From e70af87a1cb5b913bba1ab0c5931d58a9ac4447a Mon Sep 17 00:00:00 2001
From: saurav470 <sauravsharma3001@gmail.com>
Date: Sun, 8 Mar 2026 13:45:27 +0530
Subject: [PATCH] docs(feishu): clarify localRoots configuration for media
 uploads with security considerations

---
 extensions/feishu/src/config-schema.ts | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/extensions/feishu/src/config-schema.ts b/extensions/feishu/src/config-schema.ts
index 639805e0b94..3bdc19f301f 100644
--- a/extensions/feishu/src/config-schema.ts
+++ b/extensions/feishu/src/config-schema.ts
@@ -165,7 +165,13 @@ const FeishuSharedConfigShape = {
   chunkMode: z.enum(["length", "newline"]).optional(),
   blockStreamingCoalesce: BlockStreamingCoalesceSchema,
   mediaMaxMb: z.number().positive().optional(),
-  /** Allowed roots for local media paths, or "any" to allow any path. Used by sendMedia/local file uploads. */
+  /**
+   * Allowed roots for local media paths (sendMedia / local file uploads). Array of absolute
+   * directory paths, or "any" to allow any local path.
+   * Security: "any" bypasses path-containment checks and grants unrestricted filesystem read
+   * access to the process. Prefer explicit path arrays in production; use "any" only in
+   * trusted environments (e.g. dev or locked-down hosts).
+   */
   localRoots: z.union([z.literal("any"), z.array(z.string())]).optional(),
   httpTimeoutMs: z.number().int().positive().max(300_000).optional(),
   heartbeat: ChannelHeartbeatVisibilitySchema,