* refactor(persona): replace local folder components with shared folder components
* feat(webui): implement draggable reordering with animation for pinned plugins
* refactor(webui): extract PinnedPluginItem into a standalone component
* feat: supports weixin personal account
* feat(weixin): update documentation for personal WeChat integration and add QR code image
* feat(weixin): refactor send method to streamline message handling
* fix(weixin): correct AES key encoding in media payload construction
* feat(weixin): update weixin_oc_base_url description for clarity in config metadata
* feat(weixin): enhance WeChat integration with QR code support and configuration updates
* feat(weixin): implement WeixinOCClient for improved media handling and API requests
* feat(platform): update platform status refresh interval to 5 seconds
* fix(lark): defer streaming card creation and renew card on tool call break
- Defer CardKit streaming card creation until the first text token
arrives, preventing an empty card from rendering before content.
- Handle `type="break"` signal in send_streaming: close the current
card and lazily create a new one for post-tool-call text, so the
new card appears below the tool status message in correct order.
- Only emit "break" signal when show_tool_use is enabled; when tool
output is hidden, the AI response continues on the same card.
* style: format ruff
* fix: cr bug
* fix: cr
* fix(skills): use actual sandbox path from cache instead of hardcoded workspace root
Fixes#6273
When using Shipyard booter, the sandbox workspace directory is
`/home/ship_{session_id}/workspace/` instead of the hardcoded `/workspace`.
This caused Agent to fail reading SKILL.md files with 'No such file or directory'.
Changes:
- In build_skills_prompt: prefer skill.path (from sandbox cache) over
hardcoded SANDBOX_WORKSPACE_ROOT for sandbox_only skills
- In list_skills: always prefer sandbox_cached_paths over hardcoded path
for sandbox_only skills
The actual path is resolved at sandbox scan time via Path.resolve() in
_build_scan_command, which returns the correct absolute path based on
the sandbox's actual working directory.
* docs: add comment explaining show_sandbox_path behavior for sandbox_only skills
Address Sourcery AI review comment:
- Clarify that show_sandbox_path is implicitly True for sandbox_only skills
- Explain why the flag is effectively ignored (no local path exists)
* refactor: simplify path_str fallback using or operator
Address review feedback: use single-line fallback instead of if-not pattern.
* style: format skill_manager.py with ruff
Fix ruff format-check failure
* fix(skills): sanitize cached sandbox skill paths
Normalize sandbox cache paths before reading or writing them so invalid,
empty, or mismatched entries fall back to a safe default SKILL.md path.
This avoids using malformed cached paths, keeps path rendering
consistent, and ensures sandbox skill listings always point to the
expected workspace location.
---------
Co-authored-by: ccsang <ccsang@users.noreply.github.com>
Co-authored-by: RC-CHN <1051989940@qq.com>
* fix(agent): pass tool_call_timeout to SubAgent handoff execution
- Add tool_call_timeout parameter to _execute_handoff method
- Pass run_context.tool_call_timeout to ctx.tool_loop_agent
- Add unit test to verify tool_call_timeout is correctly passed
- Fixes#6711: SubAgent MCP tool call timeout now respects configured timeout
The SubAgent handoff execution was using the default 60-second timeout
instead of the configured tool_call_timeout from provider settings.
This change ensures that SubAgent MCP tool calls respect the user's
configured timeout settings.
* test: add unit test for tool_call_timeout in SubAgent handoff
* fix: restore deleted test and fix test assertion
- Restore test_collect_handoff_image_urls_filters_extensionless_missing_event_file
- Fix test_collect_handoff_image_urls_keeps_extensionless_existing_event_file assertion
- Keep new test_execute_handoff_passes_tool_call_timeout_to_tool_loop_agent
* refactor: simplify tool_call_timeout passing in _execute_handoff
- Pass run_context.tool_call_timeout directly to ctx.tool_loop_agent
- Remove unnecessary local variable assignment
- Addresses review feedback from Sourcery AI
* fix(config): increase default tool call timeout from 60 to 120 seconds
---------
Co-authored-by: LehaoLin <linlehao@cuhk.edu.cn>
Co-authored-by: Soulter <905617992@qq.com>
* fix: reject follow-up messages after stop requested (#6626)
Once a user sends /stop, follow-up messages should no longer be
accepted for that runner. Previously, there was a race window where
messages sent after stop could still be queued as follow-ups.
This fix gates the follow_up() method to check both done() and
_stop_requested before accepting a new follow-up message.
Acceptance criteria met:
- After /stop, later follow-up messages return None (rejected)
- Post-stop follow-ups are not added to _pending_follow_ups
- No post-stop text is injected into tool results
- Graceful-stop behavior otherwise unchanged
- Follow-ups submitted before stop retain current behavior
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* test: add regression tests for issue #6626 follow-up rejection
Add focused tests that verify the complete tool-result injection path
for follow-up messages after stop is requested:
- test_follow_up_rejected_and_runner_stops_without_execution: Verifies
that when stop is requested before any execution, follow-ups are
rejected and the runner stops gracefully without executing tools.
- test_follow_up_merged_into_tool_result_before_stop: Verifies that
follow-ups queued before stop are properly merged into tool results
via _merge_follow_up_notice().
- test_follow_up_after_stop_not_merged_into_tool_result: Regression
test that simulates the race condition from issue #6626. Verifies
that only pre-stop follow-ups are merged into tool results, and
post-stop follow-ups are rejected at the admission point.
These tests validate the fix in ToolLoopAgentRunner.follow_up() that
checks both self.done() and self._stop_requested before accepting
new follow-up messages.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(agent): update stop request check in ToolLoopAgentRunner
---------
Co-authored-by: ccsang <ccsang@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Soulter <905617992@qq.com>
* fix: 解决 MCP 工具与内置工具重名时的连坐问题
- 修改 get_func 方法:优先返回已激活的工具
- 修改 get_full_tool_set 方法:使用 add_tool 防止同名冲突
- 修改 add_tool 方法:优先保留已激活的工具
Fixes#5821
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: address PR review feedback for tool conflict resolution
- Fix inconsistency: get_func now uses reversed() to match ToolSet.add_tool's
"last-active-wins" logic, preventing potential "tool hijacking" issues
- Improve readability: replace double negative condition with clearer logic
- Add compatibility: use getattr with default for tools without 'active' attribute
- Remove unnecessary deepcopy: MCPTool runtime objects should not be deep copied
- Update docstring: accurately describe the actual tool resolution behavior
Addresses review comments from sourcery-ai, gemini-code-assist, and Copilot.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* test: add tests for tool conflict resolution (issue #5821)
Add comprehensive tests for ToolSet.add_tool, get_func, and get_full_tool_set
to verify the conflict resolution behavior when MCP tools share names with
built-in tools.
Test cases:
- ToolSet.add_tool: active/inactive priority, last-one-wins for same state
- get_func: returns last active tool, fallback to last matching tool
- get_full_tool_set: deduplication logic, no deepcopy, MCP overrides disabled builtin
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: 修复工具冲突处理逻辑,确保未激活工具不被错误移除
---------
Co-authored-by: whatevertogo <whatevertogo@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* Add Kimi Code provider
* Add icon mapping for Kimi Code provider
* Clarify Kimi CodingPlan provider labeling
* Refine Kimi Code header handling
* modified docker compose
* fix: correct Kimi Coding Plan label and update API base URL
---------
Co-authored-by: Soulter <905617992@qq.com>
* fix: update hint for ID whitelist configuration to clarify behavior when empty
* fix: update whitelist hint
---------
Co-authored-by: machina <1531829828@qq.com>
Co-authored-by: Soulter <905617992@qq.com>
* fix(ui): localize session management group texts
Replace hardcoded Chinese strings in SessionManagementPage with i18n
lookups for group management labels, dialogs, and action feedback.
Add and align translation keys in en-US, ru-RU, and zh-CN for group
management and batch operation messages to ensure consistent multilingual
UI behavior.
* fix(ui): localize interval method hint text
* docs(sandbox): document shipyard neo setup
Expand the Chinese sandbox guide to cover Shipyard Neo as the
recommended driver and distinguish it from legacy Shipyard.
Add deployment and configuration guidance for standalone and
compose-based setups, include a full annotated config example,
and clarify profile selection, TTL behavior, workspace paths,
and persistence semantics.
* docs(sandbox): recommend standalone shipyard neo
Clarify that Shipyard Neo is best deployed on a separate,
better-provisioned host for long-term use.
Update the setup steps and AstrBot connection guidance, and
remove the earlier combined Docker Compose deployment flow.
* docs(sandbox): expand shipyard neo guide
Document Shipyard Neo as the recommended sandbox driver and
clarify how it differs from the legacy Shipyard setup.
Add guidance for deployment, performance requirements, Bay
configuration, profile selection, TTL behavior, workspace
persistence, and browser capability support.
Also reorganize the sandbox configuration section and keep the
legacy Shipyard instructions for compatibility.
* docs(sandbox): fix shipyard neo doc links
Update the sandbox guides in English and Chinese to link
directly to the upstream `config.yaml` example.
Replace duplicated TTL and persistence notes with references
to the dedicated sections to keep the guide concise and easier
to maintain.
* perf(dashboard): subset MDI icon font and self-host Google Fonts
* perf(dashboard): subset MDI icon font and self-host Google Fonts
* perf(dashboard): subset MDI icon font and self-host Google Fonts
* perf(dashboard): subset MDI icon font cr fix
* chore: update lockfile
Multiple models (Gemini 3, GPT-5.2, Claude Sonnet, Kimi K2.5) consistently
pick FileDownloadTool when they should pick FileUploadTool. The old
descriptions used "upload/download" which is ambiguous from the LLM's
perspective — it doesn't know which side is "local" vs "remote".
Rewrite descriptions to use explicit directional language:
- Upload: "Transfer FROM host INTO sandbox" + "when user sends a file"
- Download: "Transfer FROM sandbox OUT to host" + "ONLY when user asks
to retrieve/export"
Also improve parameter descriptions with the same directional clarity.
Fixes#6497
Co-authored-by: Yufeng He <40085740+universeplayer@users.noreply.github.com>