-
-
Notifications
You must be signed in to change notification settings - Fork 80.3k
Feishu (and non-Discord channels) should apply sanitizeAssistantVisibleText() on outbound text #90684
Copy link
Copy link
Open
Labels
P1High-priority user-facing bug, regression, or broken workflow.High-priority user-facing bug, regression, or broken workflow.clawsweeper:fix-shape-clearClawSweeper found a clear likely implementation shape for this issue.ClawSweeper found a clear likely implementation shape for this issue.clawsweeper:needs-maintainer-reviewClawSweeper marked this issue as needing maintainer review before automation.ClawSweeper marked this issue as needing maintainer review before automation.clawsweeper:needs-product-decisionClawSweeper marked this issue as needing a product or behavior decision.ClawSweeper marked this issue as needing a product or behavior decision.clawsweeper:needs-security-reviewClawSweeper marked this issue as needing security-sensitive review.ClawSweeper marked this issue as needing security-sensitive review.clawsweeper:no-new-fix-prClawSweeper does not recommend queueing a new automated fix PR for this issue.ClawSweeper does not recommend queueing a new automated fix PR for this issue.clawsweeper:source-reproClawSweeper found a high-confidence source-level issue reproduction.ClawSweeper found a high-confidence source-level issue reproduction.impact:message-lossChannel message delivery can be lost, duplicated, or misrouted.Channel message delivery can be lost, duplicated, or misrouted.impact:securitySecurity boundary, credential, authz, sandbox, or sensitive-data risk.Security boundary, credential, authz, sandbox, or sensitive-data risk.issue-rating: 🦞 diamond lobsterVery strong issue quality with high-confidence source-level or clear reproduction.Very strong issue quality with high-confidence source-level or clear reproduction.staleMarked as stale due to inactivityMarked as stale due to inactivity
Description
Metadata
Metadata
Assignees
Labels
P1High-priority user-facing bug, regression, or broken workflow.High-priority user-facing bug, regression, or broken workflow.clawsweeper:fix-shape-clearClawSweeper found a clear likely implementation shape for this issue.ClawSweeper found a clear likely implementation shape for this issue.clawsweeper:needs-maintainer-reviewClawSweeper marked this issue as needing maintainer review before automation.ClawSweeper marked this issue as needing maintainer review before automation.clawsweeper:needs-product-decisionClawSweeper marked this issue as needing a product or behavior decision.ClawSweeper marked this issue as needing a product or behavior decision.clawsweeper:needs-security-reviewClawSweeper marked this issue as needing security-sensitive review.ClawSweeper marked this issue as needing security-sensitive review.clawsweeper:no-new-fix-prClawSweeper does not recommend queueing a new automated fix PR for this issue.ClawSweeper does not recommend queueing a new automated fix PR for this issue.clawsweeper:source-reproClawSweeper found a high-confidence source-level issue reproduction.ClawSweeper found a high-confidence source-level issue reproduction.impact:message-lossChannel message delivery can be lost, duplicated, or misrouted.Channel message delivery can be lost, duplicated, or misrouted.impact:securitySecurity boundary, credential, authz, sandbox, or sensitive-data risk.Security boundary, credential, authz, sandbox, or sensitive-data risk.issue-rating: 🦞 diamond lobsterVery strong issue quality with high-confidence source-level or clear reproduction.Very strong issue quality with high-confidence source-level or clear reproduction.staleMarked as stale due to inactivityMarked as stale due to inactivity
Type
Fields
No fields configured for issues without a type.
Summary
The
sanitizeAssistantVisibleText()pipeline already strips internal XML scaffolding (tool-call tags, thinking tags, model tokens, legacy bracket blocks, etc.) — but it is only applied to Discord today. Feishu and other non-Discord channels send raw text directly, causing<invoke name="exec">,<tool_call>,<function_call>and similar XML tags to leak into user-visible messages.Reproduction
Technical Analysis
What exists today
assistant-visible-text-ye5B62pZ.jsexportssanitizeAssistantVisibleText()— a comprehensive pipeline that strips:<|...|>)<final>tags<tool_call>,<tool_result>,<function_call>,<function_calls>,<function_response>,<function>,<tool_calls>XML blocks[TOOL_CALL]/[TOOL_RESULT]legacy bracket blocks<invoke>withminimax:tool_callnamespace)<relevant_memories>tags[Tool Call:...]blocks)Where it's used
Only the Discord channel calls it:
Where it's missing
Feishu's
sendMessageFeishu()insend-BB9NHzC6.jssends raw text directly:The same issue applies to
sendStructuredCardFeishu()andsendMarkdownCardFeishu().Likely also affects Telegram, WhatsApp, Slack, and other channels that don't apply this pipeline.
Proposed Solution
Option A: Per-channel config flag (minimal)
Add a
sanitizeVisibleTextboolean config field to the Feishu channel schema (defaulttrue), and callsanitizeAssistantVisibleText()before sending.Option B: Global default (ideal)
Move the sanitization to the shared outbound pipeline (
channel-outbound-DuRkxH3q.jsorreply-payload-swpu2tGD.js) so all channels benefit automatically. Make it opt-out per channel via config.Option C: Channel-level config
Add
channels.feishu.sanitizeVisibleTextandchannels.*.sanitizeVisibleTextas a standard channel field.Related