agent-Specialization/.playwright-mcp/page-2026-04-27T12-34-39-698Z.yml
JOJO e2bbd767f7 feat(host-security+ui): unify host execution/approval behavior, runtime notices, and approval overlay UX
This commit consolidates a large set of host-mode security and UX fixes across backend and frontend.

Security / execution model:
- Make permission/execution mode switches apply immediately (no deferred pending-only behavior).
- Keep runtime mode change notices durable and visible via user-message guidance path.
- Add explicit runtime message source taxonomy support and persistence:
  user / presend / guidance / notify / sub_agent / background_command.
- Ensure guidance/notify insertion is batched per tool-cycle so mid-run inserts are committed together.
- Separate notify from guidance semantics for mode-change notices.
- Add direct-mode auto-fallback handling visibility on frontend.

Approval and command gating:
- Align run_command approval pre-check logic with docker behavior for approval/auto_approval modes in host execution paths.
- Keep approval retry flow and final-result semantics intact when permission errors trigger approval.
- Externalize forbidden command keyword list into JSON config:
  config/forbidden_commands.json.
- Update forbidden command rejection message to user-facing wording:
  用户不允许执行包含“... ”的指令.

Prompt/runtime guidance:
- Refine execution-mode runtime rule text to avoid endless workaround loops:
  one safe alternative first, then request switching to direct mode when truly required.

Chat rendering / message UX:
- Prevent injected guidance/notify user-messages from incorrectly triggering assistant work header/timer chain.
- Restore correct visibility after history reload while preserving runtime-source behavior.
- Update user-header icon/label rendering by message source:
  - guidance -> 引导 + navigation icon
  - notify/sub_agent/background_command -> 通知 + bell icon
  - user/presend -> keep normal user header.
- Add new icons: static/icons/navigation.svg, static/icons/bell.svg.

Approval panel UX:
- Convert desktop approval panel from layout-compress sidebar to overlay + blur sheet.
- Fix panel transition behavior (remove unintended vertical motion; use dedicated desktop overlay transition).
- Improve approval result display:
  - decision and reason split lines,
  - green/red status styling,
  - multiline reason rendering,
  - auto-collapse delay adjusted to 3s.

Execution mode TTL feedback:
- When direct mode auto-expires to sandbox, frontend menu state is updated from status snapshot.
- Show non-auto-dismiss warning toast to explicitly notify auto-fallback.

Misc consistency updates:
- Execution mode label text cleanup in composer.
- Runtime notice wording normalization (权限模式修改为..., 执行环境修改为...).

Build/test notes:
- Frontend rebuilt after UI changes.
- Smoke tests passed for server refactor path.
2026-05-12 19:16:38 +08:00

31 lines
1.3 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

- generic [active] [ref=e1]:
- banner [ref=e2]:
- generic [ref=e3]:
- link [ref=e5] [cursor=pointer]:
- /url: /
- generic [ref=e6]:
- link "抖音" [ref=e7] [cursor=pointer]:
- /url: /
- link "| 记录美好生活" [ref=e8] [cursor=pointer]:
- /url: /
- generic [ref=e12]:
- img "404 image" [ref=e13]
- generic [ref=e14]: 页面不见啦
- link "回首页看看" [ref=e15] [cursor=pointer]:
- /url: /
- generic [ref=e16]: 回首页看看
- contentinfo [ref=e17]:
- generic [ref=e19]:
- paragraph [ref=e20]:
- text: 2026 © 抖音 |
- link "京ICP备16016397号-3" [ref=e21] [cursor=pointer]:
- /url: https://beian.miit.gov.cn/
- text: "| 北京微播视界科技有限公司"
- paragraph [ref=e22]:
- link "中国互联网举报中心" [ref=e23] [cursor=pointer]:
- /url: https://www.12377.cn/
- text: "| 网络文化许可证-京网文-20162282-264号 | 违法和不良信息举报400-140-2108"
- link "京公网安备 11000002002046号" [ref=e25] [cursor=pointer]:
- /url: http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=11000002002046
- img [ref=e26]
- text: 京公网安备 11000002002046号