPayload = ";
const PAYLOAD_END_MARKER: &str = "\n\n const themeMeta = {";
const PAYLOAD_END_MARKER: &str = "const themeMeta = {";
pub struct ScreenHtmlExportTool {
workspace_root: PathBuf,
@@ -150,11 +150,7 @@ impl Tool for ScreenHtmlExportTool {
};
let rendered = render_template(&payload)?;
let output_path = parsed
.output_path
.as_deref()
.map(PathBuf::from)
.unwrap_or_else(|| default_output_path(&self.workspace_root));
let output_path = resolve_output_path(&self.workspace_root, parsed.output_path.as_deref());
write_output_html(&output_path, &rendered)?;
let presentation_url = file_url_for_path(&output_path);
@@ -375,6 +371,21 @@ fn default_output_path(workspace_root: &Path) -> PathBuf {
.join(format!("zhihu-hotlist-screen-{nanos}.html"))
}
fn resolve_output_path(workspace_root: &Path, output_path: Option<&str>) -> PathBuf {
output_path
.map(str::trim)
.filter(|value| !value.is_empty())
.map(PathBuf::from)
.map(|path| {
if path.is_absolute() {
path
} else {
workspace_root.join(path)
}
})
.unwrap_or_else(|| default_output_path(workspace_root))
}
fn default_snapshot_id() -> String {
format!("zhihu-hotlist-screen-{}", now_ms())
}
@@ -391,3 +402,67 @@ fn file_url_for_path(path: &Path) -> String {
.map(|url| url.to_string())
.unwrap_or_else(|_| format!("file://{}", path.display()))
}
#[cfg(test)]
mod tests {
use super::*;
use serde_json::{json, Value};
use crate::pipe::Action;
use crate::security::MacPolicy;
fn temp_workspace_root() -> PathBuf {
let root = std::env::temp_dir().join(format!("sgclaw-screen-html-{}", now_ms()));
std::fs::create_dir_all(&root).unwrap();
root
}
#[tokio::test]
async fn screen_html_export_resolves_relative_output_path_to_absolute_file_url() {
let workspace_root = temp_workspace_root();
let tool = ScreenHtmlExportTool::new(workspace_root.clone());
let result = tool
.execute(json!({
"snapshot_id": "snapshot-relative-path",
"generated_at_ms": 1774713600000u64,
"rows": [
[1, "问题一", "344万"],
[2, "问题二", "266万"]
],
"output_path": "../out/zhihu-hotlist-screen-relative.html"
}))
.await
.unwrap();
assert!(result.success, "{result:?}");
let payload: Value = serde_json::from_str(&result.output).unwrap();
let output_path = PathBuf::from(payload["output_path"].as_str().unwrap());
let presentation_url = payload["presentation"]["url"].as_str().unwrap();
let expected_output_path = workspace_root.join("../out/zhihu-hotlist-screen-relative.html");
let expected_presentation_url = Url::from_file_path(&expected_output_path)
.unwrap()
.to_string();
let policy = MacPolicy::load_from_path(
PathBuf::from(env!("CARGO_MANIFEST_DIR"))
.join("resources")
.join("rules.json"),
)
.unwrap();
assert!(output_path.is_absolute());
assert_eq!(output_path, expected_output_path);
assert!(output_path.exists());
assert_eq!(presentation_url, expected_presentation_url);
assert!(presentation_url.starts_with("file:///"));
policy
.validate_local_dashboard_presentation(
&Action::Navigate,
"__sgclaw_local_dashboard__",
presentation_url,
output_path.to_string_lossy().as_ref(),
)
.unwrap();
}
}

1454
src/compat/workflow_executor.rs
View File

File diff suppressed because it is too large Load Diff

31
src/config/settings.rs
View File

@@ -150,6 +150,8 @@ pub struct SgClawSettings {
pub active_provider: String,
pub browser_backend: BrowserBackend,
pub office_backend: OfficeBackend,
pub browser_ws_url: Option<String>,
pub service_ws_listen_addr: Option<String>,
}
impl SgClawSettings {
@@ -186,6 +188,8 @@ impl SgClawSettings {
None,
None,
None,
None,
None,
)
}
@@ -222,6 +226,8 @@ impl SgClawSettings {
None,
None,
None,
None,
None,
)?))
}
@@ -306,6 +312,8 @@ impl SgClawSettings {
config.active_provider,
browser_backend,
office_backend,
config.browser_ws_url,
config.service_ws_listen_addr,
)
.map_err(|err| err.with_path(path))
}
@@ -323,6 +331,8 @@ impl SgClawSettings {
active_provider: Option<String>,
browser_backend: Option<BrowserBackend>,
office_backend: Option<OfficeBackend>,
browser_ws_url: Option<String>,
service_ws_listen_addr: Option<String>,
) -> Result<Self, ConfigError> {
let direct_submit_skill = normalize_direct_submit_skill(direct_submit_skill)?;
let providers = if providers.is_empty() {
@@ -364,6 +374,8 @@ impl SgClawSettings {
active_provider,
browser_backend: browser_backend.unwrap_or(BrowserBackend::SuperRpa),
office_backend: office_backend.unwrap_or(OfficeBackend::OpenXml),
browser_ws_url: normalize_optional_value(browser_ws_url),
service_ws_listen_addr: normalize_optional_value(service_ws_listen_addr),
})
}
}
@@ -449,17 +461,10 @@ fn parse_office_backend(raw: &str) -> Result<OfficeBackend, String> {
}
fn resolve_configured_skills_dir(raw: Option<String>, config_dir: &Path) -> Option<PathBuf> {
let trimmed = raw
.as_deref()
.map(str::trim)
.filter(|value| !value.is_empty())?;
let path = PathBuf::from(trimmed);
if path.is_absolute() {
Some(path)
} else {
Some(config_dir.join(path))
}
raw.map(|value| value.trim().to_string())
.filter(|value| !value.is_empty())
.map(PathBuf::from)
.map(|path| if path.is_absolute() { path } else { config_dir.join(path) })
}
fn normalize_required_value(field: &'static str, raw: String) -> Result<String, ConfigError> {
@@ -548,6 +553,10 @@ struct RawSgClawSettings {
browser_backend: Option<String>,
#[serde(rename = "officeBackend", alias = "office_backend", default)]
office_backend: Option<String>,
#[serde(rename = "browserWsUrl", alias = "browser_ws_url", default)]
browser_ws_url: Option<String>,
#[serde(rename = "serviceWsListenAddr", alias = "service_ws_listen_addr", default)]
service_ws_listen_addr: Option<String>,
#[serde(default)]
providers: Vec<RawProviderSettings>,
}

4
src/lib.rs
View File

@@ -1,10 +1,14 @@
pub mod agent;
pub mod browser;
pub mod compat;
pub mod config;
pub mod llm;
pub mod pipe;
pub mod runtime;
pub mod security;
pub mod service;
pub use browser::ws_probe::{parse_probe_args, run_probe_script, ProbeError, ProbeOutcome};
use std::path::PathBuf;
use std::sync::Arc;

76
src/pipe/browser_tool.rs
View File

@@ -10,6 +10,8 @@ use crate::pipe::protocol::{
use crate::pipe::{PipeError, Transport};
use crate::security::{sign_command, MacPolicy};
const LOCAL_DASHBOARD_EXPECTED_DOMAIN: &str = "__sgclaw_local_dashboard__";
#[derive(Debug, Clone, PartialEq)]
pub struct CommandOutput {
pub seq: u64,
@@ -55,17 +57,46 @@ impl<T: Transport> BrowserPipeTool<T> {
self
}
pub fn response_timeout(&self) -> Duration {
self.response_timeout
}
pub fn mac_policy(&self) -> &MacPolicy {
&self.mac_policy
}
pub fn surface_metadata(&self) -> ExecutionSurfaceMetadata {
self.mac_policy.privileged_surface_metadata()
}
pub fn supports_eval(&self) -> bool {
self.mac_policy.supports_pipe_action(&Action::Eval)
}
pub fn invoke(
&self,
action: Action,
params: Value,
expected_domain: &str,
) -> Result<CommandOutput, PipeError> {
self.mac_policy.validate(&action, expected_domain)?;
if let Some((presentation_url, output_path)) = approved_local_dashboard_request(
&action,
&params,
expected_domain,
) {
self.mac_policy
.validate_local_dashboard_presentation(
&action,
expected_domain,
&presentation_url,
&output_path,
)
.map_err(PipeError::Security)?;
} else {
self.mac_policy
.validate(&action, expected_domain)
.map_err(PipeError::Security)?;
}
let seq = self.next_seq.fetch_add(1, Ordering::Relaxed);
let hmac = sign_command(&self.session_key, seq, &action, &params, expected_domain)?;
@@ -115,6 +146,21 @@ impl<T: Transport> BrowserPipeTool<T> {
"received duplicate init after handshake".to_string(),
));
}
BrowserMessage::Connect => {
return Err(PipeError::UnexpectedMessage(
"received connect while waiting for response".to_string(),
));
}
BrowserMessage::Start => {
return Err(PipeError::UnexpectedMessage(
"received start while waiting for response".to_string(),
));
}
BrowserMessage::Stop => {
return Err(PipeError::UnexpectedMessage(
"received stop while waiting for response".to_string(),
));
}
BrowserMessage::SubmitTask { .. } => {
return Err(PipeError::UnexpectedMessage(
"received submit_task while waiting for response".to_string(),
@@ -124,3 +170,31 @@ impl<T: Transport> BrowserPipeTool<T> {
}
}
}
fn approved_local_dashboard_request(
action: &Action,
params: &Value,
expected_domain: &str,
) -> Option<(String, String)> {
if action != &Action::Navigate || expected_domain != LOCAL_DASHBOARD_EXPECTED_DOMAIN {
return None;
}
let presentation_url = params.get("url")?.as_str()?.trim();
let marker = params.get("sgclaw_local_dashboard_open")?.as_object()?;
let source = marker.get("source")?.as_str()?.trim();
let kind = marker.get("kind")?.as_str()?.trim();
let output_path = marker.get("output_path")?.as_str()?.trim();
let marker_presentation_url = marker.get("presentation_url")?.as_str()?.trim();
if source != "compat.workflow_executor"
|| kind != "zhihu_hotlist_screen"
|| output_path.is_empty()
|| presentation_url.is_empty()
|| marker_presentation_url != presentation_url
{
return None;
}
Some((presentation_url.to_string(), output_path.to_string()))
}

6
src/pipe/protocol.rs
View File

@@ -55,6 +55,9 @@ pub enum BrowserMessage {
#[serde(default)]
capabilities: Vec<String>,
},
Connect,
Start,
Stop,
SubmitTask {
instruction: String,
#[serde(default)]
@@ -119,6 +122,9 @@ pub enum AgentMessage {
agent_id: String,
supported_actions: Vec<Action>,
},
StatusChanged {
state: String,
},
LogEntry {
level: String,
message: String,

103
src/runtime/engine.rs
View File

@@ -1,4 +1,4 @@
use std::path::Path;
use std::path::PathBuf;
use std::sync::Arc;
use zeroclaw::agent::dispatcher::NativeToolDispatcher;
@@ -59,7 +59,7 @@ impl RuntimeEngine {
&self,
provider: Box<dyn Provider>,
config: &ZeroClawConfig,
skills_dir: &Path,
skills_dirs: &[PathBuf],
mut tools: Vec<Box<dyn zeroclaw::tools::Tool>>,
browser_surface_present: bool,
instruction: &str,
@@ -71,7 +71,7 @@ impl RuntimeEngine {
&config.workspace_dir,
));
let observer: Arc<dyn Observer> = Arc::new(NoopObserver);
let skills = load_runtime_skills(config, skills_dir);
let skills = self.load_skills_for_surface(config, skills_dirs, browser_surface_present);
let (mut runtime_tools, _, _, _, _, _) = tools::all_tools_with_runtime(
Arc::new(config.clone()),
&security,
@@ -90,15 +90,21 @@ impl RuntimeEngine {
);
runtime_tools.append(&mut tools);
let default_skills_dir = config.workspace_dir.join("skills");
let has_custom_skills_dir = skills_dirs.iter().any(|d| *d != default_skills_dir);
if matches!(
config.skills.prompt_injection_mode,
SkillsPromptInjectionMode::Compact
) && skills_dir != config.workspace_dir.join("skills")
) && has_custom_skills_dir
{
let first_custom = skills_dirs
.iter()
.find(|d| **d != default_skills_dir)
.cloned();
runtime_tools.retain(|tool| tool.name() != READ_SKILL_TOOL_NAME);
runtime_tools.push(Box::new(ReadSkillTool::with_runtime_skills_dir(
config.workspace_dir.clone(),
Some(skills_dir.to_path_buf()),
first_custom,
config.skills.allow_scripts,
config.skills.open_skills_enabled,
config.skills.open_skills_dir.clone(),
@@ -124,7 +130,7 @@ impl RuntimeEngine {
.skills_prompt_mode(config.skills.prompt_injection_mode)
.allowed_tools(self.allowed_tools_for_config(
config,
skills_dir,
skills_dirs,
browser_surface_present,
instruction,
))
@@ -167,27 +173,9 @@ impl RuntimeEngine {
pub fn loaded_skills(
&self,
config: &ZeroClawConfig,
skills_dir: &Path,
skills_dirs: &[PathBuf],
) -> Vec<zeroclaw::skills::Skill> {
let mut skills = load_runtime_skills(config, skills_dir);
skills.sort_by(|left, right| {
left.name
.cmp(&right.name)
.then(left.version.cmp(&right.version))
});
skills.dedup_by(|left, right| left.name == right.name && left.version == right.version);
skills
}
pub fn loaded_skill_names(&self, config: &ZeroClawConfig, skills_dir: &Path) -> Vec<String> {
let mut names = self
.loaded_skills(config, skills_dir)
.into_iter()
.map(|skill| skill.name)
.collect::<Vec<_>>();
names.sort();
names.dedup();
names
self.load_skills_for_surface(config, skills_dirs, self.browser_surface_enabled())
}
pub fn should_attach_openxml_office_tool(&self, instruction: &str) -> bool {
@@ -201,11 +189,12 @@ impl RuntimeEngine {
fn allowed_tools_for_config(
&self,
config: &ZeroClawConfig,
skills_dir: &Path,
skills_dirs: &[PathBuf],
browser_surface_present: bool,
instruction: &str,
) -> Option<Vec<String>> {
let mut allowed_tools = self.tool_policy.allowed_tools.clone();
let skills = self.load_skills_for_surface(config, skills_dirs, browser_surface_present);
if !browser_surface_present {
allowed_tools.retain(|tool| {
tool != BROWSER_ACTION_TOOL_NAME && tool != SUPERRPA_BROWSER_TOOL_NAME
@@ -227,9 +216,7 @@ impl RuntimeEngine {
allowed_tools.push("file_read".to_string());
}
if browser_surface_present {
allowed_tools.extend(browser_script_tool_names(&load_runtime_skills(
config, skills_dir,
)));
allowed_tools.extend(browser_script_tool_names(&skills));
}
allowed_tools.dedup();
@@ -241,6 +228,28 @@ impl RuntimeEngine {
Some(allowed_tools)
}
}
fn load_skills_for_surface(
&self,
config: &ZeroClawConfig,
skills_dirs: &[PathBuf],
browser_surface_present: bool,
) -> Vec<zeroclaw::skills::Skill> {
let mut skills = load_runtime_skills(config, skills_dirs);
if !browser_surface_present {
skills.iter_mut().for_each(|skill| {
skill.tools.retain(|tool| tool.kind != "browser_script");
});
skills.retain(|skill| !skill.tools.is_empty());
}
skills.sort_by(|left, right| {
left.name
.cmp(&right.name)
.then(left.version.cmp(&right.version))
});
skills.dedup_by(|left, right| left.name == right.name && left.version == right.version);
skills
}
}
fn browser_script_tool_names(skills: &[zeroclaw::skills::Skill]) -> Vec<String> {
@@ -276,13 +285,16 @@ pub fn is_zhihu_hotlist_task(
|| normalized_url.contains("zhihu.com")
|| normalized_title.contains("zhihu")
|| page_title.unwrap_or_default().contains("知乎");
let is_hotlist = normalized_instruction.contains("hotlist")
|| instruction.contains("热榜")
|| normalized_url.contains("/hot")
let hotlist_in_instruction = normalized_instruction.contains("hotlist")
|| instruction.contains("热榜");
let hotlist_in_context = normalized_url.contains("/hot")
|| normalized_title.contains("hotlist")
|| page_title.unwrap_or_default().contains("热榜");
is_zhihu && is_hotlist
// "热榜"/"hotlist" directly in the instruction implies Zhihu (the only
// hotlist feature sgClaw supports). Context-only signals (URL/title)
// still require the "知乎" qualifier to avoid false positives.
(is_zhihu && (hotlist_in_instruction || hotlist_in_context)) || hotlist_in_instruction
}
fn task_needs_office_export(instruction: &str) -> bool {
@@ -346,12 +358,17 @@ pub fn is_zhihu_write_task(
is_zhihu && is_write
}
fn load_runtime_skills(config: &ZeroClawConfig, skills_dir: &Path) -> Vec<zeroclaw::skills::Skill> {
fn load_runtime_skills(config: &ZeroClawConfig, skills_dirs: &[PathBuf]) -> Vec<zeroclaw::skills::Skill> {
let default_skills_dir = config.workspace_dir.join("skills");
if skills_dir == default_skills_dir {
// When using only the default workspace skills directory, use the
// config-aware loader which respects open_skills configuration.
if skills_dirs.len() == 1 && skills_dirs[0] == default_skills_dir {
return zeroclaw::skills::load_skills_with_config(&config.workspace_dir, config);
}
// Start with workspace skills, then filter out those from the default dir
// so they don't duplicate skills loaded from the configured directories.
let mut skills = zeroclaw::skills::load_skills_with_config(&config.workspace_dir, config);
skills.retain(|skill| {
skill
@@ -360,10 +377,16 @@ fn load_runtime_skills(config: &ZeroClawConfig, skills_dir: &Path) -> Vec<zerocl
.map(|location| !location.starts_with(&default_skills_dir))
.unwrap_or(true)
});
skills.extend(zeroclaw::skills::load_skills_from_directory(
skills_dir,
config.skills.allow_scripts,
));
for dir in skills_dirs {
if *dir == default_skills_dir {
continue;
}
skills.extend(zeroclaw::skills::load_skills_from_directory(
dir,
config.skills.allow_scripts,
));
}
skills
}

90
src/security/mac_policy.rs
View File

@@ -25,6 +25,8 @@ pub struct PipeActionRules {
pub blocked: Vec<String>,
}
const LOCAL_DASHBOARD_EXPECTED_DOMAIN: &str = "__sgclaw_local_dashboard__";
impl MacPolicy {
pub fn load_from_path(path: impl AsRef<Path>) -> Result<Self, SecurityError> {
let contents = fs::read_to_string(path)?;
@@ -39,6 +41,20 @@ impl MacPolicy {
Ok(policy)
}
pub fn supports_pipe_action(&self, action: &Action) -> bool {
let action_name = action.as_str();
!self
.pipe_actions
.blocked
.iter()
.any(|blocked| blocked == action_name)
&& self
.pipe_actions
.allowed
.iter()
.any(|allowed| allowed == action_name)
}
pub fn validate(&self, action: &Action, expected_domain: &str) -> Result<(), SecurityError> {
let action_name = action.as_str();
if self
@@ -77,6 +93,64 @@ impl MacPolicy {
Ok(())
}
pub fn validate_local_dashboard_presentation(
&self,
action: &Action,
expected_domain: &str,
presentation_url: &str,
output_path: &str,
) -> Result<(), SecurityError> {
let action_name = action.as_str();
if self
.pipe_actions
.blocked
.iter()
.any(|blocked| blocked == action_name)
{
return Err(SecurityError::ActionNotAllowed(action_name.to_string()));
}
if !self
.pipe_actions
.allowed
.iter()
.any(|allowed| allowed == action_name)
{
return Err(SecurityError::ActionNotAllowed(action_name.to_string()));
}
if action != &Action::Navigate {
return Err(SecurityError::InvalidLocalDashboard(
"local dashboard open only supports navigate".to_string(),
));
}
if expected_domain != LOCAL_DASHBOARD_EXPECTED_DOMAIN {
return Err(SecurityError::InvalidLocalDashboard(
"local dashboard expected_domain is invalid".to_string(),
));
}
if !presentation_url.starts_with("file:///") {
return Err(SecurityError::InvalidLocalDashboard(
"local dashboard presentation_url must be file:///".to_string(),
));
}
if !output_path.to_ascii_lowercase().ends_with(".html") {
return Err(SecurityError::InvalidLocalDashboard(
"local dashboard output_path must point to .html".to_string(),
));
}
let normalized_output = normalize_local_dashboard_path(output_path);
let normalized_presentation = normalize_local_dashboard_file_url(presentation_url)?;
if normalized_output != normalized_presentation {
return Err(SecurityError::InvalidLocalDashboard(
"local dashboard presentation_url does not match output_path".to_string(),
));
}
Ok(())
}
pub fn privileged_surface_metadata(&self) -> ExecutionSurfaceMetadata {
let mut metadata = ExecutionSurfaceMetadata::privileged_browser_pipe("mac_policy");
metadata.allowed_domains = self.domains.allowed.clone();
@@ -116,3 +190,19 @@ fn normalize_domain(raw: &str) -> String {
.unwrap_or_default()
.to_ascii_lowercase()
}
fn normalize_local_dashboard_path(raw: &str) -> String {
raw.trim().replace('\\', "/").to_ascii_lowercase()
}
fn normalize_local_dashboard_file_url(raw: &str) -> Result<String, SecurityError> {
let path = raw
.trim()
.strip_prefix("file:///")
.ok_or_else(|| {
SecurityError::InvalidLocalDashboard(
"local dashboard presentation_url must be file:///".to_string(),
)
})?;
Ok(normalize_local_dashboard_path(path))
}

2
src/security/mod.rs
View File

@@ -14,6 +14,8 @@ pub enum SecurityError {
ActionNotAllowed(String),
#[error("domain is not allowed: {0}")]
DomainNotAllowed(String),
#[error("invalid local dashboard request: {0}")]
InvalidLocalDashboard(String),
#[error("invalid rules: {0}")]
InvalidRules(String),
#[error("hmac error: {0}")]

111
src/service/mod.rs Normal file
View File

@@ -0,0 +1,111 @@
mod protocol;
pub(crate) mod server;
use std::net::TcpListener;
use std::sync::Arc;
use tungstenite::accept;
use crate::agent::AgentRuntimeContext;
use crate::pipe::PipeError;
use crate::security::MacPolicy;
const DEFAULT_BROWSER_WS_URL: &str = "ws://127.0.0.1:12345";
const DEFAULT_SERVICE_WS_LISTEN_ADDR: &str = "127.0.0.1:42321";
pub use protocol::{ClientMessage, ServiceMessage};
pub use server::{serve_client, ServiceEventSink, ServiceSession};
pub(crate) mod browser_ws_client {
pub(crate) use super::server::{initial_request_url_for_submit_task, ServiceWsClient};
}
#[derive(Debug, Clone, Default, PartialEq, Eq)]
pub struct ServiceStartupConfig {
pub browser_ws_url: Option<String>,
pub service_ws_listen_addr: Option<String>,
}
pub fn load_startup_config(
runtime_context: &AgentRuntimeContext,
) -> Result<ServiceStartupConfig, PipeError> {
let settings = runtime_context
.load_sgclaw_settings()?
.ok_or_else(|| PipeError::Protocol("missing environment variable: DEEPSEEK_API_KEY".to_string()))?;
Ok(ServiceStartupConfig {
browser_ws_url: Some(
settings
.browser_ws_url
.unwrap_or_else(|| DEFAULT_BROWSER_WS_URL.to_string()),
),
service_ws_listen_addr: Some(
settings
.service_ws_listen_addr
.unwrap_or_else(|| DEFAULT_SERVICE_WS_LISTEN_ADDR.to_string()),
),
})
}
pub fn run() -> Result<(), PipeError> {
let runtime_context = AgentRuntimeContext::from_process_args(std::env::args_os())?;
let startup = load_startup_config(&runtime_context)?;
let service_ws_listen_addr = startup
.service_ws_listen_addr
.as_deref()
.unwrap_or(DEFAULT_SERVICE_WS_LISTEN_ADDR);
let browser_ws_url = startup
.browser_ws_url
.as_deref()
.unwrap_or(DEFAULT_BROWSER_WS_URL);
let listener = TcpListener::bind(service_ws_listen_addr)
.map_err(|err| PipeError::Protocol(format!("failed to bind service listener {service_ws_listen_addr}: {err}")))?;
let mac_policy = load_service_mac_policy()?;
let session = ServiceSession::new();
eprintln!(
"sg_claw ready: service_ws_listen_addr={}, browser_ws_url={}",
service_ws_listen_addr,
browser_ws_url,
);
loop {
let (stream, _) = listener.accept()?;
let websocket = accept(stream)
.map_err(|err| PipeError::Protocol(format!("service websocket accept failed: {err}")))?;
let sink = Arc::new(ServiceEventSink::from_websocket(websocket));
match session.try_attach_client() {
Ok(()) => {
let result = serve_client(
&runtime_context,
&session,
sink.clone(),
browser_ws_url,
&mac_policy,
);
session.detach_client();
match result {
Ok(()) | Err(PipeError::PipeClosed) => {}
Err(err) => return Err(err),
}
}
Err(message) => {
sink.send_service_message(message)?;
}
}
}
}
fn load_service_mac_policy() -> Result<MacPolicy, PipeError> {
let current_exe = std::env::current_exe()?;
let candidate = current_exe
.parent()
.map(|dir| dir.join("resources").join("rules.json"))
.unwrap_or_else(|| std::path::PathBuf::from("resources").join("rules.json"));
let path = if candidate.exists() {
candidate
} else {
std::env::current_dir()?.join("resources").join("rules.json")
};
MacPolicy::load_from_path(&path).map_err(PipeError::from)
}

60
src/service/protocol.rs Normal file
View File

@@ -0,0 +1,60 @@
use serde::{Deserialize, Serialize};
use crate::agent::SubmitTaskRequest;
use crate::pipe::ConversationMessage;
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
#[serde(tag = "type", rename_all = "snake_case")]
pub enum ClientMessage {
Connect,
Start,
Stop,
SubmitTask {
instruction: String,
#[serde(default)]
conversation_id: String,
#[serde(default)]
messages: Vec<ConversationMessage>,
#[serde(default)]
page_url: String,
#[serde(default)]
page_title: String,
},
Ping,
}
impl ClientMessage {
pub fn into_submit_task_request(self) -> Option<SubmitTaskRequest> {
match self {
ClientMessage::SubmitTask {
instruction,
conversation_id,
messages,
page_url,
page_title,
} => Some(SubmitTaskRequest {
instruction,
conversation_id: normalize_optional_field(conversation_id),
messages,
page_url: normalize_optional_field(page_url),
page_title: normalize_optional_field(page_title),
}),
ClientMessage::Connect | ClientMessage::Start | ClientMessage::Stop | ClientMessage::Ping => None,
}
}
}
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
#[serde(tag = "type", rename_all = "snake_case")]
pub enum ServiceMessage {
StatusChanged { state: String },
LogEntry { level: String, message: String },
TaskComplete { success: bool, summary: String },
Busy { message: String },
Pong,
}
fn normalize_optional_field(value: String) -> Option<String> {
let trimmed = value.trim();
(!trimmed.is_empty()).then(|| trimmed.to_string())
}

940
src/service/server.rs Normal file
View File

@@ -0,0 +1,940 @@
use std::net::TcpStream;
use std::sync::{Arc, Mutex};
use std::time::Duration;
#[cfg(test)]
use reqwest::blocking::Client;
#[cfg(test)]
use serde_json::{json, Map};
#[cfg(test)]
use serde_json::Value;
use tungstenite::stream::MaybeTlsStream;
use tungstenite::{connect, Message, WebSocket};
use crate::agent::{
run_submit_task_with_browser_backend, AgentEventSink, AgentRuntimeContext,
};
use crate::browser::callback_host::LiveBrowserCallbackHost;
use crate::browser::ws_backend::WsClient;
#[cfg(test)]
use crate::browser::bridge_contract::{
BridgeBrowserActionError, BridgeBrowserActionReply, BridgeBrowserActionRequest,
BridgeBrowserActionSuccess,
};
#[cfg(test)]
use crate::browser::bridge_transport::BridgeActionTransport;
use crate::browser::{BrowserBackend, BrowserCallbackBackend};
#[cfg(test)]
use crate::browser::BridgeBrowserBackend;
use crate::pipe::{AgentMessage, BrowserMessage, PipeError, Transport};
#[cfg(test)]
use crate::pipe::Timing;
use crate::security::MacPolicy;
use super::{ClientMessage, ServiceMessage};
const BROWSER_RESPONSE_TIMEOUT: Duration = Duration::from_secs(30);
#[cfg(test)]
const DEFAULT_BRIDGE_BASE_URL: &str = "http://localhost:23323";
#[derive(Debug, Default)]
pub struct ServiceSession {
attached: Mutex<bool>,
task_running: Mutex<bool>,
}
impl ServiceSession {
pub fn new() -> Self {
Self {
attached: Mutex::new(false),
task_running: Mutex::new(false),
}
}
pub fn try_attach_client(&self) -> Result<(), ServiceMessage> {
let mut attached = self.attached.lock().unwrap();
if *attached {
return Err(ServiceMessage::Busy {
message: "service already has an attached client".to_string(),
});
}
*attached = true;
Ok(())
}
pub fn detach_client(&self) {
let mut attached = self.attached.lock().unwrap();
*attached = false;
let mut task_running = self.task_running.lock().unwrap();
*task_running = false;
}
pub fn try_start_task(&self) -> Result<(), ServiceMessage> {
let attached = self.attached.lock().unwrap();
if !*attached {
return Err(ServiceMessage::Busy {
message: "service has no attached client".to_string(),
});
}
drop(attached);
let mut task_running = self.task_running.lock().unwrap();
if *task_running {
return Err(ServiceMessage::Busy {
message: "service already has a running task".to_string(),
});
}
*task_running = true;
Ok(())
}
pub fn finish_task(&self) {
let mut task_running = self.task_running.lock().unwrap();
*task_running = false;
}
}
#[derive(Debug)]
pub struct ServiceEventSink {
sent: Mutex<Vec<ServiceMessage>>,
writer: Option<Mutex<WebSocket<TcpStream>>>,
}
impl Default for ServiceEventSink {
fn default() -> Self {
Self {
sent: Mutex::new(Vec::new()),
writer: None,
}
}
}
impl ServiceEventSink {
pub fn from_websocket(websocket: WebSocket<TcpStream>) -> Self {
Self {
sent: Mutex::new(Vec::new()),
writer: Some(Mutex::new(websocket)),
}
}
pub fn send_service_message(&self, message: ServiceMessage) -> Result<(), PipeError> {
self.sent.lock().unwrap().push(message.clone());
if let Some(writer) = &self.writer {
let payload = serde_json::to_string(&message)?;
writer
.lock()
.map_err(|_| PipeError::Protocol("service websocket writer lock poisoned".to_string()))?
.send(Message::Text(payload.into()))
.map_err(|err| map_service_websocket_error(err, "send"))?;
}
Ok(())
}
pub fn recv_client_message(&self) -> Result<Option<ClientMessage>, PipeError> {
let Some(writer) = &self.writer else {
return Err(PipeError::Protocol(
"service sink has no websocket reader".to_string(),
));
};
loop {
let mut websocket = writer
.lock()
.map_err(|_| PipeError::Protocol("service websocket writer lock poisoned".to_string()))?;
match websocket.read() {
Ok(Message::Text(text)) => return Ok(Some(serde_json::from_str(&text)?)),
Ok(Message::Close(_)) => return Ok(None),
Ok(Message::Ping(payload)) => {
websocket
.send(Message::Pong(payload))
.map_err(|err| PipeError::Protocol(format!("service websocket pong failed: {err}")))?;
}
Ok(_) => {}
Err(tungstenite::Error::ConnectionClosed) | Err(tungstenite::Error::AlreadyClosed) => {
return Ok(None)
}
Err(err) => return Err(map_service_websocket_error(err, "read")),
}
}
}
pub fn sent_messages(&self) -> Vec<ServiceMessage> {
self.sent.lock().unwrap().clone()
}
}
impl AgentEventSink for ServiceEventSink {
fn send(&self, message: &AgentMessage) -> Result<(), PipeError> {
let mapped = match message {
AgentMessage::StatusChanged { state } => ServiceMessage::StatusChanged {
state: state.clone(),
},
AgentMessage::LogEntry { level, message } => ServiceMessage::LogEntry {
level: level.clone(),
message: message.clone(),
},
AgentMessage::TaskComplete { success, summary } => ServiceMessage::TaskComplete {
success: *success,
summary: summary.clone(),
},
_ => {
return Err(PipeError::Protocol(
"unsupported agent message for service sink".to_string(),
))
}
};
self.send_service_message(mapped)
}
}
fn map_service_websocket_error(err: tungstenite::Error, operation: &str) -> PipeError {
match err {
tungstenite::Error::ConnectionClosed
| tungstenite::Error::AlreadyClosed
| tungstenite::Error::Protocol(tungstenite::error::ProtocolError::ResetWithoutClosingHandshake)
| tungstenite::Error::Protocol(tungstenite::error::ProtocolError::SendAfterClosing) => {
PipeError::PipeClosed
}
tungstenite::Error::Io(io_err)
if matches!(
io_err.kind(),
std::io::ErrorKind::TimedOut | std::io::ErrorKind::WouldBlock
) =>
{
PipeError::Timeout
}
tungstenite::Error::Io(io_err)
if matches!(
io_err.kind(),
std::io::ErrorKind::ConnectionAborted
| std::io::ErrorKind::ConnectionReset
| std::io::ErrorKind::BrokenPipe
| std::io::ErrorKind::UnexpectedEof
) =>
{
PipeError::PipeClosed
}
tungstenite::Error::Io(io_err) => {
PipeError::Protocol(format!("service websocket {operation} failed: {io_err}"))
}
other => PipeError::Protocol(format!("service websocket {operation} failed: {other}")),
}
}
fn send_status_changed(sink: &ServiceEventSink, state: &str) -> Result<(), PipeError> {
sink.send(&AgentMessage::StatusChanged {
state: state.to_string(),
})
}
pub fn serve_client(
context: &AgentRuntimeContext,
session: &ServiceSession,
sink: Arc<ServiceEventSink>,
browser_ws_url: &str,
mac_policy: &MacPolicy,
) -> Result<(), PipeError> {
// Cache the browser callback host across tasks so the helper page tab is
// opened only once per client session instead of once per task.
let mut cached_host: Option<Arc<LiveBrowserCallbackHost>> = None;
loop {
let Some(message) = sink.recv_client_message()? else {
return Ok(());
};
match message {
ClientMessage::Connect => send_status_changed(sink.as_ref(), "connected")?,
ClientMessage::Start => send_status_changed(sink.as_ref(), "started")?,
ClientMessage::Stop => send_status_changed(sink.as_ref(), "stopped")?,
ClientMessage::Ping => sink.send_service_message(ServiceMessage::Pong)?,
ClientMessage::SubmitTask {
instruction,
conversation_id,
messages,
page_url,
page_title,
} => {
let request = ClientMessage::SubmitTask {
instruction,
conversation_id,
messages,
page_url: page_url.clone(),
page_title,
}
.into_submit_task_request()
.expect("submit task request");
if let Err(message) = session.try_start_task() {
sink.send_service_message(message)?;
continue;
}
if request.instruction.trim().is_empty() {
let result = sink.send(&AgentMessage::TaskComplete {
success: false,
summary: "请输入任务内容。".to_string(),
});
session.finish_task();
result?;
continue;
}
// Lazily create and cache the browser callback host. On first
// task it opens the helper page; subsequent tasks reuse it.
if cached_host.is_none() {
let bootstrap_url = initial_request_url_for_submit_task(&request);
match LiveBrowserCallbackHost::start_with_browser_ws_url(
browser_ws_url,
&bootstrap_url,
Duration::from_secs(15),
BROWSER_RESPONSE_TIMEOUT,
) {
Ok(host) => {
cached_host = Some(Arc::new(host));
}
Err(err) => {
session.finish_task();
eprintln!("task execution failed: {err}");
sink.send(&AgentMessage::TaskComplete {
success: false,
summary: format!("任务执行失败: {err}"),
})?;
continue;
}
}
} else {
cached_host.as_ref().unwrap().reset_pending_state();
}
let host = cached_host.as_ref().unwrap();
let browser_backend: Arc<dyn BrowserBackend> =
Arc::new(BrowserCallbackBackend::new(
host.clone(),
mac_policy.clone(),
host.helper_url().to_string(),
));
let result = run_submit_task_with_browser_backend(
&NoopTransport,
sink.as_ref(),
browser_backend,
context,
request,
);
session.finish_task();
match result {
Ok(()) => {}
Err(PipeError::PipeClosed) => return Err(PipeError::PipeClosed),
Err(err) => {
eprintln!("task execution failed: {err}");
sink.send(&AgentMessage::TaskComplete {
success: false,
summary: format!("任务执行失败: {err}"),
})?;
}
}
}
}
}
}
pub(crate) fn initial_request_url_for_submit_task(request: &crate::agent::SubmitTaskRequest) -> String {
request
.page_url
.as_deref()
.map(str::trim)
.filter(|value| !value.is_empty())
.map(ToString::to_string)
.or_else(|| derive_request_url_from_instruction(&request.instruction))
.unwrap_or_else(|| "about:blank".to_string())
}
fn derive_request_url_from_instruction(instruction: &str) -> Option<String> {
if crate::compat::workflow_executor::detect_route(instruction, None, None)
.is_some_and(|route| {
matches!(
route,
crate::compat::workflow_executor::WorkflowRoute::ZhihuHotlistExportXlsx
| crate::compat::workflow_executor::WorkflowRoute::ZhihuHotlistScreen
| crate::compat::workflow_executor::WorkflowRoute::ZhihuArticleEntry
| crate::compat::workflow_executor::WorkflowRoute::ZhihuArticleAutoPublishGenerated
)
})
{
return Some("https://www.zhihu.com".to_string());
}
if crate::compat::workflow_executor::detect_route(instruction, None, None)
.is_some_and(|route| {
matches!(
route,
crate::compat::workflow_executor::WorkflowRoute::ZhihuArticleDraft
| crate::compat::workflow_executor::WorkflowRoute::ZhihuArticlePublish
)
})
{
return Some("https://zhuanlan.zhihu.com".to_string());
}
None
}
pub(crate) struct ServiceWsClient {
websocket: Mutex<WebSocket<MaybeTlsStream<TcpStream>>>,
}
impl ServiceWsClient {
pub(crate) fn connect(browser_ws_url: &str) -> Result<Self, PipeError> {
let (mut websocket, _) = connect(browser_ws_url)
.map_err(|err| PipeError::Protocol(format!("browser websocket connect failed: {err}")))?;
configure_browser_ws_timeouts(&mut websocket, BROWSER_RESPONSE_TIMEOUT)?;
websocket
.send(Message::Text(
r#"{"type":"register","role":"web"}"#.to_string().into(),
))
.map_err(|err| map_service_websocket_error(err, "register"))?;
Ok(Self {
websocket: Mutex::new(websocket),
})
}
}
impl WsClient for ServiceWsClient {
fn send_text(&self, payload: &str) -> Result<(), PipeError> {
self.websocket
.lock()
.map_err(|_| PipeError::Protocol("browser websocket lock poisoned".to_string()))?
.send(Message::Text(payload.to_string().into()))
.map_err(|err| map_service_websocket_error(err, "send"))
}
fn recv_text_timeout(&self, timeout: Duration) -> Result<String, PipeError> {
let mut websocket = self
.websocket
.lock()
.map_err(|_| PipeError::Protocol("browser websocket lock poisoned".to_string()))?;
set_plain_browser_ws_read_timeout(&mut websocket, Some(timeout))?;
loop {
match websocket.read() {
Ok(Message::Text(text)) => return Ok(text.to_string()),
Ok(Message::Close(_)) => return Err(PipeError::PipeClosed),
Ok(Message::Ping(payload)) => {
websocket
.send(Message::Pong(payload))
.map_err(|err| map_service_websocket_error(err, "pong"))?;
}
Ok(_) => {}
Err(err) => return Err(map_service_websocket_error(err, "read")),
}
}
}
}
fn configure_browser_ws_timeouts(
websocket: &mut WebSocket<MaybeTlsStream<TcpStream>>,
timeout: Duration,
) -> Result<(), PipeError> {
match websocket.get_mut() {
MaybeTlsStream::Plain(stream) => {
stream.set_read_timeout(Some(timeout))?;
stream.set_write_timeout(Some(timeout))?;
Ok(())
}
_ => Ok(()),
}
}
fn set_plain_browser_ws_read_timeout(
websocket: &mut WebSocket<MaybeTlsStream<TcpStream>>,
timeout: Option<Duration>,
) -> Result<(), PipeError> {
match websocket.get_mut() {
MaybeTlsStream::Plain(stream) => {
stream.set_read_timeout(timeout)?;
Ok(())
}
_ => Ok(()),
}
}
struct NoopTransport;
impl Transport for NoopTransport {
fn send(&self, _message: &AgentMessage) -> Result<(), PipeError> {
Ok(())
}
fn recv_timeout(&self, _timeout: Duration) -> Result<BrowserMessage, PipeError> {
Err(PipeError::Timeout)
}
}
#[cfg(test)]
mod pipe_closed_mapping_tests {
use super::*;
#[test]
fn map_service_websocket_error_treats_connection_aborted_send_as_pipe_closed() {
let err = tungstenite::Error::Io(std::io::Error::from(std::io::ErrorKind::ConnectionAborted));
assert!(matches!(map_service_websocket_error(err, "send"), PipeError::PipeClosed));
}
#[test]
fn map_service_websocket_error_treats_send_after_closing_as_pipe_closed() {
let err = tungstenite::Error::Protocol(tungstenite::error::ProtocolError::SendAfterClosing);
assert!(matches!(map_service_websocket_error(err, "send"), PipeError::PipeClosed));
}
}
#[cfg(test)]
struct ServiceBridgeTransport {
bridge_base_url: String,
response_timeout: Duration,
}
#[cfg(test)]
impl ServiceBridgeTransport {
fn with_timeout(bridge_base_url: String, response_timeout: Duration) -> Self {
Self {
bridge_base_url,
response_timeout,
}
}
fn endpoint_url(&self, action: &str) -> String {
format!("{}/{}", self.bridge_base_url.trim_end_matches('/'), action)
}
}
#[cfg(test)]
impl BridgeActionTransport for ServiceBridgeTransport {
fn execute(
&self,
request: BridgeBrowserActionRequest,
) -> Result<BridgeBrowserActionReply, PipeError> {
let url = self.endpoint_url(&request.action);
let response_timeout = self.response_timeout;
std::thread::spawn(move || execute_bridge_http_request(url, response_timeout, request))
.join()
.map_err(|_| PipeError::Protocol("browser bridge worker thread panicked".to_string()))?
}
}
#[cfg(test)]
fn execute_bridge_http_request(
url: String,
response_timeout: Duration,
request: BridgeBrowserActionRequest,
) -> Result<BridgeBrowserActionReply, PipeError> {
let BridgeBrowserActionRequest {
action,
params,
expected_domain,
} = request;
let payload = json!([action, params, expected_domain]);
let client = Client::builder()
.timeout(response_timeout)
.build()
.unwrap_or_else(|_| Client::new());
let response = client
.post(url)
.json(&payload)
.send()
.map_err(map_bridge_http_error)?;
let status = response.status();
if !status.is_success() {
return Err(PipeError::Protocol(format!(
"browser bridge request failed: HTTP {status}"
)));
}
let value: Value = response.json().map_err(|err| {
PipeError::Protocol(format!("browser bridge response decode failed: {err}"))
})?;
normalize_bridge_action_reply(value)
}
#[cfg(test)]
fn bridge_base_url_from_browser_ws_url(browser_ws_url: &str) -> String {
let trimmed = browser_ws_url.trim();
if trimmed.is_empty() {
return DEFAULT_BRIDGE_BASE_URL.to_string();
}
if trimmed.starts_with("http://") || trimmed.starts_with("https://") {
return trimmed.trim_end_matches('/').to_string();
}
let normalized = trimmed
.strip_prefix("ws://")
.map(|rest| format!("http://{rest}"))
.or_else(|| trimmed.strip_prefix("wss://").map(|rest| format!("https://{rest}")))
.unwrap_or_else(|| trimmed.to_string());
let Ok(parsed) = reqwest::Url::parse(&normalized) else {
return DEFAULT_BRIDGE_BASE_URL.to_string();
};
let host = parsed.host_str().unwrap_or("localhost");
let is_default_browser_ws = parsed.scheme() == "http"
&& parsed.port_or_known_default() == Some(12345)
&& matches!(host, "127.0.0.1" | "localhost");
if is_default_browser_ws {
return DEFAULT_BRIDGE_BASE_URL.to_string();
}
let mut base = format!("{}://{}", parsed.scheme(), host);
if let Some(port) = parsed.port() {
base.push(':');
base.push_str(&port.to_string());
}
base
}
#[cfg(test)]
fn map_bridge_http_error(err: reqwest::Error) -> PipeError {
if err.is_timeout() {
PipeError::Timeout
} else {
PipeError::Protocol(format!("browser bridge request failed: {err}"))
}
}
#[cfg(test)]
fn normalize_bridge_action_reply(value: Value) -> Result<BridgeBrowserActionReply, PipeError> {
if let Ok(reply) = serde_json::from_value::<BridgeBrowserActionReply>(value.clone()) {
return Ok(reply);
}
match value {
Value::Number(number) if number.as_i64() == Some(0) => Ok(bridge_success_reply(serde_json::json!({}))),
Value::String(text) if text.trim() == "0" => Ok(bridge_success_reply(serde_json::json!({}))),
Value::Object(object) => normalize_bridge_action_reply_object(object),
other => Err(PipeError::Protocol(format!(
"invalid browser bridge reply: {other}"
))),
}
}
#[cfg(test)]
fn normalize_bridge_action_reply_object(
object: Map<String, Value>,
) -> Result<BridgeBrowserActionReply, PipeError> {
if let Some(success) = object.get("success").and_then(Value::as_bool) {
return Ok(if success {
bridge_success_reply(success_data_from_object(&object))
} else {
bridge_error_reply(error_message_from_object(&object), error_details_from_object(&object))
});
}
if let Some(code) = object.get("code").and_then(Value::as_i64) {
return Ok(if code == 0 {
bridge_success_reply(success_data_from_object(&object))
} else {
bridge_error_reply(
error_message_from_object(&object),
object_to_value(object.clone()),
)
});
}
if object.contains_key("data") || object.contains_key("result") || object.contains_key("text") {
return Ok(bridge_success_reply(success_data_from_object(&object)));
}
Err(PipeError::Protocol(format!(
"invalid browser bridge reply: {}",
object_to_value(object)
)))
}
#[cfg(test)]
fn bridge_success_reply(data: Value) -> BridgeBrowserActionReply {
BridgeBrowserActionReply::Success(BridgeBrowserActionSuccess {
data,
aom_snapshot: vec![],
timing: Timing {
queue_ms: 0,
exec_ms: 0,
},
})
}
#[cfg(test)]
fn bridge_error_reply(message: String, details: Value) -> BridgeBrowserActionReply {
BridgeBrowserActionReply::Error(BridgeBrowserActionError { message, details })
}
#[cfg(test)]
fn success_data_from_object(object: &Map<String, Value>) -> Value {
object
.get("data")
.cloned()
.or_else(|| object.get("result").cloned())
.or_else(|| object.get("text").cloned().map(|text| json!({ "text": text })))
.unwrap_or_else(|| json!({}))
}
#[cfg(test)]
fn error_message_from_object(object: &Map<String, Value>) -> String {
object
.get("message")
.and_then(Value::as_str)
.or_else(|| object.get("error").and_then(Value::as_str))
.map(ToString::to_string)
.unwrap_or_else(|| "browser bridge action failed".to_string())
}
#[cfg(test)]
fn error_details_from_object(object: &Map<String, Value>) -> Value {
object
.get("details")
.cloned()
.unwrap_or_else(|| object_to_value(object.clone()))
}
#[cfg(test)]
fn object_to_value(object: Map<String, Value>) -> Value {
Value::Object(object)
}
#[cfg(test)]
fn read_http_json_body(stream: &mut impl std::io::Read) -> Value {
let mut buffer = Vec::new();
let mut headers_end = None;
while headers_end.is_none() {
let mut chunk = [0_u8; 1024];
let bytes = std::io::Read::read(stream, &mut chunk).unwrap();
assert!(bytes > 0, "unexpected EOF while reading headers");
buffer.extend_from_slice(&chunk[..bytes]);
headers_end = buffer.windows(4).position(|window| window == b"\r\n\r\n");
}
let headers_end = headers_end.unwrap() + 4;
let headers = String::from_utf8(buffer[..headers_end].to_vec()).unwrap();
let content_length = headers
.lines()
.find_map(|line| {
let (name, value) = line.split_once(':')?;
name.eq_ignore_ascii_case("content-length")
.then(|| value.trim().parse::<usize>().unwrap())
})
.unwrap_or(0);
while buffer.len() < headers_end + content_length {
let mut chunk = vec![0_u8; content_length];
let bytes = std::io::Read::read(stream, &mut chunk).unwrap();
assert!(bytes > 0, "unexpected EOF while reading body");
buffer.extend_from_slice(&chunk[..bytes]);
}
serde_json::from_slice(&buffer[headers_end..headers_end + content_length]).unwrap()
}
#[cfg(test)]
fn write_http_json_response(stream: &mut impl std::io::Write, status: &str, body: &Value) {
let payload = body.to_string();
let response = format!(
"HTTP/1.1 {status}\r\nContent-Type: application/json\r\nContent-Length: {}\r\nConnection: close\r\n\r\n{}",
payload.len(),
payload
);
std::io::Write::write_all(stream, response.as_bytes()).unwrap();
std::io::Write::flush(stream).unwrap();
}
#[cfg(test)]
mod tests {
use super::*;
use std::net::TcpListener;
use std::sync::{mpsc, Arc};
use std::thread;
use serde_json::json;
use crate::agent::SubmitTaskRequest;
use crate::browser::BrowserBackend;
use crate::pipe::Action;
fn service_test_policy() -> MacPolicy {
MacPolicy::from_json_str(
r#"{
"version": "1.0",
"domains": { "allowed": ["www.baidu.com", "www.zhihu.com"] },
"pipe_actions": {
"allowed": ["navigate", "getText", "eval"],
"blocked": []
}
}"#,
)
.unwrap()
}
#[test]
fn initial_request_url_prefers_submit_task_page_url() {
let request = SubmitTaskRequest {
instruction: "打开知乎热榜".to_string(),
page_url: Some(" https://www.zhihu.com/ ".to_string()),
..SubmitTaskRequest::default()
};
assert_eq!(
initial_request_url_for_submit_task(&request),
"https://www.zhihu.com/"
);
}
#[test]
fn initial_request_url_falls_back_to_zhihu_origin_for_hotlist_routes() {
let request = SubmitTaskRequest {
instruction: "打开知乎热榜获取前10条数据并导出 Excel".to_string(),
..SubmitTaskRequest::default()
};
assert_eq!(
initial_request_url_for_submit_task(&request),
"https://www.zhihu.com"
);
}
#[test]
fn initial_request_url_falls_back_to_zhihu_origin_for_generated_article_publish_routes() {
let request = SubmitTaskRequest {
instruction: "在知乎自动发表一篇名称为人工智能技能大全".to_string(),
..SubmitTaskRequest::default()
};
assert_eq!(
initial_request_url_for_submit_task(&request),
"https://www.zhihu.com"
);
}
#[test]
fn bridge_base_url_defaults_local_browser_ws_endpoint_to_http_bridge() {
assert_eq!(
bridge_base_url_from_browser_ws_url("ws://127.0.0.1:12345"),
"http://localhost:23323"
);
assert_eq!(
bridge_base_url_from_browser_ws_url("ws://localhost:12345"),
"http://localhost:23323"
);
}
#[test]
fn bridge_base_url_maps_non_default_ws_endpoint_to_http_origin() {
assert_eq!(
bridge_base_url_from_browser_ws_url("ws://127.0.0.1:40123"),
"http://127.0.0.1:40123"
);
}
#[test]
fn service_bridge_transport_posts_semantic_request_and_maps_success_reply() {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let base_url = format!("http://{address}");
let (request_tx, request_rx) = mpsc::channel();
let server = thread::spawn(move || {
let (mut stream, _) = listener.accept().unwrap();
let request = read_http_json_body(&mut stream);
request_tx.send(request).unwrap();
write_http_json_response(
&mut stream,
"200 OK",
&json!({
"success": true,
"data": { "text": "天气" }
}),
);
});
let backend = BridgeBrowserBackend::new(
Arc::new(ServiceBridgeTransport::with_timeout(
base_url,
Duration::from_secs(1),
)),
service_test_policy(),
);
let output = backend
.invoke(Action::GetText, json!({ "selector": "body" }), "www.zhihu.com")
.expect("bridge transport should normalize success reply");
let request = request_rx.recv_timeout(Duration::from_secs(1)).unwrap();
server.join().unwrap();
assert_eq!(
request,
json!([
"getText",
{ "selector": "body" },
"www.zhihu.com"
])
);
assert!(output.success);
assert_eq!(output.data, json!({ "text": "天气" }));
}
#[test]
fn service_bridge_transport_maps_bridge_error_reply_to_pipe_error() {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let base_url = format!("http://{address}");
let server = thread::spawn(move || {
let (mut stream, _) = listener.accept().unwrap();
let _request = read_http_json_body(&mut stream);
write_http_json_response(
&mut stream,
"200 OK",
&json!({
"success": false,
"message": "selector not found",
"details": { "selector": "#missing" }
}),
);
});
let backend = BridgeBrowserBackend::new(
Arc::new(ServiceBridgeTransport::with_timeout(
base_url,
Duration::from_secs(1),
)),
service_test_policy(),
);
let error = backend
.invoke(Action::GetText, json!({ "selector": "#missing" }), "www.zhihu.com")
.expect_err("bridge transport should surface semantic bridge failures");
server.join().unwrap();
assert!(matches!(
error,
PipeError::Protocol(message) if message == "bridge action failed: selector not found"
));
}
#[test]
fn service_bridge_transport_maps_http_timeout_to_timeout() {
let transport = ServiceBridgeTransport::with_timeout(
"http://127.0.0.1:1".to_string(),
Duration::from_millis(20),
);
let error = transport
.execute(BridgeBrowserActionRequest::new(
"navigate",
json!({ "url": "https://www.zhihu.com/hot" }),
"www.zhihu.com",
))
.expect_err("unreachable bridge should surface a transport error");
assert!(matches!(error, PipeError::Protocol(_) | PipeError::Timeout));
}
}

360
tests/agent_runtime_test.rs
View File

@@ -1,35 +1,177 @@
mod common;
use std::fs;
use std::net::TcpListener;
use std::path::PathBuf;
use std::sync::Arc;
use std::sync::{Arc, Mutex, OnceLock};
use std::thread;
use std::time::Duration;
use serde_json::{json, Value};
use uuid::Uuid;
use common::MockTransport;
use sgclaw::agent::{
handle_browser_message, handle_browser_message_with_context, AgentRuntimeContext,
};
use sgclaw::agent::runtime::{browser_action_tool_definition, execute_task_with_provider};
use sgclaw::compat::runtime::CompatTaskContext;
use sgclaw::config::SgClawSettings;
use sgclaw::llm::{ChatMessage, LlmError, LlmProvider, ToolDefinition, ToolFunctionCall};
use sgclaw::pipe::{Action, AgentMessage, BrowserMessage, BrowserPipeTool, Timing};
use sgclaw::security::MacPolicy;
use tungstenite::{accept, error::ProtocolError, Message};
struct FakeProvider {
calls: Vec<ToolFunctionCall>,
fn env_lock() -> &'static Mutex<()> {
static LOCK: OnceLock<Mutex<()>> = OnceLock::new();
LOCK.get_or_init(|| Mutex::new(()))
}
impl LlmProvider for FakeProvider {
fn chat(
&self,
_messages: &[ChatMessage],
_tools: &[ToolDefinition],
) -> Result<Vec<ToolFunctionCall>, LlmError> {
Ok(self.calls.clone())
fn temp_workspace_root() -> PathBuf {
let root = std::env::temp_dir().join(format!("sgclaw-agent-runtime-{}", Uuid::new_v4()));
fs::create_dir_all(&root).unwrap();
root
}
fn write_config(
root: &PathBuf,
api_key: &str,
base_url: &str,
model: &str,
skills_dir: Option<&str>,
browser_ws_url: Option<&str>,
) -> PathBuf {
let config_path = root.join("sgclaw_config.json");
let mut payload = json!({
"apiKey": api_key,
"baseUrl": base_url,
"model": model,
"runtimeProfile": "BrowserAttached"
});
if let Some(skills_dir) = skills_dir {
payload["skillsDir"] = json!(skills_dir);
}
if let Some(browser_ws_url) = browser_ws_url {
payload["browserWsUrl"] = json!(browser_ws_url);
}
fs::write(&config_path, serde_json::to_string_pretty(&payload).unwrap()).unwrap();
config_path
}
fn real_skill_lib_root() -> PathBuf {
PathBuf::from(env!("CARGO_MANIFEST_DIR"))
.ancestors()
.find_map(|ancestor| {
let candidate = ancestor.join("skill_lib");
candidate.is_dir().then_some(candidate)
})
.expect("workspace should have sgClaw skill_lib ancestor")
}
fn start_browser_ws_server() -> (String, Arc<Mutex<Vec<String>>>, thread::JoinHandle<()>) {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let frames = Arc::new(Mutex::new(Vec::new()));
let frames_for_thread = Arc::clone(&frames);
let handle = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
stream
.set_read_timeout(Some(Duration::from_secs(1)))
.unwrap();
stream
.set_write_timeout(Some(Duration::from_secs(1)))
.unwrap();
let mut socket = accept(stream).unwrap();
let mut action_count = 0_u64;
loop {
let message = match socket.read() {
Ok(message) => message,
Err(tungstenite::Error::ConnectionClosed)
| Err(tungstenite::Error::AlreadyClosed)
| Err(tungstenite::Error::Protocol(
ProtocolError::ResetWithoutClosingHandshake,
)) => break,
Err(err) => panic!("browser ws test server read failed: {err}"),
};
let payload = match message {
Message::Text(text) => text.to_string(),
Message::Ping(payload) => {
socket.send(Message::Pong(payload)).unwrap();
continue;
}
Message::Close(_) => break,
other => panic!("expected text frame, got {other:?}"),
};
frames_for_thread.lock().unwrap().push(payload.clone());
let parsed: Value = serde_json::from_str(&payload).unwrap();
if parsed.get("type").and_then(Value::as_str) == Some("register") {
continue;
}
let values = parsed.as_array().expect("browser action frame should be an array");
let request_url = values[0].as_str().expect("request_url should be a string");
let action = values[1].as_str().expect("action should be a string");
action_count += 1;
socket
.send(Message::Text(
r#"{"type":"welcome","client_id":1,"server_time":"2026-04-04T00:00:00"}"#
.to_string()
.into(),
))
.unwrap();
socket.send(Message::Text("0".into())).unwrap();
let callback_frame = match action {
"sgHideBrowserCallAfterLoaded" => {
let target_url = values[2].as_str().expect("navigate target_url should be a string");
json!([
request_url,
"callBackJsToCpp",
format!(
"{request_url}@_@{target_url}@_@sgclaw_cb_{action_count}@_@sgHideBrowserCallAfterLoaded@_@"
)
])
}
"sgBrowserExcuteJsCodeByArea" => {
let target_url = values[2].as_str().expect("script target_url should be a string");
let response_text = if action_count == 2 {
"知乎热榜\n1 问题一 344万热度\n2 问题二 266万热度".to_string()
} else {
r#"{"source":"https://www.zhihu.com/hot","sheet_name":"知乎热榜","columns":["rank","title","heat"],"rows":[[1,"问题一","344万"],[2,"问题二","266万"]]}"#.to_string()
};
json!([
request_url,
"callBackJsToCpp",
format!(
"{request_url}@_@{target_url}@_@sgclaw_cb_{action_count}@_@sgBrowserExcuteJsCodeByArea@_@{response_text}"
)
])
}
other => panic!("unexpected browser action {other}"),
};
socket
.send(Message::Text(callback_frame.to_string().into()))
.unwrap();
if action_count >= 3 {
break;
}
}
});
(format!("ws://{address}"), frames, handle)
}
#[test]
fn browser_ws_server_treats_reset_without_closing_handshake_as_disconnect() {
let err = tungstenite::Error::Protocol(ProtocolError::ResetWithoutClosingHandshake);
assert!(matches!(
err,
tungstenite::Error::Protocol(ProtocolError::ResetWithoutClosingHandshake)
));
}
fn provider_path_test_policy() -> MacPolicy {
@@ -40,6 +182,10 @@ fn direct_runtime_test_policy() -> MacPolicy {
policy_for_domains(&["95598.sgcc.com.cn"])
}
fn test_policy() -> MacPolicy {
policy_for_domains(&["www.zhihu.com"])
}
fn policy_for_domains(domains: &[&str]) -> MacPolicy {
MacPolicy::from_json_str(
&serde_json::json!({
@@ -581,104 +727,130 @@ fn direct_skill_mode_logs_direct_skill_primary() {
}
#[test]
fn browser_action_tool_definition_uses_expected_name() {
let tool = browser_action_tool_definition();
fn production_submit_task_routes_zhihu_through_ws_backend_without_helper_bootstrap() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
std::env::set_var("SGCLAW_DISABLE_POST_EXPORT_OPEN", "1");
assert_eq!(tool.name, "browser_action");
assert_eq!(tool.parameters["required"][0], "action");
assert_eq!(tool.parameters["required"][1], "expected_domain");
}
std::env::remove_var("DEEPSEEK_API_KEY");
std::env::remove_var("DEEPSEEK_BASE_URL");
std::env::remove_var("DEEPSEEK_MODEL");
#[test]
fn runtime_executes_provider_tool_calls_and_returns_summary() {
let transport = Arc::new(MockTransport::new(vec![
BrowserMessage::Response {
seq: 1,
success: true,
data: serde_json::json!({ "navigated": true }),
aom_snapshot: vec![],
timing: Timing {
queue_ms: 1,
exec_ms: 10,
},
},
BrowserMessage::Response {
seq: 2,
success: true,
data: serde_json::json!({ "typed": true }),
aom_snapshot: vec![],
timing: Timing {
queue_ms: 1,
exec_ms: 10,
},
},
]));
let workspace_root = temp_workspace_root();
let (ws_url, frames, ws_handle) = start_browser_ws_server();
let config_path = write_config(
&workspace_root,
"deepseek-test-key",
"http://127.0.0.1:9",
"deepseek-chat",
Some(real_skill_lib_root().to_str().unwrap()),
Some(&ws_url),
);
let transport = Arc::new(MockTransport::new(vec![]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
provider_path_test_policy(),
test_policy(),
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
let provider = FakeProvider {
calls: vec![
ToolFunctionCall {
id: "call-1".to_string(),
name: "browser_action".to_string(),
arguments: serde_json::json!({
"action": "navigate",
"expected_domain": "www.baidu.com",
"url": "https://www.baidu.com"
}),
},
ToolFunctionCall {
id: "call-2".to_string(),
name: "browser_action".to_string(),
arguments: serde_json::json!({
"action": "type",
"expected_domain": "www.baidu.com",
"selector": "#kw",
"text": "天气",
"clear_first": true
}),
},
],
};
let runtime_context = AgentRuntimeContext::new(Some(config_path), workspace_root.clone());
let summary = execute_task_with_provider(
handle_browser_message_with_context(
transport.as_ref(),
&browser_tool,
&provider,
"打开百度搜索天气",
&runtime_context,
BrowserMessage::SubmitTask {
instruction: "打开知乎热榜获取前10条数据并导出 Excel".to_string(),
conversation_id: String::new(),
messages: vec![],
page_url: String::new(),
page_title: String::new(),
},
)
.unwrap();
let sent = transport.sent_messages();
assert_eq!(summary, "已通过 Agent 执行任务: 打开百度搜索天气");
assert!(matches!(
&sent[0],
AgentMessage::LogEntry { level, message }
if level == "info" && message == "navigate www.baidu.com"
));
assert!(matches!(
&sent[1],
AgentMessage::Command { seq, action, .. }
if *seq == 1 && action == &Action::Navigate
));
assert!(matches!(
&sent[2],
AgentMessage::LogEntry { level, message }
if level == "info" && message == "type www.baidu.com"
));
assert!(matches!(
&sent[3],
AgentMessage::Command { seq, action, .. }
if *seq == 2 && action == &Action::Type
));
ws_handle.join().unwrap();
let sent = transport.sent_messages();
let websocket_frames = frames.lock().unwrap().clone();
assert_eq!(websocket_frames.len(), 4, "{websocket_frames:?}");
assert_eq!(websocket_frames[0], r#"{"type":"register","role":"web"}"#);
assert!(!websocket_frames
.iter()
.any(|frame| frame.contains("/sgclaw/browser-helper.html")));
assert!(!websocket_frames
.iter()
.any(|frame| frame.contains("\"sgBrowerserOpenPage\"")));
let navigate: Value = serde_json::from_str(&websocket_frames[1]).unwrap();
assert_eq!(navigate[0], json!("https://www.zhihu.com"));
assert_eq!(navigate[1], json!("sgHideBrowserCallAfterLoaded"));
assert_eq!(navigate[2], json!("https://www.zhihu.com/hot"));
let get_text: Value = serde_json::from_str(&websocket_frames[2]).unwrap();
assert_eq!(get_text[0], json!("https://www.zhihu.com/hot"));
assert_eq!(get_text[1], json!("sgBrowserExcuteJsCodeByArea"));
assert_eq!(get_text[2], json!("https://www.zhihu.com/hot"));
let eval: Value = serde_json::from_str(&websocket_frames[3]).unwrap();
assert_eq!(eval[0], json!("https://www.zhihu.com/hot"));
assert_eq!(eval[1], json!("sgBrowserExcuteJsCodeByArea"));
assert_eq!(eval[2], json!("https://www.zhihu.com/hot"));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "mode" && message == "zeroclaw_process_message_primary"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::TaskComplete { success, summary }
if *success && summary.contains("已导出并打开知乎热榜 Excel") && summary.contains(".xlsx")
)
}));
std::env::remove_var("SGCLAW_DISABLE_POST_EXPORT_OPEN");
assert!(!sent.iter().any(|message| matches!(message, AgentMessage::Command { .. })));
}
#[test]
fn legacy_agent_runtime_is_explicitly_dev_only() {
assert!(sgclaw::agent::runtime::LEGACY_DEV_ONLY);
fn lifecycle_messages_emit_status_events_without_browser_commands() {
let transport = Arc::new(MockTransport::new(vec![]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
test_policy(),
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
sgclaw::agent::handle_browser_message(transport.as_ref(), &browser_tool, BrowserMessage::Connect)
.unwrap();
sgclaw::agent::handle_browser_message(transport.as_ref(), &browser_tool, BrowserMessage::Start)
.unwrap();
sgclaw::agent::handle_browser_message(transport.as_ref(), &browser_tool, BrowserMessage::Stop)
.unwrap();
let sent = transport.sent_messages();
assert_eq!(
sent,
vec![
AgentMessage::StatusChanged {
state: "connected".to_string(),
},
AgentMessage::StatusChanged {
state: "started".to_string(),
},
AgentMessage::StatusChanged {
state: "stopped".to_string(),
},
]
);
assert!(!sent
.iter()
.any(|message| { matches!(message, AgentMessage::Command { .. }) }));
}
#[test]

145
tests/browser_backend_capability_test.rs Normal file
View File

@@ -0,0 +1,145 @@
mod common;
use std::collections::HashMap;
use std::fs;
use std::path::PathBuf;
use std::sync::Arc;
use std::time::{SystemTime, UNIX_EPOCH};
use common::MockTransport;
use sgclaw::browser::{BrowserBackend, PipeBrowserBackend};
use sgclaw::compat::browser_script_skill_tool::build_browser_script_skill_tools;
use sgclaw::pipe::{Action, CommandOutput, ExecutionSurfaceKind, ExecutionSurfaceMetadata};
use sgclaw::security::MacPolicy;
use zeroclaw::skills::{Skill, SkillTool};
fn backend_policy() -> MacPolicy {
MacPolicy::from_json_str(
r#"{
"version": "1.0",
"domains": { "allowed": ["oa.example.com", "erp.example.com"] },
"pipe_actions": {
"allowed": ["click", "type", "navigate", "getText"],
"blocked": ["eval", "executeJsInPage"]
}
}"#,
)
.unwrap()
}
fn eval_policy() -> MacPolicy {
MacPolicy::from_json_str(
r#"{
"version": "1.0",
"domains": { "allowed": ["www.zhihu.com"] },
"pipe_actions": {
"allowed": ["click", "type", "navigate", "getText", "eval"],
"blocked": []
}
}"#,
)
.unwrap()
}
#[test]
fn pipe_browser_backend_keeps_privileged_pipe_surface_metadata() {
let transport = Arc::new(MockTransport::new(vec![]));
let backend = PipeBrowserBackend::new(transport, backend_policy(), vec![1, 2, 3, 4]);
let metadata = backend.surface_metadata();
assert_eq!(metadata.kind, ExecutionSurfaceKind::PrivilegedBrowserPipe);
assert!(metadata.privileged);
assert!(!metadata.defines_runtime_identity);
assert_eq!(metadata.guard, "mac_policy");
assert_eq!(
metadata.allowed_domains,
vec!["oa.example.com", "erp.example.com"]
);
assert_eq!(
metadata.allowed_actions,
vec!["click", "type", "navigate", "getText"]
);
}
#[test]
fn pipe_browser_backend_reports_eval_capability_from_mac_policy() {
let transport = Arc::new(MockTransport::new(vec![]));
let backend = PipeBrowserBackend::new(transport, eval_policy(), vec![1, 2, 3, 4]);
assert!(backend.supports_eval());
}
#[test]
fn browser_script_tools_are_hidden_when_backend_cannot_eval() {
let skill_root = unique_temp_dir("sgclaw-browser-backend-capability");
let scripts_dir = skill_root.join("scripts");
fs::create_dir_all(&scripts_dir).unwrap();
fs::write(
scripts_dir.join("extract_hotlist.js"),
"return { rows: [[1, '标题', '10万热度']] };",
)
.unwrap();
let skills = vec![Skill {
name: "zhihu-hotlist".to_string(),
description: "Zhihu hotlist helpers".to_string(),
version: "1.0.0".to_string(),
author: None,
tags: vec![],
tools: vec![SkillTool {
name: "extract_hotlist".to_string(),
description: "Extract structured hotlist rows".to_string(),
kind: "browser_script".to_string(),
command: "scripts/extract_hotlist.js".to_string(),
args: HashMap::new(),
}],
prompts: vec![],
location: Some(skill_root.join("skill.json")),
}];
let backend: Arc<dyn BrowserBackend> = Arc::new(FakeBrowserBackend::new(false));
let tools = build_browser_script_skill_tools(&skills, backend).unwrap();
assert!(tools.is_empty());
}
#[derive(Default)]
struct FakeBrowserBackend {
supports_eval: bool,
}
impl FakeBrowserBackend {
fn new(supports_eval: bool) -> Self {
Self { supports_eval }
}
}
impl BrowserBackend for FakeBrowserBackend {
fn invoke(
&self,
_action: Action,
_params: serde_json::Value,
_expected_domain: &str,
) -> Result<CommandOutput, sgclaw::pipe::PipeError> {
panic!("invoke should not be called in this capability-gating test")
}
fn surface_metadata(&self) -> ExecutionSurfaceMetadata {
ExecutionSurfaceMetadata::privileged_browser_pipe("fake_backend")
}
fn supports_eval(&self) -> bool {
self.supports_eval
}
}
fn unique_temp_dir(prefix: &str) -> PathBuf {
let nanos = SystemTime::now()
.duration_since(UNIX_EPOCH)
.unwrap()
.as_nanos();
let path = std::env::temp_dir().join(format!("{prefix}-{nanos}"));
fs::create_dir_all(&path).unwrap();
path
}

151
tests/browser_bridge_backend_test.rs Normal file
View File

@@ -0,0 +1,151 @@
use std::collections::VecDeque;
use std::sync::{Arc, Mutex};
use serde_json::json;
use sgclaw::browser::bridge_contract::{
BridgeBrowserActionError, BridgeBrowserActionReply, BridgeBrowserActionRequest,
BridgeBrowserActionSuccess,
};
use sgclaw::browser::bridge_transport::BridgeActionTransport;
use sgclaw::browser::{BridgeBrowserBackend, BrowserBackend};
use sgclaw::pipe::{Action, PipeError, Timing};
use sgclaw::security::MacPolicy;
fn test_policy() -> MacPolicy {
MacPolicy::from_json_str(
r#"{
"version": "1.0",
"domains": { "allowed": ["www.baidu.com"] },
"pipe_actions": {
"allowed": ["click", "type", "navigate", "getText", "eval"],
"blocked": []
}
}"#,
)
.unwrap()
}
struct FakeBridgeTransport {
requests: Mutex<Vec<BridgeBrowserActionRequest>>,
replies: Mutex<VecDeque<Result<BridgeBrowserActionReply, PipeError>>>,
}
impl FakeBridgeTransport {
fn new(replies: Vec<Result<BridgeBrowserActionReply, PipeError>>) -> Self {
Self {
requests: Mutex::new(Vec::new()),
replies: Mutex::new(replies.into()),
}
}
fn recorded_requests(&self) -> Vec<BridgeBrowserActionRequest> {
self.requests.lock().unwrap().clone()
}
}
impl BridgeActionTransport for FakeBridgeTransport {
fn execute(
&self,
request: BridgeBrowserActionRequest,
) -> Result<BridgeBrowserActionReply, PipeError> {
self.requests.lock().unwrap().push(request);
self.replies
.lock()
.unwrap()
.pop_front()
.unwrap_or(Err(PipeError::Timeout))
}
}
#[test]
fn bridge_backend_maps_navigate_to_bridge_action_request() {
let transport = Arc::new(FakeBridgeTransport::new(vec![Ok(
BridgeBrowserActionReply::Success(BridgeBrowserActionSuccess {
data: json!({ "navigated": true }),
aom_snapshot: vec![],
timing: Timing {
queue_ms: 1,
exec_ms: 11,
},
}),
)]));
let backend = BridgeBrowserBackend::new(transport.clone(), test_policy());
let output = backend
.invoke(
Action::Navigate,
json!({ "url": "https://www.baidu.com" }),
"www.baidu.com",
)
.unwrap();
assert_eq!(
transport.recorded_requests(),
vec![BridgeBrowserActionRequest::new(
"navigate",
json!({ "url": "https://www.baidu.com" }),
"www.baidu.com",
)]
);
assert_eq!(output.seq, 1);
assert!(output.success);
}
#[test]
fn bridge_backend_normalizes_successful_bridge_reply() {
let transport = Arc::new(FakeBridgeTransport::new(vec![Ok(
BridgeBrowserActionReply::Success(BridgeBrowserActionSuccess {
data: json!({ "text": "天气" }),
aom_snapshot: vec![json!({ "role": "textbox", "name": "百度一下" })],
timing: Timing {
queue_ms: 4,
exec_ms: 14,
},
}),
)]));
let backend = BridgeBrowserBackend::new(transport, test_policy());
let output = backend
.invoke(
Action::GetText,
json!({ "selector": "#content_left" }),
"www.baidu.com",
)
.unwrap();
assert_eq!(output.seq, 1);
assert!(output.success);
assert_eq!(output.data, json!({ "text": "天气" }));
assert_eq!(
output.aom_snapshot,
vec![json!({ "role": "textbox", "name": "百度一下" })]
);
assert_eq!(
output.timing,
Timing {
queue_ms: 4,
exec_ms: 14,
}
);
}
#[test]
fn bridge_backend_maps_bridge_failure_to_pipe_error() {
let transport = Arc::new(FakeBridgeTransport::new(vec![Ok(
BridgeBrowserActionReply::Error(BridgeBrowserActionError {
message: "selector not found".to_string(),
details: json!({ "selector": "#missing" }),
}),
)]));
let backend = BridgeBrowserBackend::new(transport, test_policy());
let error = backend
.invoke(
Action::Click,
json!({ "selector": "#missing" }),
"www.baidu.com",
)
.unwrap_err();
assert!(matches!(error, PipeError::Protocol(message) if message == "bridge action failed: selector not found"));
}

80
tests/browser_bridge_contract_test.rs Normal file
View File

@@ -0,0 +1,80 @@
use serde_json::{json, Value};
use sgclaw::browser::bridge_contract::{BridgeBrowserActionRequest, BridgeLifecycleCall};
#[test]
fn bridge_contract_names_match_documented_bridge_surface() {
let lifecycle_names = [
BridgeLifecycleCall::Connect.bridge_name(),
BridgeLifecycleCall::Start.bridge_name(),
BridgeLifecycleCall::Stop.bridge_name(),
BridgeLifecycleCall::SubmitTask.bridge_name(),
];
assert_eq!(
lifecycle_names,
[
"sgclawConnect",
"sgclawStart",
"sgclawStop",
"sgclawSubmitTask",
]
);
}
#[test]
fn bridge_contract_represents_browser_action_requests_without_ws_business_frames() {
let requests = vec![
BridgeBrowserActionRequest::new(
"navigate",
json!({ "url": "https://www.baidu.com" }),
"www.baidu.com",
),
BridgeBrowserActionRequest::new(
"click",
json!({ "selector": "#submit" }),
"www.zhihu.com",
),
BridgeBrowserActionRequest::new(
"getText",
json!({ "selector": "#content" }),
"www.zhihu.com",
),
];
let serialized = serde_json::to_value(&requests).unwrap();
let entries = serialized.as_array().unwrap();
let actions = entries
.iter()
.map(|entry| entry["action"].as_str().unwrap())
.collect::<Vec<_>>();
assert_eq!(
serialized,
json!([
{
"action": "navigate",
"params": { "url": "https://www.baidu.com" },
"expected_domain": "www.baidu.com"
},
{
"action": "click",
"params": { "selector": "#submit" },
"expected_domain": "www.zhihu.com"
},
{
"action": "getText",
"params": { "selector": "#content" },
"expected_domain": "www.zhihu.com"
}
])
);
assert_eq!(actions, vec!["navigate", "click", "getText"]);
let first = entries.first().unwrap();
let object = first.as_object().unwrap();
assert_eq!(object.len(), 3);
assert!(object.contains_key("action"));
assert!(object.contains_key("params"));
assert!(object.contains_key("expected_domain"));
assert_eq!(first["expected_domain"], Value::String("www.baidu.com".to_string()));
}

145
tests/browser_script_skill_tool_test.rs
View File

@@ -9,6 +9,7 @@ use std::time::{SystemTime, UNIX_EPOCH};
use common::MockTransport;
use serde_json::json;
use sgclaw::browser::{BrowserBackend, PipeBrowserBackend};
use sgclaw::compat::browser_script_skill_tool::{
execute_browser_script_tool, BrowserScriptSkillTool,
};
@@ -77,7 +78,7 @@ async fn execute_browser_script_tool_runs_packaged_script_with_expected_domain()
let result = execute_browser_script_tool(
&skill_tool,
&skill_dir,
browser_tool,
&PipeBrowserBackend::from_inner(browser_tool),
json!({
"expected_domain": "https://WWW.ZHIHU.COM/hot?foo=bar",
"top_n": "10"
@@ -137,7 +138,7 @@ async fn execute_browser_script_tool_rejects_non_browser_script_tool_kind() {
let result = execute_browser_script_tool(
&skill_tool,
&skill_dir,
browser_tool,
&PipeBrowserBackend::from_inner(browser_tool),
json!({
"expected_domain": "www.zhihu.com",
"top_n": "10"
@@ -182,7 +183,7 @@ async fn execute_browser_script_tool_rejects_missing_expected_domain() {
let result = execute_browser_script_tool(
&skill_tool,
&skill_dir,
browser_tool,
&PipeBrowserBackend::from_inner(browser_tool),
json!({
"expected_domain": " ",
"top_n": "10"
@@ -237,6 +238,7 @@ return {
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
let backend: Arc<dyn BrowserBackend> = Arc::new(PipeBrowserBackend::from_inner(browser_tool));
let mut args = HashMap::new();
args.insert("top_n".to_string(), "How many rows to extract".to_string());
@@ -247,7 +249,7 @@ return {
command: "scripts/extract_hotlist.js".to_string(),
args,
};
let tool = BrowserScriptSkillTool::new("zhihu-hotlist", &skill_tool, &skill_dir, browser_tool)
let tool = BrowserScriptSkillTool::new("zhihu-hotlist", &skill_tool, &skill_dir, backend)
.unwrap();
let result = tool
@@ -318,6 +320,7 @@ return {
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
let backend: Arc<dyn BrowserBackend> = Arc::new(PipeBrowserBackend::from_inner(browser_tool));
let mut args = HashMap::new();
args.insert("top_n".to_string(), "How many rows to extract".to_string());
@@ -328,7 +331,7 @@ return {
command: script_name.to_string(),
args,
};
let tool = BrowserScriptSkillTool::new("zhihu-hotlist", &skill_tool, &skill_root, browser_tool)
let tool = BrowserScriptSkillTool::new("zhihu-hotlist", &skill_tool, &skill_root, backend)
.unwrap();
let result = tool
@@ -362,6 +365,135 @@ return {
));
}
#[tokio::test]
async fn browser_script_helper_executes_packaged_script_via_eval() {
let skill_dir = unique_temp_dir("sgclaw-browser-script-helper-fault-details");
let scripts_dir = skill_dir.join("scripts");
fs::create_dir_all(&scripts_dir).unwrap();
fs::write(
scripts_dir.join("collect_fault_details.js"),
r#"
return {
sheet_name: "故障明细",
rows: [[args.period, "已完成"]]
};
"#,
)
.unwrap();
let transport = Arc::new(MockTransport::new(vec![BrowserMessage::Response {
seq: 1,
success: true,
data: json!({
"text": {
"sheet_name": "故障明细",
"rows": [["2026-04", "已完成"]]
}
}),
aom_snapshot: vec![],
timing: Timing {
queue_ms: 1,
exec_ms: 5,
},
}]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
test_policy(),
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
let backend = PipeBrowserBackend::from_inner(browser_tool);
let mut args = HashMap::new();
args.insert("period".to_string(), "Target report period".to_string());
let skill_tool = SkillTool {
name: "collect_fault_details".to_string(),
description: "Collect fault detail rows".to_string(),
kind: "browser_script".to_string(),
command: "scripts/collect_fault_details.js".to_string(),
args,
};
let result = execute_browser_script_tool(
&skill_tool,
&skill_dir,
&backend,
json!({
"expected_domain": "https://www.zhihu.com/hot",
"period": "2026-04"
}),
)
.await
.unwrap();
let sent = transport.sent_messages();
assert!(result.success);
assert_eq!(
serde_json::from_str::<serde_json::Value>(&result.output).unwrap(),
json!({
"sheet_name": "故障明细",
"rows": [["2026-04", "已完成"]]
})
);
assert!(matches!(
&sent[0],
AgentMessage::Command {
action,
params,
security,
..
} if action == &Action::Eval
&& security.expected_domain == "www.zhihu.com"
&& params["script"].as_str().unwrap().contains("const args = {\"period\":\"2026-04\"};")
&& params["script"].as_str().unwrap().contains("sheet_name")
));
}
#[tokio::test]
async fn browser_script_helper_requires_expected_domain() {
let skill_dir = unique_temp_dir("sgclaw-browser-script-helper-missing-domain");
let scripts_dir = skill_dir.join("scripts");
fs::create_dir_all(&scripts_dir).unwrap();
fs::write(scripts_dir.join("collect_fault_details.js"), "return { ok: true };\n").unwrap();
let transport = Arc::new(MockTransport::new(vec![]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
test_policy(),
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
let backend = PipeBrowserBackend::from_inner(browser_tool);
let mut args = HashMap::new();
args.insert("period".to_string(), "Target report period".to_string());
let skill_tool = SkillTool {
name: "collect_fault_details".to_string(),
description: "Collect fault detail rows".to_string(),
kind: "browser_script".to_string(),
command: "scripts/collect_fault_details.js".to_string(),
args,
};
let result = execute_browser_script_tool(
&skill_tool,
&skill_dir,
&backend,
json!({
"period": "2026-04"
}),
)
.await
.unwrap();
assert!(!result.success);
assert_eq!(
result.error.as_deref(),
Some("missing required field expected_domain")
);
assert!(transport.sent_messages().is_empty());
}
#[tokio::test]
async fn execute_browser_script_tool_preserves_structured_report_artifact_payload() {
let skill_dir = unique_temp_dir("sgclaw-browser-script-helper-report-artifact");
@@ -429,6 +561,7 @@ return {
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
let backend = PipeBrowserBackend::from_inner(browser_tool);
let mut tool_args = HashMap::new();
tool_args.insert("period".to_string(), "YYYY-MM period to collect".to_string());
@@ -443,7 +576,7 @@ return {
let result = execute_browser_script_tool(
&skill_tool,
&skill_dir,
browser_tool,
&backend,
json!({
"expected_domain": "https://www.zhihu.com/",
"period": "2026-03"

66
tests/browser_tool_test.rs
View File

@@ -106,6 +106,53 @@ fn browser_tool_exposes_privileged_surface_metadata_backed_by_mac_policy() {
);
}
#[test]
fn browser_tool_accepts_approved_local_dashboard_navigate_request() {
let transport = Arc::new(MockTransport::new(vec![BrowserMessage::Response {
seq: 1,
success: true,
data: serde_json::json!({"navigated": true}),
aom_snapshot: vec![],
timing: Timing {
queue_ms: 1,
exec_ms: 20,
},
}]));
let tool = BrowserPipeTool::new(transport.clone(), test_policy(), vec![1, 2, 3, 4])
.with_response_timeout(Duration::from_secs(1));
let result = tool
.invoke(
Action::Navigate,
serde_json::json!({
"url": "file:///C:/tmp/zhihu-hotlist-screen.html",
"sgclaw_local_dashboard_open": {
"source": "compat.workflow_executor",
"kind": "zhihu_hotlist_screen",
"output_path": "C:/tmp/zhihu-hotlist-screen.html",
"presentation_url": "file:///C:/tmp/zhihu-hotlist-screen.html"
}
}),
"__sgclaw_local_dashboard__",
)
.unwrap();
let sent = transport.sent_messages();
assert!(result.success);
assert!(matches!(
&sent[0],
AgentMessage::Command {
action,
params,
security,
..
} if action == &Action::Navigate
&& security.expected_domain == "__sgclaw_local_dashboard__"
&& params["url"] == serde_json::json!("file:///C:/tmp/zhihu-hotlist-screen.html")
&& params["sgclaw_local_dashboard_open"]["kind"] == serde_json::json!("zhihu_hotlist_screen")
));
}
#[test]
fn default_rules_allow_zhihu_navigation() {
let rules_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"))
@@ -115,3 +162,22 @@ fn default_rules_allow_zhihu_navigation() {
policy.validate(&Action::Navigate, "www.zhihu.com").unwrap();
}
#[test]
fn mac_policy_rejects_non_html_local_dashboard_presentation() {
let rules_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"))
.join("resources")
.join("rules.json");
let policy = MacPolicy::load_from_path(rules_path).unwrap();
let err = policy
.validate_local_dashboard_presentation(
&Action::Navigate,
"__sgclaw_local_dashboard__",
"file:///C:/tmp/zhihu-hotlist-screen.txt",
"C:/tmp/zhihu-hotlist-screen.txt",
)
.unwrap_err();
assert!(err.to_string().contains("local dashboard"));
}

356
tests/browser_ws_backend_test.rs Normal file
View File

@@ -0,0 +1,356 @@
use std::collections::VecDeque;
use std::sync::{Arc, Mutex};
use std::time::Duration;
use serde_json::{json, Value};
use sgclaw::browser::ws_backend::WsClient;
use sgclaw::browser::{BrowserBackend, WsBrowserBackend};
use sgclaw::pipe::{Action, PipeError};
use sgclaw::security::MacPolicy;
fn test_policy() -> MacPolicy {
MacPolicy::from_json_str(
r#"{
"version": "1.0",
"domains": { "allowed": ["www.baidu.com"] },
"pipe_actions": {
"allowed": ["click", "type", "navigate", "getText", "eval"],
"blocked": []
}
}"#,
)
.unwrap()
}
struct FakeWsClient {
incoming: Mutex<VecDeque<Result<String, PipeError>>>,
sent: Mutex<Vec<String>>,
}
impl FakeWsClient {
fn new(frames: Vec<Result<&str, PipeError>>) -> Self {
Self {
incoming: Mutex::new(
frames
.into_iter()
.map(|frame| frame.map(str::to_string))
.collect(),
),
sent: Mutex::new(Vec::new()),
}
}
fn sent_frames(&self) -> Vec<String> {
self.sent.lock().unwrap().clone()
}
}
impl WsClient for FakeWsClient {
fn send_text(&self, payload: &str) -> Result<(), PipeError> {
self.sent.lock().unwrap().push(payload.to_string());
Ok(())
}
fn recv_text_timeout(&self, _timeout: Duration) -> Result<String, PipeError> {
self.incoming
.lock()
.unwrap()
.pop_front()
.unwrap_or(Err(PipeError::Timeout))
}
}
#[test]
fn ws_backend_ignores_welcome_frame_before_zero_status() {
let client = Arc::new(FakeWsClient::new(vec![
Ok("Welcome! You are client #1"),
Ok("0"),
Ok(
r#"["https://www.baidu.com/current","callBackJsToCpp","https://www.baidu.com/current@_@https://www.baidu.com@_@sgclaw_cb_1@_@sgHideBrowserCallAfterLoaded@_@"]"#,
),
]));
let backend = WsBrowserBackend::new(
client.clone(),
test_policy(),
"https://www.baidu.com/current",
)
.with_response_timeout(Duration::from_secs(1));
let output = backend
.invoke(
Action::Navigate,
json!({ "url": "https://www.baidu.com" }),
"www.baidu.com",
)
.unwrap();
assert!(output.success);
let sent = client.sent_frames();
assert_eq!(sent.len(), 1);
}
#[test]
fn ws_backend_ignores_json_welcome_frame_before_zero_status() {
let client = Arc::new(FakeWsClient::new(vec![
Ok(r#"{"type":"welcome","client_id":17,"server_time":"2026-04-04T11:04:54"}"#),
Ok("0"),
Ok(
r#"["https://www.baidu.com/current","callBackJsToCpp","https://www.baidu.com/current@_@https://www.baidu.com@_@sgclaw_cb_1@_@sgHideBrowserCallAfterLoaded@_@"]"#,
),
]));
let backend = WsBrowserBackend::new(
client.clone(),
test_policy(),
"https://www.baidu.com/current",
)
.with_response_timeout(Duration::from_secs(1));
let output = backend
.invoke(
Action::Navigate,
json!({ "url": "https://www.baidu.com" }),
"www.baidu.com",
)
.unwrap();
assert!(output.success);
let sent = client.sent_frames();
assert_eq!(sent.len(), 1);
}
#[test]
fn ws_backend_fails_on_non_numeric_non_welcome_status_frame() {
let client = Arc::new(FakeWsClient::new(vec![Ok("not-a-status") ]));
let backend = WsBrowserBackend::new(
client,
test_policy(),
"https://www.baidu.com/current",
)
.with_response_timeout(Duration::from_secs(1));
let error = backend
.invoke(
Action::Click,
json!({
"target_url": "https://www.baidu.com/current",
"selector": "#submit"
}),
"www.baidu.com",
)
.unwrap_err();
assert!(error.to_string().contains("invalid browser status frame: not-a-status"));
}
#[test]
fn ws_backend_returns_success_for_zero_without_callback() {
let client = Arc::new(FakeWsClient::new(vec![
Ok("0"),
Ok(
r#"["https://www.baidu.com/current","callBackJsToCpp","https://www.baidu.com/current@_@https://www.baidu.com@_@sgclaw_cb_1@_@sgHideBrowserCallAfterLoaded@_@"]"#,
),
]));
let backend = WsBrowserBackend::new(
client.clone(),
test_policy(),
"https://www.baidu.com/current",
)
.with_response_timeout(Duration::from_secs(1));
let output = backend
.invoke(
Action::Navigate,
json!({ "url": "https://www.baidu.com" }),
"www.baidu.com",
)
.unwrap();
assert_eq!(output.seq, 1);
assert!(output.success);
assert_eq!(output.data, json!({ "text": "" }));
assert!(output.aom_snapshot.is_empty());
let sent = client.sent_frames();
assert_eq!(sent.len(), 1);
let payload: Value = serde_json::from_str(&sent[0]).unwrap();
assert_eq!(payload[1], json!("sgHideBrowserCallAfterLoaded"));
assert_eq!(payload[2], json!("https://www.baidu.com"));
}
#[test]
fn ws_backend_fails_immediately_on_non_zero_return_code() {
let client = Arc::new(FakeWsClient::new(vec![Ok("7")]));
let backend = WsBrowserBackend::new(
client,
test_policy(),
"https://www.baidu.com/current",
)
.with_response_timeout(Duration::from_secs(1));
let error = backend
.invoke(
Action::Click,
json!({
"target_url": "https://www.baidu.com/current",
"selector": "#submit"
}),
"www.baidu.com",
)
.unwrap_err();
assert!(error.to_string().contains("browser returned non-zero status: 7"));
}
#[test]
fn ws_backend_waits_for_callback_and_normalizes_result_payload() {
let client = Arc::new(FakeWsClient::new(vec![
Ok("0"),
Ok(
r#"["https://www.baidu.com/current","callBackJsToCpp","https://www.baidu.com/current@_@https://www.baidu.com/current@_@sgclaw_cb_1@_@sgBrowserExcuteJsCodeByArea@_@天气"]"#,
),
]));
let backend = WsBrowserBackend::new(
client.clone(),
test_policy(),
"https://www.baidu.com/current",
)
.with_response_timeout(Duration::from_secs(1));
let output = backend
.invoke(
Action::GetText,
json!({
"target_url": "https://www.baidu.com/current",
"selector": "#content"
}),
"www.baidu.com",
)
.unwrap();
assert_eq!(output.seq, 1);
assert!(output.success);
assert_eq!(output.data, json!({ "text": "天气" }));
assert!(output.aom_snapshot.is_empty());
let sent = client.sent_frames();
assert_eq!(sent.len(), 1);
let payload: Value = serde_json::from_str(&sent[0]).unwrap();
assert_eq!(payload[1], json!("sgBrowserExcuteJsCodeByArea"));
}
#[test]
fn ws_backend_times_out_while_waiting_for_callback_after_zero_status() {
let client = Arc::new(FakeWsClient::new(vec![Ok("0")]));
let backend = WsBrowserBackend::new(
client,
test_policy(),
"https://www.baidu.com/current",
)
.with_response_timeout(Duration::from_millis(1));
let error = backend
.invoke(
Action::Eval,
json!({
"target_url": "https://www.baidu.com/current",
"script": "2 + 2"
}),
"www.baidu.com",
)
.unwrap_err();
assert!(matches!(error, PipeError::Timeout));
}
#[test]
fn ws_backend_times_out_when_navigate_callback_never_arrives() {
let client = Arc::new(FakeWsClient::new(vec![
Err(PipeError::Timeout),
Err(PipeError::Timeout),
]));
let backend = WsBrowserBackend::new(client.clone(), test_policy(), "https://www.zhihu.com")
.with_response_timeout(Duration::from_millis(1));
let error = backend
.invoke(
Action::Navigate,
json!({ "url": "https://www.zhihu.com/hot" }),
"www.baidu.com",
)
.unwrap_err();
assert!(matches!(error, PipeError::Timeout));
let sent = client.sent_frames();
let payload: Value = serde_json::from_str(&sent[0]).unwrap();
assert_eq!(payload[1], json!("sgHideBrowserCallAfterLoaded"));
assert_eq!(payload[2], json!("https://www.zhihu.com/hot"));
}
#[test]
fn ws_backend_reuses_last_navigated_url_for_followup_requests() {
let client = Arc::new(FakeWsClient::new(vec![
Ok("0"),
Ok(
r#"["https://www.baidu.com/current","callBackJsToCpp","https://www.baidu.com/current@_@https://www.baidu.com@_@sgclaw_cb_1@_@sgHideBrowserCallAfterLoaded@_@"]"#,
),
Ok("0"),
Ok(
r#"["https://www.zhihu.com/hot","callBackJsToCpp","https://www.zhihu.com/hot@_@https://www.zhihu.com/hot@_@sgclaw_cb_2@_@sgBrowserExcuteJsCodeByArea@_@热榜文本"]"#,
),
]));
let backend = WsBrowserBackend::new(client.clone(), test_policy(), "about:blank")
.with_response_timeout(Duration::from_secs(1));
backend
.invoke(
Action::Navigate,
json!({ "url": "https://www.zhihu.com/hot" }),
"www.baidu.com",
)
.unwrap();
let output = backend
.invoke(
Action::GetText,
json!({ "selector": "body" }),
"www.baidu.com",
)
.unwrap();
assert!(output.success);
assert_eq!(output.data, json!({ "text": "热榜文本" }));
let sent = client.sent_frames();
assert_eq!(sent.len(), 2);
let navigate_payload: Value = serde_json::from_str(&sent[0]).unwrap();
assert_eq!(navigate_payload[0], json!("about:blank"));
assert_eq!(navigate_payload[1], json!("sgHideBrowserCallAfterLoaded"));
assert_eq!(navigate_payload[2], json!("https://www.zhihu.com/hot"));
let followup_payload: Value = serde_json::from_str(&sent[1]).unwrap();
assert_eq!(followup_payload[0], json!("https://www.zhihu.com/hot"));
assert_eq!(followup_payload[1], json!("sgBrowserExcuteJsCodeByArea"));
assert_eq!(followup_payload[2], json!("https://www.zhihu.com/hot"));
assert_eq!(followup_payload[4], json!("hide"));
}
#[test]
fn ws_backend_propagates_socket_drop_after_navigate_send() {
let client = Arc::new(FakeWsClient::new(vec![Err(PipeError::PipeClosed)]));
let backend = WsBrowserBackend::new(
client,
test_policy(),
"https://www.baidu.com/current",
)
.with_response_timeout(Duration::from_secs(1));
let error = backend
.invoke(
Action::Navigate,
json!({ "url": "https://www.baidu.com" }),
"www.baidu.com",
)
.unwrap_err();
assert!(matches!(error, PipeError::PipeClosed));
}

422
tests/browser_ws_probe_test.rs Normal file
View File

@@ -0,0 +1,422 @@
use std::net::TcpListener;
use std::sync::{Arc, Mutex};
use std::thread;
use std::time::Duration;
use tungstenite::{accept, Message};
#[path = "../src/browser/ws_probe.rs"]
mod ws_probe;
use ws_probe::{
parse_probe_args, run_probe_script, ProbeCliConfig, ProbeOutcome, ProbeStep, ProbeStepResult,
};
#[derive(Clone)]
enum ServerStep {
ReceiveThenReply { expected: String, reply: String },
ReceiveThenReplyFrames { expected: String, replies: Vec<String> },
ReceiveThenStaySilent { expected: String },
ReceiveThenClose { expected: String },
CloseBeforeReceive,
}
fn spawn_fake_server(script: Vec<ServerStep>) -> (String, Arc<Mutex<Vec<String>>>, thread::JoinHandle<()>) {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let addr = listener.local_addr().unwrap();
let received = Arc::new(Mutex::new(Vec::new()));
let received_for_thread = received.clone();
let handle = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
let mut socket = accept(stream).unwrap();
for step in script {
match step {
ServerStep::CloseBeforeReceive => {
socket.close(None).unwrap();
return;
}
ServerStep::ReceiveThenReply { expected, reply } => {
let message = socket.read().unwrap();
let payload = match message {
Message::Text(text) => text.to_string(),
other => panic!("expected text frame, got {other:?}"),
};
received_for_thread.lock().unwrap().push(payload.clone());
assert_eq!(payload, expected);
socket.send(Message::Text(reply.into())).unwrap();
}
ServerStep::ReceiveThenReplyFrames { expected, replies } => {
let message = socket.read().unwrap();
let payload = match message {
Message::Text(text) => text.to_string(),
other => panic!("expected text frame, got {other:?}"),
};
received_for_thread.lock().unwrap().push(payload.clone());
assert_eq!(payload, expected);
for reply in replies {
socket.send(Message::Text(reply.into())).unwrap();
}
}
ServerStep::ReceiveThenStaySilent { expected } => {
let message = socket.read().unwrap();
let payload = match message {
Message::Text(text) => text.to_string(),
other => panic!("expected text frame, got {other:?}"),
};
received_for_thread.lock().unwrap().push(payload.clone());
assert_eq!(payload, expected);
thread::sleep(Duration::from_millis(120));
}
ServerStep::ReceiveThenClose { expected } => {
let message = socket.read().unwrap();
let payload = match message {
Message::Text(text) => text.to_string(),
other => panic!("expected text frame, got {other:?}"),
};
received_for_thread.lock().unwrap().push(payload.clone());
assert_eq!(payload, expected);
socket.close(None).unwrap();
return;
}
}
}
});
(format!("ws://{addr}"), received, handle)
}
#[test]
fn parse_probe_args_rejects_non_ws_schemes() {
let cases = [
"wss://127.0.0.1:12345",
"http://127.0.0.1:12345",
"127.0.0.1:12345",
];
for ws_url in cases {
let args = vec![
"--ws-url".to_string(),
ws_url.to_string(),
"--timeout-ms".to_string(),
"1500".to_string(),
"--step".to_string(),
"open-agent::[\"about:blank\",\"sgOpenAgent\"]".to_string(),
];
let err = parse_probe_args(&args).unwrap_err();
assert_eq!(
err.to_string(),
format!(
"probe argument error: unsupported --ws-url scheme (only ws:// is supported for this probe): {ws_url}"
)
);
}
}
#[test]
fn parse_probe_args_accepts_ws_url_timeout_and_ordered_steps() {
let args = vec![
"--ws-url".to_string(),
"ws://127.0.0.1:12345".to_string(),
"--timeout-ms".to_string(),
"1500".to_string(),
"--step".to_string(),
"open-agent::[\"about:blank\",\"sgOpenAgent\"]".to_string(),
"--step".to_string(),
"open-hot::[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
.to_string(),
];
let parsed = parse_probe_args(&args).unwrap();
assert_eq!(
parsed,
ProbeCliConfig {
ws_url: "ws://127.0.0.1:12345".to_string(),
timeout_ms: 1500,
steps: vec![
ProbeStep {
label: "open-agent".to_string(),
payload: "[\"about:blank\",\"sgOpenAgent\"]".to_string(),
expect_reply: true,
},
ProbeStep {
label: "open-hot".to_string(),
payload:
"[\"about:blank\",\"sgBrowerserOpenPage\",\"https://www.zhihu.com/hot\"]"
.to_string(),
expect_reply: true,
},
],
}
);
}
#[test]
fn parse_probe_args_defaults_register_step_when_step_is_omitted() {
let args = vec![
"--ws-url".to_string(),
"ws://127.0.0.1:12345".to_string(),
];
let parsed = parse_probe_args(&args).unwrap();
assert_eq!(parsed.ws_url, "ws://127.0.0.1:12345");
assert_eq!(parsed.timeout_ms, 1500);
assert_eq!(
parsed.steps,
vec![ProbeStep {
label: "register".to_string(),
payload: r#"{"type":"register","role":"web"}"#.to_string(),
expect_reply: true,
}]
);
}
#[test]
fn parse_probe_args_defaults_timeout_when_flag_is_omitted() {
let args = vec![
"--ws-url".to_string(),
"ws://127.0.0.1:12345".to_string(),
"--step".to_string(),
"open-agent::[\"about:blank\",\"sgOpenAgent\"]".to_string(),
];
let parsed = parse_probe_args(&args).unwrap();
assert_eq!(parsed.ws_url, "ws://127.0.0.1:12345");
assert_eq!(parsed.timeout_ms, 1500);
assert_eq!(
parsed.steps,
vec![ProbeStep {
label: "open-agent".to_string(),
payload: "[\"about:blank\",\"sgOpenAgent\"]".to_string(),
expect_reply: true,
}]
);
}
#[test]
fn probe_records_welcome_then_silence_transcript() {
let steps = vec![
ProbeStep {
label: "open-agent".to_string(),
payload: r#"["about:blank","sgOpenAgent"]"#.to_string(),
expect_reply: true,
},
ProbeStep {
label: "await-followup".to_string(),
payload: r#"["about:blank","sgNoop"]"#.to_string(),
expect_reply: true,
},
];
let (ws_url, received, handle) = spawn_fake_server(vec![
ServerStep::ReceiveThenReply {
expected: steps[0].payload.clone(),
reply: "Welcome! You are client #1".to_string(),
},
ServerStep::ReceiveThenStaySilent {
expected: steps[1].payload.clone(),
},
]);
let results = run_probe_script(&ws_url, Duration::from_millis(40), steps.clone()).unwrap();
assert_eq!(
received.lock().unwrap().clone(),
steps.iter().map(|step| step.payload.clone()).collect::<Vec<_>>()
);
assert_eq!(
results,
vec![
ProbeStepResult {
label: "open-agent".to_string(),
sent: r#"["about:blank","sgOpenAgent"]"#.to_string(),
outcome: ProbeOutcome::Received(vec!["Welcome! You are client #1".to_string()]),
},
ProbeStepResult {
label: "await-followup".to_string(),
sent: r#"["about:blank","sgNoop"]"#.to_string(),
outcome: ProbeOutcome::TimedOut,
},
]
);
handle.join().unwrap();
}
#[test]
fn probe_runs_ordered_frame_script_and_records_per_step_results() {
let steps = vec![
ProbeStep {
label: "bootstrap-1".to_string(),
payload: r#"["about:blank","sgOpenAgent"]"#.to_string(),
expect_reply: true,
},
ProbeStep {
label: "bootstrap-2".to_string(),
payload: r#"["about:blank","sgSetAuthInfo","probe-user","probe-token"]"#.to_string(),
expect_reply: true,
},
ProbeStep {
label: "action".to_string(),
payload: r#"["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]"#.to_string(),
expect_reply: true,
},
];
let (ws_url, received, handle) = spawn_fake_server(vec![
ServerStep::ReceiveThenReply {
expected: steps[0].payload.clone(),
reply: "welcome".to_string(),
},
ServerStep::ReceiveThenReply {
expected: steps[1].payload.clone(),
reply: "0".to_string(),
},
ServerStep::ReceiveThenStaySilent {
expected: steps[2].payload.clone(),
},
]);
let results = run_probe_script(&ws_url, Duration::from_millis(40), steps.clone()).unwrap();
assert_eq!(
received.lock().unwrap().clone(),
steps.iter().map(|step| step.payload.clone()).collect::<Vec<_>>()
);
assert_eq!(results.len(), 3);
assert_eq!(results[0].label, "bootstrap-1");
assert_eq!(results[0].outcome, ProbeOutcome::Received(vec!["welcome".to_string()]));
assert_eq!(results[1].label, "bootstrap-2");
assert_eq!(results[1].outcome, ProbeOutcome::Received(vec!["0".to_string()]));
assert_eq!(results[2].label, "action");
assert_eq!(results[2].sent, r#"["about:blank","sgBrowerserOpenPage","https://www.zhihu.com/hot"]"#);
assert_eq!(results[2].outcome, ProbeOutcome::TimedOut);
handle.join().unwrap();
}
#[test]
fn probe_records_multiple_frames_for_one_step_within_timeout_window() {
let steps = vec![ProbeStep {
label: "bootstrap".to_string(),
payload: r#"["about:blank","sgOpenAgent"]"#.to_string(),
expect_reply: true,
}];
let (ws_url, received, handle) = spawn_fake_server(vec![ServerStep::ReceiveThenReplyFrames {
expected: steps[0].payload.clone(),
replies: vec!["welcome".to_string(), "status:ready".to_string()],
}]);
let results = run_probe_script(&ws_url, Duration::from_millis(40), steps.clone()).unwrap();
assert_eq!(received.lock().unwrap().as_slice(), [steps[0].payload.as_str()]);
assert_eq!(
results,
vec![ProbeStepResult {
label: "bootstrap".to_string(),
sent: r#"["about:blank","sgOpenAgent"]"#.to_string(),
outcome: ProbeOutcome::Received(vec![
"welcome".to_string(),
"status:ready".to_string(),
]),
}]
);
handle.join().unwrap();
}
#[test]
fn probe_records_steps_that_do_not_wait_for_reply_without_ambiguity() {
let steps = vec![ProbeStep {
label: "fire-and-forget".to_string(),
payload: r#"["about:blank","sgNoop"]"#.to_string(),
expect_reply: false,
}];
let (ws_url, received, handle) =
spawn_fake_server(vec![ServerStep::ReceiveThenStaySilent {
expected: steps[0].payload.clone(),
}]);
let results = run_probe_script(&ws_url, Duration::from_millis(40), steps.clone()).unwrap();
handle.join().unwrap();
assert_eq!(received.lock().unwrap().as_slice(), [steps[0].payload.as_str()]);
assert_eq!(
results,
vec![ProbeStepResult {
label: "fire-and-forget".to_string(),
sent: r#"["about:blank","sgNoop"]"#.to_string(),
outcome: ProbeOutcome::NoReplyExpected,
}]
);
}
#[test]
fn probe_records_close_when_server_closes_before_next_send() {
let steps = vec![
ProbeStep {
label: "open-agent".to_string(),
payload: r#"["about:blank","sgOpenAgent"]"#.to_string(),
expect_reply: true,
},
ProbeStep {
label: "follow-up".to_string(),
payload: r#"["about:blank","sgNoop"]"#.to_string(),
expect_reply: true,
},
];
let (ws_url, received, handle) = spawn_fake_server(vec![
ServerStep::ReceiveThenReply {
expected: steps[0].payload.clone(),
reply: "welcome".to_string(),
},
ServerStep::CloseBeforeReceive,
]);
let results = run_probe_script(&ws_url, Duration::from_millis(40), steps.clone()).unwrap();
assert_eq!(received.lock().unwrap().as_slice(), [steps[0].payload.as_str()]);
assert_eq!(
results,
vec![
ProbeStepResult {
label: "open-agent".to_string(),
sent: r#"["about:blank","sgOpenAgent"]"#.to_string(),
outcome: ProbeOutcome::Received(vec!["welcome".to_string()]),
},
ProbeStepResult {
label: "follow-up".to_string(),
sent: r#"["about:blank","sgNoop"]"#.to_string(),
outcome: ProbeOutcome::Closed,
},
]
);
handle.join().unwrap();
}
#[test]
fn probe_reports_socket_close_separately_from_timeout() {
let step = ProbeStep {
label: "close-case".to_string(),
payload: r#"["about:blank","sgOpenAgent"]"#.to_string(),
expect_reply: true,
};
let (ws_url, received, handle) = spawn_fake_server(vec![ServerStep::ReceiveThenClose {
expected: step.payload.clone(),
}]);
let results = run_probe_script(&ws_url, Duration::from_millis(40), vec![step]).unwrap();
assert_eq!(received.lock().unwrap().as_slice(), [r#"["about:blank","sgOpenAgent"]"#]);
assert_eq!(results.len(), 1);
assert_eq!(results[0].label, "close-case");
assert_eq!(results[0].outcome, ProbeOutcome::Closed);
handle.join().unwrap();
}

195
tests/browser_ws_protocol_test.rs Normal file
View File

@@ -0,0 +1,195 @@
use serde_json::{json, Value};
use sgclaw::browser::ws_protocol::{decode_callback_frame, encode_v1_action};
use sgclaw::pipe::Action;
#[test]
fn encodes_navigate_frame_exactly_as_browser_array() {
let request = encode_v1_action(
&Action::Navigate,
&json!({ "url": "https://www.baidu.com" }),
"https://www.zhihu.com/hot",
Some("req42"),
)
.unwrap();
assert_eq!(
request.payload,
r#"["https://www.zhihu.com/hot","sgHideBrowserCallAfterLoaded","https://www.baidu.com","callBackJsToCpp(\"https://www.zhihu.com/hot@_@https://www.baidu.com@_@sgclaw_cb_req42@_@sgHideBrowserCallAfterLoaded@_@\")"]"#
);
let callback = request.callback.unwrap();
assert_eq!(callback.request_id, "req42");
assert_eq!(callback.callback_name, "sgclaw_cb_req42");
assert_eq!(callback.source_url, "https://www.zhihu.com/hot");
assert_eq!(callback.target_url, "https://www.baidu.com");
assert_eq!(callback.action_url, "sgHideBrowserCallAfterLoaded");
}
#[test]
fn encodes_get_text_frame_with_documented_callback_action_url() {
let request = encode_v1_action(
&Action::GetText,
&json!({
"target_url": "https://www.zhihu.com/hot",
"selector": "#content"
}),
"https://www.zhihu.com/hot",
Some("req42"),
)
.unwrap();
let payload: Value = serde_json::from_str(&request.payload).unwrap();
assert_eq!(
payload,
json!([
"https://www.zhihu.com/hot",
"sgBrowserExcuteJsCodeByArea",
"https://www.zhihu.com/hot",
"(function(){const el=document.querySelector(\"#content\");if(!el){throw new Error(\"selector not found: #content\");}const text=el.innerText ?? el.textContent ?? \"\";callBackJsToCpp(\"https://www.zhihu.com/hot@_@https://www.zhihu.com/hot@_@sgclaw_cb_req42@_@sgBrowserExcuteJsCodeByArea@_@\"+String(text));})();",
"hide"
])
);
let callback = request.callback.unwrap();
assert_eq!(callback.request_id, "req42");
assert_eq!(callback.callback_name, "sgclaw_cb_req42");
assert_eq!(callback.source_url, "https://www.zhihu.com/hot");
assert_eq!(callback.target_url, "https://www.zhihu.com/hot");
assert_eq!(callback.action_url, "sgBrowserExcuteJsCodeByArea");
}
#[test]
fn decodes_callback_payload_from_browser_frame() {
let callback = decode_callback_frame(
r#"["https://www.zhihu.com/hot","callBackJsToCpp","https://www.zhihu.com/hot@_@https://www.zhihu.com/hot@_@sgclaw_cb_req42@_@sgBrowserExcuteJsCodeByArea@_@天气"]"#,
)
.unwrap();
assert_eq!(callback.source_url, "https://www.zhihu.com/hot");
assert_eq!(callback.target_url, "https://www.zhihu.com/hot");
assert_eq!(callback.callback_name, "sgclaw_cb_req42");
assert_eq!(callback.action_url, "sgBrowserExcuteJsCodeByArea");
assert_eq!(callback.response_text, "天气");
}
#[test]
fn rejects_malformed_callback_frames_and_missing_request_ids() {
let malformed = decode_callback_frame(
r#"["https://www.zhihu.com/hot","callBackJsToCpp","https://www.zhihu.com/hot@_@too-short"]"#,
)
.unwrap_err();
assert!(malformed.to_string().contains("malformed callback payload"));
let wrong_function = decode_callback_frame(
r#"["https://www.zhihu.com/hot","sgBrowerserOpenPage","0"]"#,
)
.unwrap_err();
assert!(wrong_function
.to_string()
.contains("callback frame must target callBackJsToCpp"));
let missing_request_id = encode_v1_action(
&Action::Eval,
&json!({
"target_url": "https://www.zhihu.com/hot",
"script": "2 + 2"
}),
"https://www.zhihu.com/hot",
None,
)
.unwrap_err();
assert!(missing_request_id
.to_string()
.contains("request_id is required"));
}
#[test]
fn eval_uses_documented_js_opcode_for_callback_action_url() {
let request = encode_v1_action(
&Action::Eval,
&json!({
"target_url": "https://www.zhihu.com/hot",
"script": "2 + 2"
}),
"https://www.zhihu.com/hot",
Some("req-eval"),
)
.unwrap();
let callback = request.callback.unwrap();
assert_eq!(callback.callback_name, "sgclaw_cb_req-eval");
assert_eq!(callback.action_url, "sgBrowserExcuteJsCodeByArea");
let payload: Value = serde_json::from_str(&request.payload).unwrap();
let js = payload[3].as_str().unwrap();
assert!(js.contains("callBackJsToCpp(\"https://www.zhihu.com/hot@_@https://www.zhihu.com/hot@_@sgclaw_cb_req-eval@_@sgBrowserExcuteJsCodeByArea@_@\"+String(result))"));
}
#[test]
fn covers_supported_v1_action_mapping_and_rejects_unsupported_actions() {
let cases = vec![
(
Action::Navigate,
json!({ "url": "https://www.baidu.com" }),
Some("req-nav"),
"sgHideBrowserCallAfterLoaded",
true,
),
(
Action::Click,
json!({
"target_url": "https://www.zhihu.com/hot",
"selector": "#submit"
}),
None,
"sgBrowserExcuteJsCodeByArea",
false,
),
(
Action::Type,
json!({
"target_url": "https://www.zhihu.com/hot",
"selector": "#kw",
"text": "天气"
}),
None,
"sgBrowserExcuteJsCodeByArea",
false,
),
(
Action::GetText,
json!({
"target_url": "https://www.zhihu.com/hot",
"selector": "#content"
}),
Some("req-get-text"),
"sgBrowserExcuteJsCodeByArea",
true,
),
(
Action::Eval,
json!({
"target_url": "https://www.zhihu.com/hot",
"script": "2 + 2"
}),
Some("req-eval"),
"sgBrowserExcuteJsCodeByArea",
true,
),
];
for (action, params, request_id, browser_function, expects_callback) in cases {
let request = encode_v1_action(&action, &params, "https://www.zhihu.com/hot", request_id)
.unwrap();
let payload: Value = serde_json::from_str(&request.payload).unwrap();
assert_eq!(payload[1], json!(browser_function), "action={action:?}");
assert_eq!(request.callback.is_some(), expects_callback, "action={action:?}");
}
let unsupported = encode_v1_action(
&Action::GetHtml,
&json!({ "selector": "body" }),
"https://www.zhihu.com/hot",
None,
)
.unwrap_err();
assert!(unsupported.to_string().contains("unsupported browser ws action"));
}

1
tests/common/mod.rs
View File

@@ -17,6 +17,7 @@ impl MockTransport {
}
}
#[allow(dead_code)]
pub fn sent_messages(&self) -> Vec<AgentMessage> {
self.sent.lock().unwrap().clone()
}

6
tests/compat_browser_tool_test.rs
View File

@@ -7,6 +7,7 @@ use common::MockTransport;
use serde_json::{json, Value};
use sgclaw::security::MacPolicy;
use sgclaw::{
browser::{BrowserBackend, PipeBrowserBackend},
compat::browser_tool_adapter::ZeroClawBrowserTool,
pipe::{Action, AgentMessage, BrowserMessage, BrowserPipeTool, ExecutionSurfaceKind, Timing},
};
@@ -28,7 +29,7 @@ fn test_policy() -> MacPolicy {
fn build_adapter(
messages: Vec<BrowserMessage>,
) -> (Arc<MockTransport>, ZeroClawBrowserTool<MockTransport>) {
) -> (Arc<MockTransport>, ZeroClawBrowserTool) {
let transport = Arc::new(MockTransport::new(messages));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
@@ -36,8 +37,9 @@ fn build_adapter(
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
let backend: Arc<dyn BrowserBackend> = Arc::new(PipeBrowserBackend::from_inner(browser_tool));
(transport, ZeroClawBrowserTool::new(browser_tool))
(transport, ZeroClawBrowserTool::new(backend))
}
#[test]

77
tests/compat_config_test.rs
View File

@@ -92,7 +92,7 @@ fn deepseek_settings_reload_from_browser_config_path_after_file_changes() {
assert_eq!(first.api_key, "sk-first");
assert_eq!(first.base_url, "https://api.deepseek.com");
assert_eq!(first.model, "deepseek-chat");
assert_eq!(first.skills_dir, None);
assert!(first.skills_dir.is_none());
fs::write(
&config_path,
@@ -115,7 +115,7 @@ fn deepseek_settings_reload_from_browser_config_path_after_file_changes() {
}
#[test]
fn resolve_skills_dir_prefers_nested_skills_subdirectory_for_configured_repo_root() {
fn ws_cleanup_resolves_single_configured_skills_dir() {
let root = std::env::temp_dir().join(format!("sgclaw-skills-{}", Uuid::new_v4()));
fs::create_dir_all(root.join("skill_lib/skills")).unwrap();
let settings = DeepSeekSettings {
@@ -245,6 +245,79 @@ fn sgclaw_settings_load_new_runtime_fields_from_browser_config() {
assert_eq!(config.skills.prompt_injection_mode, SkillsPromptMode::Full);
}
#[test]
fn ws_cleanup_rejects_array_style_skills_dir_config() {
let root = std::env::temp_dir().join(format!("sgclaw-config-{}", uuid::Uuid::new_v4()));
std::fs::create_dir_all(&root).unwrap();
let config_path = root.join("sgclaw_config.json");
std::fs::write(
&config_path,
r#"{
"apiKey": "sk-test",
"baseUrl": "https://api.deepseek.com",
"model": "deepseek-chat",
"skillsDir": ["skill_lib", "skill_staging"]
}"#,
)
.unwrap();
assert!(sgclaw::config::SgClawSettings::load(Some(config_path.as_path())).is_err());
}
#[test]
fn sgclaw_settings_load_browser_ws_url_from_browser_config() {
let root = std::env::temp_dir().join(format!("sgclaw-browser-ws-config-{}", Uuid::new_v4()));
fs::create_dir_all(&root).unwrap();
let config_path = root.join("sgclaw_config.json");
fs::write(
&config_path,
r#"{
"apiKey": "sk-runtime",
"baseUrl": "https://api.deepseek.com",
"model": "deepseek-chat",
"browserWsUrl": "ws://127.0.0.1:12345"
}"#,
)
.unwrap();
let settings = SgClawSettings::load(Some(config_path.as_path()))
.unwrap()
.expect("expected sgclaw settings from config file");
assert_eq!(
settings.browser_ws_url.as_deref(),
Some("ws://127.0.0.1:12345")
);
}
#[test]
fn sgclaw_settings_load_service_ws_listen_addr_from_browser_config() {
let root = std::env::temp_dir().join(format!("sgclaw-service-ws-config-{}", Uuid::new_v4()));
fs::create_dir_all(&root).unwrap();
let config_path = root.join("sgclaw_config.json");
fs::write(
&config_path,
r#"{
"apiKey": "sk-runtime",
"baseUrl": "https://api.deepseek.com",
"model": "deepseek-chat",
"serviceWsListenAddr": "127.0.0.1:42321"
}"#,
)
.unwrap();
let settings = SgClawSettings::load(Some(config_path.as_path()))
.unwrap()
.expect("expected sgclaw settings from config file");
assert_eq!(
settings.service_ws_listen_addr.as_deref(),
Some("127.0.0.1:42321")
);
}
#[test]
fn browser_attached_config_uses_low_temperature_for_deterministic_execution() {
let settings = SgClawSettings::from_legacy_deepseek_fields(

5
tests/compat_openxml_office_tool_test.rs
View File

@@ -1,5 +1,6 @@
use std::fs::File;
use std::io::Read;
use std::path::PathBuf;
use std::{fs::File, io::Read};
use serde_json::json;
use sgclaw::compat::openxml_office_tool::OpenXmlOfficeTool;
@@ -46,7 +47,7 @@ async fn openxml_office_tool_renders_hotlist_xlsx_from_rows() {
let output_json: serde_json::Value = serde_json::from_str(&result.output).unwrap();
assert_eq!(output_json["row_count"], 2);
assert_eq!(output_json["renderer"], "openxml_office");
assert!(!output_json["output_path"].as_str().unwrap().is_empty());
assert_eq!(output_json["output_path"], json!(output_path.to_str().unwrap()));
let xml = read_sheet_xml(&output_path);
assert!(xml.contains("问题一"));

756
tests/compat_runtime_test.rs
View File

@@ -13,6 +13,7 @@ use serde_json::{json, Value};
use sgclaw::agent::{
handle_browser_message, handle_browser_message_with_context, AgentRuntimeContext,
};
use sgclaw::compat::workflow_executor::finalize_screen_export;
use sgclaw::compat::runtime::{execute_task, execute_task_with_sgclaw_settings, CompatTaskContext};
use sgclaw::config::{DeepSeekSettings, SgClawSettings};
use sgclaw::pipe::{
@@ -181,6 +182,7 @@ fn start_fake_deepseek_server(
Err(err) => panic!("failed to accept provider request: {err}"),
}
};
stream.set_nonblocking(false).unwrap();
let body = read_http_json_body(&mut stream);
request_log.lock().unwrap().push(body);
@@ -352,6 +354,9 @@ fn compat_runtime_uses_zeroclaw_provider_path_and_executes_browser_actions() {
server_handle.join().unwrap();
let request_bodies = requests.lock().unwrap().clone();
std::env::remove_var("DEEPSEEK_API_KEY");
std::env::remove_var("DEEPSEEK_BASE_URL");
std::env::remove_var("DEEPSEEK_MODEL");
let sent = transport.sent_messages();
assert_eq!(summary, "已通过 ZeroClaw 执行任务: 打开百度搜索天气");
@@ -679,7 +684,10 @@ fn handle_browser_message_routes_supported_instruction_to_compat_runtime_when_ll
message,
AgentMessage::LogEntry { level, message }
if level == "info" &&
message == "sgclaw runtime version=0.1.0 protocol=1.0"
message == &format!(
"sgclaw runtime version={} protocol=1.0",
env!("CARGO_PKG_VERSION")
)
)
}));
assert!(sent.iter().any(|message| {
@@ -700,7 +708,7 @@ fn handle_browser_message_routes_supported_instruction_to_compat_runtime_when_ll
}
#[test]
fn handle_browser_message_emits_plan_preview_before_runtime_execution() {
fn handle_browser_message_executes_without_legacy_plan_preview() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
let first_response = json!({
@@ -774,28 +782,21 @@ fn handle_browser_message_emits_plan_preview_before_runtime_execution() {
server_handle.join().unwrap();
let sent = transport.sent_messages();
let preview_index = sent
.iter()
.position(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "plan" && message.contains("navigate https://www.baidu.com")
)
})
.expect("expected plan preview log entry");
let navigate_index = sent
.iter()
.position(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "info" && message == "navigate https://www.baidu.com"
)
})
.expect("expected runtime navigate log entry");
assert!(preview_index < navigate_index);
assert!(!sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "plan" && message.contains("navigate https://www.baidu.com")
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "info" && message == "navigate https://www.baidu.com"
)
}));
}
#[test]
@@ -893,6 +894,11 @@ fn handle_browser_message_falls_back_to_compat_runtime_for_unsupported_instructi
#[test]
fn handle_browser_message_requires_llm_configuration_when_no_model_is_available() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
std::env::remove_var("DEEPSEEK_API_KEY");
std::env::remove_var("DEEPSEEK_BASE_URL");
std::env::remove_var("DEEPSEEK_MODEL");
let transport = Arc::new(MockTransport::new(vec![]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
@@ -1866,6 +1872,15 @@ fn handle_browser_message_exposes_real_zhihu_skill_lib_to_provider_request() {
let request_bodies = requests.lock().unwrap().clone();
let first_request = request_bodies[0].to_string();
let tool_names = request_tool_names(&request_bodies[0]);
let loaded_skills_message = sent
.iter()
.find_map(|message| match message {
AgentMessage::LogEntry { level, message } if level == "info" && message.starts_with("loaded skills: ") => {
Some(message.clone())
}
_ => None,
})
.expect("expected loaded skills log entry");
assert!(sent.iter().any(|message| {
matches!(
@@ -1874,15 +1889,11 @@ fn handle_browser_message_exposes_real_zhihu_skill_lib_to_provider_request() {
if *success && summary == "已看到真实知乎 skill"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "info" &&
message ==
"loaded skills: office-export-xlsx@0.1.0, zhihu-hotlist@0.1.0, zhihu-hotlist-screen@0.1.0, zhihu-navigate@0.1.0, zhihu-write@0.1.0"
)
}));
assert!(loaded_skills_message.contains("office-export-xlsx@0.1.0"));
assert!(loaded_skills_message.contains("zhihu-hotlist@0.1.0"));
assert!(loaded_skills_message.contains("zhihu-hotlist-screen@0.1.0"));
assert!(loaded_skills_message.contains("zhihu-navigate@0.1.0"));
assert!(loaded_skills_message.contains("zhihu-write@0.1.0"));
assert_eq!(request_bodies.len(), 1);
assert!(first_request.contains("office-export-xlsx"));
assert!(first_request.contains("zhihu-hotlist"));
@@ -2112,82 +2123,38 @@ fn handle_browser_message_executes_real_zhihu_hotlist_skill_flow() {
}
#[test]
fn handle_browser_message_chains_hotlist_skill_into_office_export_tool() {
fn handle_browser_message_chains_hotlist_skill_into_xlsx_export_and_auto_open() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
std::env::set_var("SGCLAW_DISABLE_POST_EXPORT_OPEN", "1");
let workspace_root = temp_workspace_root();
let output_path = workspace_root.join("out/zhihu-hotlist.xlsx");
let output_path_str = output_path.to_string_lossy().to_string();
let first_response = json!({
"choices": [{
"message": {
"content": "",
"tool_calls": [{
"id": "call_1",
"type": "function",
"function": {
"name": "zhihu-hotlist_extract_hotlist",
"arguments": serde_json::to_string(&json!({
"expected_domain": "www.zhihu.com",
"top_n": "10"
})).unwrap()
}
}]
}
}]
});
let third_response = json!({
"choices": [{
"message": {
"content": "",
"tool_calls": [{
"id": "call_3",
"type": "function",
"function": {
"name": "openxml_office",
"arguments": serde_json::to_string(&json!({
"sheet_name": "知乎热榜",
"columns": ["rank", "title", "heat"],
"rows": [
[1, "问题一", "344万"],
[2, "问题二", "266万"]
],
"output_path": output_path_str
})).unwrap()
}
}]
}
}]
});
let fourth_response = json!({
"choices": [{
"message": {
"content": format!("已导出知乎热榜 Excel {output_path_str}")
}
}]
});
let (base_url, _requests, server_handle) =
start_fake_deepseek_server(vec![first_response, third_response, fourth_response]);
let config_path = write_deepseek_config_with_skills_dir(
&workspace_root,
"deepseek-test-key",
&base_url,
"http://127.0.0.1:9",
"deepseek-chat",
Some(real_skill_lib_root().to_str().unwrap()),
);
let runtime_context = AgentRuntimeContext::new(Some(config_path), workspace_root.clone());
let transport = Arc::new(MockTransport::new(vec![success_browser_response(
1,
json!({
"text": {
"source": "https://www.zhihu.com/hot",
"sheet_name": "知乎热榜",
"columns": ["rank", "title", "heat"],
"rows": [[1, "问题一", "344万"], [2, "问题二", "266万"]]
}
}),
)]));
let transport = Arc::new(MockTransport::new(vec![
success_browser_response(1, json!({ "navigated": true })),
success_browser_response(
2,
json!({ "text": "知乎热榜\n1 问题一 344万热度\n2 问题二 266万热度" }),
),
success_browser_response(
3,
json!({
"text": {
"source": "https://www.zhihu.com/hot",
"sheet_name": "知乎热榜",
"columns": ["rank", "title", "heat"],
"rows": [[1, "问题一", "344万"], [2, "问题二", "266万"]]
}
}),
),
]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
zhihu_test_policy(),
@@ -2208,15 +2175,19 @@ fn handle_browser_message_chains_hotlist_skill_into_office_export_tool() {
},
)
.unwrap();
server_handle.join().unwrap();
let sent = transport.sent_messages();
let summary = task_complete_summary(&sent);
let generated = extract_generated_artifact_path(&summary, ".xlsx");
assert!(summary.contains("已导出并打开知乎热榜 Excel"));
assert!(summary.contains(".xlsx"));
assert!(generated.exists());
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::TaskComplete { success, summary }
if *success && summary.contains("已导出知乎热榜 Excel") && summary.contains(".xlsx")
if *success && summary.contains("已导出并打开知乎热榜 Excel") && summary.contains(".xlsx")
)
}));
assert!(sent.iter().any(|message| {
@@ -2233,12 +2204,26 @@ fn handle_browser_message_chains_hotlist_skill_into_office_export_tool() {
if level == "info" && message == "call zhihu-hotlist.extract_hotlist"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "info" && message == "call openxml_office"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::Command { action, .. } if action == &Action::Eval
)
}));
assert!(!sent.iter().any(|message| {
matches!(
message,
AgentMessage::Command { action, params, .. }
if action == &Action::Navigate && params.get("sgclaw_local_dashboard_open").is_some()
)
}));
assert!(!sent.iter().any(|message| {
matches!(
message,
@@ -2246,10 +2231,11 @@ fn handle_browser_message_chains_hotlist_skill_into_office_export_tool() {
if level == "mode" && (message == "compat_llm_primary" || message == "compat_skill_runner_primary")
)
}));
std::env::remove_var("SGCLAW_DISABLE_POST_EXPORT_OPEN");
}
#[test]
fn handle_browser_message_chains_hotlist_skill_into_screen_export_tool() {
fn handle_browser_message_chains_hotlist_skill_into_screen_export_and_auto_open() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
let workspace_root = temp_workspace_root();
@@ -2305,10 +2291,43 @@ fn handle_browser_message_chains_hotlist_skill_into_screen_export_tool() {
let sent = transport.sent_messages();
let summary = task_complete_summary(&sent);
let generated = extract_generated_artifact_path(&summary, ".html");
let navigate = sent
.iter()
.find_map(|message| match message {
AgentMessage::Command {
action,
params,
security,
..
} if action == &Action::Navigate
&& security.expected_domain == "__sgclaw_local_dashboard__" => Some((params, security)),
_ => None,
})
.expect("dashboard route should emit local-dashboard navigate request");
assert!(summary.contains("生成知乎热榜大屏"));
assert!(summary.contains("在浏览器中打开知乎热榜大屏"));
assert!(summary.contains(".html"));
assert!(generated.exists());
assert_eq!(
navigate.0["sgclaw_local_dashboard_open"]["output_path"].as_str(),
generated.to_str()
);
assert!(navigate.0["url"]
.as_str()
.expect("dashboard open url should be present")
.starts_with("file://"));
assert_eq!(
navigate.0["sgclaw_local_dashboard_open"]["source"],
json!("compat.workflow_executor")
);
assert_eq!(
navigate.0["sgclaw_local_dashboard_open"]["kind"],
json!("zhihu_hotlist_screen")
);
assert_eq!(
navigate.0["sgclaw_local_dashboard_open"]["presentation_url"],
navigate.0["url"]
);
assert!(sent.iter().any(|message| {
matches!(
message,
@@ -2336,6 +2355,13 @@ fn handle_browser_message_chains_hotlist_skill_into_screen_export_tool() {
AgentMessage::Command { action, .. } if action == &Action::Eval
)
}));
assert!(!sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "info" && message == "call openxml_office"
)
}));
assert!(!sent.iter().any(|message| {
matches!(
message,
@@ -2345,9 +2371,55 @@ fn handle_browser_message_chains_hotlist_skill_into_screen_export_tool() {
}));
}
#[test]
fn handle_browser_message_reports_dashboard_auto_open_protocol_error_when_presentation_url_is_missing() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
let transport = Arc::new(MockTransport::new(vec![]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
zhihu_test_policy(),
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
let browser_backend = sgclaw::browser::PipeBrowserBackend::from_inner(browser_tool);
let workspace_root = temp_workspace_root();
let output_path = workspace_root.join("zhihu-hotlist-screen.html");
fs::write(&output_path, "<html><body>fixture</body></html>").unwrap();
let payload = json!({
"title": "知乎热榜大屏",
"output_path": output_path,
"renderer": "screen_html_export",
"row_count": 2,
"snapshot_id": "snapshot-test",
"presentation": {
"mode": "new_tab",
"title": "知乎热榜大屏",
"open_in_new_tab": true
}
});
let summary = finalize_screen_export(&browser_backend, &payload.to_string()).unwrap();
assert!(summary.contains("已生成知乎热榜大屏"));
assert!(summary.contains(output_path.to_string_lossy().as_ref()));
assert!(summary.contains("但浏览器自动打开失败screen_html_export did not return presentation.url"));
let sent = transport.sent_messages();
assert!(!sent.iter().any(|message| {
matches!(
message,
AgentMessage::Command { action, params, .. }
if action == &Action::Navigate && params.get("sgclaw_local_dashboard_open").is_some()
)
}));
}
#[test]
fn handle_browser_message_runs_zhihu_hotlist_export_via_zeroclaw_primary_orchestration() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
std::env::set_var("SGCLAW_DISABLE_POST_EXPORT_OPEN", "1");
let workspace_root = temp_workspace_root();
let config_path = write_deepseek_config_with_skills_dir(
@@ -2422,6 +2494,7 @@ fn handle_browser_message_runs_zhihu_hotlist_export_via_zeroclaw_primary_orchest
if level == "mode" && (message == "compat_llm_primary" || message == "compat_skill_runner_primary")
)
}));
std::env::remove_var("SGCLAW_DISABLE_POST_EXPORT_OPEN");
}
#[test]
@@ -2533,6 +2606,221 @@ fn browser_submit_path_prefers_zeroclaw_process_message_orchestrator_for_zhihu_p
}));
}
#[test]
fn browser_attached_zhihu_hotlist_request_keeps_zhihu_contract_without_scene_injection() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
let response = json!({
"choices": [{
"message": {
"content": "已收到知乎导出任务"
}
}]
});
let (base_url, requests, server_handle) = start_fake_deepseek_server(vec![response]);
let workspace_root = temp_workspace_root();
let mut settings = SgClawSettings::from_legacy_deepseek_fields(
"deepseek-test-key".to_string(),
base_url,
"deepseek-chat".to_string(),
Some(real_skill_lib_root()),
)
.unwrap();
settings.runtime_profile = RuntimeProfile::BrowserAttached;
let transport = Arc::new(MockTransport::new(vec![]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
zhihu_test_policy(),
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
let summary = execute_task_with_sgclaw_settings(
transport.as_ref(),
browser_tool,
"读取知乎热榜数据,并导出 excel 文件",
&CompatTaskContext::default(),
&workspace_root,
&settings,
)
.unwrap();
server_handle.join().unwrap();
let request_bodies = requests.lock().unwrap().clone();
let first_request = request_bodies[0].to_string();
assert_eq!(summary, "已收到知乎导出任务");
assert_eq!(request_bodies.len(), 1);
assert!(first_request.contains("Zhihu hotlist execution contract"));
assert!(first_request.contains("Export completion contract"));
assert!(first_request.contains("openxml_office"));
assert!(!first_request.contains("95598 repair city dispatch execution contract"));
assert!(!first_request.contains("browser workflow, not a text-only task"));
assert!(!first_request.contains("generic browser probing only after"));
}
#[test]
fn ws_cleanup_no_longer_detects_fault_details_scene_route() {
use sgclaw::compat::workflow_executor::detect_route;
assert_eq!(
detect_route(
"导出故障明细",
Some("https://example.invalid/workbench"),
Some("业务台账"),
),
None,
);
}
#[test]
fn ws_cleanup_scene_keywords_do_not_trigger_primary_orchestration() {
assert!(!sgclaw::compat::orchestration::should_use_primary_orchestration(
"请处理95598抢修市指监测",
Some("https://95598.example.invalid/dispatch"),
Some("95598抢修市指监测"),
));
}
#[test]
fn zhihu_generated_auto_publish_matches_primary_orchestration_gate() {
assert!(
sgclaw::compat::orchestration::should_use_primary_orchestration(
"在知乎自动发表一篇名称为人工智能技能大全",
Some("https://www.zhihu.com/"),
Some("知乎"),
)
);
}
#[test]
fn zhihu_hotlist_export_route_stays_ahead_of_generated_article_publish() {
use sgclaw::compat::workflow_executor::{detect_route, WorkflowRoute};
assert_eq!(
detect_route(
"打开知乎热榜获取前10条数据并导出 Excel",
Some("https://www.zhihu.com/"),
Some("知乎")
),
Some(WorkflowRoute::ZhihuHotlistExportXlsx)
);
}
#[test]
fn zhihu_generated_auto_publish_uses_provider_and_submits_publish_without_confirmation() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
let response = json!({
"choices": [{
"message": {
"content": "标题:人工智能技能大全\n正文:第一段内容。\n\n第二段内容。"
}
}]
});
let (base_url, requests, server_handle) = start_fake_deepseek_server(vec![response]);
let workspace_root = temp_workspace_root();
let config_path = write_deepseek_config_with_skills_dir(
&workspace_root,
"deepseek-test-key",
&base_url,
"deepseek-chat",
Some(real_skill_lib_root().to_str().unwrap()),
);
let runtime_context = AgentRuntimeContext::new(Some(config_path), workspace_root.clone());
let transport = Arc::new(MockTransport::new(vec![
success_browser_response(1, json!({ "navigated": true })),
success_browser_response(
2,
json!({
"text": {
"status": "creator_entry_clicked",
"current_url": "https://www.zhihu.com/creator",
"next_url": "https://zhuanlan.zhihu.com/write"
}
}),
),
success_browser_response(3, json!({ "navigated": true })),
success_browser_response(
4,
json!({
"text": {
"status": "editor_ready",
"current_url": "https://zhuanlan.zhihu.com/write"
}
}),
),
success_browser_response(
5,
json!({
"text": {
"status": "publish_submitted",
"current_url": "https://zhuanlan.zhihu.com/write",
"title": "人工智能技能大全"
}
}),
),
]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
zhihu_test_policy(),
vec![1, 2, 3, 4, 5, 6, 7, 8],
)
.with_response_timeout(Duration::from_secs(1));
handle_browser_message_with_context(
transport.as_ref(),
&browser_tool,
&runtime_context,
BrowserMessage::SubmitTask {
instruction: "在知乎自动发表一篇名称为人工智能技能大全".to_string(),
conversation_id: String::new(),
messages: vec![],
page_url: "https://www.zhihu.com/".to_string(),
page_title: "知乎".to_string(),
},
)
.unwrap();
server_handle.join().unwrap();
let sent = transport.sent_messages();
let request_bodies = requests.lock().unwrap().clone();
assert_eq!(request_bodies.len(), 1);
assert!(request_bodies[0].to_string().contains("人工智能技能大全"));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::TaskComplete { success, summary }
if *success && summary == "已提交知乎文章发布流程《人工智能技能大全》"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "info" && message == "call zhihu-write.fill_article_draft"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::Command { action, .. } if action == &Action::Navigate
)
}));
assert!(!sent.iter().any(|message| {
matches!(
message,
AgentMessage::TaskComplete { success, summary }
if *success && summary.contains("确认发布")
)
}));
}
#[test]
fn zhihu_publish_task_matches_primary_orchestration_gate() {
assert!(
@@ -3084,71 +3372,37 @@ fn zhihu_publish_after_confirmation_reports_login_block_without_selector_probing
}
#[test]
fn browser_orchestration_registers_superrpa_tools_natively() {
fn browser_orchestration_executes_hotlist_export_natively_from_hotlist_page() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
let first_response = json!({
"choices": [{
"message": {
"content": "",
"tool_calls": [{
"id": "call_1",
"type": "function",
"function": {
"name": "superrpa_browser",
"arguments": serde_json::to_string(&json!({
"action": "getText",
"expected_domain": "www.zhihu.com",
"selector": "main"
})).unwrap()
}
}]
}
}]
});
let second_response = json!({
"choices": [{
"message": {
"content": "",
"tool_calls": [{
"id": "call_2",
"type": "function",
"function": {
"name": "openxml_office",
"arguments": serde_json::to_string(&json!({
"sheet_name": "知乎热榜",
"columns": ["rank", "title", "heat"],
"rows": [[1, "问题一", "344万"]]
})).unwrap()
}
}]
}
}]
});
let third_response = json!({
"choices": [{
"message": {
"content": "已导出知乎热榜 Excel"
}
}]
});
let (base_url, requests, server_handle) =
start_fake_deepseek_server(vec![first_response, second_response, third_response]);
std::env::set_var("SGCLAW_DISABLE_POST_EXPORT_OPEN", "1");
let workspace_root = temp_workspace_root();
let config_path = write_deepseek_config_with_skills_dir(
&workspace_root,
"deepseek-test-key",
&base_url,
"http://127.0.0.1:9",
"deepseek-chat",
Some(real_skill_lib_root().to_str().unwrap()),
);
let runtime_context = AgentRuntimeContext::new(Some(config_path), workspace_root.clone());
let transport = Arc::new(MockTransport::new(vec![success_browser_response(
1,
json!({ "text": "知乎热榜\n1\n问题一\n344万热度" }),
)]));
let transport = Arc::new(MockTransport::new(vec![
success_browser_response(
1,
json!({ "text": "知乎热榜\n1 问题一 344万热度\n2 问题二 266万热度" }),
),
success_browser_response(
2,
json!({
"text": {
"source": "https://www.zhihu.com/hot",
"sheet_name": "知乎热榜",
"columns": ["rank", "title", "heat"],
"rows": [[1, "问题一", "344万"], [2, "问题二", "266万"]]
}
}),
),
]));
let browser_tool = BrowserPipeTool::new(
transport.clone(),
zhihu_test_policy(),
@@ -3170,22 +3424,60 @@ fn browser_orchestration_registers_superrpa_tools_natively() {
)
.unwrap();
let request_bodies = requests.lock().unwrap().clone();
let sent = transport.sent_messages();
assert!(
!request_bodies.is_empty(),
"expected provider request, sent messages were: {sent:?}"
);
server_handle.join().unwrap();
let first_request = request_bodies
.first()
.expect("expected first provider request")
.to_string();
let tool_names = request_tool_names(&request_bodies[0]);
let summary = task_complete_summary(&sent);
let generated = extract_generated_artifact_path(&summary, ".xlsx");
assert!(first_request.contains("superrpa_browser"));
assert!(tool_names.contains(&"superrpa_browser".to_string()));
assert!(tool_names.contains(&"openxml_office".to_string()));
assert!(summary.contains(".xlsx"));
assert!(generated.exists());
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "mode" && message == "zeroclaw_process_message_primary"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "info" && message == "call zhihu-hotlist.extract_hotlist"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "info" && message == "call openxml_office"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::Command { action, .. } if action == &Action::GetText
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::Command { action, .. } if action == &Action::Eval
)
}));
assert!(!sent.iter().any(|message| {
matches!(
message,
AgentMessage::Command { action, .. } if action == &Action::Navigate
)
}));
assert!(!sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "mode" &&
(message == "compat_llm_primary" || message == "compat_skill_runner_primary")
)
}));
std::env::remove_var("SGCLAW_DISABLE_POST_EXPORT_OPEN");
}
#[test]
@@ -3246,88 +3538,13 @@ fn zhihu_export_does_not_use_frontend_owned_mainline() {
#[test]
fn browser_skill_usage_is_execution_not_prompt_only() {
let _guard = env_lock().lock().unwrap_or_else(|err| err.into_inner());
std::env::set_var("SGCLAW_DISABLE_POST_EXPORT_OPEN", "1");
let workspace_root = temp_workspace_root();
let output_path = workspace_root.join("out/zhihu-hotlist-execution.xlsx");
let output_path_str = output_path.to_string_lossy().to_string();
let first_response = json!({
"choices": [{
"message": {
"content": "",
"tool_calls": [{
"id": "call_1",
"type": "function",
"function": {
"name": "superrpa_browser",
"arguments": serde_json::to_string(&json!({
"action": "navigate",
"expected_domain": "www.zhihu.com",
"url": "https://www.zhihu.com/hot"
})).unwrap()
}
}]
}
}]
});
let second_response = json!({
"choices": [{
"message": {
"content": "",
"tool_calls": [{
"id": "call_2",
"type": "function",
"function": {
"name": "superrpa_browser",
"arguments": serde_json::to_string(&json!({
"action": "getText",
"expected_domain": "www.zhihu.com",
"selector": "main"
})).unwrap()
}
}]
}
}]
});
let third_response = json!({
"choices": [{
"message": {
"content": "",
"tool_calls": [{
"id": "call_3",
"type": "function",
"function": {
"name": "openxml_office",
"arguments": serde_json::to_string(&json!({
"sheet_name": "知乎热榜",
"columns": ["rank", "title", "heat"],
"rows": [
[1, "问题一", "344万"],
[2, "问题二", "266万"]
],
"output_path": output_path_str
})).unwrap()
}
}]
}
}]
});
let fourth_response = json!({
"choices": [{
"message": {
"content": format!("已导出知乎热榜 Excel {output_path_str}")
}
}]
});
let (base_url, requests, server_handle) = start_fake_deepseek_server(vec![
first_response,
second_response,
third_response,
fourth_response,
]);
let config_path = write_deepseek_config_with_skills_dir(
&workspace_root,
"deepseek-test-key",
&base_url,
"http://127.0.0.1:9",
"deepseek-chat",
Some(real_skill_lib_root().to_str().unwrap()),
);
@@ -3337,7 +3554,18 @@ fn browser_skill_usage_is_execution_not_prompt_only() {
success_browser_response(1, json!({ "navigated": true })),
success_browser_response(
2,
json!({ "text": "知乎热榜\n1\n问题一\n344万热度\n2\n问题二\n266万热度" }),
json!({ "text": "知乎热榜\n1 问题一 344万热度\n2 问题二 266万热度" }),
),
success_browser_response(
3,
json!({
"text": {
"source": "https://www.zhihu.com/hot",
"sheet_name": "知乎热榜",
"columns": ["rank", "title", "heat"],
"rows": [[1, "问题一", "344万"], [2, "问题二", "266万"]]
}
}),
),
]));
let browser_tool = BrowserPipeTool::new(
@@ -3360,15 +3588,13 @@ fn browser_skill_usage_is_execution_not_prompt_only() {
},
)
.unwrap();
server_handle.join().unwrap();
let request_bodies = requests.lock().unwrap().clone();
let sent = transport.sent_messages();
let first_request = request_bodies
.first()
.expect("expected first provider request")
.to_string();
let summary = task_complete_summary(&sent);
let generated = extract_generated_artifact_path(&summary, ".xlsx");
assert!(summary.contains(".xlsx"));
assert!(generated.exists());
assert!(sent.iter().any(|message| {
matches!(
message,
@@ -3376,6 +3602,29 @@ fn browser_skill_usage_is_execution_not_prompt_only() {
if *success && summary.contains(".xlsx")
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "mode" && message == "zeroclaw_process_message_primary"
)
}));
assert!(sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "info" && message == "call openxml_office"
)
}));
assert!(!sent.iter().any(|message| {
matches!(
message,
AgentMessage::LogEntry { level, message }
if level == "mode" &&
(message == "compat_llm_primary" || message == "compat_skill_runner_primary")
)
}));
std::env::remove_var("SGCLAW_DISABLE_POST_EXPORT_OPEN");
assert!(!sent.iter().any(|message| {
matches!(
message,
@@ -3393,7 +3642,6 @@ fn browser_skill_usage_is_execution_not_prompt_only() {
message == "getText ol li")
)
}));
assert!(!first_request.contains("Preloaded skill context:"));
}
#[test]

11
tests/compat_screen_html_export_tool_test.rs
View File

@@ -43,9 +43,18 @@ async fn screen_html_export_tool_renders_dashboard_html_with_presentation_contra
.as_str()
.unwrap()
.starts_with("file://"));
assert!(html.contains("知乎热榜态势驾驶舱"));
assert!(html.contains("知乎热榜图表驾驶舱"));
assert!(html.contains("snapshot-20260329"));
assert!(html.contains("问题一"));
assert!(html.contains("344万"));
assert!(html.contains("const defaultPayload ="));
assert!(html.contains("lead-summary"));
assert!(html.contains("bar-chart"));
assert!(html.contains("top-chart"));
assert!(html.contains("pie-chart"));
assert!(html.contains("bubble-chart"));
assert!(html.contains("metric-categories"));
assert!(html.contains("themeMeta"));
assert!(html.contains("screen_html_export"));
assert!(html.contains("table-note"));
}

2
tests/deepseek_provider_test.rs
View File

@@ -21,7 +21,7 @@ fn deepseek_settings_load_defaults_from_env() {
assert_eq!(settings.api_key, "test-key");
assert_eq!(settings.base_url, "https://api.deepseek.com");
assert_eq!(settings.model, "deepseek-chat");
assert_eq!(settings.skills_dir, None);
assert!(settings.skills_dir.is_none());
}
#[test]

28
tests/pipe_protocol_test.rs
View File

@@ -21,6 +21,24 @@ fn browser_init_round_trip_uses_frozen_wire_format() {
assert_eq!(serde_json::to_string(&message).unwrap(), raw);
}
#[test]
fn browser_lifecycle_messages_use_frozen_wire_tags() {
let connect_raw = r#"{"type":"connect"}"#;
let start_raw = r#"{"type":"start"}"#;
let stop_raw = r#"{"type":"stop"}"#;
let connect: BrowserMessage = serde_json::from_str(connect_raw).unwrap();
let start: BrowserMessage = serde_json::from_str(start_raw).unwrap();
let stop: BrowserMessage = serde_json::from_str(stop_raw).unwrap();
assert_eq!(connect, BrowserMessage::Connect);
assert_eq!(start, BrowserMessage::Start);
assert_eq!(stop, BrowserMessage::Stop);
assert_eq!(serde_json::to_string(&connect).unwrap(), connect_raw);
assert_eq!(serde_json::to_string(&start).unwrap(), start_raw);
assert_eq!(serde_json::to_string(&stop).unwrap(), stop_raw);
}
#[test]
fn command_serializes_action_and_security_fields() {
let message = AgentMessage::Command {
@@ -40,6 +58,16 @@ fn command_serializes_action_and_security_fields() {
assert!(raw.contains(r#""expected_domain":"oa.example.com""#));
}
#[test]
fn agent_status_changed_serializes_with_expected_tag() {
let raw = serde_json::to_string(&AgentMessage::StatusChanged {
state: "started".to_string(),
})
.unwrap();
assert_eq!(raw, r#"{"type":"status_changed","state":"started"}"#);
}
#[test]
fn response_deserializes_timing_and_payload() {
let raw = r#"{"type":"response","seq":7,"success":true,"data":{"text":"提交成功"},"aom_snapshot":[],"timing":{"queue_ms":2,"exec_ms":38}}"#;

132
tests/planner_test.rs
View File

@@ -1,132 +0,0 @@
use serde_json::json;
use sgclaw::agent::planner::{build_execution_preview, plan_instruction, PlannerError};
use sgclaw::config::PlannerMode;
use sgclaw::pipe::Action;
#[test]
fn planner_module_is_explicitly_legacy_dev_only() {
assert!(sgclaw::agent::planner::LEGACY_DEV_ONLY);
}
#[test]
fn planner_converts_baidu_search_instruction_into_three_steps() {
let plan = plan_instruction("打开百度搜索天气").unwrap();
assert_eq!(plan.summary, "已在百度搜索天气");
assert_eq!(plan.steps.len(), 3);
assert_eq!(plan.steps[0].action, Action::Navigate);
assert_eq!(
plan.steps[0].params,
json!({ "url": "https://www.baidu.com" })
);
assert_eq!(plan.steps[1].action, Action::Type);
assert_eq!(
plan.steps[1].params,
json!({ "selector": "#kw", "text": "天气", "clear_first": true })
);
assert_eq!(plan.steps[2].action, Action::Click);
assert_eq!(plan.steps[2].params, json!({ "selector": "#su" }));
}
#[test]
fn planner_supports_baidu_search_variant_with_conjunction() {
let plan = plan_instruction("打开百度并搜索电网调度").unwrap();
assert_eq!(plan.summary, "已在百度搜索电网调度");
assert_eq!(plan.steps[1].params["text"], "电网调度");
}
#[test]
fn planner_supports_zhihu_search_instruction_with_direct_search_url() {
let plan = plan_instruction("打开知乎搜索天气").unwrap();
assert_eq!(plan.summary, "已在知乎搜索天气");
assert_eq!(plan.steps.len(), 1);
assert_eq!(plan.steps[0].action, Action::Navigate);
assert_eq!(
plan.steps[0].params,
json!({ "url": "https://www.zhihu.com/search?type=content&q=%E5%A4%A9%E6%B0%94" })
);
assert_eq!(plan.steps[0].expected_domain, "www.zhihu.com");
assert_eq!(
plan.steps[0].log_message,
"navigate https://www.zhihu.com/search?type=content&q=%E5%A4%A9%E6%B0%94"
);
}
#[test]
fn planner_supports_open_zhihu_homepage_instruction() {
let plan = plan_instruction("打开知乎").unwrap();
assert_eq!(plan.summary, "已打开知乎首页");
assert_eq!(plan.steps.len(), 1);
assert_eq!(plan.steps[0].action, Action::Navigate);
assert_eq!(
plan.steps[0].params,
json!({ "url": "https://www.zhihu.com" })
);
assert_eq!(plan.steps[0].expected_domain, "www.zhihu.com");
assert_eq!(plan.steps[0].log_message, "navigate https://www.zhihu.com");
}
#[test]
fn planner_supports_open_baidu_homepage_instruction() {
let plan = plan_instruction("打开百度").unwrap();
assert_eq!(plan.summary, "已打开百度首页");
assert_eq!(plan.steps.len(), 1);
assert_eq!(plan.steps[0].action, Action::Navigate);
assert_eq!(
plan.steps[0].params,
json!({ "url": "https://www.baidu.com" })
);
assert_eq!(plan.steps[0].expected_domain, "www.baidu.com");
assert_eq!(plan.steps[0].log_message, "navigate https://www.baidu.com");
}
#[test]
fn planner_rejects_unrelated_instruction() {
let err = plan_instruction("打开谷歌搜索天气").unwrap_err();
assert_eq!(
err,
PlannerError::UnsupportedInstruction("打开谷歌搜索天气".to_string())
);
}
#[test]
fn plan_first_mode_builds_visible_preview_for_zhihu_excel_flow() {
let preview = build_execution_preview(
PlannerMode::ZeroclawPlanFirst,
"读取知乎热榜数据,并导出 excel 文件",
Some("https://www.zhihu.com/hot"),
Some("知乎热榜"),
)
.expect("expected plan preview");
assert_eq!(preview.summary, "先规划再执行知乎热榜 Excel 导出");
assert!(preview
.steps
.iter()
.any(|step| step.contains("navigate https://www.zhihu.com/hot")));
assert!(preview
.steps
.iter()
.any(|step| step.contains("getText main")));
assert!(preview
.steps
.iter()
.any(|step| step.contains("call openxml_office")));
}
#[test]
fn legacy_planner_mode_skips_runtime_preview() {
let preview = build_execution_preview(
PlannerMode::LegacyDeterministic,
"打开百度搜索天气",
None,
None,
);
assert!(preview.is_none());
}

113
tests/runtime_profile_test.rs
View File

@@ -1,5 +1,73 @@
use std::fs;
use std::path::PathBuf;
use sgclaw::compat::config_adapter::{
build_zeroclaw_config_from_sgclaw_settings, resolve_skills_dir_from_sgclaw_settings,
};
use sgclaw::config::{BrowserBackend, OfficeBackend, PlannerMode, SgClawSettings};
use sgclaw::runtime::{RuntimeEngine, RuntimeProfile, ToolPolicy};
use uuid::Uuid;
fn temp_skill_root() -> PathBuf {
let root = std::env::temp_dir().join(format!(
"sgclaw-runtime-profile-skills-{}",
Uuid::new_v4()
));
fs::create_dir_all(root.join("skills")).unwrap();
root
}
fn write_browser_script_skill(skill_root: &std::path::Path, skill_name: &str) {
let skill_dir = skill_root.join("skills").join(skill_name);
fs::create_dir_all(&skill_dir).unwrap();
fs::write(
skill_dir.join("SKILL.toml"),
format!(
r#"
[skill]
name = "{skill_name}"
description = "Browser-only test skill."
version = "0.1.0"
[[tools]]
name = "run"
description = "Run browser-only script."
kind = "browser_script"
command = "scripts/run.js"
"#
),
)
.unwrap();
fs::create_dir_all(skill_dir.join("scripts")).unwrap();
fs::write(skill_dir.join("scripts/run.js"), "return { ok: true };\n").unwrap();
}
#[test]
fn loaded_skills_excludes_browser_script_tools_when_browser_surface_is_unavailable() {
let workspace_root = std::env::temp_dir().join(format!(
"sgclaw-runtime-profile-workspace-{}",
Uuid::new_v4()
));
fs::create_dir_all(&workspace_root).unwrap();
let skill_root = temp_skill_root();
write_browser_script_skill(&skill_root, "workspace-browser-skill");
let mut settings = SgClawSettings::from_legacy_deepseek_fields(
"sk-test".to_string(),
"https://api.deepseek.com".to_string(),
"deepseek-chat".to_string(),
Some(skill_root.clone()),
)
.unwrap();
settings.runtime_profile = RuntimeProfile::GeneralAssistant;
let config = build_zeroclaw_config_from_sgclaw_settings(&workspace_root, &settings);
let skills_dir = resolve_skills_dir_from_sgclaw_settings(&workspace_root, &settings);
let engine = RuntimeEngine::new(RuntimeProfile::GeneralAssistant);
let loaded_skills = engine.loaded_skills(&config, std::slice::from_ref(&skills_dir));
assert!(loaded_skills.is_empty());
}
#[test]
fn browser_attached_profile_exposes_browser_surface_without_becoming_browser_only() {
@@ -56,6 +124,51 @@ fn browser_attached_publish_prompt_requires_explicit_confirmation_before_clickin
assert!(instruction.contains("stop after the confirmation request"));
}
#[test]
fn ws_cleanup_browser_profile_does_not_inject_95598_scene_contract() {
let engine = RuntimeEngine::new(RuntimeProfile::BrowserAttached);
let instruction = engine.build_instruction(
"请处理95598抢修市指监测查看抢修市指派单并汇总当前队列",
Some("https://95598.example.invalid/dispatch"),
Some("95598抢修市指监测"),
true,
);
assert!(!instruction.contains("collect_repair_orders"));
}
#[test]
fn browser_attached_unrelated_task_does_not_receive_95598_scene_contract() {
let engine = RuntimeEngine::new(RuntimeProfile::BrowserAttached);
let instruction = engine.build_instruction(
"帮我总结今天的会议纪要",
None,
None,
true,
);
assert!(!instruction.contains("collect_repair_orders"));
assert!(!instruction.contains("browser workflow, not a text-only task"));
assert!(!instruction.contains("generic browser probing only after"));
}
#[test]
fn general_assistant_95598_scene_prompt_does_not_receive_browser_scene_contract() {
let engine = RuntimeEngine::new(RuntimeProfile::GeneralAssistant);
let instruction = engine.build_instruction(
"请处理95598抢修市指监测查看抢修市指派单并汇总当前队列",
Some("https://95598.example.invalid/dispatch"),
Some("95598抢修市指监测"),
false,
);
assert!(!instruction.contains("collect_repair_orders"));
assert!(!instruction.contains("browser workflow, not a text-only task"));
assert!(!instruction.contains("generic browser probing only after"));
}
#[test]
fn legacy_settings_default_to_plan_first_superrpa_and_openxml_backends() {
let settings = SgClawSettings::from_legacy_deepseek_fields(

7
tests/runtime_task_flow_test.rs
View File

@@ -51,7 +51,12 @@ fn submit_task_without_llm_configuration_returns_clear_error() {
assert!(matches!(
&sent[0],
AgentMessage::LogEntry { level, message }
if level == "info" && message == "sgclaw runtime version=0.1.0 protocol=1.0"
if level == "info"
&& message
== &format!(
"sgclaw runtime version={} protocol=1.0",
env!("CARGO_PKG_VERSION")
)
));
assert!(matches!(
&sent[1],

27
tests/service_console_html_test.rs Normal file
View File

@@ -0,0 +1,27 @@
use std::fs;
use std::path::PathBuf;
#[test]
fn service_console_html_stays_on_service_ws_boundary() {
let manifest_dir = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
let html_path = manifest_dir
.join("frontend")
.join("service-console")
.join("sg_claw_service_console.html");
let source = fs::read_to_string(&html_path).expect("service console html should exist");
assert!(source.contains("ws://127.0.0.1:42321"));
assert!(source.contains("submit_task"));
assert!(source.contains("addEventListener(\"close\""));
assert!(source.contains("setTimeout(() => connectOrDisconnectService(true)"));
assert!(source.contains("connectTimeoutTimer"));
assert!(source.contains("lastHeartbeatAt"));
assert!(source.contains("heartbeat missed, forcing reconnect"));
assert!(source.contains("service websocket connect timed out"));
assert!(!source.contains("/sgclaw/browser-helper.html"));
assert!(!source.contains("/sgclaw/callback/ready"));
assert!(!source.contains("/sgclaw/callback/events"));
assert!(!source.contains("/sgclaw/callback/commands/next"));
assert!(!source.contains("/sgclaw/callback/commands/ack"));
assert!(!source.contains("ws://127.0.0.1:12345"));
}

930
tests/service_task_flow_test.rs Normal file
View File

@@ -0,0 +1,930 @@
use std::io::{BufRead, BufReader, Read as _, Write};
use std::net::TcpListener;
use std::sync::{mpsc, Arc, Mutex};
use std::thread;
use std::time::{Duration, Instant};
use reqwest::blocking::Client;
use serde_json::{json, Value};
use sgclaw::service::{ClientMessage, ServiceMessage};
use tungstenite::{accept, Message};
const RUNTIME_DROP_PANIC_TEXT: &str =
"Cannot drop a runtime in a context where blocking is not allowed";
const TEST_ZHIHU_SKILLS_DIR: &str = "D:/data/ideaSpace/rust/sgClaw/claw/claw/skills";
fn read_ws_text(stream: &mut tungstenite::WebSocket<std::net::TcpStream>) -> String {
match stream.read().unwrap() {
Message::Text(text) => text.to_string(),
other => panic!("expected text frame, got {other:?}"),
}
}
fn start_fake_deepseek_server(
responses: Vec<Value>,
) -> (String, Arc<Mutex<Vec<Value>>>, thread::JoinHandle<()>) {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
listener.set_nonblocking(true).unwrap();
let address = format!("http://{}", listener.local_addr().unwrap());
let requests = Arc::new(Mutex::new(Vec::new()));
let request_log = requests.clone();
let handle = thread::spawn(move || {
for response in responses {
let deadline = std::time::Instant::now() + Duration::from_secs(5);
let (mut stream, _) = loop {
match listener.accept() {
Ok(pair) => break pair,
Err(err) if err.kind() == std::io::ErrorKind::WouldBlock => {
assert!(
std::time::Instant::now() < deadline,
"timed out waiting for provider request"
);
thread::sleep(Duration::from_millis(10));
}
Err(err) => panic!("failed to accept provider request: {err}"),
}
};
stream.set_nonblocking(false).unwrap();
let body = match read_http_json_body(&mut stream) {
Ok(body) => body,
Err(_) => continue,
};
request_log.lock().unwrap().push(body);
let payload = response.to_string();
let reply = format!(
"HTTP/1.1 200 OK\r\nContent-Type: application/json\r\nContent-Length: {}\r\nConnection: close\r\n\r\n{}",
payload.as_bytes().len(),
payload
);
stream.write_all(reply.as_bytes()).unwrap();
stream.flush().unwrap();
}
});
(address, requests, handle)
}
fn read_http_json_body(stream: &mut impl std::io::Read) -> Result<Value, &'static str> {
let mut buffer = Vec::new();
let mut headers_end = None;
while headers_end.is_none() {
let mut chunk = [0_u8; 1024];
let bytes = stream.read(&mut chunk).unwrap();
if bytes == 0 {
return Err("unexpected EOF while reading headers");
}
buffer.extend_from_slice(&chunk[..bytes]);
headers_end = buffer.windows(4).position(|window| window == b"\r\n\r\n");
}
let headers_end = headers_end.unwrap() + 4;
let headers = String::from_utf8(buffer[..headers_end].to_vec()).unwrap();
let Some(content_length) = headers.lines().find_map(|line| {
let (name, value) = line.split_once(':')?;
name.eq_ignore_ascii_case("content-length")
.then(|| value.trim().parse::<usize>().unwrap())
}) else {
return Err("missing content-length header");
};
while buffer.len() < headers_end + content_length {
let mut chunk = vec![0_u8; content_length];
let bytes = stream.read(&mut chunk).unwrap();
if bytes == 0 {
return Err("unexpected EOF while reading body");
}
buffer.extend_from_slice(&chunk[..bytes]);
}
Ok(serde_json::from_slice(&buffer[headers_end..headers_end + content_length]).unwrap())
}
#[derive(Debug)]
enum CallbackHostBrowserEvent {
BrowserFrame(Value),
CommandEnvelope(Value),
}
fn start_callback_host_hotlist_browser_server(
event_tx: mpsc::Sender<CallbackHostBrowserEvent>,
) -> (String, thread::JoinHandle<()>) {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let handle = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
stream.set_read_timeout(Some(Duration::from_secs(2))).unwrap();
stream.set_write_timeout(Some(Duration::from_secs(2))).unwrap();
let mut websocket = accept(stream).unwrap();
let register = match websocket.read().unwrap() {
Message::Text(text) => serde_json::from_str::<Value>(&text).unwrap(),
other => panic!("expected register frame, got {other:?}"),
};
event_tx
.send(CallbackHostBrowserEvent::BrowserFrame(register))
.unwrap();
websocket
.send(Message::Text(
r#"{"type":"welcome","client_id":1,"server_time":"2026-04-04T00:00:00"}"#
.to_string()
.into(),
))
.unwrap();
let first_action = match websocket.read().unwrap() {
Message::Text(text) => serde_json::from_str::<Value>(&text).unwrap(),
other => panic!("expected browser action frame, got {other:?}"),
};
event_tx
.send(CallbackHostBrowserEvent::BrowserFrame(first_action.clone()))
.unwrap();
let Some(values) = first_action.as_array() else {
websocket.close(None).ok();
return;
};
let is_helper_open = values.len() >= 3
&& values[1] == json!("sgBrowerserOpenPage")
&& values[2]
.as_str()
.is_some_and(|url| url.ends_with("/sgclaw/browser-helper.html"));
if !is_helper_open {
websocket.close(None).ok();
return;
}
let helper_url = values[2].as_str().unwrap().to_string();
let helper_origin = helper_url
.trim_end_matches("/sgclaw/browser-helper.html")
.to_string();
let helper_client = Client::builder()
.timeout(Duration::from_secs(2))
.pool_max_idle_per_host(0)
.build()
.unwrap();
let helper_html = helper_client
.get(&helper_url)
.send()
.unwrap()
.error_for_status()
.unwrap()
.text()
.unwrap();
assert!(helper_html.contains("sgclawReady"));
assert!(helper_html.contains("sgclawOnLoaded"));
assert!(helper_html.contains("sgclawOnGetText"));
assert!(helper_html.contains("sgclawOnEval"));
let pre_ready_command: Value = helper_client
.get(format!("{helper_origin}/sgclaw/callback/commands/next"))
.send()
.unwrap()
.error_for_status()
.unwrap()
.json()
.unwrap();
event_tx
.send(CallbackHostBrowserEvent::CommandEnvelope(pre_ready_command))
.unwrap();
helper_client
.post(format!("{helper_origin}/sgclaw/callback/ready"))
.json(&json!({
"type": "ready",
"helper_url": helper_url,
}))
.send()
.unwrap()
.error_for_status()
.unwrap();
let hotlist_text = "知乎热榜\n1 问题一 344万热度\n2 问题二 266万热度";
let hotlist_payload = json!({
"source": "https://www.zhihu.com/hot",
"sheet_name": "知乎热榜",
"columns": ["rank", "title", "heat"],
"rows": [[1, "问题一", "344万"], [2, "问题二", "266万"]]
})
.to_string();
let deadline = Instant::now() + Duration::from_secs(10);
let mut saw_get_text = false;
let mut saw_eval = false;
while Instant::now() < deadline {
let envelope: Value = match helper_client
.get(format!("{helper_origin}/sgclaw/callback/commands/next"))
.send()
.and_then(|response| response.error_for_status())
.and_then(|response| response.json())
{
Ok(envelope) => envelope,
Err(_) => {
thread::sleep(Duration::from_millis(20));
continue;
}
};
let Some(command) = envelope.get("command").and_then(Value::as_object) else {
thread::sleep(Duration::from_millis(20));
continue;
};
event_tx
.send(CallbackHostBrowserEvent::CommandEnvelope(envelope.clone()))
.unwrap();
let action_name = command
.get("action")
.and_then(Value::as_str)
.unwrap_or_default()
.to_string();
helper_client
.post(format!("{helper_origin}/sgclaw/callback/commands/ack"))
.json(&json!({ "type": "command_ack" }))
.send()
.unwrap()
.error_for_status()
.unwrap();
let args = command
.get("args")
.and_then(Value::as_array)
.cloned()
.unwrap_or_default();
match action_name.as_str() {
"sgBrowerserOpenPage" => {}
"sgBrowserExcuteJsCodeByDomain" => {
let script = args.get(1).and_then(Value::as_str).unwrap_or_default();
if script.contains("sgclawOnGetText") {
saw_get_text = true;
helper_client
.post(format!("{helper_origin}/sgclaw/callback/events"))
.json(&json!({
"callback": "sgclawOnGetText",
"request_url": helper_url,
"target_url": "https://www.zhihu.com/hot",
"action": action_name,
"payload": { "text": hotlist_text }
}))
.send()
.unwrap()
.error_for_status()
.unwrap();
} else if script.contains("sgclawOnEval") {
saw_eval = true;
helper_client
.post(format!("{helper_origin}/sgclaw/callback/events"))
.json(&json!({
"callback": "sgclawOnEval",
"request_url": helper_url,
"target_url": "https://www.zhihu.com/hot",
"action": action_name,
"payload": { "value": hotlist_payload }
}))
.send()
.unwrap()
.error_for_status()
.unwrap();
break;
} else {
panic!("unexpected callback-host domain command: {script}");
}
}
other => panic!("unexpected callback-host command action {other}"),
}
}
assert!(saw_get_text, "expected callback-host getText command");
assert!(saw_eval, "expected callback-host eval command");
websocket.close(None).ok();
});
(format!("ws://{address}"), handle)
}
fn start_direct_zhihu_browser_ws_server() -> (String, Arc<Mutex<Vec<String>>>, thread::JoinHandle<()>) {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let frames = Arc::new(Mutex::new(Vec::new()));
let frames_for_thread = Arc::clone(&frames);
let handle = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
stream.set_read_timeout(Some(Duration::from_secs(5))).unwrap();
stream.set_write_timeout(Some(Duration::from_secs(5))).unwrap();
let mut socket = accept(stream).unwrap();
let mut action_count = 0_u64;
loop {
let message = match socket.read() {
Ok(message) => message,
Err(tungstenite::Error::ConnectionClosed)
| Err(tungstenite::Error::AlreadyClosed) => break,
Err(err) => panic!("browser ws test server read failed: {err}"),
};
let payload = match message {
Message::Text(text) => text.to_string(),
Message::Ping(payload) => {
socket.send(Message::Pong(payload)).unwrap();
continue;
}
Message::Close(_) => break,
other => panic!("expected text frame, got {other:?}"),
};
frames_for_thread.lock().unwrap().push(payload.clone());
let parsed: Value = serde_json::from_str(&payload).unwrap();
if parsed.get("type").and_then(Value::as_str) == Some("register") {
continue;
}
let values = parsed.as_array().expect("browser action frame should be an array");
let request_url = values[0].as_str().expect("request_url should be a string");
let action = values[1].as_str().expect("action should be a string");
action_count += 1;
socket
.send(Message::Text(
r#"{"type":"welcome","client_id":1,"server_time":"2026-04-04T00:00:00"}"#
.to_string()
.into(),
))
.unwrap();
socket.send(Message::Text("0".into())).unwrap();
let callback_frame = match action {
"sgHideBrowserCallAfterLoaded" => {
let target_url = values[2].as_str().expect("navigate target_url should be a string");
json!([
request_url,
"callBackJsToCpp",
format!(
"{request_url}@_@{target_url}@_@sgclaw_cb_{action_count}@_@sgHideBrowserCallAfterLoaded@_@"
)
])
}
"sgBrowserExcuteJsCodeByArea" => {
let target_url = values[2].as_str().expect("script target_url should be a string");
let response_text = if action_count == 2 {
"知乎热榜\n1 问题一 344万热度\n2 问题二 266万热度".to_string()
} else {
r#"{"source":"https://www.zhihu.com/hot","sheet_name":"知乎热榜","columns":["rank","title","heat"],"rows":[[1,"问题一","344万"],[2,"问题二","266万"]]}"#.to_string()
};
json!([
request_url,
"callBackJsToCpp",
format!(
"{request_url}@_@{target_url}@_@sgclaw_cb_{action_count}@_@sgBrowserExcuteJsCodeByArea@_@{response_text}"
)
])
}
other => panic!("unexpected browser action {other}"),
};
socket
.send(Message::Text(callback_frame.to_string().into()))
.unwrap();
if action_count >= 3 {
break;
}
}
socket.close(None).ok();
});
(format!("ws://{address}"), frames, handle)
}
#[test]
fn client_submits_first_user_line_to_service() {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let ws_url = format!("ws://{address}");
let server = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
let mut websocket = accept(stream).unwrap();
let payload = read_ws_text(&mut websocket);
let request: ClientMessage = serde_json::from_str(&payload).unwrap();
websocket
.send(Message::Text(
serde_json::to_string(&ServiceMessage::TaskComplete {
success: true,
summary: "done".to_string(),
})
.unwrap()
.into(),
))
.unwrap();
websocket.close(None).unwrap();
request
});
let mut child = std::process::Command::new(
std::env::var("CARGO_BIN_EXE_sg_claw_client").expect("sg_claw_client test binary path"),
)
.env("SG_CLAW_SERVICE_WS_URL", &ws_url)
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.spawn()
.unwrap();
child
.stdin
.as_mut()
.unwrap()
.write_all("打开百度搜索天气\n".as_bytes())
.unwrap();
let status = child.wait().unwrap();
assert!(status.success());
let request = server.join().unwrap();
assert_eq!(
request,
ClientMessage::SubmitTask {
instruction: "打开百度搜索天气".to_string(),
conversation_id: "".to_string(),
messages: vec![],
page_url: "".to_string(),
page_title: "".to_string(),
}
);
}
#[test]
fn client_sends_connect_request_and_exits_after_status() {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let ws_url = format!("ws://{address}");
let server = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
let mut websocket = accept(stream).unwrap();
let payload = read_ws_text(&mut websocket);
let request: ClientMessage = serde_json::from_str(&payload).unwrap();
websocket
.send(Message::Text(
serde_json::to_string(&ServiceMessage::StatusChanged {
state: "connected".to_string(),
})
.unwrap()
.into(),
))
.unwrap();
websocket
.send(Message::Text(
serde_json::to_string(&ServiceMessage::StatusChanged {
state: "connected again".to_string(),
})
.unwrap()
.into(),
))
.unwrap();
websocket.close(None).unwrap();
request
});
let mut child = std::process::Command::new(
std::env::var("CARGO_BIN_EXE_sg_claw_client").expect("sg_claw_client test binary path"),
)
.env("SG_CLAW_SERVICE_WS_URL", &ws_url)
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.spawn()
.unwrap();
child
.stdin
.as_mut()
.unwrap()
.write_all("/connect\n".as_bytes())
.unwrap();
let output = child.wait_with_output().unwrap();
let request = server.join().unwrap();
assert!(output.status.success());
assert_eq!(request, ClientMessage::Connect);
let stdout = String::from_utf8(output.stdout).unwrap();
assert_eq!(stdout.lines().collect::<Vec<_>>(), vec!["status: connected"]);
}
#[test]
fn client_sends_start_and_stop_requests_with_explicit_commands() {
for (input, expected_request, expected_status) in [
("/start\n", ClientMessage::Start, "status: started"),
("/stop\n", ClientMessage::Stop, "status: stopped"),
] {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let ws_url = format!("ws://{address}");
let expected_state = expected_status.trim_start_matches("status: ").to_string();
let server = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
let mut websocket = accept(stream).unwrap();
let payload = read_ws_text(&mut websocket);
let request: ClientMessage = serde_json::from_str(&payload).unwrap();
websocket
.send(Message::Text(
serde_json::to_string(&ServiceMessage::StatusChanged {
state: expected_state,
})
.unwrap()
.into(),
))
.unwrap();
websocket.close(None).unwrap();
request
});
let mut child = std::process::Command::new(
std::env::var("CARGO_BIN_EXE_sg_claw_client").expect("sg_claw_client test binary path"),
)
.env("SG_CLAW_SERVICE_WS_URL", &ws_url)
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.spawn()
.unwrap();
child
.stdin
.as_mut()
.unwrap()
.write_all(input.as_bytes())
.unwrap();
let output = child.wait_with_output().unwrap();
let request = server.join().unwrap();
assert!(output.status.success());
assert_eq!(request, expected_request);
let stdout = String::from_utf8(output.stdout).unwrap();
assert_eq!(stdout.lines().collect::<Vec<_>>(), vec![expected_status]);
}
}
#[test]
fn client_prints_completion_only_once() {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let ws_url = format!("ws://{address}");
let server = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
let mut websocket = accept(stream).unwrap();
let payload = read_ws_text(&mut websocket);
let request: ClientMessage = serde_json::from_str(&payload).unwrap();
assert_eq!(request.into_submit_task_request().unwrap().instruction, "打开百度搜索天气");
websocket
.send(Message::Text(
serde_json::to_string(&ServiceMessage::TaskComplete {
success: true,
summary: "done".to_string(),
})
.unwrap()
.into(),
))
.unwrap();
websocket
.send(Message::Text(
serde_json::to_string(&ServiceMessage::TaskComplete {
success: true,
summary: "done again".to_string(),
})
.unwrap()
.into(),
))
.unwrap();
websocket.close(None).unwrap();
});
let mut child = std::process::Command::new(
std::env::var("CARGO_BIN_EXE_sg_claw_client").expect("sg_claw_client test binary path"),
)
.env("SG_CLAW_SERVICE_WS_URL", &ws_url)
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.spawn()
.unwrap();
child
.stdin
.as_mut()
.unwrap()
.write_all("打开百度搜索天气\n".as_bytes())
.unwrap();
let output = child.wait_with_output().unwrap();
server.join().unwrap();
assert!(output.status.success());
let stdout = String::from_utf8(output.stdout).unwrap();
assert_eq!(stdout.lines().collect::<Vec<_>>(), vec!["done"]);
}
#[test]
fn client_prints_log_entries_in_order_before_completion() {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let ws_url = format!("ws://{address}");
let server = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
let mut websocket = accept(stream).unwrap();
let payload = read_ws_text(&mut websocket);
let request: ClientMessage = serde_json::from_str(&payload).unwrap();
assert_eq!(request.into_submit_task_request().unwrap().instruction, "打开百度搜索天气");
for message in [
ServiceMessage::LogEntry {
level: "info".to_string(),
message: "step 1".to_string(),
},
ServiceMessage::LogEntry {
level: "info".to_string(),
message: "step 2".to_string(),
},
ServiceMessage::TaskComplete {
success: true,
summary: "done".to_string(),
},
] {
websocket
.send(Message::Text(serde_json::to_string(&message).unwrap().into()))
.unwrap();
}
websocket.close(None).unwrap();
});
let mut child = std::process::Command::new(
std::env::var("CARGO_BIN_EXE_sg_claw_client").expect("sg_claw_client test binary path"),
)
.env("SG_CLAW_SERVICE_WS_URL", &ws_url)
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.spawn()
.unwrap();
child
.stdin
.as_mut()
.unwrap()
.write_all("打开百度搜索天气\n".as_bytes())
.unwrap();
let stdout = child.stdout.take().unwrap();
let (tx, rx) = mpsc::channel();
let reader = thread::spawn(move || {
let reader = BufReader::new(stdout);
for line in reader.lines() {
tx.send(line.unwrap()).unwrap();
}
});
let first = rx.recv_timeout(Duration::from_secs(1)).unwrap();
let second = rx.recv_timeout(Duration::from_secs(1)).unwrap();
let third = rx.recv_timeout(Duration::from_secs(1)).unwrap();
let status = child.wait().unwrap();
reader.join().unwrap();
server.join().unwrap();
assert!(status.success());
assert_eq!(vec![first, second, third], vec!["step 1", "step 2", "done"]);
}
#[test]
fn client_exits_with_failure_when_service_disconnects_before_completion() {
let listener = TcpListener::bind("127.0.0.1:0").unwrap();
let address = listener.local_addr().unwrap();
let ws_url = format!("ws://{address}");
let server = thread::spawn(move || {
let (stream, _) = listener.accept().unwrap();
let mut websocket = accept(stream).unwrap();
let payload = read_ws_text(&mut websocket);
let request: ClientMessage = serde_json::from_str(&payload).unwrap();
websocket.close(None).unwrap();
request
});
let mut child = std::process::Command::new(
std::env::var("CARGO_BIN_EXE_sg_claw_client").expect("sg_claw_client test binary path"),
)
.env("SG_CLAW_SERVICE_WS_URL", &ws_url)
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.spawn()
.unwrap();
child
.stdin
.as_mut()
.unwrap()
.write_all("打开百度搜索天气\n".as_bytes())
.unwrap();
let status = child.wait().unwrap();
assert!(!status.success());
let request = server.join().unwrap();
assert_eq!(request.into_submit_task_request().unwrap().instruction, "打开百度搜索天气");
}
#[test]
fn client_to_service_regression_routes_zhihu_through_callback_host_without_invalid_hmac_seed_output() {
let service_listener = TcpListener::bind("127.0.0.1:0").unwrap();
let service_addr = service_listener.local_addr().unwrap();
drop(service_listener);
let (event_tx, event_rx) = mpsc::channel();
let (browser_ws_url, browser_server) = start_callback_host_hotlist_browser_server(event_tx);
let root = std::env::temp_dir().join(format!("sgclaw-service-task-flow-{}", uuid::Uuid::new_v4()));
std::fs::create_dir_all(&root).unwrap();
let config_path = root.join("sgclaw_config.json");
std::fs::write(
&config_path,
format!(
r#"{{
"apiKey": "sk-runtime",
"baseUrl": "http://127.0.0.1:9",
"model": "deepseek-chat",
"skillsDir": "{TEST_ZHIHU_SKILLS_DIR}",
"browserWsUrl": "{browser_ws_url}",
"serviceWsListenAddr": "{service_addr}"
}}"#
),
)
.unwrap();
let mut service = std::process::Command::new(
std::env::var("CARGO_BIN_EXE_sg_claw").expect("sg_claw test binary path"),
)
.env("SGCLAW_DISABLE_POST_EXPORT_OPEN", "1")
.arg("--config-path")
.arg(&config_path)
.stdout(std::process::Stdio::piped())
.stderr(std::process::Stdio::piped())
.spawn()
.unwrap();
let ws_url = format!("ws://{service_addr}");
let ready_deadline = Instant::now() + Duration::from_secs(2);
let mut service_stderr_boot = String::new();
while Instant::now() < ready_deadline {
if let Some(stream) = service.stderr.as_mut() {
let mut buf = [0_u8; 1024];
match stream.read(&mut buf) {
Ok(0) => {}
Ok(n) => {
service_stderr_boot.push_str(&String::from_utf8_lossy(&buf[..n]));
if service_stderr_boot.contains("sg_claw ready:") {
break;
}
}
Err(_) => {}
}
}
if service.try_wait().unwrap().is_some() {
break;
}
thread::sleep(Duration::from_millis(20));
}
assert!(
service_stderr_boot.contains("sg_claw ready:"),
"service did not report readiness; stderr={service_stderr_boot}"
);
let mut client = std::process::Command::new(
std::env::var("CARGO_BIN_EXE_sg_claw_client").expect("sg_claw_client test binary path"),
)
.env("SG_CLAW_SERVICE_WS_URL", &ws_url)
.env("SGCLAW_DISABLE_POST_EXPORT_OPEN", "1")
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.stderr(std::process::Stdio::piped())
.spawn()
.unwrap();
client
.stdin
.as_mut()
.unwrap()
.write_all("打开知乎热榜获取前10条数据并导出 Excel\n".as_bytes())
.unwrap();
let client_output = client.wait_with_output().unwrap();
browser_server.join().unwrap();
let register = event_rx.recv_timeout(Duration::from_secs(2)).unwrap();
let bootstrap = event_rx.recv_timeout(Duration::from_secs(2)).unwrap();
let pre_ready = event_rx.recv_timeout(Duration::from_secs(2)).unwrap();
let open_page = event_rx.recv_timeout(Duration::from_secs(4)).unwrap();
let get_text = event_rx.recv_timeout(Duration::from_secs(4)).unwrap();
let eval = event_rx.recv_timeout(Duration::from_secs(4)).unwrap();
let exit_deadline = Instant::now() + Duration::from_secs(1);
let mut service_status = None;
while Instant::now() < exit_deadline {
if let Some(status) = service.try_wait().unwrap() {
service_status = Some(status);
break;
}
thread::sleep(Duration::from_millis(20));
}
if service_status.is_none() {
service.kill().unwrap();
let _ = service.wait();
}
let service_stdout = service
.stdout
.take()
.map(|mut stream| {
let mut buf = Vec::new();
let _ = stream.read_to_end(&mut buf);
String::from_utf8_lossy(&buf).into_owned()
})
.unwrap_or_default();
let service_stderr = service
.stderr
.take()
.map(|mut stream| {
let mut buf = Vec::new();
let _ = stream.read_to_end(&mut buf);
String::from_utf8_lossy(&buf).into_owned()
})
.unwrap_or_default();
let client_stdout = String::from_utf8_lossy(&client_output.stdout).into_owned();
let client_stderr = String::from_utf8_lossy(&client_output.stderr).into_owned();
let combined_output = format!("{client_stdout}\n{client_stderr}\n{service_stdout}\n{service_stderr}");
let register = match register {
CallbackHostBrowserEvent::BrowserFrame(value) => value,
other => panic!("expected register browser frame, got {other:?}"),
};
assert_eq!(register, json!({ "type": "register", "role": "web" }));
let bootstrap = match bootstrap {
CallbackHostBrowserEvent::BrowserFrame(value) => value,
other => panic!("expected helper bootstrap frame, got {other:?}"),
};
assert_eq!(bootstrap[0], json!("https://www.zhihu.com"));
assert_eq!(bootstrap[1], json!("sgBrowerserOpenPage"));
assert!(bootstrap[2]
.as_str()
.is_some_and(|url| url.ends_with("/sgclaw/browser-helper.html")));
let pre_ready = match pre_ready {
CallbackHostBrowserEvent::CommandEnvelope(value) => value,
other => panic!("expected pre-ready command envelope, got {other:?}"),
};
assert_eq!(pre_ready, json!({ "ok": false, "command": null }));
let open_page = match open_page {
CallbackHostBrowserEvent::CommandEnvelope(value) => value,
other => panic!("expected open-page command envelope, got {other:?}"),
};
assert_eq!(open_page["command"]["action"], json!("sgBrowerserOpenPage"));
assert_eq!(open_page["command"]["args"][0], json!("https://www.zhihu.com/hot"));
let get_text = match get_text {
CallbackHostBrowserEvent::CommandEnvelope(value) => value,
other => panic!("expected getText command envelope, got {other:?}"),
};
assert_eq!(get_text["command"]["action"], json!("sgBrowserExcuteJsCodeByDomain"));
assert_eq!(get_text["command"]["args"][0], json!("www.zhihu.com"));
assert!(get_text["command"]["args"][1]
.as_str()
.is_some_and(|script| script.contains("sgclawOnGetText")));
let eval = match eval {
CallbackHostBrowserEvent::CommandEnvelope(value) => value,
other => panic!("expected eval command envelope, got {other:?}"),
};
assert_eq!(eval["command"]["action"], json!("sgBrowserExcuteJsCodeByDomain"));
assert_eq!(eval["command"]["args"][0], json!("www.zhihu.com"));
assert!(eval["command"]["args"][1]
.as_str()
.is_some_and(|script| script.contains("sgclawOnEval")));
assert!(client_output.status.success());
assert!(client_stdout.contains("已导出并打开知乎热榜 Excel"), "client stdout={client_stdout}");
assert!(client_stdout.contains(".xlsx"), "client stdout={client_stdout}");
assert!(
!combined_output.contains("invalid hmac seed: session key must not be empty"),
"target behavior must avoid the invalid hmac seed failure; combined_output={combined_output}"
);
assert!(
!combined_output.contains(RUNTIME_DROP_PANIC_TEXT),
"target behavior must avoid the runtime-drop panic; combined_output={combined_output}"
);
}

1509
tests/service_ws_session_test.rs Normal file
View File

File diff suppressed because it is too large Load Diff

Some files were not shown because too many files have changed in this diff Show More