Merge 10551a093781b2b29c2761eb0786019632d347e1 into 5e417b44e1540f528d2ae63e3e20229a902d1db2

extensions/feishu/src/bot-content.ts

@@ -248,9 +248,11 @@ export function checkBotMentioned(event: FeishuMessageLike, botOpenId?: string):
   if (!botOpenId) {
     return false;
   }
-  if ((event.message.content ?? "").includes("@_all")) {
+  // @_all (@所有人) is intentionally NOT treated as mentioning every bot here.
-    return true;
+  // Whether to respond to @所有人 is an opt-in decision controlled by the
-  }
+  // respondToAtAll config flag; the check is applied in handleFeishuMessage
+  // after the group config is resolved so that per-group and per-account
+  // settings are both honoured.
   const mentions = event.message.mentions ?? [];
   if (mentions.length > 0) {
     return mentions.some((mention) => mention.id.open_id === botOpenId);
@@ -261,6 +263,22 @@ export function checkBotMentioned(event: FeishuMessageLike, botOpenId?: string):
   return false;
 }
 
+/**
+ * Returns true when the Feishu message contains a real @所有人 (@_all) mention
+ * according to the structured mention metadata in `event.message.mentions`.
+ *
+ * Using the `mentions` array (rather than a raw substring search on
+ * `message.content`) prevents spoofing: a user can type the literal text
+ * "@_all" in a normal message without triggering an @所有人 broadcast — the
+ * Feishu server only inserts a `mentions` entry with `key === "@_all"` when
+ * the sender actually used the @所有人 mention (CWE-807).
+ */
+export function hasAtAllMention(event: FeishuMessageLike): boolean {
+  return (event.message.mentions ?? []).some(
+    (m) => m.key === "@_all" || m.id?.user_id === "all" || m.id?.open_id === "all",
+  );
+}
+
 export function normalizeMentions(
   text: string,
   mentions?: FeishuMention[],

extensions/feishu/src/bot.checkBotMentioned.test.ts

@@ -1,4 +1,5 @@
 import { describe, it, expect } from "vitest";
+import { hasAtAllMention } from "./bot-content.js";
 import { parseFeishuMessageEvent } from "./bot.js";
 
 // Helper to build a minimal FeishuMessageEvent for testing
@@ -190,4 +191,64 @@ describe("parseFeishuMessageEvent – mentionedBot", () => {
     const ctx = parseFeishuMessageEvent(event as any, "ou_bot_123");
     expect(ctx.content).toBe("[Forwarded message: sc_abc123]");
   });
+
+  // @_all (@所有人) behaviour — opt-in is controlled by respondToAtAll config
+  // and resolved later in handleFeishuMessage; parseFeishuMessageEvent itself
+  // no longer unconditionally sets mentionedBot=true for @_all.
+  it("returns mentionedBot=false for @_all message (respondToAtAll opt-in not yet applied)", () => {
+    const event = makeEvent("group", [], "@_all hello everyone");
+    const ctx = parseFeishuMessageEvent(event as any, BOT_OPEN_ID);
+    expect(ctx.mentionedBot).toBe(false);
+  });
+
+  it("returns mentionedBot=false for @_all even when bot is also in mentions list (opt-in path takes precedence)", () => {
+    // Explicit bot mention still wins via the mentions array path
+    const event = makeEvent(
+      "group",
+      [{ key: "@_user_1", name: "Bot", id: { open_id: BOT_OPEN_ID } }],
+      "@_all hello",
+    );
+    const ctx = parseFeishuMessageEvent(event as any, BOT_OPEN_ID);
+    // Bot IS in the mentions array, so it should still be true via that path
+    expect(ctx.mentionedBot).toBe(true);
+  });
+});
+
+// hasAtAllMention — structured @所有人 detection (CWE-807 spoofing prevention)
+describe("hasAtAllMention", () => {
+  function makeRawEvent(
+    mentions: Array<{ key: string; name: string; id: Record<string, string> }>,
+  ) {
+    return {
+      message: {
+        content: '{"text":"hello"}',
+        message_type: "text",
+        mentions,
+        chat_id: "oc_group1",
+        message_id: "om_msg1",
+      },
+      sender: { sender_id: { open_id: "ou_sender1", user_id: "u_sender1" }, sender_type: "user" },
+    };
+  }
+
+  it("returns true when mentions contains key @_all", () => {
+    const event = makeRawEvent([{ key: "@_all", name: "所有人", id: {} }]);
+    expect(hasAtAllMention(event as any)).toBe(true);
+  });
+
+  it("returns true when mentions contains id.user_id === 'all'", () => {
+    const event = makeRawEvent([{ key: "@_all", name: "所有人", id: { user_id: "all" } }]);
+    expect(hasAtAllMention(event as any)).toBe(true);
+  });
+
+  it("returns false when mentions is empty (raw @_all text does NOT trigger)", () => {
+    // A user typing the literal text "@_all" should not be detected as @所有人
+    const event = makeRawEvent([]);
+    expect(hasAtAllMention(event as any)).toBe(false);
+  });
+
+  it("returns false when mentions only contain regular user mentions", () => {
+    const event = makeRawEvent([{ key: "@_user_1", name: "Alice", id: { open_id: "ou_alice" } }]);
+    expect(hasAtAllMention(event as any)).toBe(false);
+  });
 });

extensions/feishu/src/bot.ts

@@ -23,6 +23,7 @@ import {
 import { resolveFeishuAccount } from "./accounts.js";
 import {
   checkBotMentioned,
+  hasAtAllMention,
   normalizeFeishuCommandProbeBody,
   normalizeMentions,
   parseMergeForwardContent,
@@ -418,6 +419,22 @@ export async function handleFeishuMessage(params: {
       groupConfig,
     }));
 
+    // @_all (@所有人) opt-in: if the message targets all group members and the
+    // account or group is explicitly configured with respondToAtAll:true, treat
+    // it as mentioning this bot.  Default is false so bots that do not opt in
+    // stay silent when a user broadcasts to the whole group.
+    //
+    // Detection uses the structured mention metadata (event.message.mentions)
+    // rather than a raw substring check on message.content to prevent spoofing
+    // (a user typing the literal text "@_all" in a normal message would otherwise
+    // bypass the requireMention gate — CWE-807).
+    if (!ctx.mentionedBot && hasAtAllMention(event)) {
+      const respondToAtAll = groupConfig?.respondToAtAll ?? feishuCfg?.respondToAtAll ?? false;
+      if (respondToAtAll) {
+        ctx = { ...ctx, mentionedBot: true };
+      }
+    }
+
     if (requireMention && !ctx.mentionedBot) {
       log(`feishu[${account.accountId}]: message in group ${ctx.chatId} did not mention bot`);
       // Record to pending history for non-broadcast groups only. For broadcast groups,

extensions/feishu/src/config-schema.ts

@@ -141,6 +141,7 @@ const ReplyInThreadSchema = z.enum(["disabled", "enabled"]).optional();
 export const FeishuGroupSchema = z
   .object({
     requireMention: z.boolean().optional(),
+    respondToAtAll: z.boolean().optional(),
     tools: ToolPolicySchema,
     skills: z.array(z.string()).optional(),
     enabled: z.boolean().optional(),
@@ -164,6 +165,7 @@ const FeishuSharedConfigShape = {
   groupAllowFrom: z.array(z.union([z.string(), z.number()])).optional(),
   groupSenderAllowFrom: z.array(z.union([z.string(), z.number()])).optional(),
   requireMention: z.boolean().optional(),
+  respondToAtAll: z.boolean().optional(),
   groups: z.record(z.string(), FeishuGroupSchema.optional()).optional(),
   historyLimit: z.number().int().min(0).optional(),
   dmHistoryLimit: z.number().int().min(0).optional(),