The respondToAtAll check in handleFeishuMessage was using a raw substring
match on event.message.content to detect @所有人 (@_all):
if (!ctx.mentionedBot && (event.message.content ?? "").includes("@_all"))
This allows spoofing: any user who types the literal text "@_all" in a
normal message (in a code block, quote, or plain text) will have their
message treated as a real @所有人 broadcast when respondToAtAll is enabled,
bypassing the requireMention gate (CWE-807 — decision via unverified data).
Fix:
- Extract a new exported helper hasAtAllMention() in bot-content.ts that
checks the structured event.message.mentions array for an entry with
key === "@_all" or id.user_id/open_id === "all". Feishu only inserts a
mention entry with key "@_all" when the sender actually used the
@所有人 mention button — unlike raw message content which is user-controlled.
- Update handleFeishuMessage to call hasAtAllMention(event) instead of the
raw content substring check.
- Add 4 focused unit tests for hasAtAllMention() covering: key match,
user_id match, empty mentions (raw text cannot spoof), and non-@all
regular user mentions.
Total tests: 21/21 (17 existing + 4 new)
10551a0937