Initial iSphere AI bridge prompts
This commit is contained in:
20
.gitignore
vendored
Normal file
20
.gitignore
vendored
Normal file
@@ -0,0 +1,20 @@
|
||||
evidence/*
|
||||
!evidence/.gitkeep
|
||||
runs/*
|
||||
!runs/.gitkeep
|
||||
*.log
|
||||
*.pcap
|
||||
*.pcapng
|
||||
*.har
|
||||
*.db
|
||||
*.sqlite
|
||||
*.sqlite3
|
||||
*.ldb
|
||||
*.bak
|
||||
*.tmp
|
||||
node_modules/
|
||||
bin/
|
||||
obj/
|
||||
dist/
|
||||
__pycache__/
|
||||
.venv/
|
||||
39
README.md
Normal file
39
README.md
Normal file
@@ -0,0 +1,39 @@
|
||||
# iSphere AI Bridge
|
||||
|
||||
This project is for building a safe message-handoff gateway between iSphere/IMPlatformClient and AI digital employees.
|
||||
|
||||
The first goal is not full automation. The first goal is to let AI reliably see authorized messages, normalize them, generate reply drafts, and keep evidence. Sending messages is a later step and must stay behind human approval until explicitly changed.
|
||||
|
||||
## Scope
|
||||
|
||||
- Authorized company communication software only.
|
||||
- Read messages first; do not modify the original client state in the first POC.
|
||||
- Prefer stable entry points in this order:
|
||||
1. Local data/log/cache discovery.
|
||||
2. Plugin or existing bridge API.
|
||||
3. UI automation/RPA wrapper.
|
||||
4. Network/API discovery.
|
||||
5. Binary reverse engineering only when needed to explain or validate the above.
|
||||
|
||||
## Existing Source Material
|
||||
|
||||
- Previous iSphere work: `E:\coding\codex\isphere`
|
||||
- Installer: `E:\coding\codex\isphere\iSphere_4.1.2.6841.exe`
|
||||
- Existing bridge artifacts: `OpenClawBridge`, `MockCloud`, `XmppBridgeService`
|
||||
- Existing MCP spec: `E:\coding\codex\isphere\docs\MCP接口需求规格.md`
|
||||
|
||||
## Key Directories
|
||||
|
||||
- `docs/` - design notes and installed skill map.
|
||||
- `prompts/` - ready-to-use Codex prompts for each investigation phase.
|
||||
- `evidence/` - local evidence output; ignored by Git except `.gitkeep`.
|
||||
- `runs/` - run logs and temporary investigation outputs; ignored by Git except `.gitkeep`.
|
||||
- `src/` - future implementation code.
|
||||
|
||||
## Safety Baseline
|
||||
|
||||
- Do not bypass login, licensing, MFA, access control, TLS protections, or endpoint security.
|
||||
- Do not read non-authorized account data.
|
||||
- Do not send real messages without explicit human approval.
|
||||
- Do not modify production databases, logs, config files, registry keys, or binaries during discovery.
|
||||
- Redact secrets, tokens, private message content, and personal data in reports.
|
||||
63
docs/design.md
Normal file
63
docs/design.md
Normal file
@@ -0,0 +1,63 @@
|
||||
# iSphere AI Bridge Design
|
||||
|
||||
## Objective
|
||||
|
||||
Make iSphere messages usable by AI digital employees without rebuilding the full communication platform.
|
||||
|
||||
## First POC
|
||||
|
||||
The first POC reads recent authorized messages, converts them into a normalized JSON model, generates draft replies, and records evidence. It does not automatically send messages.
|
||||
|
||||
## Architecture
|
||||
|
||||
```text
|
||||
iSphere / MockCloud / existing bridge
|
||||
-> source connector
|
||||
-> message adapter
|
||||
-> AI draft worker
|
||||
-> human review
|
||||
-> evidence log
|
||||
```
|
||||
|
||||
## Source Connectors
|
||||
|
||||
1. Local data connector: reads local databases, logs, or caches in read-only mode.
|
||||
2. Existing bridge connector: talks to `OpenClawBridge` or `XmppBridgeService` when available.
|
||||
3. UI/RPA connector: wraps the desktop client with limited actions.
|
||||
4. Network connector: wraps discovered HTTP/SOAP/XMPP/WebSocket APIs when validated.
|
||||
|
||||
## Normalized Message Model
|
||||
|
||||
```json
|
||||
{
|
||||
"message_id": "string",
|
||||
"conversation_id": "string",
|
||||
"conversation_name": "string",
|
||||
"conversation_type": "direct|group|system",
|
||||
"sender_id": "string",
|
||||
"sender_name": "string",
|
||||
"content_type": "text|image|file|rich|notify",
|
||||
"content_text": "string",
|
||||
"attachments": [],
|
||||
"created_at": "ISO-8601 or Unix ms",
|
||||
"received_at": "ISO-8601 or Unix ms",
|
||||
"source": "local-db|log|plugin|xmpp|http|rpa|mock",
|
||||
"raw_ref": "path/table/packet/window reference"
|
||||
}
|
||||
```
|
||||
|
||||
## Approval Policy
|
||||
|
||||
- Read access can be automated in test scope.
|
||||
- Draft generation can be automated.
|
||||
- Sending messages requires human approval in the first implementation.
|
||||
- Every send action must log target, content hash, timestamp, approver, and connector.
|
||||
|
||||
## Verification
|
||||
|
||||
The project is successful when it can:
|
||||
|
||||
1. Find at least one stable authorized message source.
|
||||
2. Extract recent messages into normalized JSON.
|
||||
3. Generate a reply draft.
|
||||
4. Produce an evidence report with exact paths, commands, and limits.
|
||||
46
docs/installed-skills.md
Normal file
46
docs/installed-skills.md
Normal file
@@ -0,0 +1,46 @@
|
||||
# Installed Skills
|
||||
|
||||
## Official Curated Skills Installed
|
||||
|
||||
- `aspnet-core`
|
||||
- `cli-creator`
|
||||
- `security-best-practices`
|
||||
- `security-threat-model`
|
||||
- `playwright-interactive`
|
||||
|
||||
Codex must be restarted before newly installed skills are available in a fresh skills list.
|
||||
|
||||
## Project-Specific Skills Created
|
||||
|
||||
General reverse engineering:
|
||||
|
||||
- `binary-triage`
|
||||
- `ghidra-static-analysis`
|
||||
- `decompiler-cleanup`
|
||||
- `android-apk-analysis`
|
||||
- `frida-observation-plan`
|
||||
- `legacy-code-reverse-doc`
|
||||
- `reverse-report`
|
||||
|
||||
iSphere / communication handoff:
|
||||
|
||||
- `comm-app-inventory`
|
||||
- `local-data-discovery`
|
||||
- `ui-automation-feasibility`
|
||||
- `network-protocol-discovery`
|
||||
- `rpa-wrapper-builder`
|
||||
- `message-adapter-design`
|
||||
- `reverse-evidence-report`
|
||||
|
||||
## Suggested Order For This Project
|
||||
|
||||
1. `comm-app-inventory`
|
||||
2. `local-data-discovery`
|
||||
3. `ui-automation-feasibility`
|
||||
4. `message-adapter-design`
|
||||
5. `reverse-evidence-report`
|
||||
6. `network-protocol-discovery`
|
||||
7. `binary-triage`
|
||||
8. `ghidra-static-analysis`
|
||||
9. `decompiler-cleanup`
|
||||
10. `rpa-wrapper-builder`
|
||||
1
evidence/.gitkeep
Normal file
1
evidence/.gitkeep
Normal file
@@ -0,0 +1 @@
|
||||
|
||||
31
prompts/00-master-prompt.md
Normal file
31
prompts/00-master-prompt.md
Normal file
@@ -0,0 +1,31 @@
|
||||
# Master Prompt
|
||||
|
||||
Use this prompt to start a new focused Codex thread.
|
||||
|
||||
```text
|
||||
目标:建设 `E:\coding\codex\isphere-ai-bridge`,让 AI 数字员工安全接管 iSphere/IMPlatformClient 消息。
|
||||
|
||||
请先使用相关 skill:
|
||||
- `comm-app-inventory`
|
||||
- `local-data-discovery`
|
||||
- `ui-automation-feasibility`
|
||||
- `message-adapter-design`
|
||||
- `reverse-evidence-report`
|
||||
|
||||
已有材料:
|
||||
- 旧项目:`E:\coding\codex\isphere`
|
||||
- 安装包:`E:\coding\codex\isphere\iSphere_4.1.2.6841.exe`
|
||||
- 已有桥接:`OpenClawBridge`、`MockCloud`、`XmppBridgeService`
|
||||
- MCP 规格:`E:\coding\codex\isphere\docs\MCP接口需求规格.md`
|
||||
- 新项目:`E:\coding\codex\isphere-ai-bridge`
|
||||
|
||||
边界:
|
||||
- 只分析授权软件和授权账号。
|
||||
- 第一阶段只读消息、生成草稿,不自动发送。
|
||||
- 不绕过登录、授权、MFA、TLS、终端安全或许可控制。
|
||||
- 不修改生产客户端数据库、配置、注册表、二进制文件。
|
||||
- 证据报告要写清楚路径、命令、结果、置信度和未确认项。
|
||||
- 遵守工作区 AGENTS.md:不要使用 rg;优先 git ls-files、ag、grep -R。
|
||||
|
||||
请先做入口摸底,判断最适合第一版 POC 的消息读取路径:本地数据、现有桥接、UI 自动化、网络接口,还是二进制逆向。
|
||||
```
|
||||
21
prompts/01-inventory.md
Normal file
21
prompts/01-inventory.md
Normal file
@@ -0,0 +1,21 @@
|
||||
# Prompt: Communication App Inventory
|
||||
|
||||
```text
|
||||
请使用 `comm-app-inventory` 对 iSphere/IMPlatformClient 做只读资产摸底。
|
||||
|
||||
重点检查:
|
||||
- `E:\coding\codex\isphere`
|
||||
- `E:\coding\codex\isphere\iSphere_4.1.2.6841.exe`
|
||||
- 当前 Windows 安装项、快捷方式、进程、服务、计划任务
|
||||
- `Documents\isphere`
|
||||
- `%LOCALAPPDATA%`、`%APPDATA%`、`%PROGRAMDATA%`
|
||||
- `Temp\importal`、`Temp\opencode`
|
||||
- 插件目录、日志目录、配置目录、本地端口
|
||||
|
||||
不要运行未知 exe,不要修改任何文件。输出:
|
||||
1. 已确认路径
|
||||
2. 运行时进程/端口
|
||||
3. 数据/日志/配置候选
|
||||
4. 插件/API/RPA 入口候选
|
||||
5. 下一步建议
|
||||
```
|
||||
13
prompts/02-local-data-discovery.md
Normal file
13
prompts/02-local-data-discovery.md
Normal file
@@ -0,0 +1,13 @@
|
||||
# Prompt: Local Data Discovery
|
||||
|
||||
```text
|
||||
请使用 `local-data-discovery`,基于入口摸底结果查找 iSphere 可只读读取的消息、联系人、群组、附件、日志和缓存数据。
|
||||
|
||||
要求:
|
||||
- 只读,不写库,不改状态,不标记已读。
|
||||
- 优先 SQLite、LevelDB、XML、JSON、日志。
|
||||
- 如果遇到加密日志,只报告证据、格式和可能的解密类,不做未授权绕过。
|
||||
- 输出 3-5 条可脱敏的标准化 JSON 样例;如果没有可读消息,说明阻塞点。
|
||||
|
||||
目标:判断第一版数字员工能否不通过发送接口就“看见消息”。
|
||||
```
|
||||
19
prompts/03-ui-automation-feasibility.md
Normal file
19
prompts/03-ui-automation-feasibility.md
Normal file
@@ -0,0 +1,19 @@
|
||||
# Prompt: UI Automation Feasibility
|
||||
|
||||
```text
|
||||
请使用 `ui-automation-feasibility` 评估 iSphere 客户端是否能被 RPA/UI 自动化接管。
|
||||
|
||||
重点:
|
||||
- 判断 UI 技术栈:Win32、WinForms、WPF、Qt、Electron、WebView、Java、自绘。
|
||||
- 检查消息列表、会话搜索、输入框、发送按钮、附件按钮能否稳定识别。
|
||||
- 优先 FlaUI / pywinauto;如果是 WebView 再考虑 Playwright。
|
||||
- 不发送真实消息,不输入账号密码,不改设置。
|
||||
|
||||
输出:
|
||||
1. 控件树可读性
|
||||
2. 读取消息可行性
|
||||
3. 写草稿/发送可行性
|
||||
4. 推荐工具
|
||||
5. 稳定性评分 A/B/C/D
|
||||
6. 最小 RPA wrapper 动作清单
|
||||
```
|
||||
18
prompts/04-network-protocol-discovery.md
Normal file
18
prompts/04-network-protocol-discovery.md
Normal file
@@ -0,0 +1,18 @@
|
||||
# Prompt: Network Protocol Discovery
|
||||
|
||||
```text
|
||||
请使用 `network-protocol-discovery`,在用户明确批准抓包或代理前,只做只读网络线索整理。
|
||||
|
||||
先检查:
|
||||
- iSphere 配置里的服务器、端口、协议名
|
||||
- 现有 `MockCloud` / `XmppBridgeService` / `OpenClawBridge` 代码里的 SOAP、XMPP、HTTP 端点
|
||||
- 本地监听端口和进程对应关系
|
||||
- 日志中出现的接口、域名、JID、XMPP、SOAP、WebSocket 线索
|
||||
|
||||
不要绕过 TLS、登录、授权或终端安全。输出:
|
||||
1. 观察到的协议和端口
|
||||
2. 候选接口
|
||||
3. 消息收发路径证据
|
||||
4. 是否适合包装成内部 API
|
||||
5. 需要用户批准的下一步抓包/测试动作
|
||||
```
|
||||
27
prompts/05-message-adapter-poc.md
Normal file
27
prompts/05-message-adapter-poc.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# Prompt: Message Adapter POC
|
||||
|
||||
```text
|
||||
请使用 `message-adapter-design`,为 `E:\coding\codex\isphere-ai-bridge` 设计第一版消息适配器。
|
||||
|
||||
输入来源要能兼容:
|
||||
- 本地数据读取
|
||||
- OpenClawBridge HTTP API
|
||||
- XmppBridgeService HTTP API
|
||||
- RPA wrapper
|
||||
- MockCloud 演示环境
|
||||
|
||||
第一版只实现:
|
||||
- list_messages
|
||||
- watch_messages 或 poll_messages
|
||||
- generate_draft 的输入输出契约
|
||||
- archive_evidence
|
||||
|
||||
不要实现自动发送。发送动作只保留接口草案 `send_after_approval`。
|
||||
|
||||
输出:
|
||||
1. TypeScript 或 C# 数据模型建议
|
||||
2. Connector 接口
|
||||
3. Evidence log 结构
|
||||
4. 最小目录结构
|
||||
5. 第一轮测试用例
|
||||
```
|
||||
28
prompts/06-rpa-wrapper.md
Normal file
28
prompts/06-rpa-wrapper.md
Normal file
@@ -0,0 +1,28 @@
|
||||
# Prompt: RPA Wrapper Builder
|
||||
|
||||
```text
|
||||
请使用 `rpa-wrapper-builder`,基于 UI 自动化评估结果设计 iSphere 的受控 RPA 包装层。
|
||||
|
||||
目标不是让 AI 自由操作鼠标键盘,而是封装有限动作:
|
||||
- read_latest_messages(limit)
|
||||
- search_contact(query)
|
||||
- open_conversation(id_or_name)
|
||||
- write_draft(text)
|
||||
- send_after_approval(approval_id)
|
||||
- upload_file(path)
|
||||
- mark_processed(message_id)
|
||||
|
||||
要求:
|
||||
- 发送真实消息必须人工确认。
|
||||
- 每个动作要有前置校验、结果校验和日志。
|
||||
- 优先控件 ID / automation id / role,不优先坐标。
|
||||
- 坐标和 OCR 只能作为最后兜底。
|
||||
|
||||
输出:
|
||||
1. wrapper action contract
|
||||
2. selector strategy
|
||||
3. approval gates
|
||||
4. failure recovery
|
||||
5. audit log fields
|
||||
6. POC 实现计划
|
||||
```
|
||||
27
prompts/07-reverse-deep-dive.md
Normal file
27
prompts/07-reverse-deep-dive.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# Prompt: Reverse Deep Dive
|
||||
|
||||
```text
|
||||
只有在本地数据、现有桥接、UI 自动化、网络接口都不足以支撑 POC 时,才进入这个阶段。
|
||||
|
||||
请按顺序使用:
|
||||
- `binary-triage`
|
||||
- `ghidra-static-analysis`
|
||||
- `decompiler-cleanup`
|
||||
- `reverse-report`
|
||||
|
||||
目标不是破解客户端,而是解释:
|
||||
- 消息数据库/日志路径
|
||||
- 配置加载逻辑
|
||||
- 插件加载逻辑
|
||||
- XMPP/SOAP/HTTP 接口线索
|
||||
- 消息收发函数
|
||||
- 文件上传下载路径
|
||||
|
||||
禁止:
|
||||
- 绕过登录或授权
|
||||
- patch 授权逻辑
|
||||
- 生成隐藏注入或规避检测脚本
|
||||
- 修改生产二进制
|
||||
|
||||
输出必须包含文件路径、hash、函数名、地址、字符串交叉引用、置信度和下一步验证方法。
|
||||
```
|
||||
1
runs/.gitkeep
Normal file
1
runs/.gitkeep
Normal file
@@ -0,0 +1 @@
|
||||
|
||||
Reference in New Issue
Block a user