commit 9f273bcc70918038d1931d96095c5820f9631454 Author: zhaoyilun Date: Sun Jul 5 00:44:28 2026 +0800 Initial iSphere AI bridge prompts diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..6f044d2 --- /dev/null +++ b/.gitignore @@ -0,0 +1,20 @@ +evidence/* +!evidence/.gitkeep +runs/* +!runs/.gitkeep +*.log +*.pcap +*.pcapng +*.har +*.db +*.sqlite +*.sqlite3 +*.ldb +*.bak +*.tmp +node_modules/ +bin/ +obj/ +dist/ +__pycache__/ +.venv/ diff --git a/README.md b/README.md new file mode 100644 index 0000000..98c381c --- /dev/null +++ b/README.md @@ -0,0 +1,39 @@ +# iSphere AI Bridge + +This project is for building a safe message-handoff gateway between iSphere/IMPlatformClient and AI digital employees. + +The first goal is not full automation. The first goal is to let AI reliably see authorized messages, normalize them, generate reply drafts, and keep evidence. Sending messages is a later step and must stay behind human approval until explicitly changed. + +## Scope + +- Authorized company communication software only. +- Read messages first; do not modify the original client state in the first POC. +- Prefer stable entry points in this order: + 1. Local data/log/cache discovery. + 2. Plugin or existing bridge API. + 3. UI automation/RPA wrapper. + 4. Network/API discovery. + 5. Binary reverse engineering only when needed to explain or validate the above. + +## Existing Source Material + +- Previous iSphere work: `E:\coding\codex\isphere` +- Installer: `E:\coding\codex\isphere\iSphere_4.1.2.6841.exe` +- Existing bridge artifacts: `OpenClawBridge`, `MockCloud`, `XmppBridgeService` +- Existing MCP spec: `E:\coding\codex\isphere\docs\MCP接口需求规格.md` + +## Key Directories + +- `docs/` - design notes and installed skill map. +- `prompts/` - ready-to-use Codex prompts for each investigation phase. +- `evidence/` - local evidence output; ignored by Git except `.gitkeep`. +- `runs/` - run logs and temporary investigation outputs; ignored by Git except `.gitkeep`. +- `src/` - future implementation code. + +## Safety Baseline + +- Do not bypass login, licensing, MFA, access control, TLS protections, or endpoint security. +- Do not read non-authorized account data. +- Do not send real messages without explicit human approval. +- Do not modify production databases, logs, config files, registry keys, or binaries during discovery. +- Redact secrets, tokens, private message content, and personal data in reports. diff --git a/docs/design.md b/docs/design.md new file mode 100644 index 0000000..6dd853e --- /dev/null +++ b/docs/design.md @@ -0,0 +1,63 @@ +# iSphere AI Bridge Design + +## Objective + +Make iSphere messages usable by AI digital employees without rebuilding the full communication platform. + +## First POC + +The first POC reads recent authorized messages, converts them into a normalized JSON model, generates draft replies, and records evidence. It does not automatically send messages. + +## Architecture + +```text +iSphere / MockCloud / existing bridge + -> source connector + -> message adapter + -> AI draft worker + -> human review + -> evidence log +``` + +## Source Connectors + +1. Local data connector: reads local databases, logs, or caches in read-only mode. +2. Existing bridge connector: talks to `OpenClawBridge` or `XmppBridgeService` when available. +3. UI/RPA connector: wraps the desktop client with limited actions. +4. Network connector: wraps discovered HTTP/SOAP/XMPP/WebSocket APIs when validated. + +## Normalized Message Model + +```json +{ + "message_id": "string", + "conversation_id": "string", + "conversation_name": "string", + "conversation_type": "direct|group|system", + "sender_id": "string", + "sender_name": "string", + "content_type": "text|image|file|rich|notify", + "content_text": "string", + "attachments": [], + "created_at": "ISO-8601 or Unix ms", + "received_at": "ISO-8601 or Unix ms", + "source": "local-db|log|plugin|xmpp|http|rpa|mock", + "raw_ref": "path/table/packet/window reference" +} +``` + +## Approval Policy + +- Read access can be automated in test scope. +- Draft generation can be automated. +- Sending messages requires human approval in the first implementation. +- Every send action must log target, content hash, timestamp, approver, and connector. + +## Verification + +The project is successful when it can: + +1. Find at least one stable authorized message source. +2. Extract recent messages into normalized JSON. +3. Generate a reply draft. +4. Produce an evidence report with exact paths, commands, and limits. diff --git a/docs/installed-skills.md b/docs/installed-skills.md new file mode 100644 index 0000000..1d7a0cb --- /dev/null +++ b/docs/installed-skills.md @@ -0,0 +1,46 @@ +# Installed Skills + +## Official Curated Skills Installed + +- `aspnet-core` +- `cli-creator` +- `security-best-practices` +- `security-threat-model` +- `playwright-interactive` + +Codex must be restarted before newly installed skills are available in a fresh skills list. + +## Project-Specific Skills Created + +General reverse engineering: + +- `binary-triage` +- `ghidra-static-analysis` +- `decompiler-cleanup` +- `android-apk-analysis` +- `frida-observation-plan` +- `legacy-code-reverse-doc` +- `reverse-report` + +iSphere / communication handoff: + +- `comm-app-inventory` +- `local-data-discovery` +- `ui-automation-feasibility` +- `network-protocol-discovery` +- `rpa-wrapper-builder` +- `message-adapter-design` +- `reverse-evidence-report` + +## Suggested Order For This Project + +1. `comm-app-inventory` +2. `local-data-discovery` +3. `ui-automation-feasibility` +4. `message-adapter-design` +5. `reverse-evidence-report` +6. `network-protocol-discovery` +7. `binary-triage` +8. `ghidra-static-analysis` +9. `decompiler-cleanup` +10. `rpa-wrapper-builder` diff --git a/evidence/.gitkeep b/evidence/.gitkeep new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/evidence/.gitkeep @@ -0,0 +1 @@ + diff --git a/prompts/00-master-prompt.md b/prompts/00-master-prompt.md new file mode 100644 index 0000000..e9d1647 --- /dev/null +++ b/prompts/00-master-prompt.md @@ -0,0 +1,31 @@ +# Master Prompt + +Use this prompt to start a new focused Codex thread. + +```text +目标:建设 `E:\coding\codex\isphere-ai-bridge`,让 AI 数字员工安全接管 iSphere/IMPlatformClient 消息。 + +请先使用相关 skill: +- `comm-app-inventory` +- `local-data-discovery` +- `ui-automation-feasibility` +- `message-adapter-design` +- `reverse-evidence-report` + +已有材料: +- 旧项目:`E:\coding\codex\isphere` +- 安装包:`E:\coding\codex\isphere\iSphere_4.1.2.6841.exe` +- 已有桥接:`OpenClawBridge`、`MockCloud`、`XmppBridgeService` +- MCP 规格:`E:\coding\codex\isphere\docs\MCP接口需求规格.md` +- 新项目:`E:\coding\codex\isphere-ai-bridge` + +边界: +- 只分析授权软件和授权账号。 +- 第一阶段只读消息、生成草稿,不自动发送。 +- 不绕过登录、授权、MFA、TLS、终端安全或许可控制。 +- 不修改生产客户端数据库、配置、注册表、二进制文件。 +- 证据报告要写清楚路径、命令、结果、置信度和未确认项。 +- 遵守工作区 AGENTS.md:不要使用 rg;优先 git ls-files、ag、grep -R。 + +请先做入口摸底,判断最适合第一版 POC 的消息读取路径:本地数据、现有桥接、UI 自动化、网络接口,还是二进制逆向。 +``` diff --git a/prompts/01-inventory.md b/prompts/01-inventory.md new file mode 100644 index 0000000..e12da69 --- /dev/null +++ b/prompts/01-inventory.md @@ -0,0 +1,21 @@ +# Prompt: Communication App Inventory + +```text +请使用 `comm-app-inventory` 对 iSphere/IMPlatformClient 做只读资产摸底。 + +重点检查: +- `E:\coding\codex\isphere` +- `E:\coding\codex\isphere\iSphere_4.1.2.6841.exe` +- 当前 Windows 安装项、快捷方式、进程、服务、计划任务 +- `Documents\isphere` +- `%LOCALAPPDATA%`、`%APPDATA%`、`%PROGRAMDATA%` +- `Temp\importal`、`Temp\opencode` +- 插件目录、日志目录、配置目录、本地端口 + +不要运行未知 exe,不要修改任何文件。输出: +1. 已确认路径 +2. 运行时进程/端口 +3. 数据/日志/配置候选 +4. 插件/API/RPA 入口候选 +5. 下一步建议 +``` diff --git a/prompts/02-local-data-discovery.md b/prompts/02-local-data-discovery.md new file mode 100644 index 0000000..45f4cbd --- /dev/null +++ b/prompts/02-local-data-discovery.md @@ -0,0 +1,13 @@ +# Prompt: Local Data Discovery + +```text +请使用 `local-data-discovery`,基于入口摸底结果查找 iSphere 可只读读取的消息、联系人、群组、附件、日志和缓存数据。 + +要求: +- 只读,不写库,不改状态,不标记已读。 +- 优先 SQLite、LevelDB、XML、JSON、日志。 +- 如果遇到加密日志,只报告证据、格式和可能的解密类,不做未授权绕过。 +- 输出 3-5 条可脱敏的标准化 JSON 样例;如果没有可读消息,说明阻塞点。 + +目标:判断第一版数字员工能否不通过发送接口就“看见消息”。 +``` diff --git a/prompts/03-ui-automation-feasibility.md b/prompts/03-ui-automation-feasibility.md new file mode 100644 index 0000000..274e62d --- /dev/null +++ b/prompts/03-ui-automation-feasibility.md @@ -0,0 +1,19 @@ +# Prompt: UI Automation Feasibility + +```text +请使用 `ui-automation-feasibility` 评估 iSphere 客户端是否能被 RPA/UI 自动化接管。 + +重点: +- 判断 UI 技术栈:Win32、WinForms、WPF、Qt、Electron、WebView、Java、自绘。 +- 检查消息列表、会话搜索、输入框、发送按钮、附件按钮能否稳定识别。 +- 优先 FlaUI / pywinauto;如果是 WebView 再考虑 Playwright。 +- 不发送真实消息,不输入账号密码,不改设置。 + +输出: +1. 控件树可读性 +2. 读取消息可行性 +3. 写草稿/发送可行性 +4. 推荐工具 +5. 稳定性评分 A/B/C/D +6. 最小 RPA wrapper 动作清单 +``` diff --git a/prompts/04-network-protocol-discovery.md b/prompts/04-network-protocol-discovery.md new file mode 100644 index 0000000..924c79c --- /dev/null +++ b/prompts/04-network-protocol-discovery.md @@ -0,0 +1,18 @@ +# Prompt: Network Protocol Discovery + +```text +请使用 `network-protocol-discovery`,在用户明确批准抓包或代理前,只做只读网络线索整理。 + +先检查: +- iSphere 配置里的服务器、端口、协议名 +- 现有 `MockCloud` / `XmppBridgeService` / `OpenClawBridge` 代码里的 SOAP、XMPP、HTTP 端点 +- 本地监听端口和进程对应关系 +- 日志中出现的接口、域名、JID、XMPP、SOAP、WebSocket 线索 + +不要绕过 TLS、登录、授权或终端安全。输出: +1. 观察到的协议和端口 +2. 候选接口 +3. 消息收发路径证据 +4. 是否适合包装成内部 API +5. 需要用户批准的下一步抓包/测试动作 +``` diff --git a/prompts/05-message-adapter-poc.md b/prompts/05-message-adapter-poc.md new file mode 100644 index 0000000..45ccfd1 --- /dev/null +++ b/prompts/05-message-adapter-poc.md @@ -0,0 +1,27 @@ +# Prompt: Message Adapter POC + +```text +请使用 `message-adapter-design`,为 `E:\coding\codex\isphere-ai-bridge` 设计第一版消息适配器。 + +输入来源要能兼容: +- 本地数据读取 +- OpenClawBridge HTTP API +- XmppBridgeService HTTP API +- RPA wrapper +- MockCloud 演示环境 + +第一版只实现: +- list_messages +- watch_messages 或 poll_messages +- generate_draft 的输入输出契约 +- archive_evidence + +不要实现自动发送。发送动作只保留接口草案 `send_after_approval`。 + +输出: +1. TypeScript 或 C# 数据模型建议 +2. Connector 接口 +3. Evidence log 结构 +4. 最小目录结构 +5. 第一轮测试用例 +``` diff --git a/prompts/06-rpa-wrapper.md b/prompts/06-rpa-wrapper.md new file mode 100644 index 0000000..4222401 --- /dev/null +++ b/prompts/06-rpa-wrapper.md @@ -0,0 +1,28 @@ +# Prompt: RPA Wrapper Builder + +```text +请使用 `rpa-wrapper-builder`,基于 UI 自动化评估结果设计 iSphere 的受控 RPA 包装层。 + +目标不是让 AI 自由操作鼠标键盘,而是封装有限动作: +- read_latest_messages(limit) +- search_contact(query) +- open_conversation(id_or_name) +- write_draft(text) +- send_after_approval(approval_id) +- upload_file(path) +- mark_processed(message_id) + +要求: +- 发送真实消息必须人工确认。 +- 每个动作要有前置校验、结果校验和日志。 +- 优先控件 ID / automation id / role,不优先坐标。 +- 坐标和 OCR 只能作为最后兜底。 + +输出: +1. wrapper action contract +2. selector strategy +3. approval gates +4. failure recovery +5. audit log fields +6. POC 实现计划 +``` diff --git a/prompts/07-reverse-deep-dive.md b/prompts/07-reverse-deep-dive.md new file mode 100644 index 0000000..9dd1e34 --- /dev/null +++ b/prompts/07-reverse-deep-dive.md @@ -0,0 +1,27 @@ +# Prompt: Reverse Deep Dive + +```text +只有在本地数据、现有桥接、UI 自动化、网络接口都不足以支撑 POC 时,才进入这个阶段。 + +请按顺序使用: +- `binary-triage` +- `ghidra-static-analysis` +- `decompiler-cleanup` +- `reverse-report` + +目标不是破解客户端,而是解释: +- 消息数据库/日志路径 +- 配置加载逻辑 +- 插件加载逻辑 +- XMPP/SOAP/HTTP 接口线索 +- 消息收发函数 +- 文件上传下载路径 + +禁止: +- 绕过登录或授权 +- patch 授权逻辑 +- 生成隐藏注入或规避检测脚本 +- 修改生产二进制 + +输出必须包含文件路径、hash、函数名、地址、字符串交叉引用、置信度和下一步验证方法。 +``` diff --git a/runs/.gitkeep b/runs/.gitkeep new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/runs/.gitkeep @@ -0,0 +1 @@ +