56 lines
1.5 KiB
Markdown
56 lines
1.5 KiB
Markdown
# PR Summary (WhisperGate + Discord Control)
|
|
|
|
## Scope
|
|
|
|
This PR delivers two tracks:
|
|
|
|
1. WhisperGate deterministic no-reply gate for Discord sessions
|
|
2. Discord control extension API for private-channel/member-list gaps
|
|
|
|
## Delivered Features
|
|
|
|
### WhisperGate
|
|
|
|
- Deterministic rule chain:
|
|
1) non-discord => skip
|
|
2) bypass sender => skip
|
|
3) ending symbol matched => skip
|
|
4) else => no-reply provider/model override
|
|
- `NO_REPLY` backend API (`/v1/chat/completions`, `/v1/responses`, `/v1/models`)
|
|
- Optional API bearer auth (`AUTH_TOKEN`)
|
|
- Prompt prepend on bypass/end-symbol paths:
|
|
- `你的这次发言必须以🔚作为结尾。`
|
|
- Rule validation script and fixtures
|
|
|
|
### Discord Control API
|
|
|
|
- `channel-private-create`
|
|
- `channel-private-update` (`merge`/`replace`)
|
|
- `member-list` with optional field projection
|
|
- Action gate + guild allowlist + caller allowlist + bearer auth
|
|
- Dry-run support for channel private actions
|
|
|
|
## Runtime Mode
|
|
|
|
- No-Docker-first
|
|
- Run directly with Node.js
|
|
|
|
## Security Defaults (recommended)
|
|
|
|
- Set `AUTH_TOKEN`
|
|
- Set `REQUIRE_AUTH_TOKEN=true`
|
|
- Use `ALLOWED_GUILD_IDS`
|
|
- Use `ALLOWED_CALLER_IDS`
|
|
- Keep Discord bot token in env only (`DISCORD_BOT_TOKEN`)
|
|
|
|
## Known Limits
|
|
|
|
- This repo cannot elevate bot privileges; Discord admin permissions still govern all actions.
|
|
- `member-list` depends on Discord API permission/intents availability.
|
|
|
|
## Rollback
|
|
|
|
- Disable plugin entry or remove plugin path from OpenClaw config
|
|
- Stop `discord-control-api` process
|
|
- Keep no-reply API stopped if not needed
|