diff --git a/extensions/feishu/src/bot-content.ts b/extensions/feishu/src/bot-content.ts index 7b6fa38ac02..74735eb26ae 100644 --- a/extensions/feishu/src/bot-content.ts +++ b/extensions/feishu/src/bot-content.ts @@ -263,6 +263,22 @@ export function checkBotMentioned(event: FeishuMessageLike, botOpenId?: string): return false; } +/** + * Returns true when the Feishu message contains a real @所有人 (@_all) mention + * according to the structured mention metadata in `event.message.mentions`. + * + * Using the `mentions` array (rather than a raw substring search on + * `message.content`) prevents spoofing: a user can type the literal text + * "@_all" in a normal message without triggering an @所有人 broadcast — the + * Feishu server only inserts a `mentions` entry with `key === "@_all"` when + * the sender actually used the @所有人 mention (CWE-807). + */ +export function hasAtAllMention(event: FeishuMessageLike): boolean { + return (event.message.mentions ?? []).some( + (m) => m.key === "@_all" || m.id?.user_id === "all" || m.id?.open_id === "all", + ); +} + export function normalizeMentions( text: string, mentions?: FeishuMention[], diff --git a/extensions/feishu/src/bot.checkBotMentioned.test.ts b/extensions/feishu/src/bot.checkBotMentioned.test.ts index 3d9edc8515d..150143d7069 100644 --- a/extensions/feishu/src/bot.checkBotMentioned.test.ts +++ b/extensions/feishu/src/bot.checkBotMentioned.test.ts @@ -1,4 +1,5 @@ import { describe, it, expect } from "vitest"; +import { hasAtAllMention } from "./bot-content.js"; import { parseFeishuMessageEvent } from "./bot.js"; // Helper to build a minimal FeishuMessageEvent for testing @@ -212,3 +213,42 @@ describe("parseFeishuMessageEvent – mentionedBot", () => { expect(ctx.mentionedBot).toBe(true); }); }); + +// hasAtAllMention — structured @所有人 detection (CWE-807 spoofing prevention) +describe("hasAtAllMention", () => { + function makeRawEvent( + mentions: Array<{ key: string; name: string; id: Record }>, + ) { + return { + message: { + content: '{"text":"hello"}', + message_type: "text", + mentions, + chat_id: "oc_group1", + message_id: "om_msg1", + }, + sender: { sender_id: { open_id: "ou_sender1", user_id: "u_sender1" }, sender_type: "user" }, + }; + } + + it("returns true when mentions contains key @_all", () => { + const event = makeRawEvent([{ key: "@_all", name: "所有人", id: {} }]); + expect(hasAtAllMention(event as any)).toBe(true); + }); + + it("returns true when mentions contains id.user_id === 'all'", () => { + const event = makeRawEvent([{ key: "@_all", name: "所有人", id: { user_id: "all" } }]); + expect(hasAtAllMention(event as any)).toBe(true); + }); + + it("returns false when mentions is empty (raw @_all text does NOT trigger)", () => { + // A user typing the literal text "@_all" should not be detected as @所有人 + const event = makeRawEvent([]); + expect(hasAtAllMention(event as any)).toBe(false); + }); + + it("returns false when mentions only contain regular user mentions", () => { + const event = makeRawEvent([{ key: "@_user_1", name: "Alice", id: { open_id: "ou_alice" } }]); + expect(hasAtAllMention(event as any)).toBe(false); + }); +}); diff --git a/extensions/feishu/src/bot.ts b/extensions/feishu/src/bot.ts index 34a6d169644..9ee0569abfd 100644 --- a/extensions/feishu/src/bot.ts +++ b/extensions/feishu/src/bot.ts @@ -23,6 +23,7 @@ import { import { resolveFeishuAccount } from "./accounts.js"; import { checkBotMentioned, + hasAtAllMention, normalizeFeishuCommandProbeBody, normalizeMentions, parseMergeForwardContent, @@ -422,7 +423,12 @@ export async function handleFeishuMessage(params: { // account or group is explicitly configured with respondToAtAll:true, treat // it as mentioning this bot. Default is false so bots that do not opt in // stay silent when a user broadcasts to the whole group. - if (!ctx.mentionedBot && (event.message.content ?? "").includes("@_all")) { + // + // Detection uses the structured mention metadata (event.message.mentions) + // rather than a raw substring check on message.content to prevent spoofing + // (a user typing the literal text "@_all" in a normal message would otherwise + // bypass the requireMention gate — CWE-807). + if (!ctx.mentionedBot && hasAtAllMention(event)) { const respondToAtAll = groupConfig?.respondToAtAll ?? feishuCfg?.respondToAtAll ?? false; if (respondToAtAll) { ctx = { ...ctx, mentionedBot: true };