Commit Graph

278 Commits

Author SHA1 Message Date
16473c824d chore: 合并多项独立 WIP 改动
- cli: 增加 layoutRefreshTick 与 IME 输入组件,处理 slash_menu 光标偏移
- config/auto_approval: 切到 opencode 中转端点
- modules/approval_agent: 调试 transcript 增加 trace / final_result 字段
- static/useLegacySocket: 重试 toast 显示具体错误信息

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 02:01:36 +08:00
67fdb715f5 refactor(messages): 统一运行期消息插入为 [系统通知|source] 前缀的 user 消息
- 新增 server/chat_flow_task_support.inject_runtime_user_message 作为唯一入口,
  统一处理 add_conversation + messages.insert + sender(user_message) 三件事
- 子智能体 / 后台 run_command / runtime_guidance / mode notice 全部走该入口,
  role 一律 user,inline 仅作 metadata 标记,不再复用 system role 表达语义
- inline poll 移出 tool 执行循环,改为整轮 tool 完成后批量注入,
  避免在 assistant.tool_calls 与 tool 序列之间插入 user 导致 API 报错
- 删除 _insert_completion_notice_message / _record_sub_agent_message
  以及 build_messages 中 system→user 的回转分支
- 移除已废弃的 wait_sub_agent 工具残留(后端注册、前端图标/动画、
  prompts、SKILL 文档;保留 sleep 的 wait_sub_agent_ids 参数)
- 前端取消对 is_auto_generated/auto_message_type 的过滤,
  让运行期注入的 user 消息在历史和实时推送中正常渲染

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 02:01:36 +08:00
e2bbd767f7 feat(host-security+ui): unify host execution/approval behavior, runtime notices, and approval overlay UX
This commit consolidates a large set of host-mode security and UX fixes across backend and frontend.

Security / execution model:
- Make permission/execution mode switches apply immediately (no deferred pending-only behavior).
- Keep runtime mode change notices durable and visible via user-message guidance path.
- Add explicit runtime message source taxonomy support and persistence:
  user / presend / guidance / notify / sub_agent / background_command.
- Ensure guidance/notify insertion is batched per tool-cycle so mid-run inserts are committed together.
- Separate notify from guidance semantics for mode-change notices.
- Add direct-mode auto-fallback handling visibility on frontend.

Approval and command gating:
- Align run_command approval pre-check logic with docker behavior for approval/auto_approval modes in host execution paths.
- Keep approval retry flow and final-result semantics intact when permission errors trigger approval.
- Externalize forbidden command keyword list into JSON config:
  config/forbidden_commands.json.
- Update forbidden command rejection message to user-facing wording:
  用户不允许执行包含“... ”的指令.

Prompt/runtime guidance:
- Refine execution-mode runtime rule text to avoid endless workaround loops:
  one safe alternative first, then request switching to direct mode when truly required.

Chat rendering / message UX:
- Prevent injected guidance/notify user-messages from incorrectly triggering assistant work header/timer chain.
- Restore correct visibility after history reload while preserving runtime-source behavior.
- Update user-header icon/label rendering by message source:
  - guidance -> 引导 + navigation icon
  - notify/sub_agent/background_command -> 通知 + bell icon
  - user/presend -> keep normal user header.
- Add new icons: static/icons/navigation.svg, static/icons/bell.svg.

Approval panel UX:
- Convert desktop approval panel from layout-compress sidebar to overlay + blur sheet.
- Fix panel transition behavior (remove unintended vertical motion; use dedicated desktop overlay transition).
- Improve approval result display:
  - decision and reason split lines,
  - green/red status styling,
  - multiline reason rendering,
  - auto-collapse delay adjusted to 3s.

Execution mode TTL feedback:
- When direct mode auto-expires to sandbox, frontend menu state is updated from status snapshot.
- Show non-auto-dismiss warning toast to explicitly notify auto-fallback.

Misc consistency updates:
- Execution mode label text cleanup in composer.
- Runtime notice wording normalization (权限模式修改为..., 执行环境修改为...).

Build/test notes:
- Frontend rebuilt after UI changes.
- Smoke tests passed for server refactor path.
2026-05-12 19:16:38 +08:00
2ec226b5eb fix(permission,docker): enforce docker-specific approval flow and polish permission menu layout
- Add docker risk markers config (config/docker_risk_markers.json) and load it in tools permission evaluation.

- In docker mode, pre-evaluate run_command/terminal_input: readonly-safe and no-risk -> direct run; otherwise require approval/auto-approval.

- Keep docker write_file/edit_file behavior aligned with agreed policy: approval requires review, auto_approval passes directly.

- Pass risk markers into auto approval payload and include current working directory context for approval agent.

- Fix permission dropdown layout: only use split two-column menu when execution mode section is enabled; remove empty right blank area in docker mode.

- Center mobile approval overlay to prevent sheet overflow on small screens.
2026-05-11 22:56:10 +08:00
8d665ad6de feat(permission): add auto-approval mode with approval agent, UI flow, and docs sync
Implemented a new permission mode  between  and , including backend policy, runtime behavior, frontend display, and documentation updates.

Backend & policy changes:

- Added  to permission mode validation and persistence paths.

- Updated tool permission evaluation: workspace-local  direct pass, out-of-workspace requires approval.

- Kept  readonly-first flow and added auto-approval decision path when permission denial occurs.

- Added approval reason/decider support in tool approval manager.

- Improved rejection tool-content format to natural language: '工具调用被拒绝\n原因:...'

- Fixed permission-mode sync edge cases on conversation create/load and restart-first-switch behavior.

Approval agent subsystem:

- Added  and .

- Added lightweight auto-approval config at  (name/url/key/model/extra_params + timeouts).

- Added optional transcript debug switch in code and transcript output under logs/approval_agent.

- Aligned transcript saving toward cumulative messages format and captured reasoning/content/tool_calls/tool sequence.

Frontend changes:

- Added  option to personalization and permission menus.

- Reworked approval panel auto-review display into a dedicated block with simplified lines: start, command, final approve/reject + reason.

- Added delayed sidebar auto-close (10s) after approval resolved.

- Added stricter permission-switch verification and rollback on mismatch/error.

Docs updated:

- Synced AGENTS.md, README.md, and docs/host_sandbox_and_permission_model.md with new permission mode, approval-agent behavior, config, and current constraints (including docker caveat).
2026-05-11 17:55:27 +08:00
a93f17010c feat(security): unify host sandbox controls across command/python/terminal/sub-agent and add path authorization UI
This commit lands a broad host-security architecture update focused on enforceable sandbox execution, clearer permission semantics, and operator usability.

Core execution/security changes
- Introduce and wire a unified host sandbox runner for multi-OS execution:
  - macOS: sandbox-exec
  - Linux: bubblewrap + seccomp
  - Windows: WSL2 path
- Remove silent fallback behavior in failure paths; sandbox-unavailable cases now fail closed instead of dropping to unsafe host execution.
- Ensure host execution mode (sandbox/direct) is propagated consistently into runtime components, including sub-agent startup.

Permission mode model upgrade
- Rework readonly/approval behavior for run_command from brittle command-text gating to execution-layer enforcement:
  - readonly: run_command executes in read-only sandbox profile.
  - approval: run_command first executes read-only; when permission-denied is detected, request approval and retry once with writable sandbox for that single call.
- Tool loop now returns final post-approval execution result, not intermediate permission-denied payloads.
- Update permission-mode system messaging to describe user-visible behavior without exposing internal implementation details.

Path authorization system
- Add dynamic host policy module and persisted policy file.
- Support dual path classes:
  - writable_paths (read+write)
  - readable_extra_paths (read-only)
- Enforce file access in file_manager by access type (read vs write) under host mode.
- Add host-only frontend 路径授权 management dialog (settings三级菜单入口), including mode switch between 可读可写 and 仅可读 with separate drafts and save flow.

Sub-agent and terminal alignment
- Sub-agent process launch now respects host execution mode and sandbox controls in host mode.
- Keep terminal session model compatible with sandbox-first behavior and execution-mode propagation.

Tool surface updates
- Remove legacy file-management tools from active tool definitions (create_file/create_folder/rename_file/delete_file) while preserving historical conversation compatibility.

Docs updates
- Add dedicated architecture doc: docs/host_sandbox_and_permission_model.md
- Refresh README and AGENTS sections to reflect updated permission/execution model and path-authorization semantics.

Validation performed
- python unittest smoke suite passes: test.test_server_refactor_smoke
- frontend build passes: npm run build
- syntax checks for touched Python modules completed
2026-05-11 13:41:30 +08:00
6ee8cda2a7 feat(security): harden host execution model with sandbox/direct controls
This commit introduces a substantial security and runtime architecture update for host mode, with three major goals: (1) enforce OS-level sandboxing by default, (2) support a controlled temporary direct-execution escape hatch for admin users, and (3) eliminate silent fallback behavior that could hide risk.

Backend/runtime changes:\n- Added a unified host sandbox runner (macOS sandbox-exec / Linux bubblewrap+seccomp / Windows WSL2).\n- Converted host terminal creation to sandboxed interactive shells by default.\n- Kept run_command/run_python on the same execution policy and added host execution mode plumbing (sandbox|direct).\n- Added session-scoped direct mode with TTL auto-revert (default 10 minutes), configurable via environment.\n- Added execution mode APIs (GET/POST /api/execution-mode), host+admin gating, status propagation, and rate limiting.\n- Added runtime refresh hooks so tool calls honor TTL expiration and mode transitions consistently.\n- Removed docker->host silent fallback paths: docker startup/runtime failures now fail fast instead of degrading silently.\n- Added host sandbox prompt injection (host-only) to guide agent behavior under permission constraints.

Configuration and policy changes:\n- Added HOST_EXECUTION_MODE_DEFAULT and HOST_EXECUTION_DIRECT_TTL_SECONDS.\n- Added HOST_SANDBOX_MACOS_WRITABLE_PATHS to support user-defined writable path allowlists.\n- Updated macOS sandbox profile generation to use minimal defaults (workspace + tmp + /dev/null) plus explicit allowlist extensions.\n- Updated .env.example documentation for new execution/sandbox controls.

Frontend changes:\n- Extended permission popover to a two-column model (Permission + Execution Environment) for host admin sessions.\n- Added execution mode state/options to app state, fetching, and status synchronization flows.\n- Added execution mode switching action and user feedback toasts.\n- Kept warning emphasis via text styling only (removed warning border per UX request).

Validation:\n- Python syntax checks passed for modified backend modules.\n- Existing smoke tests passed: python3 -m unittest test.test_server_refactor_smoke\n- Frontend production build passed: npm run build
2026-05-10 19:19:01 +08:00
8395cf8b4b fix(prompt): merge disabled-tool notice into leading system prompts 2026-05-09 18:56:49 +08:00
d406244604 fix(style): 修复空白页欢迎文字居中与换行适配 2026-04-28 17:57:16 +08:00
8814f963f5 fix(ux): 用户发送后即时显示 assistant 头部和等待提示 2026-04-28 17:56:52 +08:00
9a5a116fd6 feat(ui): 新增欢迎文字和等待提示文案 2026-04-28 17:56:14 +08:00
b151f8ff71 feat: add host workspace manager, mcp-tool-config skill, and UI enhancements 2026-04-28 13:04:51 +08:00
ecca5da8ab fix: harden multimodal handling and sanitize mcp action results 2026-04-27 20:11:21 +08:00
bb6bfff176 fix(ui): stabilize tool header icons and mcp completion label 2026-04-27 15:51:52 +08:00
9d8beacc8d fix: align thinking and tool status text in blocks 2026-04-27 15:35:10 +08:00
9dfb1567d2 fix: render user media previews from media store refs 2026-04-27 12:57:13 +08:00
e3e2d22dc4 fix(chat): restore collapse max height in block mode 2026-04-27 01:42:52 +08:00
3c1773dc01 fix(mcp): split categories by server and preserve toggle states 2026-04-27 01:42:40 +08:00
2c75bb01a0 feat(ui): cap tool toggle menu to five items with hidden scrollbar 2026-04-27 01:42:32 +08:00
3cd8bdabef feat(ui): add refresh button for showhtml cards 2026-04-27 01:42:24 +08:00
591a5e64cc fix: 修复聊天区滚动锁定与手动上滚脱锁 2026-04-27 00:13:38 +08:00
ed5315eef6 feat: add MCP management and host-only runtime policy 2026-04-26 23:49:04 +08:00
e758df767f fix: prevent show_html cards from disappearing during streaming 2026-04-26 18:38:13 +08:00
9199f5ca7c fix: unify show cards rendering and prompt constraints 2026-04-26 18:13:24 +08:00
24c702c0af fix(show_html): add js mode with sandbox iframe rendering 2026-04-26 17:13:08 +08:00
ac788daa03 fix(show_html): freeze completed card during streaming 2026-04-26 16:52:22 +08:00
383e68188c fix: stabilize show_html rendering and restore conversation mode state 2026-04-26 01:04:23 +08:00
33d270ff63 fix: stabilize show_html streaming rendering and recovery 2026-04-25 23:17:07 +08:00
1c928d7518 chore: backup snapshot before show_html scroll rework 2026-04-25 20:39:52 +08:00
46404095dd fix: reduce chat debug noise and stabilize auto-scroll behavior 2026-04-25 16:35:09 +08:00
070d77c070 fix: adapt deepseek custom models and harden todo/tool gating 2026-04-24 18:31:03 +08:00
1b27b3ffa2 fix: simplify enhanced display for personalization updates 2026-04-19 16:57:23 +08:00
8991ed5084 feat: add read_skill tool and frontend read-skill rendering 2026-04-19 16:57:02 +08:00
3a949abdb4 fix: restore cached theme before personalization sync 2026-04-14 13:44:24 +08:00
1500a15be1 fix: enhance manage_personalization tool display 2026-04-14 13:44:06 +08:00
916f68e8e9 feat: 添加智能体交流风格选项
- 将"模型行为"标签改为"智能体行为"
- 新增"智能体交流风格"二选一选项(默认/拟人)
- 拟人风格会注入human_like_style.txt提示词
- manage_personalization工具支持communication_style字段
- 添加user-pen.svg图标用于个性化工具和分类
2026-04-14 01:47:06 +08:00
13400f62d5 feat: add manage_personalization tool and fix personalization sync 2026-04-13 20:22:06 +08:00
3219df388b feat: 优化任务轮询和聊天区域渲染机制 2026-04-13 16:23:01 +08:00
78df2249cf fix: stabilize markdown code block selection and copy 2026-04-12 19:59:28 +08:00
49bd994cfa fix: stabilize task completion and chat auto-scroll behavior 2026-04-12 19:45:01 +08:00
757718c492 feat: add user turn tool protection to shallow compression
- Add shallow_compress_keep_user_turn_tools config (default: 3)
- Add is_auto_generated metadata to system messages (sub_agent/background_command)
- Fix sub_agent notification path to include auto_message marker
- Frontend: add input field in PersonalizationDrawer
- Backend: implement protection logic in _run_auto_shallow_compression
2026-04-12 18:48:08 +08:00
0e3dc1dd68 feat: 个人空间模型行为页面添加两个新开关 - AGENTS.md自动注入和允许根目录创建文件 2026-04-12 16:34:04 +08:00
cf5915dfbc feat: 前端store添加AGENTS.md自动注入和根目录创建文件配置字段 2026-04-12 16:34:02 +08:00
2397e6ec1c feat: 添加拖拽上传图片/视频功能
- 支持拖拽图片到窗口自动上传到输入栏
- 支持拖拽视频到窗口自动上传到输入栏
- 支持拖拽其他文件触发普通上传
- 多主题适配:经典色(橙色)、浅色(黑色)、深色(白色)
- 修复浅色/经典色主题下提示文字看不清的问题
2026-04-12 15:55:00 +08:00
3a9b5388f9 style(mobile): 优化审批面板移动端样式
- 移除顶部灰色块,内容直接顶头显示
- 移除关闭按钮圆形外框,只保留×符号
- 统一配色与电脑端一致
2026-04-12 13:42:39 +08:00
0eeec08320 fix(desktop): 禁用审批面板拖拽展开
- 电脑端审批面板不再支持拖拽屏幕边缘展开
- 仅保留移动端的手动打开方式
2026-04-12 13:42:28 +08:00
be9592a2f4 fix(mobile): 审批面板自动关闭和交互问题
- 移除审批面板在空列表时自动关闭的逻辑
- 支持手动打开空审批面板
- 恢复点击遮罩层关闭面板功能
2026-04-12 13:42:09 +08:00
aad958d2d9 fix(mobile): 用量统计点击不展开问题
- 添加 fromSettingsMenu 参数穿透
- 修复设置菜单中用量统计点击不展开弹窗的问题
- 移动端限制不再阻止设置菜单的用量统计功能
2026-04-12 13:41:26 +08:00
3fee0ebf7d fix(mobile): 权限菜单自适应位置并优化审批面板样式
- 修复权限切换弹出菜单在移动端跑出屏幕右侧的问题
- 添加媒体查询使菜单自适应左右位置
2026-04-12 13:41:15 +08:00
dcc6e3588e fix(ui): disable token panel expand on mobile tap
- 移动端禁用点击展开顶部用量面板
- 仅允许在已展开时点击收起
2026-04-12 01:13:26 +08:00
bd891029df feat(tool-approval): add run_python preview support 2026-04-12 01:13:12 +08:00
6a21a642d0 fix(approval): 完整展示写入内容并隐藏内部滚动条 2026-04-11 18:59:40 +08:00
c6c90da64a chore(ui): 文案改为版本控制开关 2026-04-11 18:59:32 +08:00
9c15c6f945 fix(personalization): 恢复个人空间打开/关闭动画 2026-04-11 18:59:23 +08:00
e3bf67d25d fix(mobile): 待审批时自动弹出并审批后收回面板 2026-04-11 18:59:14 +08:00
0ba2763696 fix(personalization): 移除滑动跳模块并调整用量区留白 2026-04-11 17:02:17 +08:00
55feb36091 feat(versioning-ui): 优化版本不一致提示与回溯限制 2026-04-11 17:01:35 +08:00
6379f8c729 feat: complete conversation versioning UX and restore workflow 2026-04-11 16:16:40 +08:00
34a6577f3a feat: ship permission/approval UI with mobile support and context usage ring 2026-04-11 04:07:55 +08:00
3f40aa949f fix: treat slash-prefixed input as normal web message 2026-04-11 00:52:47 +08:00
4124faa040 feat(frontend): 优化聊天界面与监控交互体验 2026-04-10 14:34:18 +08:00
8be1c37b6a refactor(frontend): 整理应用逻辑层与状态管理 2026-04-10 14:34:01 +08:00
90233690ad feat: add json-based extensible model registry and dynamic model UI 2026-04-09 20:56:54 +08:00
a04eca3aab fix: unify background run_command notifications with sub-agent flow 2026-04-08 16:13:40 +08:00
d798d39da3 fix: persist onboarding prompt status and bump android app to 1.0.20 2026-04-07 20:08:33 +08:00
9a2bae04b5 fix: repair admin monitor auth and add invite CRUD 2026-04-07 18:23:09 +08:00
7e1d9bfede fix: restore apk tutorial scrolling and bump app to 1.0.19 2026-04-07 17:56:05 +08:00
4e4186f87a fix: polish tutorial/theme copy and align review dialog themes 2026-04-07 17:12:53 +08:00
692a12affd feat: complete guided tutorial with mobile flow and ui polish 2026-04-07 17:03:37 +08:00
67db1ea831 fix: migrate auth pages to vue and bump android app to 1.0.17 2026-04-07 12:38:45 +08:00
c88b3e9363 feat: inline workspace logo with theme adaptation and bump versions 2026-04-07 12:14:10 +08:00
edc7f9b7ea fix: fallback upload selected local media on mobile webview 2026-04-07 11:50:48 +08:00
386f618c83 fix: improve run_python output readability in dark mode 2026-04-07 11:50:43 +08:00
3ae5be47d9 feat: add per-skill strict read-before-tool enforcement 2026-04-07 11:50:38 +08:00
39af4151d9 fix: enforce max-width hard wrapping in chat input and bubbles 2026-04-07 11:50:28 +08:00
1a3235be09 fix: add connection heartbeat and polish mobile tap feedback 2026-04-07 00:04:44 +08:00
207a7d2e33 fix: remove liquid glass experiment and bump android app to 1.0.14 2026-04-07 00:02:06 +08:00
81d4c17ae7 feat: update app refresh entry and release metadata 2026-04-06 19:51:56 +08:00
b29e6a67f8 fix: keep compression toast persistent and align summary layout 2026-04-06 17:09:36 +08:00
bc939a0098 feat: make context compression policy configurable and stabilize compression UX 2026-04-06 16:51:43 +08:00
7e03e3cd5f feat: stabilize context compression and deep-compact flow 2026-04-06 15:12:25 +08:00
fafb0d35ad feat: add app update flow and apk deploy automation 2026-04-06 02:10:52 +08:00
6f2f854f6d fix: refine mobile assistant content spacing 2026-04-05 21:25:01 +08:00
6e3bdaa964 fix: constrain mobile overlay panel width 2026-04-05 20:57:29 +08:00
3e800609c5 fix: tighten mobile chat gutters and user bubble width 2026-04-05 20:54:57 +08:00
a5412dae34 fix: adjust sub-agent notice spacing in minimal mode 2026-04-05 16:58:22 +08:00
2700a25702 feat: add per-user-message work timer with persistence 2026-04-05 15:14:29 +08:00
de1aebeaa8 feat: add loaders 15-17 to minimal loader pool 2026-04-05 15:14:06 +08:00
3b521e9616 feat: expand square loader set and tune bouncing 2026-04-05 01:22:50 +08:00
dc60c7a123 feat: animate minimal summary text with color wave 2026-04-05 01:22:37 +08:00
3328d968d5 fix: align /new restore and first-send routing flow 2026-04-05 01:22:30 +08:00
7812d58a64 fix: adapt admin monitor cards to dark theme 2026-04-05 01:22:22 +08:00
0c213b0a9f feat: polish minimal summary loader interactions 2026-04-04 20:52:50 +08:00
0b923d6c53 fix: harden polling task cancel lifecycle 2026-04-04 20:52:31 +08:00
8da1a3d46d chore(socket): add legacy socket backup snapshot 2026-04-04 19:47:46 +08:00
3b710020fe feat(chat): add randomized summary loaders in minimal mode 2026-04-04 19:47:17 +08:00
8d5a034c70 fix(chat): recover assistant placeholder after stop and switch 2026-04-04 19:47:03 +08:00
b9df354808 fix: 修复极简模式思考内容与SVG图标对齐问题
- 使用相对单位调整思考内容的垂直对齐
- 添加负margin-top让第一行文字中心与SVG图标中心对齐
- 计算公式:(1em - 1.7em) / 2,基于line-height自动适配
- 不影响工具步骤的对齐(工具header的line-height为1)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-04 16:38:56 +08:00
c26cd3d3fd fix: 修复极简模式多个问题并恢复偏好设置自动应用
- 修复极简模式下步骤竖线距离SVG不均匀的问题
  - 使用flex布局让竖线自动填充空间
  - 添加负margin让竖线延伸到下一个步骤
  - 确保竖线上下距离SVG图标相等

- 修复SVG图标颜色问题
  - 统一使用灰色(--claude-text-tertiary)
  - 不再受颜色模式影响

- 修复思考内容自动滚动问题
  - 添加registerThinkingRef和handleThinkingScroll支持
  - 移除导致滚动异常的伪元素负margin
  - 实现与堆叠模式一致的自动滚动行为

- 修复轮询改造后偏好设置不自动应用的问题
  - 在loadInitialData中应用默认模型和运行模式
  - 在createNewConversation前应用偏好设置
  - 在loadConversation前应用偏好设置
  - 确保新建或切换对话时使用用户设置的默认值

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-04 16:18:15 +08:00
a030ff954b fix: 修复工具增强显示的多个问题
1. read_file 工具支持三种模式显示
   - read 模式:显示完整文件内容
   - search 模式:显示搜索匹配项和行号
   - extract 模式:显示提取的多个片段

2. edit_file 工具兼容新旧数据格式
   - 支持 old_string/new_string 格式(当前后端使用)
   - 支持 replacements 数组格式(为未来扩展预留)

3. write_file 工具显示写入内容
   - 显示完整的写入内容
   - 使用绿色+号样式(与 edit_file 一致)
   - 支持显示追加模式标识

4. 极简模式工具图标匹配修复
   - 修复所有工具图标都显示为 run_command 的问题
   - 使用与堆叠块模式相同的图标获取逻辑
   - 正确显示每个工具对应的图标

5. 新增样式支持
   - 搜索匹配项样式
   - 提取片段样式
   - 移除彩色侧边框,保持简洁

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-04 15:37:38 +08:00