吸收数字员工管理端技能版本权限预览

This commit is contained in:
baiyanyun
2026-06-13 16:28:17 +08:00
parent b9f49d2c0e
commit 4fdc95da75
7 changed files with 111 additions and 3 deletions

View File

@@ -1585,19 +1585,29 @@ function checkDigitalAdminMemorySkillWorkbench() {
[dto, "memory_id", "backend memory id row field"],
[dto, "memory_key", "backend memory key row field"],
[dto, "skill_id", "backend skill id row field"],
[dto, "skill_version", "backend skill version row field"],
[dto, "install_status", "backend skill install status row field"],
[dto, "permission_scope", "backend skill permission scope row field"],
[dto, "policy_source", "backend skill policy source row field"],
[dto, "tool_name", "backend tool name row field"],
[dto, "server_id", "backend server id row field"],
[test, "queryAdminWorkbenchMemoryGovernanceReturnsMemoryRowsOnly", "backend memory governance test"],
[test, "queryAdminWorkbenchSkillAuditsReturnsSkillAndToolAuditRowsOnly", "backend skill audits test"],
[test, "queryAdminWorkbenchSkillAuditsReturnsVersionPermissionAndPolicyRowsOnly", "backend skill version permission test"],
[qimingTypes, "memory_governance", "qiming memory governance view type"],
[qimingTypes, "skill_audits", "qiming skill audits view type"],
[qimingTypes, "skill_version", "qiming skill version field"],
[qimingTypes, "permission_scope", "qiming skill permission scope field"],
[qimingOps, "记忆治理", "qiming memory governance tab"],
[qimingOps, "技能审计", "qiming skill audits tab"],
[qimingOps, "权限范围", "qiming skill permission scope copy"],
[qimingOps, "策略来源", "qiming skill policy source copy"],
[qimingOps, "批量归档", "qiming memory archive action"],
[qimingOps, "批量恢复", "qiming memory restore action"],
[qimingOps, "重复候选", "qiming memory duplicate copy"],
[docs, "正式管理端记忆治理预览", "docs memory governance absorption"],
[docs, "正式管理端技能审计预览", "docs skill audit absorption"],
[docs, "正式管理端技能版本权限预览", "docs skill version permission absorption"],
];
const missing = requiredSnippets
.filter(([content, snippet]) => !content.includes(snippet))

View File

@@ -578,8 +578,8 @@ GET /api/digital-employee/approvals
- 建议:先沉淀安全重启审计和人工确认体验,再评估更细粒度的服务恢复策略。
6. **技能生命周期与策略**
- 已吸收ACP / MCP / GUI / file server 能力已投射到 Skill Catalog技能库不再使用 demo fallbackSkill Library 启用/禁用已写入 qimingclaw 本地 `digital_employee_skill_policies_v1.local_skills`,管理端下发策略写入 `remote_skills`远端禁用优先生效且不会被本地按钮覆盖入口路由候选技能会按有效策略过滤MCP 注入 Agent 前会应用有效技能策略ACP permission / tool update 会写入 `skill_call_allowed` / `skill_call_rejected` / `skill_call_observed` 审计事件,`policy_snapshot` 会包含本地/远端策略命中字段embedded 已提供 `/api/digital-employee/skill-call-audits` 只读投影、`POST /api/skill/policies/pull` 手动拉取入口技能调用策略与审计已开始闭环。管理端调用审计视图已开始吸收embedded 新增“技能审计”入口,将 skill call audit、tool_call_audit、sandbox_audit 和 token_cost 统一成可筛选列表,技能库可按 skill id 跳转聚焦。正式管理端技能审计预览已开始吸收qiming-backend 新增 `skill_audits` 运营台视图聚合 skill call、tool、sandbox 和 token/cost 安全摘要qiming“数字员工运营台”的“技能审计”tab 只开放标记复核和忽略意图,不安装技能、不变更权限范围。
- 缺口:仍缺少技能安装、版本管理和细粒度权限范围。
- 已吸收ACP / MCP / GUI / file server 能力已投射到 Skill Catalog技能库不再使用 demo fallbackSkill Library 启用/禁用已写入 qimingclaw 本地 `digital_employee_skill_policies_v1.local_skills`,管理端下发策略写入 `remote_skills`远端禁用优先生效且不会被本地按钮覆盖入口路由候选技能会按有效策略过滤MCP 注入 Agent 前会应用有效技能策略ACP permission / tool update 会写入 `skill_call_allowed` / `skill_call_rejected` / `skill_call_observed` 审计事件,`policy_snapshot` 会包含本地/远端策略命中字段embedded 已提供 `/api/digital-employee/skill-call-audits` 只读投影、`POST /api/skill/policies/pull` 手动拉取入口技能调用策略与审计已开始闭环。管理端调用审计视图已开始吸收embedded 新增“技能审计”入口,将 skill call audit、tool_call_audit、sandbox_audit 和 token_cost 统一成可筛选列表,技能库可按 skill id 跳转聚焦。正式管理端技能审计预览已开始吸收qiming-backend 新增 `skill_audits` 运营台视图聚合 skill call、tool、sandbox 和 token/cost 安全摘要qiming“数字员工运营台”的“技能审计”tab 只开放标记复核和忽略意图,不安装技能、不变更权限范围。正式管理端技能版本权限预览已开始吸收,`skill_audits` 继续聚合 skill catalog / skill policy snapshotqiming 详情可展示技能版本、安装状态、权限范围、策略来源和策略状态,用于解释权限命中但不开放安装或权限编辑。
- 缺口:仍缺少真实技能安装、版本升级管理和细粒度权限范围编辑
- 建议:下一轮围绕管理端审计消费、技能安装和权限范围,把本地调用审计推进到更完整的跨端治理闭环。
7. **产物交付闭环**