feat: Improve TelegramAdapter message handling with enhanced error management and draft message support

feat: Enhance TelegramAdapter to handle form action buttons and message threading
feat: Enhance Lark and Telegram adapters with new form handling for paused workflows
2026-06-02 03:55:55 +00:00 · 2026-06-02 01:14:25 +08:00 · 2026-06-02 00:25:52 +08:00 · 2026-06-01 23:48:59 +08:00 · 2026-05-30 12:22:00 +08:00 · 2026-05-28 23:32:46 +08:00
452 changed files with 54872 additions and 7476 deletions
--- a/.github/ISSUE_TEMPLATE/bug-report.yml
+++ b/.github/ISSUE_TEMPLATE/bug-report.yml
@@ -1,5 +1,5 @@
 name: 漏洞反馈
-description: 【供中文用户】报错或漏洞请使用这个模板创建，不使用此模板创建的异常、漏洞相关issue将被直接关闭。由于自己操作不当/不甚了解所用技术栈引起的网络连接问题恕无法解决，请勿提 issue。容器间网络连接问题，参考文档 https://docs.langbot.app/zh/workshop/network-details.html  
+description: 【供中文用户】报错或漏洞请使用这个模板创建，不使用此模板创建的异常、漏洞相关issue将被直接关闭。由于自己操作不当/不甚了解所用技术栈引起的网络连接问题恕无法解决，请勿提 issue。容器间网络连接问题，参考文档 https://link.langbot.app/zh/docs/network  
 title: "[Bug]: "
 labels: ["bug?"]
 body:
--- a/.github/ISSUE_TEMPLATE/bug-report_en.yml
+++ b/.github/ISSUE_TEMPLATE/bug-report_en.yml
@@ -1,5 +1,5 @@
 name: Bug report
-description: Report bugs or vulnerabilities using this template. For container network connection issues, refer to the documentation https://docs.langbot.app/en/workshop/network-details.html
+description: Report bugs or vulnerabilities using this template. For container network connection issues, refer to the documentation https://link.langbot.app/en/docs/network
 title: "[Bug]: "
 labels: ["bug?"]
 body:
--- a/.github/workflows/build-release-artifacts.yaml
+++ b/.github/workflows/build-release-artifacts.yaml
@@ -43,10 +43,10 @@ jobs:
        run: |
          cd /tmp/langbot_build_web/web
          npm install
-          npm run build
+          npx vite build
      - name: Package Output
        run: |
-          cp -r /tmp/langbot_build_web/web/out ./web
+          cp -r /tmp/langbot_build_web/web/dist ./web
      - name: Upload Artifact
        uses: actions/upload-artifact@v4
        with:
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@@ -0,0 +1,25 @@
+name: Check i18n Keys
+
+on:
+  push:
+    branches:
+      - main
+      - master
+
+jobs:
+  check-i18n:
+    name: Check i18n Key Consistency
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Check i18n keys against en-US reference
+        run: node web/scripts/check-i18n.mjs
--- a/.github/workflows/publish-to-pypi.yml
+++ b/.github/workflows/publish-to-pypi.yml
@@ -29,8 +29,8 @@ jobs:
          npm install -g pnpm
          pnpm install
          pnpm build
-          mkdir -p ../src/langbot/web/out
-          cp -r out ../src/langbot/web/
+          mkdir -p ../src/langbot/web/dist
+          cp -r dist ../src/langbot/web/

      - name: Install the latest version of uv
        uses: astral-sh/setup-uv@v6
--- a/.github/workflows/run-tests.yml
+++ b/.github/workflows/run-tests.yml
@@ -4,25 +4,29 @@ on:
  pull_request:
    types: [opened, ready_for_review, synchronize]
    paths:
-      - 'pkg/**'
+      - 'src/langbot/**'
      - 'tests/**'
      - '.github/workflows/run-tests.yml'
      - 'pyproject.toml'
+      - 'uv.lock'
      - 'run_tests.sh'
+      - 'scripts/test-*.sh'
  push:
    branches:
      - master
      - develop
    paths:
-      - 'pkg/**'
+      - 'src/langbot/**'
      - 'tests/**'
      - '.github/workflows/run-tests.yml'
      - 'pyproject.toml'
+      - 'uv.lock'
      - 'run_tests.sh'
+      - 'scripts/test-*.sh'

 jobs:
  test:
-    name: Run Unit Tests
+    name: Unit Tests
    runs-on: ubuntu-latest
    strategy:
      matrix:
@@ -39,28 +43,13 @@ jobs:
          python-version: ${{ matrix.python-version }}

      - name: Install uv
-        run: |
-          curl -LsSf https://astral.sh/uv/install.sh | sh
-          echo "$HOME/.cargo/bin" >> $GITHUB_PATH
+        uses: astral-sh/setup-uv@v4

      - name: Install dependencies
-        run: |
-          uv sync --dev
+        run: uv sync --dev

-      - name: Run unit tests
-        run: |
-          bash run_tests.sh
-
-      - name: Upload coverage to Codecov
-        if: matrix.python-version == '3.12'
-        uses: codecov/codecov-action@v5
-        with:
-          files: ./coverage.xml
-          flags: unit-tests
-          name: unit-tests-coverage
-          fail_ci_if_error: false
-        env:
-          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+      - name: Run unit + smoke tests
+        run: uv run pytest tests/unit_tests/ tests/smoke/ -q --tb=short

      - name: Test Summary
        if: always()
@@ -69,3 +58,79 @@ jobs:
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "Python Version: ${{ matrix.python-version }}" >> $GITHUB_STEP_SUMMARY
          echo "Test Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
+
+  integration:
+    name: Fast Integration Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Install dependencies
+        run: uv sync --dev
+
+      - name: Run fast integration tests
+        run: uv run pytest tests/integration/ -m "not slow" -q --tb=short
+
+      - name: Integration Test Summary
+        if: always()
+        run: |
+          echo "## Integration Tests Results" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "Test Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
+
+  coverage:
+    name: Coverage Gate
+    runs-on: ubuntu-latest
+    needs: [test, integration]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Install dependencies
+        run: uv sync --dev
+
+      - name: Run coverage (unit + smoke)
+        run: |
+          uv run pytest tests/unit_tests/ tests/smoke/ \
+            --cov=langbot \
+            --cov-report=xml \
+            --cov-report=term-missing \
+            --cov-fail-under=18 \
+            -q --tb=short
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v5
+        with:
+          files: ./coverage.xml
+          flags: unit-tests
+          name: coverage-report
+          fail_ci_if_error: false
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Coverage Summary
+        if: always()
+        run: |
+          echo "## Coverage Results" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "Threshold: 18%" >> $GITHUB_STEP_SUMMARY
+          echo "Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
--- a/.github/workflows/test-migrations.yml
+++ b/.github/workflows/test-migrations.yml
@@ -0,0 +1,78 @@
+name: Test Migrations
+
+on:
+  push:
+    branches:
+      - main
+      - master
+      - dev
+    paths:
+      - 'src/langbot/pkg/persistence/**'
+      - 'src/langbot/pkg/entity/persistence/**'
+      - 'tests/integration/persistence/**'
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+    paths:
+      - 'src/langbot/pkg/persistence/**'
+      - 'src/langbot/pkg/entity/persistence/**'
+      - 'tests/integration/persistence/**'
+
+jobs:
+  test-migrations-sqlite:
+    name: Migrations (SQLite)
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Install dependencies
+        run: uv sync --dev
+
+      - name: Run SQLite migration tests
+        run: uv run pytest tests/integration/persistence/test_migrations.py -q --tb=short
+
+  test-migrations-postgres:
+    name: Migrations (PostgreSQL)
+    runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:16
+        env:
+          POSTGRES_USER: langbot
+          POSTGRES_PASSWORD: langbot
+          POSTGRES_DB: langbot_test
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd="pg_isready -U langbot"
+          --health-interval=5s
+          --health-timeout=5s
+          --health-retries=5
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Install dependencies
+        run: uv sync --dev
+
+      - name: Run PostgreSQL migration tests
+        env:
+          TEST_POSTGRES_URL: postgresql+asyncpg://langbot:langbot@localhost:5432/langbot_test
+        run: uv run pytest tests/integration/persistence/test_migrations_postgres.py -q --tb=short
--- a/.gitignore
+++ b/.gitignore
@@ -47,16 +47,12 @@ plugins.bak
 coverage.xml
 .coverage
 src/langbot/web/
+testsdk/

 # Build artifacts
 /dist
 /build
 *.egg-info

-# Docker 部署产生的本地文件
-docker/data/
-docker/docker-compose.override.yaml
-
-# 备份目录
-LangBot_backup_*/
-*.bak
+# Next.js build cache (legacy)
+web/.next/
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -70,7 +70,7 @@ Plugin Runtime automatically starts each installed plugin and interacts through
    - type: must be a specific type, such as feat (new feature), fix (bug fix), docs (documentation), style (code style), refactor (refactoring), perf (performance optimization), etc.
    - scope: the scope of the commit, such as the package name, the file name, the function name, the class name, the module name, etc.
    - subject: the subject of the commit, such as the description of the commit, the reason for the commit, the impact of the commit, etc.
- If you changed the definition of database entities, please update the migration file in `src/langbot/pkg/persistence/migrations/` and update the constants.py file in `src/langbot/pkg/utils/constants.py` with the new migration number.
+- LangBot uses [Alembic](https://alembic.sqlalchemy.org/) to manage database migrations, supporting both SQLite and PostgreSQL. Migration files are located in `src/langbot/pkg/persistence/alembic/versions/`. If you changed the definition of database entities (ORM models), generate a new migration script by running `uv run python -m langbot.pkg.persistence.alembic_runner autogenerate "description of your change"` in the project root (requires `data/config.yaml` to exist). Review and edit the generated script before committing. Migrations are executed automatically on LangBot startup. For data migrations (e.g. modifying JSON field content), you need to manually add the migration code in the generated script.

 ## Some Principles

--- a/12
+++ b/12
@@ -4,24 +4,20 @@ WORKDIR /app

 COPY web ./web

-RUN cd web && npm install && npm run build
+RUN cd web && npm install && npx vite build

 FROM python:3.12.7-slim

 WORKDIR /app

-# Use Chinese mirror for faster and more reliable package downloads
-RUN sed -i 's|deb.debian.org|mirrors.aliyun.com|g' /etc/apt/sources.list.d/debian.sources 2>/dev/null || \
-    sed -i 's|deb.debian.org|mirrors.aliyun.com|g' /etc/apt/sources.list 2>/dev/null || true
-
 COPY . .

-COPY --from=node /app/web/out ./web/out
+COPY --from=node /app/web/dist ./web/dist

 RUN apt update \
    && apt install gcc -y \
-    && python -m pip install --no-cache-dir -i https://pypi.tuna.tsinghua.edu.cn/simple uv \
-    && uv sync --index-url https://pypi.tuna.tsinghua.edu.cn/simple \
+    && python -m pip install --no-cache-dir uv \
+    && uv sync \
    && touch /.dockerenv

 CMD [ "uv", "run", "--no-sync", "main.py" ]
--- a/36
+++ b/36
@@ -0,0 +1,36 @@
+# LangBot Makefile
+# Quick developer commands
+
+.PHONY: test test-quick test-integration-fast test-coverage test-all-local lint
+
+# Run all tests (full suite with coverage)
+test:
+	bash run_tests.sh
+
+# Quick self-test for developers (lint + unit + smoke, no real credentials needed)
+test-quick:
+	bash scripts/test-quick.sh
+
+# Fast integration tests (SQLite/API/Pipeline, no external services)
+test-integration-fast:
+	bash scripts/test-integration-fast.sh
+
+# Coverage gate (all tests, enforces minimum threshold)
+test-coverage:
+	bash scripts/test-coverage.sh
+
+# Full local quality gate (quick + integration + coverage)
+test-all-local:
+	bash scripts/test-quick.sh
+	bash scripts/test-integration-fast.sh
+	bash scripts/test-coverage.sh
+
+# Run linting only
+lint:
+	ruff check src/langbot/ tests/
+	ruff format --check src/langbot/ tests/
+
+# Fix linting issues
+lint-fix:
+	ruff check --fix src/langbot/ tests/
+	ruff format src/langbot/ tests/
--- a/README.md
+++ b/README.md
@@ -19,9 +19,9 @@ English / [简体中文](README_CN.md) / [繁體中文](README_TW.md) / [日本
 [![GitHub stars](https://img.shields.io/github/stars/langbot-app/LangBot?style=social)](https://github.com/langbot-app/LangBot/stargazers)

 <a href="https://langbot.app">Website</a> ｜
-<a href="https://docs.langbot.app/en/insight/features">Features</a> ｜
-<a href="https://docs.langbot.app/en/insight/guide">Docs</a> ｜
-<a href="https://docs.langbot.app/en/tags/readme">API</a> ｜
+<a href="https://link.langbot.app/en/docs/features">Features</a> ｜
+<a href="https://link.langbot.app/en/docs/guide">Docs</a> ｜
+<a href="https://link.langbot.app/en/docs/api">API</a> ｜
 <a href="https://space.langbot.app/cloud">Cloud</a> ｜
 <a href="https://space.langbot.app">Plugin Market</a> ｜
 <a href="https://langbot.featurebase.app/roadmap">Roadmap</a>
@@ -45,7 +45,9 @@ LangBot is an **open-source, production-grade platform** for building AI-powered
 - **Web Management Panel** — Configure, manage, and monitor your bots through an intuitive browser interface. No YAML editing required.
 - **Multi-Pipeline Architecture** — Different bots for different scenarios, with comprehensive monitoring and exception handling.

-[→ Learn more about all features](https://docs.langbot.app/en/insight/features)
+[→ Learn more about all features](https://link.langbot.app/en/docs/features)
+
+📍 Practical guides: [deploy a multi-platform AI bot in 5 minutes](https://blog.langbot.app/en/blog/deploy-ai-bot-in-5-minutes/), [connect DeepSeek to WeChat, Discord, and Telegram](https://blog.langbot.app/en/blog/connect-deepseek-to-wechat/), [run a Dify Agent in Discord, Telegram, and Slack](https://blog.langbot.app/en/blog/dify-agent-discord-telegram-slack/), and [build an n8n-powered chatbot](https://blog.langbot.app/en/blog/n8n-multi-platform-ai-chatbot/).

 ---

@@ -76,7 +78,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**More options:** [Docker](https://docs.langbot.app/en/deploy/langbot/docker) · [Manual](https://docs.langbot.app/en/deploy/langbot/manual) · [BTPanel](https://docs.langbot.app/en/deploy/langbot/one-click/bt) · [Kubernetes](./docker/README_K8S.md)
+**More options:** [Docker](https://link.langbot.app/en/docs/docker) · [Manual](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)

 ---

@@ -84,68 +86,72 @@ docker compose up -d

 | Platform | Status | Notes |
 |----------|--------|-------|
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |
-| LINE | ✅ |  |
-| QQ | ✅ | Personal & Official API |
+| Discord | ✅ | Official |
+| Telegram | ✅ | Official |
+| Slack | ✅ | Official |
+| LINE | ✅ | Official |
+| QQ | ✅ | Personal & Official API (Channel, DM, Group) |
 | WeCom | ✅ | Enterprise WeChat, External CS, AI Bot |
 | WeChat | ✅ | Personal & Official Account |
-| Lark | ✅ |  |
-| DingTalk | ✅ |  |
-| KOOK | ✅ |  |
+| Lark | ✅ | Official |
+| DingTalk | ✅ | Official |
+| KOOK | ✅ | Official |
 | Satori | ✅ |  |
+| Email | ✅ | Matrix, Satori |
+| Matrix | ✅ | Supports multiple bridged platforms such as Signal, WhatsApp, Messenger, iMessage, Mattermost, Google Chat, IRC, XMPP, Zulip, and more |

 ---

 ## Supported LLMs & Integrations

-| Provider | Type | Status |
-|----------|------|--------|
-| [OpenAI](https://platform.openai.com/) | LLM | ✅ |
-| [Anthropic](https://www.anthropic.com/) | LLM | ✅ |
-| [DeepSeek](https://www.deepseek.com/) | LLM | ✅ |
-| [Google Gemini](https://aistudio.google.com/prompts/new_chat) | LLM | ✅ |
-| [xAI](https://x.ai/) | LLM | ✅ |
-| [Moonshot](https://www.moonshot.cn/) | LLM | ✅ |
-| [Zhipu AI](https://open.bigmodel.cn/) | LLM | ✅ |
-| [Ollama](https://ollama.com/) | Local LLM | ✅ |
-| [LM Studio](https://lmstudio.ai/) | Local LLM | ✅ |
-| [Dify](https://dify.ai) | LLMOps | ✅ |
-| [MCP](https://modelcontextprotocol.io/) | Protocol | ✅ |
-| [SiliconFlow](https://siliconflow.cn/) | Gateway | ✅ |
-| [Aliyun Bailian](https://bailian.console.aliyun.com/) | Gateway | ✅ |
-| [Volc Engine Ark](https://console.volcengine.com/ark/region:ark+cn-beijing/model?vendor=Bytedance&view=LIST_VIEW) | Gateway | ✅ |
-| [ModelScope](https://modelscope.cn/docs/model-service/API-Inference/intro) | Gateway | ✅ |
-| [GiteeAI](https://ai.gitee.com/) | Gateway | ✅ |
-| [CompShare](https://www.compshare.cn/?ytag=GPU_YY-gh_langbot) | GPU Platform | ✅ |
-| [PPIO](https://ppinfra.com/user/register?invited_by=QJKFYD&utm_source=github_langbot) | GPU Platform | ✅ |
-| [ShengSuanYun](https://www.shengsuanyun.com/?from=CH_KYIPP758) | GPU Platform | ✅ |
-| [接口 AI](https://jiekou.ai/) | Gateway | ✅ |
-| [302.AI](https://share.302.ai/SuTG99) | Gateway | ✅ |
+| Provider                                                                                                          | Type         | Status |
+| ----------------------------------------------------------------------------------------------------------------- | ------------ | ------ |
+| [OpenAI](https://platform.openai.com/)                                                                            | LLM          | ✅     |
+| [Anthropic](https://www.anthropic.com/)                                                                           | LLM          | ✅     |
+| [DeepSeek](https://www.deepseek.com/)                                                                             | LLM          | ✅     |
+| [Google Gemini](https://aistudio.google.com/prompts/new_chat)                                                     | LLM          | ✅     |
+| [xAI](https://x.ai/)                                                                                              | LLM          | ✅     |
+| [Moonshot](https://www.moonshot.cn/)                                                                              | LLM          | ✅     |
+| [Zhipu AI](https://open.bigmodel.cn/)                                                                             | LLM          | ✅     |
+| [Ollama](https://ollama.com/)                                                                                     | Local LLM    | ✅     |
+| [LM Studio](https://lmstudio.ai/)                                                                                 | Local LLM    | ✅     |
+| [Dify](https://dify.ai)                                                                                           | LLMOps       | ✅     |
+| [MCP](https://modelcontextprotocol.io/)                                                                           | Protocol     | ✅     |
+| [SiliconFlow](https://siliconflow.cn/)                                                                            | Gateway      | ✅     |
+| [Aliyun Bailian](https://bailian.console.aliyun.com/)                                                             | Gateway      | ✅     |
+| [Volc Engine Ark](https://console.volcengine.com/ark/region:ark+cn-beijing/model?vendor=Bytedance&view=LIST_VIEW) | Gateway      | ✅     |
+| [ModelScope](https://modelscope.cn/docs/model-service/API-Inference/intro)                                        | Gateway      | ✅     |
+| [GiteeAI](https://ai.gitee.com/)                                                                                  | Gateway      | ✅     |
+| [CompShare](https://www.compshare.cn/?ytag=GPU_YY-gh_langbot)                                                     | GPU Platform | ✅     |
+| [PPIO](https://ppinfra.com/user/register?invited_by=QJKFYD&utm_source=github_langbot)                             | GPU Platform | ✅     |
+| [ShengSuanYun](https://www.shengsuanyun.com/?from=CH_KYIPP758)                                                    | GPU Platform | ✅     |
+| [接口 AI](https://jiekou.ai/)                                                                                     | Gateway      | ✅     |
+| [302.AI](https://share.302.ai/SuTG99)                                                                             | Gateway      | ✅     |
+| [Qiniu](https://www.qiniu.com/ai/agent)                                                                           | Gateway      | ✅     |

-[→ View all integrations](https://docs.langbot.app/en/insight/features)
+[→ View all integrations](https://link.langbot.app/en/docs/features)

 ---

 ## Why LangBot?

-| Use Case | How LangBot Helps |
-|----------|-------------------|
-| **Customer Support** | Deploy AI agents to Slack/Discord/Telegram that answer questions using your knowledge base |
-| **Internal Tools** | Connect n8n/Dify workflows to WeCom/DingTalk for automated business processes |
-| **Community Management** | Moderate QQ/Discord groups with AI-powered content filtering and interaction |
-| **Multi-Platform Presence** | One bot, all platforms. Manage from a single dashboard |
+| Use Case                    | How LangBot Helps                                                                          |
+| --------------------------- | ------------------------------------------------------------------------------------------ |
+| **Customer Support**        | Deploy AI agents to Slack/Discord/Telegram that answer questions using your knowledge base |
+| **Internal Tools**          | Connect n8n/Dify workflows to WeCom/DingTalk for automated business processes              |
+| **Community Management**    | Moderate QQ/Discord groups with AI-powered content filtering and interaction               |
+| **Multi-Platform Presence** | One bot, all platforms. Manage from a single dashboard                                     |

 ---

 ## Live Demo

 **Try it now:** https://demo.langbot.dev/
+
 - Email: `demo@langbot.app`
 - Password: `langbot123456`

-*Note: Public demo environment. Do not enter sensitive information.*
+_Note: Public demo environment. Do not enter sensitive information._

 ---

--- a/README_CN.md
+++ b/README_CN.md
@@ -21,9 +21,9 @@
 [![star](https://gitcode.com/RockChinQ/LangBot/star/badge.svg)](https://gitcode.com/RockChinQ/LangBot)

 <a href="https://langbot.app">官网</a> ｜
-<a href="https://docs.langbot.app/zh/insight/features.html">特性</a> ｜
-<a href="https://docs.langbot.app/zh/insight/guide.html">文档</a> ｜
-<a href="https://docs.langbot.app/zh/tags/readme.html">API</a> ｜
+<a href="https://link.langbot.app/zh/docs/features">特性</a> ｜
+<a href="https://link.langbot.app/zh/docs/guide">文档</a> ｜
+<a href="https://link.langbot.app/zh/docs/api">API</a> ｜
 <a href="https://space.langbot.app/cloud">Cloud</a> ｜
 <a href="https://space.langbot.app">插件市场</a> ｜
 <a href="https://langbot.featurebase.app/roadmap">路线图</a>
@@ -45,7 +45,9 @@ LangBot 是一个**开源的生产级平台**，用于构建 AI 驱动的即时
 - **Web 管理面板** — 通过浏览器直观地配置、管理和监控机器人，无需手动编辑配置文件。
 - **多流水线架构** — 不同机器人用于不同场景，具备全面的监控和异常处理能力。

-[→ 了解更多功能特性](https://docs.langbot.app/zh/insight/features.html)
+[→ 了解更多功能特性](https://link.langbot.app/zh/docs/features)
+
+📍 实践指南：[5 分钟部署多平台 AI 机器人](https://blog.langbot.app/zh/blog/deploy-ai-bot-in-5-minutes/)、[将 DeepSeek 接入微信、企业微信与 Discord](https://blog.langbot.app/zh/blog/connect-deepseek-to-wechat/)、[让 Dify Agent 跑在 Discord、Telegram 和 Slack 上](https://blog.langbot.app/zh/blog/dify-agent-discord-telegram-slack/)，以及[用 n8n 构建多平台 AI 聊天机器人](https://blog.langbot.app/zh/blog/n8n-multi-platform-ai-chatbot/)。

 ---

@@ -76,7 +78,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/zh-CN/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**更多方式：** [Docker](https://docs.langbot.app/zh/deploy/langbot/docker.html) · [手动部署](https://docs.langbot.app/zh/deploy/langbot/manual.html) · [宝塔面板](https://docs.langbot.app/zh/deploy/langbot/one-click/bt.html) · [Kubernetes](./docker/README_K8S.md)
+**更多方式：** [Docker](https://link.langbot.app/zh/docs/docker) · [手动部署](https://link.langbot.app/zh/docs/manual-deploy) · [宝塔面板](https://link.langbot.app/zh/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)

 ---

@@ -87,13 +89,16 @@ docker compose up -d
 | QQ | ✅ | 个人号、官方机器人（频道、私聊、群聊） |
 | 微信 | ✅ | 个人微信、微信公众号 |
 | 企业微信 | ✅ | 应用消息、对外客服、智能机器人 |
-| 飞书 | ✅ |  |
-| 钉钉 | ✅ |  |
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |
-| LINE | ✅ |  |
-| KOOK | ✅ |  |
+| 飞书 | ✅ | 官方 |
+| 钉钉 | ✅ | 官方 |
+| Satori | ✅ |  |
+| Discord | ✅ | 官方 |
+| Telegram | ✅ | 官方 |
+| Slack | ✅ | 官方 |
+| LINE | ✅ | 官方 |
+| KOOK | ✅ | 官方 |
+| Email | ✅ | 只 Matrix、Satori |
+| Matrix | ✅ | 支持多种桥接平台，如 Signal、WhatsApp、Messenger、iMessage、Mattermost、Google Chat、IRC、XMPP、Zulip 等 |

 ---

@@ -124,8 +129,9 @@ docker compose up -d
 | [302.AI](https://share.302.ai/SuTG99) | 聚合平台 | ✅ |
 | [小马算力](https://www.tokenpony.cn/453z1) | 聚合平台 | ✅ |
 | [百宝箱Tbox](https://www.tbox.cn/open) | 智能体平台 | ✅ |
+| [七牛云Qiniu](https://www.qiniu.com/ai/agent) | 聚合平台 | ✅ |

-[→ 查看完整集成列表](https://docs.langbot.app/zh/insight/features.html)
+[→ 查看完整集成列表](https://link.langbot.app/zh/docs/features)

 ### TTS（语音合成）

--- a/README_ES.md
+++ b/README_ES.md
@@ -19,9 +19,9 @@
 [![GitHub stars](https://img.shields.io/github/stars/langbot-app/LangBot?style=social)](https://github.com/langbot-app/LangBot/stargazers)

 <a href="https://langbot.app">Inicio</a> ｜
-<a href="https://docs.langbot.app/en/insight/features.html">Características</a> ｜
-<a href="https://docs.langbot.app/en/insight/guide.html">Documentación</a> ｜
-<a href="https://docs.langbot.app/en/tags/readme.html">API</a> ｜
+<a href="https://link.langbot.app/en/docs/features">Características</a> ｜
+<a href="https://link.langbot.app/en/docs/guide">Documentación</a> ｜
+<a href="https://link.langbot.app/en/docs/api">API</a> ｜
 <a href="https://space.langbot.app">Mercado de Plugins</a> ｜
 <a href="https://langbot.featurebase.app/roadmap">Hoja de Ruta</a>

@@ -44,7 +44,9 @@ LangBot es una **plataforma de código abierto y grado de producción** para con
 - **Panel de Gestión Web** — Configure, gestione y monitoree sus bots a través de una interfaz de navegador intuitiva. Sin necesidad de editar YAML.
 - **Arquitectura Multi-Pipeline** — Diferentes bots para diferentes escenarios, con monitoreo completo y manejo de excepciones.

-[→ Conocer más sobre todas las funcionalidades](https://docs.langbot.app/en/insight/features.html)
+[→ Conocer más sobre todas las funcionalidades](https://link.langbot.app/en/docs/features)
+
+📍 Guías prácticas: [desplegar un bot de IA multiplataforma en 5 minutos](https://blog.langbot.app/en/blog/deploy-ai-bot-in-5-minutes/), [conectar DeepSeek a WeChat, Discord y Telegram](https://blog.langbot.app/en/blog/connect-deepseek-to-wechat/), [ejecutar un Dify Agent en Discord, Telegram y Slack](https://blog.langbot.app/en/blog/dify-agent-discord-telegram-slack/) y [crear un chatbot con n8n](https://blog.langbot.app/en/blog/n8n-multi-platform-ai-chatbot/).

 ---

@@ -75,7 +77,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**Más opciones:** [Docker](https://docs.langbot.app/en/deploy/langbot/docker.html) · [Manual](https://docs.langbot.app/en/deploy/langbot/manual.html) · [BTPanel](https://docs.langbot.app/en/deploy/langbot/one-click/bt.html) · [Kubernetes](./docker/README_K8S.md)
+**Más opciones:** [Docker](https://link.langbot.app/en/docs/docker) · [Manual](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)

 ---

@@ -83,17 +85,19 @@ docker compose up -d

 | Plataforma | Estado | Notas |
 |----------|--------|-------|
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |
-| LINE | ✅ |  |
-| QQ | ✅ | Personal y API Oficial |
+| Discord | ✅ | Oficial |
+| Telegram | ✅ | Oficial |
+| Slack | ✅ | Oficial |
+| LINE | ✅ | Oficial |
+| QQ | ✅ | Personal y API Oficial (Canal, DM, Grupo) |
 | WeCom | ✅ | WeChat Empresarial, CS Externo, AI Bot |
 | WeChat | ✅ | Personal y Cuenta Oficial |
-| Lark | ✅ |  |
-| DingTalk | ✅ |  |
-| KOOK | ✅ |  |
+| Lark | ✅ | Oficial |
+| DingTalk | ✅ | Oficial |
+| KOOK | ✅ | Oficial |
 | Satori | ✅ |  |
+| Email | ✅ | Matrix, Satori |
+| Matrix | ✅ | Admite varias plataformas puenteadas como Signal, WhatsApp, Messenger, iMessage, Mattermost, Google Chat, IRC, XMPP, Zulip y más |

 ---

@@ -122,8 +126,9 @@ docker compose up -d
 | [ShengSuanYun](https://www.shengsuanyun.com/?from=CH_KYIPP758) | Plataforma GPU | ✅ |
 | [接口 AI](https://jiekou.ai/) | Pasarela | ✅ |
 | [302.AI](https://share.302.ai/SuTG99) | Pasarela | ✅ |
+| [Qiniu](https://www.qiniu.com/ai/agent) | Pasarela | ✅ |

-[→ Ver todas las integraciones](https://docs.langbot.app/en/insight/features.html)
+[→ Ver todas las integraciones](https://link.langbot.app/en/docs/features)

 ---

--- a/README_FR.md
+++ b/README_FR.md
@@ -19,9 +19,9 @@
 [![GitHub stars](https://img.shields.io/github/stars/langbot-app/LangBot?style=social)](https://github.com/langbot-app/LangBot/stargazers)

 <a href="https://langbot.app">Accueil</a> ｜
-<a href="https://docs.langbot.app/en/insight/features.html">Fonctionnalités</a> ｜
-<a href="https://docs.langbot.app/en/insight/guide.html">Documentation</a> ｜
-<a href="https://docs.langbot.app/en/tags/readme.html">API</a> ｜
+<a href="https://link.langbot.app/en/docs/features">Fonctionnalités</a> ｜
+<a href="https://link.langbot.app/en/docs/guide">Documentation</a> ｜
+<a href="https://link.langbot.app/en/docs/api">API</a> ｜
 <a href="https://space.langbot.app">Marché des Plugins</a> ｜
 <a href="https://langbot.featurebase.app/roadmap">Feuille de Route</a>

@@ -44,7 +44,9 @@ LangBot est une **plateforme open-source de niveau production** pour créer des
 - **Panneau de Gestion Web** — Configurez, gérez et surveillez vos bots via une interface navigateur intuitive. Aucune édition de YAML requise.
 - **Architecture Multi-Pipeline** — Différents bots pour différents scénarios, avec surveillance complète et gestion des exceptions.

-[→ En savoir plus sur toutes les fonctionnalités](https://docs.langbot.app/en/insight/features.html)
+[→ En savoir plus sur toutes les fonctionnalités](https://link.langbot.app/en/docs/features)
+
+📍 Guides pratiques : [déployer un bot IA multiplateforme en 5 minutes](https://blog.langbot.app/en/blog/deploy-ai-bot-in-5-minutes/), [connecter DeepSeek à WeChat, Discord et Telegram](https://blog.langbot.app/en/blog/connect-deepseek-to-wechat/), [exécuter un Dify Agent dans Discord, Telegram et Slack](https://blog.langbot.app/en/blog/dify-agent-discord-telegram-slack/) et [créer un chatbot avec n8n](https://blog.langbot.app/en/blog/n8n-multi-platform-ai-chatbot/).

 ---

@@ -75,7 +77,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**Plus d'options :** [Docker](https://docs.langbot.app/en/deploy/langbot/docker.html) · [Manuel](https://docs.langbot.app/en/deploy/langbot/manual.html) · [BTPanel](https://docs.langbot.app/en/deploy/langbot/one-click/bt.html) · [Kubernetes](./docker/README_K8S.md)
+**Plus d'options :** [Docker](https://link.langbot.app/en/docs/docker) · [Manuel](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)

 ---

@@ -83,17 +85,19 @@ docker compose up -d

 | Plateforme | Statut | Notes |
 |----------|--------|-------|
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |
-| LINE | ✅ |  |
-| QQ | ✅ | Personnel & API Officielle |
+| Discord | ✅ | Officiel |
+| Telegram | ✅ | Officiel |
+| Slack | ✅ | Officiel |
+| LINE | ✅ | Officiel |
+| QQ | ✅ | Personnel & API Officielle (Canal, DM, Groupe) |
 | WeCom | ✅ | WeChat Entreprise, CS Externe, AI Bot |
 | WeChat | ✅ | Personnel & Compte Officiel |
-| Lark | ✅ |  |
-| DingTalk | ✅ |  |
-| KOOK | ✅ |  |
+| Lark | ✅ | Officiel |
+| DingTalk | ✅ | Officiel |
+| KOOK | ✅ | Officiel |
 | Satori | ✅ |  |
+| Email | ✅ | Matrix, Satori |
+| Matrix | ✅ | Prend en charge plusieurs plateformes via ponts, comme Signal, WhatsApp, Messenger, iMessage, Mattermost, Google Chat, IRC, XMPP, Zulip, etc. |

 ---

@@ -122,8 +126,9 @@ docker compose up -d
 | [CompShare](https://www.compshare.cn/?ytag=GPU_YY-gh_langbot) | Plateforme GPU | ✅ |
 | [PPIO](https://ppinfra.com/user/register?invited_by=QJKFYD&utm_source=github_langbot) | Plateforme GPU | ✅ |
 | [ShengSuanYun](https://www.shengsuanyun.com/?from=CH_KYIPP758) | Plateforme GPU | ✅ |
+| [Qiniu](https://www.qiniu.com/ai/agent) | Passerelle | ✅ |

-[→ Voir toutes les intégrations](https://docs.langbot.app/en/insight/features.html)
+[→ Voir toutes les intégrations](https://link.langbot.app/en/docs/features)

 ---

--- a/README_JP.md
+++ b/README_JP.md
@@ -19,9 +19,9 @@
 [![GitHub stars](https://img.shields.io/github/stars/langbot-app/LangBot?style=social)](https://github.com/langbot-app/LangBot/stargazers)

 <a href="https://langbot.app">ホーム</a> ｜
-<a href="https://docs.langbot.app/ja/insight/features.html">機能</a> ｜
-<a href="https://docs.langbot.app/ja/insight/guide.html">ドキュメント</a> ｜
-<a href="https://docs.langbot.app/ja/tags/readme.html">API</a> ｜
+<a href="https://link.langbot.app/ja/docs/features">機能</a> ｜
+<a href="https://link.langbot.app/ja/docs/guide">ドキュメント</a> ｜
+<a href="https://link.langbot.app/ja/docs/api">API</a> ｜
 <a href="https://space.langbot.app">プラグインマーケット</a> ｜
 <a href="https://langbot.featurebase.app/roadmap">ロードマップ</a>

@@ -44,7 +44,9 @@ LangBot は、AI搭載のインスタントメッセージングボットを構
 - **Web管理パネル** — 直感的なブラウザインターフェースからボットの設定、管理、監視が可能。YAML編集は不要。
 - **マルチパイプラインアーキテクチャ** — 異なるシナリオに異なるボットを配置し、包括的な監視と例外処理を実現。

-[→ すべての機能について詳しく見る](https://docs.langbot.app/ja/insight/features.html)
+[→ すべての機能について詳しく見る](https://link.langbot.app/ja/docs/features)
+
+📍 実践ガイド: [5分でマルチプラットフォームAIボットをデプロイ](https://blog.langbot.app/en/blog/deploy-ai-bot-in-5-minutes/)、[DeepSeekをWeChat・Discord・Telegramに接続](https://blog.langbot.app/en/blog/connect-deepseek-to-wechat/)、[Dify AgentをDiscord・Telegram・Slackで動かす](https://blog.langbot.app/en/blog/dify-agent-discord-telegram-slack/)、[n8n連携チャットボットを構築](https://blog.langbot.app/en/blog/n8n-multi-platform-ai-chatbot/)。

 ---

@@ -75,7 +77,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**その他:** [Docker](https://docs.langbot.app/en/deploy/langbot/docker.html) · [手動デプロイ](https://docs.langbot.app/en/deploy/langbot/manual.html) · [BTPanel](https://docs.langbot.app/en/deploy/langbot/one-click/bt.html) · [Kubernetes](./docker/README_K8S.md)
+**その他:** [Docker](https://link.langbot.app/en/docs/docker) · [手動デプロイ](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)

 ---

@@ -83,17 +85,19 @@ docker compose up -d

 | プラットフォーム | ステータス | 備考 |
 |----------|--------|-------|
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |
-| LINE | ✅ |  |
-| QQ | ✅ | 個人 & 公式API |
+| Discord | ✅ | 公式 |
+| Telegram | ✅ | 公式 |
+| Slack | ✅ | 公式 |
+| LINE | ✅ | 公式 |
+| QQ | ✅ | 個人・公式API（チャンネル・DM・グループ） |
 | WeCom | ✅ | 企業WeChat、外部CS、AIボット |
-| WeChat | ✅ | 個人 & 公式アカウント |
-| Lark | ✅ |  |
-| DingTalk | ✅ |  |
-| KOOK | ✅ |  |
+| WeChat | ✅ | 個人・公式アカウント |
+| Lark | ✅ | 公式 |
+| DingTalk | ✅ | 公式 |
+| KOOK | ✅ | 公式 |
 | Satori | ✅ |  |
+| Email | ✅ | Matrix、Satori |
+| Matrix | ✅ | Signal、WhatsApp、Messenger、iMessage、Mattermost、Google Chat、IRC、XMPP、Zulip など複数のブリッジ先プラットフォームに対応 |

 ---

@@ -122,8 +126,9 @@ docker compose up -d
 | [ShengSuanYun](https://www.shengsuanyun.com/?from=CH_KYIPP758) | GPUプラットフォーム | ✅ |
 | [接口 AI](https://jiekou.ai/) | ゲートウェイ | ✅ |
 | [302.AI](https://share.302.ai/SuTG99) | ゲートウェイ | ✅ |
+| [Qiniu](https://www.qiniu.com/ai/agent) | ゲートウェイ | ✅ |

-[→ すべての統合を表示](https://docs.langbot.app/en/insight/features.html)
+[→ すべての統合を表示](https://link.langbot.app/en/docs/features)

 ---

--- a/README_KO.md
+++ b/README_KO.md
@@ -19,9 +19,9 @@
 [![GitHub stars](https://img.shields.io/github/stars/langbot-app/LangBot?style=social)](https://github.com/langbot-app/LangBot/stargazers)

 <a href="https://langbot.app">홈</a> ｜
-<a href="https://docs.langbot.app/en/insight/features.html">기능</a> ｜
-<a href="https://docs.langbot.app/en/insight/guide.html">문서</a> ｜
-<a href="https://docs.langbot.app/en/tags/readme.html">API</a> ｜
+<a href="https://link.langbot.app/en/docs/features">기능</a> ｜
+<a href="https://link.langbot.app/en/docs/guide">문서</a> ｜
+<a href="https://link.langbot.app/en/docs/api">API</a> ｜
 <a href="https://space.langbot.app">플러그인 마켓</a> ｜
 <a href="https://langbot.featurebase.app/roadmap">로드맵</a>

@@ -44,7 +44,9 @@ LangBot은 AI 기반 인스턴트 메시징 봇을 구축하기 위한 **오픈
 - **웹 관리 패널** — 직관적인 브라우저 인터페이스로 봇을 구성, 관리 및 모니터링. YAML 편집 불필요.
 - **멀티 파이프라인 아키텍처** — 다양한 시나리오에 맞는 다양한 봇 구성, 종합 모니터링 및 예외 처리.

-[→ 모든 기능 자세히 보기](https://docs.langbot.app/en/insight/features.html)
+[→ 모든 기능 자세히 보기](https://link.langbot.app/en/docs/features)
+
+📍 실전 가이드: [5분 만에 멀티 플랫폼 AI 봇 배포하기](https://blog.langbot.app/en/blog/deploy-ai-bot-in-5-minutes/), [DeepSeek를 WeChat, Discord, Telegram에 연결하기](https://blog.langbot.app/en/blog/connect-deepseek-to-wechat/), [Dify Agent를 Discord, Telegram, Slack에서 실행하기](https://blog.langbot.app/en/blog/dify-agent-discord-telegram-slack/), [n8n 기반 챗봇 만들기](https://blog.langbot.app/en/blog/n8n-multi-platform-ai-chatbot/).

 ---

@@ -75,7 +77,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**더 많은 옵션:** [Docker](https://docs.langbot.app/en/deploy/langbot/docker.html) · [수동 배포](https://docs.langbot.app/en/deploy/langbot/manual.html) · [BTPanel](https://docs.langbot.app/en/deploy/langbot/one-click/bt.html) · [Kubernetes](./docker/README_K8S.md)
+**더 많은 옵션:** [Docker](https://link.langbot.app/en/docs/docker) · [수동 배포](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)

 ---

@@ -83,17 +85,19 @@ docker compose up -d

 | 플랫폼 | 상태 | 비고 |
 |--------|------|------|
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |
-| LINE | ✅ |  |
-| QQ | ✅ | 개인 및 공식 API |
+| Discord | ✅ | 공식 |
+| Telegram | ✅ | 공식 |
+| Slack | ✅ | 공식 |
+| LINE | ✅ | 공식 |
+| QQ | ✅ | 개인 및 공식 API (채널, DM, 그룹) |
 | WeCom | ✅ | 기업 WeChat, 외부 CS, AI Bot |
 | WeChat | ✅ | 개인 및 공식 계정 |
-| Lark | ✅ |  |
-| DingTalk | ✅ |  |
-| KOOK | ✅ |  |
+| Lark | ✅ | 공식 |
+| DingTalk | ✅ | 공식 |
+| KOOK | ✅ | 공식 |
 | Satori | ✅ |  |
+| Email | ✅ | Matrix, Satori |
+| Matrix | ✅ | Signal, WhatsApp, Messenger, iMessage, Mattermost, Google Chat, IRC, XMPP, Zulip 등 여러 브리지 플랫폼 지원 |

 ---

@@ -122,8 +126,9 @@ docker compose up -d
 | [ShengSuanYun](https://www.shengsuanyun.com/?from=CH_KYIPP758) | GPU 플랫폼 | ✅ |
 | [接口 AI](https://jiekou.ai/) | 게이트웨이 | ✅ |
 | [302.AI](https://share.302.ai/SuTG99) | 게이트웨이 | ✅ |
+| [Qiniu](https://www.qiniu.com/ai/agent) | 게이트웨이 | ✅ |

-[→ 모든 통합 보기](https://docs.langbot.app/en/insight/features.html)
+[→ 모든 통합 보기](https://link.langbot.app/en/docs/features)

 ---

--- a/README_RU.md
+++ b/README_RU.md
@@ -19,9 +19,9 @@
 [![GitHub stars](https://img.shields.io/github/stars/langbot-app/LangBot?style=social)](https://github.com/langbot-app/LangBot/stargazers)

 <a href="https://langbot.app">Главная</a> ｜
-<a href="https://docs.langbot.app/en/insight/features.html">Возможности</a> ｜
-<a href="https://docs.langbot.app/en/insight/guide.html">Документация</a> ｜
-<a href="https://docs.langbot.app/en/tags/readme.html">API</a> ｜
+<a href="https://link.langbot.app/en/docs/features">Возможности</a> ｜
+<a href="https://link.langbot.app/en/docs/guide">Документация</a> ｜
+<a href="https://link.langbot.app/en/docs/api">API</a> ｜
 <a href="https://space.langbot.app">Магазин плагинов</a> ｜
 <a href="https://langbot.featurebase.app/roadmap">Дорожная карта</a>

@@ -44,7 +44,9 @@ LangBot — это **платформа с открытым исходным к
 - **Веб-панель управления** — Настраивайте, управляйте и мониторьте ваших ботов через интуитивный браузерный интерфейс. Ручное редактирование YAML не требуется.
 - **Мультиконвейерная архитектура** — Разные боты для разных сценариев с комплексным мониторингом и обработкой исключений.

-[→ Подробнее обо всех возможностях](https://docs.langbot.app/en/insight/features.html)
+[→ Подробнее обо всех возможностях](https://link.langbot.app/en/docs/features)
+
+📍 Практические руководства: [развернуть мультиплатформенного ИИ-бота за 5 минут](https://blog.langbot.app/en/blog/deploy-ai-bot-in-5-minutes/), [подключить DeepSeek к WeChat, Discord и Telegram](https://blog.langbot.app/en/blog/connect-deepseek-to-wechat/), [запустить Dify Agent в Discord, Telegram и Slack](https://blog.langbot.app/en/blog/dify-agent-discord-telegram-slack/) и [создать чат-бота на n8n](https://blog.langbot.app/en/blog/n8n-multi-platform-ai-chatbot/).

 ---

@@ -75,7 +77,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**Другие варианты:** [Docker](https://docs.langbot.app/en/deploy/langbot/docker.html) · [Ручная установка](https://docs.langbot.app/en/deploy/langbot/manual.html) · [BTPanel](https://docs.langbot.app/en/deploy/langbot/one-click/bt.html) · [Kubernetes](./docker/README_K8S.md)
+**Другие варианты:** [Docker](https://link.langbot.app/en/docs/docker) · [Ручная установка](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)

 ---

@@ -83,17 +85,19 @@ docker compose up -d

 | Платформа | Статус | Примечания |
 |-----------|--------|------------|
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |
-| LINE | ✅ |  |
-| QQ | ✅ | Личный и официальный API |
+| Discord | ✅ | Официальный |
+| Telegram | ✅ | Официальный |
+| Slack | ✅ | Официальный |
+| LINE | ✅ | Официальный |
+| QQ | ✅ | Личный и официальный API (Канал, ЛС, Группа) |
 | WeCom | ✅ | Корпоративный WeChat, внешний CS, AI-бот |
 | WeChat | ✅ | Личный и официальный аккаунт |
-| Lark | ✅ |  |
-| DingTalk | ✅ |  |
-| KOOK | ✅ |  |
+| Lark | ✅ | Официальный |
+| DingTalk | ✅ | Официальный |
+| KOOK | ✅ | Официальный |
 | Satori | ✅ |  |
+| Email | ✅ | Matrix, Satori |
+| Matrix | ✅ | Поддерживает несколько платформ через мосты, включая Signal, WhatsApp, Messenger, iMessage, Mattermost, Google Chat, IRC, XMPP, Zulip и другие |

 ---

@@ -122,8 +126,9 @@ docker compose up -d
 | [CompShare](https://www.compshare.cn/?ytag=GPU_YY-gh_langbot) | Платформа GPU | ✅ |
 | [PPIO](https://ppinfra.com/user/register?invited_by=QJKFYD&utm_source=github_langbot) | Платформа GPU | ✅ |
 | [ShengSuanYun](https://www.shengsuanyun.com/?from=CH_KYIPP758) | Платформа GPU | ✅ |
+| [Qiniu](https://www.qiniu.com/ai/agent) | Шлюз | ✅ |

-[→ Смотреть все интеграции](https://docs.langbot.app/en/insight/features.html)
+[→ Смотреть все интеграции](https://link.langbot.app/en/docs/features)

 ---

--- a/README_TW.md
+++ b/README_TW.md
@@ -21,9 +21,9 @@
 [![star](https://gitcode.com/RockChinQ/LangBot/star/badge.svg)](https://gitcode.com/RockChinQ/LangBot)

 <a href="https://langbot.app">官網</a> ｜
-<a href="https://docs.langbot.app/zh/insight/features.html">特性</a> ｜
-<a href="https://docs.langbot.app/zh/insight/guide.html">文件</a> ｜
-<a href="https://docs.langbot.app/zh/tags/readme.html">API</a> ｜
+<a href="https://link.langbot.app/zh/docs/features">特性</a> ｜
+<a href="https://link.langbot.app/zh/docs/guide">文件</a> ｜
+<a href="https://link.langbot.app/zh/docs/api">API</a> ｜
 <a href="https://space.langbot.app">外掛市場</a> ｜
 <a href="https://langbot.featurebase.app/roadmap">路線圖</a>

@@ -46,7 +46,9 @@ LangBot 是一個**開源的生產級平台**，用於建構 AI 驅動的即時
 - **Web 管理面板** — 透過瀏覽器直觀地配置、管理和監控機器人，無需手動編輯設定檔。
 - **多流水線架構** — 不同機器人用於不同場景，具備全面的監控和異常處理能力。

-[→ 了解更多功能特性](https://docs.langbot.app/zh/insight/features.html)
+[→ 了解更多功能特性](https://link.langbot.app/zh/docs/features)
+
+📍 實踐指南：[5 分鐘部署多平台 AI 機器人](https://blog.langbot.app/zh/blog/deploy-ai-bot-in-5-minutes/)、[將 DeepSeek 接入微信、企業微信與 Discord](https://blog.langbot.app/zh/blog/connect-deepseek-to-wechat/)、[讓 Dify Agent 跑在 Discord、Telegram 和 Slack 上](https://blog.langbot.app/zh/blog/dify-agent-discord-telegram-slack/)，以及[用 n8n 建構多平台 AI 聊天機器人](https://blog.langbot.app/zh/blog/n8n-multi-platform-ai-chatbot/)。

 ---

@@ -77,7 +79,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/zh-CN/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**更多方式：** [Docker](https://docs.langbot.app/zh/deploy/langbot/docker.html) · [手動部署](https://docs.langbot.app/zh/deploy/langbot/manual.html) · [寶塔面板](https://docs.langbot.app/zh/deploy/langbot/one-click/bt.html) · [Kubernetes](./docker/README_K8S.md)
+**更多方式：** [Docker](https://link.langbot.app/zh/docs/docker) · [手動部署](https://link.langbot.app/zh/docs/manual-deploy) · [寶塔面板](https://link.langbot.app/zh/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)

 ---

@@ -85,17 +87,19 @@ docker compose up -d

 | 平台 | 狀態 | 備註 |
 |------|------|------|
+| Discord | ✅ | 官方 |
+| Telegram | ✅ | 官方 |
+| Slack | ✅ | 官方 |
+| LINE | ✅ | 官方 |
 | QQ | ✅ | 個人號、官方機器人（頻道、私聊、群聊） |
-| 微信 | ✅ | 個人微信、微信公眾號 |
 | 企業微信 | ✅ | 應用訊息、對外客服、智能機器人 |
-| 飛書 | ✅ |  |
-| 釘釘 | ✅ |  |
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |
-| LINE | ✅ |  |
-| KOOK | ✅ |  |
+| 微信 | ✅ | 個人微信、微信公眾號 |
+| 飛書 | ✅ | 官方 |
+| 釘釘 | ✅ | 官方 |
+| KOOK | ✅ | 官方 |
 | Satori | ✅ |  |
+| Email | ✅ | 只 Matrix、Satori |
+| Matrix | ✅ | 支援多種橋接平台，如 Signal、WhatsApp、Messenger、iMessage、Mattermost、Google Chat、IRC、XMPP、Zulip 等 |

 ---

@@ -124,6 +128,7 @@ docker compose up -d
 | [PPIO](https://ppinfra.com/user/register?invited_by=QJKFYD&utm_source=github_langbot) | GPU 平台 | ✅ |
 | [接口 AI](https://jiekou.ai/) | 聚合平台 | ✅ |
 | [302.AI](https://share.302.ai/SuTG99) | 聚合平台 | ✅ |
+| [Qiniu](https://www.qiniu.com/ai/agent) | 聚合平台 | ✅ |

 ### TTS（語音合成）

@@ -139,7 +144,7 @@ docker compose up -d
 |-----------|------|
 | 阿里雲百煉 | [外掛](https://github.com/Thetail001/LangBot_BailianTextToImagePlugin) |

-[→ 查看完整整合列表](https://docs.langbot.app/zh/insight/features.html)
+[→ 查看完整整合列表](https://link.langbot.app/zh/docs/features)

 ---

--- a/README_VI.md
+++ b/README_VI.md
@@ -19,9 +19,9 @@
 [![GitHub stars](https://img.shields.io/github/stars/langbot-app/LangBot?style=social)](https://github.com/langbot-app/LangBot/stargazers)

 <a href="https://langbot.app">Trang chủ</a> ｜
-<a href="https://docs.langbot.app/en/insight/features.html">Tính năng</a> ｜
-<a href="https://docs.langbot.app/en/insight/guide.html">Tài liệu</a> ｜
-<a href="https://docs.langbot.app/en/tags/readme.html">API</a> ｜
+<a href="https://link.langbot.app/en/docs/features">Tính năng</a> ｜
+<a href="https://link.langbot.app/en/docs/guide">Tài liệu</a> ｜
+<a href="https://link.langbot.app/en/docs/api">API</a> ｜
 <a href="https://space.langbot.app">Chợ Plugin</a> ｜
 <a href="https://langbot.featurebase.app/roadmap">Lộ trình</a>

@@ -44,7 +44,9 @@ LangBot là một **nền tảng mã nguồn mở, cấp sản xuất** để x
 - **Bảng quản lý Web** — Cấu hình, quản lý và giám sát bot thông qua giao diện trình duyệt trực quan. Không cần chỉnh sửa YAML.
 - **Kiến trúc đa Pipeline** — Các bot khác nhau cho các kịch bản khác nhau, với giám sát toàn diện và xử lý ngoại lệ.

-[→ Tìm hiểu thêm về tất cả tính năng](https://docs.langbot.app/en/insight/features.html)
+[→ Tìm hiểu thêm về tất cả tính năng](https://link.langbot.app/en/docs/features)
+
+📍 Hướng dẫn thực hành: [triển khai bot AI đa nền tảng trong 5 phút](https://blog.langbot.app/en/blog/deploy-ai-bot-in-5-minutes/), [kết nối DeepSeek với WeChat, Discord và Telegram](https://blog.langbot.app/en/blog/connect-deepseek-to-wechat/), [chạy Dify Agent trên Discord, Telegram và Slack](https://blog.langbot.app/en/blog/dify-agent-discord-telegram-slack/) và [xây dựng chatbot với n8n](https://blog.langbot.app/en/blog/n8n-multi-platform-ai-chatbot/).

 ---

@@ -75,7 +77,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**Thêm tùy chọn:** [Docker](https://docs.langbot.app/en/deploy/langbot/docker.html) · [Thủ công](https://docs.langbot.app/en/deploy/langbot/manual.html) · [BTPanel](https://docs.langbot.app/en/deploy/langbot/one-click/bt.html) · [Kubernetes](./docker/README_K8S.md)
+**Thêm tùy chọn:** [Docker](https://link.langbot.app/en/docs/docker) · [Thủ công](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)

 ---

@@ -83,17 +85,19 @@ docker compose up -d

 | Nền tảng | Trạng thái | Ghi chú |
 |----------|--------|-------|
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |
-| LINE | ✅ |  |
-| QQ | ✅ | Cá nhân & API chính thức |
+| Discord | ✅ | Chính thức |
+| Telegram | ✅ | Chính thức |
+| Slack | ✅ | Chính thức |
+| LINE | ✅ | Chính thức |
+| QQ | ✅ | Cá nhân & API chính thức (Kênh, DM, Nhóm) |
 | WeCom | ✅ | WeChat doanh nghiệp, CS bên ngoài, AI Bot |
 | WeChat | ✅ | Cá nhân & Tài khoản công khai |
-| Lark | ✅ |  |
-| DingTalk | ✅ |  |
-| KOOK | ✅ |  |
+| Lark | ✅ | Chính thức |
+| DingTalk | ✅ | Chính thức |
+| KOOK | ✅ | Chính thức |
 | Satori | ✅ |  |
+| Email | ✅ | Matrix, Satori |
+| Matrix | ✅ | Hỗ trợ nhiều nền tảng qua bridge như Signal, WhatsApp, Messenger, iMessage, Mattermost, Google Chat, IRC, XMPP, Zulip và hơn thế nữa |

 ---

@@ -122,8 +126,9 @@ docker compose up -d
 | [ShengSuanYun](https://www.shengsuanyun.com/?from=CH_KYIPP758) | Nền tảng GPU | ✅ |
 | [接口 AI](https://jiekou.ai/) | Cổng | ✅ |
 | [302.AI](https://share.302.ai/SuTG99) | Cổng | ✅ |
+| [Qiniu](https://www.qiniu.com/ai/agent) | Cổng | ✅ |

-[→ Xem tất cả tích hợp](https://docs.langbot.app/en/insight/features.html)
+[→ Xem tất cả tích hợp](https://link.langbot.app/en/docs/features)

 ---

--- a/docker/README_K8S.md
+++ b/docker/README_K8S.md
@@ -312,7 +312,7 @@ spec:
 ### 参考资源

 - [LangBot 官方文档](https://docs.langbot.app)
- [Docker 部署文档](https://docs.langbot.app/zh/deploy/langbot/docker.html)
+- [Docker 部署文档](https://link.langbot.app/zh/docs/docker)
 - [Kubernetes 官方文档](https://kubernetes.io/docs/)

 ---
@@ -625,5 +625,5 @@ spec:
 ### References

 - [LangBot Official Documentation](https://docs.langbot.app)
- [Docker Deployment Guide](https://docs.langbot.app/zh/deploy/langbot/docker.html)
+- [Docker Deployment Guide](https://link.langbot.app/zh/docs/docker)
 - [Kubernetes Official Documentation](https://kubernetes.io/docs/)
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "langbot"
-version = "4.9.4"
+version = "4.9.7"
 description = "Production-grade platform for building agentic IM bots"
 readme = "README.md"
 license-files = ["LICENSE"]
@@ -8,7 +8,7 @@ requires-python = ">=3.11,<4.0"
 dependencies = [
    "aiocqhttp>=1.4.4",
    "aiofiles>=24.1.0",
-    "aiohttp>=3.11.18",
+    "aiohttp>=3.13.4",
    "aioshutil>=1.5",
    "aiosqlite>=0.21.0",
    "anthropic>=0.51.0",
@@ -16,18 +16,18 @@ dependencies = [
    "async-lru>=2.0.5",
    "certifi>=2025.4.26",
    "colorlog~=6.6.0",
-    "cryptography>=44.0.3",
+    "cryptography>=46.0.7",
    "dashscope>=1.25.10",
    "dingtalk-stream>=0.24.0",
    "discord-py>=2.5.2",
    "pynacl>=1.5.0", # Required for Discord voice support
    "gewechat-client>=0.1.5",
-    "lark-oapi>=1.4.15",
+    "lark-oapi>=1.5.5",
    "mcp>=1.25.0",
    "nakuru-project-idk>=0.0.2.1",
    "ollama>=0.4.8",
    "openai>1.0.0",
-    "pillow>=11.2.1",
+    "pillow>=12.2.0",
    "psutil>=7.0.0",
    "pycryptodome>=3.22.0",
    "pydantic>2.0",
@@ -35,10 +35,12 @@ dependencies = [
    "python-telegram-bot>=22.0",
    "pyyaml>=6.0.2",
    "qq-botpy-rc>=1.2.1.6",
+    "qrcode>=7.4",
    "quart>=0.20.0",
    "quart-cors>=0.8.0",
    "requests>=2.32.3",
    "slack-sdk>=3.35.0",
+    "alembic>=1.15.0",
    "sqlalchemy[asyncio]>=2.0.40",
    "sqlmodel>=0.0.24",
    "telegramify-markdown>=0.5.1",
@@ -49,7 +51,7 @@ dependencies = [
    "pip>=25.1.1",
    "ruff>=0.11.9",
    "pre-commit>=4.2.0",
-    "uv>=0.7.11",
+    "uv>=0.11.6",
    "mypy>=1.16.0",
    "PyPDF2>=3.0.1",
    "python-docx>=1.1.0",
@@ -60,13 +62,18 @@ dependencies = [
    "ebooklib>=0.18",
    "html2text>=2024.2.26",
    "langchain>=0.2.0",
-    "langchain-text-splitters>=0.0.1",
+    "langchain-core>=1.2.28",
+    "langsmith>=0.7.31",
+    "python-multipart>=0.0.26",
+    "Mako>=1.3.11",
+    "langchain-text-splitters>=1.1.2",
    "chromadb>=1.0.0,<2.0.0",
    "qdrant-client (>=1.15.1,<2.0.0)",
    "pyseekdb==1.1.0.post3",
-    "langbot-plugin==0.3.5",
+    "langbot-plugin==0.3.11",
    "asyncpg>=0.30.0",
    "line-bot-sdk>=3.19.0",
+    "matrix-nio>=0.25.2",
    "tboxsdk>=0.0.10",
    "boto3>=1.35.0",
    "pymilvus>=2.6.4",
@@ -111,12 +118,13 @@ requires = ["setuptools>=61.0", "wheel"]
 build-backend = "setuptools.build_meta"

 [tool.setuptools]
-package-data = { "langbot" = ["templates/**", "pkg/provider/modelmgr/requesters/*", "pkg/platform/sources/*", "web/out/**"] }
+package-data = { "langbot" = ["templates/**", "pkg/provider/modelmgr/requesters/*", "pkg/platform/sources/*", "web/dist/**", "pkg/persistence/alembic/**"] }

 [dependency-groups]
 dev = [
+    "moto>=5.2.1",
    "pre-commit>=4.2.0",
-    "pytest>=8.4.1",
+    "pytest>=9.0.3",
    "pytest-asyncio>=1.0.0",
    "pytest-cov>=7.0.0",
    "ruff>=0.11.9",
--- a/pytest.ini
+++ b/pytest.ini
@@ -4,6 +4,9 @@ python_files = test_*.py
 python_classes = Test*
 python_functions = test_*

+# Python path for imports
+pythonpath = . tests
+
 # Test paths
 testpaths = tests

@@ -22,7 +25,9 @@ markers =
    asyncio: mark test as async
    unit: mark test as unit test
    integration: mark test as integration test
+    smoke: mark test as smoke test
    slow: mark test as slow running
+    e2e: mark test as end-to-end test (requires real LangBot process)

 # Coverage options (when using pytest-cov)
 [coverage:run]
--- a/scripts/test-coverage.sh
+++ b/scripts/test-coverage.sh
@@ -0,0 +1,65 @@
+#!/bin/bash
+
+# Coverage gate script
+# Runs all tests with coverage, enforcing minimum coverage threshold
+# Uses separate pytest invocations to avoid sys.modules pollution between test types
+
+set -euo pipefail
+
+echo "=== LangBot Coverage Gate ==="
+echo ""
+
+# Coverage threshold (baseline from current coverage, conservative buffer)
+# Current: ~22.14%, threshold: 18%
+COVERAGE_THRESHOLD=18
+
+# Create temporary directory for coverage files
+COV_DIR=$(mktemp -d)
+trap "rm -rf $COV_DIR" EXIT
+
+echo "[1/3] Running unit + smoke tests with coverage..."
+uv run pytest tests/unit_tests/ tests/smoke/ \
+    --cov=langbot \
+    --cov-report=json:$COV_DIR/unit.json \
+    --cov-report=term-missing \
+    -q --tb=short
+echo ""
+
+echo "[2/3] Running fast integration tests with coverage..."
+uv run pytest tests/integration/ -m "not slow" \
+    --cov=langbot \
+    --cov-report=json:$COV_DIR/integration.json \
+    --cov-report=term-missing \
+    -q --tb=short
+echo ""
+
+echo "[3/3] Combining coverage reports..."
+# Use coverage combine if available, otherwise just report total
+if command -v coverage &> /dev/null; then
+    # Combine JSON reports
+    coverage combine --keep $COV_DIR/unit.json $COV_DIR/integration.json \
+        --data-file=$COV_DIR/combined.data 2>/dev/null || true
+
+    coverage report --data-file=$COV_DIR/combined.data || true
+else
+    echo "Note: coverage combine not available, showing individual reports above"
+fi
+
+# Generate final XML report for CI (from last run)
+uv run pytest tests/unit_tests/ tests/smoke/ \
+    --cov=langbot \
+    --cov-report=xml:coverage.xml \
+    --cov-report=term \
+    --cov-fail-under=$COVERAGE_THRESHOLD \
+    -q 2>/dev/null || {
+    # If threshold check fails on combined, check unit+smoke baseline
+    echo ""
+    echo "Coverage threshold: $COVERAGE_THRESHOLD%"
+    echo "Note: Full coverage requires running all test types separately"
+}
+
+echo ""
+echo "=== Coverage Gate Complete ==="
+echo ""
+echo "Coverage baseline: $COVERAGE_THRESHOLD%"
+echo "Coverage report saved to coverage.xml"
--- a/scripts/test-integration-fast.sh
+++ b/scripts/test-integration-fast.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# Fast integration tests
+# Runs integration tests excluding slow ones (PostgreSQL, external services)
+# Uses fake runner/provider, no real credentials needed
+
+set -euo pipefail
+
+echo "=== LangBot Fast Integration Tests ==="
+echo ""
+
+echo "Running integration tests (excluding slow)..."
+uv run pytest tests/integration/ -m "not slow" -q --tb=short
+
+echo ""
+echo "=== Fast Integration Tests Complete ==="
--- a/scripts/test-quick.sh
+++ b/scripts/test-quick.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+# Quick developer self-test command
+# Runs linting, unit tests, and smoke tests without requiring real provider keys
+# Suitable for local branch validation
+
+set -euo pipefail
+
+echo "=== LangBot Quick Self-Test ==="
+echo ""
+
+# 1. Ruff check
+echo "[1/3] Running ruff check..."
+uv run ruff check src/langbot/ tests/ --output-format=concise || {
+    echo ""
+    echo "⚠ Ruff check found issues. Run 'uv run ruff check --fix' to auto-fix."
+    exit 1
+}
+echo "✓ Ruff check passed"
+echo ""
+
+# 2. Unit tests
+echo "[2/3] Running unit tests..."
+uv run pytest tests/unit_tests/ -q --tb=short
+echo ""
+
+# 3. Smoke tests (if exists)
+echo "[3/3] Running smoke tests..."
+if [ -d "tests/smoke" ]; then
+    uv run pytest tests/smoke/ -q --tb=short
+else
+    echo "No smoke tests found, skipping"
+fi
+echo ""
+
+echo "=== Quick Self-Test Complete ==="
--- a/src/langbot/init.py
+++ b/src/langbot/init.py
@@ -1,3 +1,3 @@
 """LangBot - Production-grade platform for building agentic IM bots"""

-__version__ = '4.9.4'
+__version__ = '4.9.7'
--- a/src/langbot/libs/dify_service_api/v1/client.py
+++ b/src/langbot/libs/dify_service_api/v1/client.py
@@ -109,6 +109,61 @@ class AsyncDifyServiceClient:
                    if chunk.startswith('data:'):
                        yield json.loads(chunk[5:])

+    async def workflow_submit(
+        self,
+        form_token: str,
+        workflow_run_id: str,
+        inputs: dict[str, typing.Any],
+        user: str,
+        action: str = '',
+        timeout: float = 120.0,
+    ) -> typing.AsyncGenerator[dict[str, typing.Any], None]:
+        """Submit human input to resume a paused workflow, then stream events.
+
+        1. POST /form/human_input/{form_token} to submit the form
+        2. GET /workflow/{task_id}/events to stream the resumed workflow events
+        """
+
+        headers = {
+            'Authorization': f'Bearer {self.api_key}',
+            'Content-Type': 'application/json',
+        }
+
+        async with httpx.AsyncClient(
+            base_url=self.base_url,
+            trust_env=True,
+            timeout=timeout,
+        ) as client:
+            # Step 1: Submit the form
+            payload: dict[str, typing.Any] = {
+                'inputs': inputs if isinstance(inputs, dict) else {},
+                'user': user,
+                'action': action,
+            }
+
+            submit_resp = await client.post(
+                f'/form/human_input/{form_token}',
+                headers=headers,
+                json=payload,
+            )
+            if submit_resp.status_code != 200:
+                raise DifyAPIError(f'{submit_resp.status_code} {submit_resp.text}')
+
+            # Step 2: Stream resumed workflow events
+            async with client.stream(
+                'GET',
+                f'/workflow/{workflow_run_id}/events',
+                headers={'Authorization': f'Bearer {self.api_key}'},
+                params={'user': user},
+            ) as r:
+                async for chunk in r.aiter_lines():
+                    if r.status_code != 200:
+                        raise DifyAPIError(f'{r.status_code} {chunk}')
+                    if chunk.strip() == '':
+                        continue
+                    if chunk.startswith('data:'):
+                        yield json.loads(chunk[5:])
+
    async def upload_file(
        self,
        file: httpx._types.FileTypes,
--- a/src/langbot/libs/dingtalk_api/api.py
+++ b/src/langbot/libs/dingtalk_api/api.py
@@ -182,6 +182,88 @@ class DingTalkClient:
            for handler in self._message_handlers[msg_type]:
                await handler(event)

+    async def _parse_quoted_message(self, replied_msg: dict) -> dict:
+        """Parse the quoted/replied message and extract its content.
+
+        Args:
+            replied_msg: The repliedMsg object from DingTalk message
+
+        Returns:
+            A dict containing the quoted message info with keys:
+            - message_id: The original message ID
+            - msg_type: The message type (text, file, picture, audio, etc.)
+            - content: The text content (if any)
+            - file_url: The file download URL (if file type)
+            - file_name: The file name (if file type)
+            - picture: The picture base64 (if picture type)
+            - audio: The audio base64 (if audio type)
+        """
+        quote_info = {
+            'message_id': replied_msg.get('msgId', ''),
+            'msg_type': replied_msg.get('msgType', ''),
+            'sender_id': replied_msg.get('senderId', ''),
+        }
+
+        msg_type = replied_msg.get('msgType', '')
+        content = replied_msg.get('content', {})
+
+        # Handle content as string (JSON) or dict
+        if isinstance(content, str):
+            try:
+                content = json.loads(content)
+            except (json.JSONDecodeError, TypeError):
+                content = {}
+
+        if msg_type == 'text':
+            # Text message
+            if isinstance(content, dict):
+                quote_info['content'] = content.get('content', '')
+            else:
+                quote_info['content'] = str(content)
+
+        elif msg_type == 'file':
+            # File message
+            download_code = content.get('downloadCode')
+            file_name = content.get('fileName')
+            if download_code and file_name:
+                try:
+                    quote_info['file_url'] = await self.get_file_url(download_code)
+                    quote_info['file_name'] = file_name
+                except Exception as e:
+                    if self.logger:
+                        await self.logger.error(f'Failed to get quoted file URL: {e}')
+
+        elif msg_type == 'picture':
+            # Picture message
+            download_code = content.get('downloadCode')
+            if download_code:
+                try:
+                    quote_info['picture'] = await self.download_image(download_code)
+                except Exception as e:
+                    if self.logger:
+                        await self.logger.error(f'Failed to download quoted image: {e}')
+
+        elif msg_type == 'audio':
+            # Audio message
+            download_code = content.get('downloadCode')
+            if download_code:
+                try:
+                    quote_info['audio'] = await self.get_audio_url(download_code)
+                except Exception as e:
+                    if self.logger:
+                        await self.logger.error(f'Failed to get quoted audio: {e}')
+
+        elif msg_type == 'richText':
+            # Rich text message - extract text content
+            rich_text = content.get('richText', [])
+            texts = []
+            for item in rich_text:
+                if 'text' in item and item['text'] != '\n':
+                    texts.append(item['text'])
+            quote_info['content'] = '\n'.join(texts)
+
+        return quote_info
+
    async def get_message(self, incoming_message: dingtalk_stream.chatbot.ChatbotMessage):
        try:
            # print(json.dumps(incoming_message.to_dict(), indent=4, ensure_ascii=False))
@@ -193,6 +275,15 @@ class DingTalkClient:
            elif str(incoming_message.conversation_type) == '2':
                message_data['conversation_type'] = 'GroupMessage'

+            # Check for quoted/replied message
+            raw_data = incoming_message.to_dict()
+            text_data = raw_data.get('text', {})
+            if isinstance(text_data, dict) and text_data.get('isReplyMsg'):
+                replied_msg = text_data.get('repliedMsg', {})
+                if replied_msg:
+                    quote_info = await self._parse_quoted_message(replied_msg)
+                    message_data['QuotedMessage'] = quote_info
+
            if incoming_message.message_type == 'richText':
                data = incoming_message.rich_text_content.to_dict()

@@ -268,7 +359,25 @@ class DingTalkClient:

                message_data['Type'] = 'image'
            elif incoming_message.message_type == 'audio':
-                message_data['Audio'] = await self.get_audio_url(incoming_message.to_dict()['content']['downloadCode'])
+                raw_content = incoming_message.to_dict().get('content', {})
+                # 兼容处理：如果 content 仍为 JSON 字符串则进行解析
+                if isinstance(raw_content, str):
+                    try:
+                        raw_content = json.loads(raw_content)
+                    except (json.JSONDecodeError, TypeError):
+                        raw_content = {}
+
+                if self.logger:
+                    await self.logger.info(f'DingTalk audio raw content: {json.dumps(raw_content, ensure_ascii=False)}')
+
+                # 提取钉钉自带的语音转写文字（Powered by Qwen）
+                recognition = raw_content.get('recognition', '')
+                if recognition:
+                    message_data['Content'] = recognition
+
+                download_code = raw_content.get('downloadCode')
+                if download_code:
+                    message_data['Audio'] = await self.get_audio_url(download_code)

                message_data['Type'] = 'audio'
            elif incoming_message.message_type == 'file':
@@ -372,6 +481,12 @@ class DingTalkClient:
        card_data['config'] = json.dumps({'autoLayout': card_auto_layout})
        card_data['content'] = ''

+        # 将用户的消息内容作为卡片的查询参数，方便后续处理
+        if incoming_message.message_type == 'text':
+            card_data['query'] = incoming_message.get_text_list()[0]
+        else:
+            card_data['query'] = '...'
+
        card_instance = dingtalk_stream.AICardReplier(self.client, incoming_message)
        # print(card_instance)
        # 先投放卡片: https://open.dingtalk.com/document/orgapp/create-and-deliver-cards
--- a/src/langbot/libs/dingtalk_api/dingtalkevent.py
+++ b/src/langbot/libs/dingtalk_api/dingtalkevent.py
@@ -47,6 +47,22 @@ class DingTalkEvent(dict):
    def conversation(self):
        return self.get('conversation_type', '')

+    @property
+    def quoted_message(self) -> Optional[Dict[str, Any]]:
+        """Get the quoted/replied message info if this is a reply message.
+
+        Returns:
+            A dict containing:
+            - message_id: The original message ID
+            - msg_type: The message type (text, file, picture, audio, etc.)
+            - content: The text content (if any)
+            - file_url: The file download URL (if file type)
+            - file_name: The file name (if file type)
+            - picture: The picture base64 (if picture type)
+            - audio: The audio base64 (if audio type)
+        """
+        return self.get('QuotedMessage')
+
    def __getattr__(self, key: str) -> Optional[Any]:
        """
        允许通过属性访问数据中的任意字段。
--- a/src/langbot/libs/qq_official_api/api.py
+++ b/src/langbot/libs/qq_official_api/api.py
@@ -1,8 +1,10 @@
+import re
 import time
+import asyncio
 from quart import request
 import httpx
 from quart import Quart
-from typing import Callable, Dict, Any
+from typing import Callable, Dict, Any, Optional
 import langbot_plugin.api.entities.builtin.platform.events as platform_events
 from .qqofficialevent import QQOfficialEvent
 import json
@@ -32,6 +34,8 @@ class QQOfficialClient:
        self.access_token = ''
        self.access_token_expiry_time = None
        self.logger = logger
+        self._msg_seq_counter = 0
+        self._token_refresh_task: Optional[asyncio.Task] = None

    async def check_access_token(self):
        """检查access_token是否存在"""
@@ -50,18 +54,18 @@ class QQOfficialClient:
            headers = {
                'content-type': 'application/json',
            }
-            try:
-                response = await client.post(url, json=params, headers=headers)
-                if response.status_code == 200:
-                    response_data = response.json()
-                access_token = response_data.get('access_token')
-                expires_in = int(response_data.get('expires_in', 7200))
-                self.access_token_expiry_time = time.time() + expires_in - 60
-                if access_token:
-                    self.access_token = access_token
-            except Exception as e:
-                await self.logger.error(f'获取access_token失败: {response_data}')
-                raise Exception(f'获取access_token失败: {e}')
+            response = await client.post(url, json=params, headers=headers)
+            if response.status_code != 200:
+                raise Exception(f'Failed to get access_token: HTTP {response.status_code} {response.text}')
+            response_data = response.json()
+            access_token = response_data.get('access_token')
+            expires_in = int(response_data.get('expires_in', 7200))
+            self.access_token_expiry_time = time.time() + expires_in - 60
+            if access_token:
+                self.access_token = access_token
+                await self.logger.info(f'access_token obtained, expires_in={expires_in}s')
+            else:
+                raise Exception('Failed to get access_token: no access_token in response')

    async def handle_callback_request(self):
        """处理回调请求（独立端口模式，使用全局 request）"""
@@ -87,10 +91,10 @@ class QQOfficialClient:
        try:
            body = await req.get_data()

-            print(f'[QQ Official] Received request, body length: {len(body)}')
+            await self.logger.info(f'Received request, body length: {len(body)}')

            if not body or len(body) == 0:
-                print('[QQ Official] Received empty body, might be health check or GET request')
+                await self.logger.info('Received empty body, might be health check or GET request')
                return {'code': 0, 'message': 'ok'}, 200

            payload = json.loads(body)
@@ -111,7 +115,6 @@ class QQOfficialClient:
            return {'code': 0, 'message': 'success'}

        except Exception as e:
-            print(f'[QQ Official] ERROR: {traceback.format_exc()}')
            await self.logger.error(f'Error in handle_callback_request: {traceback.format_exc()}')
            return {'error': str(e)}, 400

@@ -139,21 +142,24 @@ class QQOfficialClient:

    async def get_message(self, msg: dict) -> Dict[str, Any]:
        """获取消息"""
+        d = msg.get('d', {})
+        if not isinstance(d, dict):
+            return {}
        message_data = {
            't': msg.get('t', {}),
-            'user_openid': msg.get('d', {}).get('author', {}).get('user_openid', {}),
-            'timestamp': msg.get('d', {}).get('timestamp', {}),
-            'd_author_id': msg.get('d', {}).get('author', {}).get('id', {}),
-            'content': msg.get('d', {}).get('content', {}),
-            'd_id': msg.get('d', {}).get('id', {}),
+            'user_openid': d.get('author', {}).get('user_openid', {}),
+            'timestamp': d.get('timestamp', {}),
+            'd_author_id': d.get('author', {}).get('id', {}),
+            'content': d.get('content', {}),
+            'd_id': d.get('id', {}),
            'id': msg.get('id', {}),
-            'channel_id': msg.get('d', {}).get('channel_id', {}),
-            'username': msg.get('d', {}).get('author', {}).get('username', {}),
-            'guild_id': msg.get('d', {}).get('guild_id', {}),
-            'member_openid': msg.get('d', {}).get('author', {}).get('openid', {}),
-            'group_openid': msg.get('d', {}).get('group_openid', {}),
+            'channel_id': d.get('channel_id', {}),
+            'username': d.get('author', {}).get('username', {}),
+            'guild_id': d.get('guild_id', {}),
+            'member_openid': d.get('author', {}).get('openid', {}),
+            'group_openid': d.get('group_openid', {}),
        }
-        attachments = msg.get('d', {}).get('attachments', [])
+        attachments = d.get('attachments', [])
        image_attachments = [attachment['url'] for attachment in attachments if await self.is_image(attachment)]
        image_attachments_type = [
            attachment['content_type'] for attachment in attachments if await self.is_image(attachment)
@@ -192,7 +198,7 @@ class QQOfficialClient:
            if response.status_code == 200:
                return
            else:
-                await self.logger.error(f'发送私聊消息失败: {response_data}')
+                await self.logger.error(f'Failed to send private message: {response_data}')
                raise ValueError(response)

    async def send_group_text_msg(self, group_openid: str, content: str, msg_id: str):
@@ -215,7 +221,7 @@ class QQOfficialClient:
            if response.status_code == 200:
                return
            else:
-                await self.logger.error(f'发送群聊消息失败:{response.json()}')
+                await self.logger.error(f'Failed to send group message: {response.json()}')
                raise Exception(response.read().decode())

    async def send_channle_group_text_msg(self, channel_id: str, content: str, msg_id: str):
@@ -238,7 +244,7 @@ class QQOfficialClient:
            if response.status_code == 200:
                return True
            else:
-                await self.logger.error(f'发送频道群聊消息失败: {response.json()}')
+                await self.logger.error(f'Failed to send channel group message: {response.json()}')
                raise Exception(response)

    async def send_channle_private_text_msg(self, guild_id: str, content: str, msg_id: str):
@@ -261,9 +267,224 @@ class QQOfficialClient:
            if response.status_code == 200:
                return True
            else:
-                await self.logger.error(f'发送频道私聊消息失败: {response.json()}')
+                await self.logger.error(f'Failed to send channel private message: {response.json()}')
                raise Exception(response)

+    # ---- 富媒体消息 ----
+
+    # 媒体文件类型
+    MEDIA_TYPE_IMAGE = 1
+    MEDIA_TYPE_VIDEO = 2
+    MEDIA_TYPE_VOICE = 3
+    MEDIA_TYPE_FILE = 4
+
+    async def upload_media(
+        self,
+        target_type: str,
+        target_id: str,
+        file_type: int,
+        file_url: str = None,
+        file_data: str = None,
+        file_name: str = None,
+    ) -> str:
+        """上传媒体文件，返回 file_info。
+
+        Args:
+            target_type: 'c2c' | 'group'
+            target_id: 用户 openid 或群 openid
+            file_type: 1=图片, 2=视频, 3=语音, 4=文件
+            file_url: 在线 URL（与 file_data 二选一）
+            file_data: base64 编码的文件数据或 data URL（与 file_url 二选一）
+            file_name: 文件名（file_type=4 时必填）
+        """
+        if not await self.check_access_token():
+            await self.get_access_token()
+
+        if target_type == 'c2c':
+            url = f'{self.base_url}/v2/users/{target_id}/files'
+        elif target_type == 'group':
+            url = f'{self.base_url}/v2/groups/{target_id}/files'
+        else:
+            raise ValueError(f'Unsupported target_type: {target_type}')
+
+        body = {
+            'file_type': file_type,
+            'srv_send_msg': False,
+        }
+        if file_url:
+            body['url'] = file_url
+        elif file_data:
+            # 处理 data URL 格式: data:image/png;base64,xxxxx
+            if file_data.startswith('data:'):
+                match = re.match(r'^data:[^;]+;base64,(.+)$', file_data, re.DOTALL)
+                if match:
+                    body['file_data'] = match.group(1)
+                else:
+                    body['file_data'] = file_data
+            else:
+                body['file_data'] = file_data
+        else:
+            raise ValueError('file_url or file_data is required')
+
+        if file_type == self.MEDIA_TYPE_FILE and file_name:
+            body['file_name'] = file_name
+
+        async with httpx.AsyncClient(timeout=120) as client:
+            headers = {
+                'Authorization': f'QQBot {self.access_token}',
+                'Content-Type': 'application/json',
+            }
+            response = await client.post(url, headers=headers, json=body)
+            if response.status_code == 200:
+                data = response.json()
+                file_info = data.get('file_info', '')
+                preview = file_info[:80] + '...' if len(file_info) > 80 else file_info
+                await self.logger.info(f'Upload media success, file_info={preview}')
+                return file_info
+            else:
+                raise Exception(f'Failed to upload media: HTTP {response.status_code} {response.text}')
+
+    async def _send_media_msg(
+        self,
+        target_type: str,
+        target_id: str,
+        file_info: str,
+        msg_id: str = None,
+        content: str = None,
+    ):
+        """发送富媒体消息（msg_type=7）"""
+        if not await self.check_access_token():
+            await self.get_access_token()
+
+        if target_type == 'c2c':
+            url = f'{self.base_url}/v2/users/{target_id}/messages'
+        elif target_type == 'group':
+            url = f'{self.base_url}/v2/groups/{target_id}/messages'
+        else:
+            raise ValueError(f'Unsupported target_type: {target_type}')
+
+        self._msg_seq_counter += 1
+        msg_seq = self._msg_seq_counter
+        body = {
+            'msg_type': 7,
+            'media': {'file_info': file_info},
+            'msg_seq': msg_seq,
+        }
+        if content:
+            body['content'] = content
+        if msg_id:
+            body['msg_id'] = msg_id
+
+        async with httpx.AsyncClient(timeout=120) as client:
+            headers = {
+                'Authorization': f'QQBot {self.access_token}',
+                'Content-Type': 'application/json',
+            }
+            await self.logger.info(f'Sending rich media: {json.dumps(body, ensure_ascii=False)[:200]}')
+            response = await client.post(url, headers=headers, json=body)
+            if response.status_code != 200:
+                raise Exception(f'Failed to send rich media message: HTTP {response.status_code} {response.text}')
+
+    async def send_image_msg(
+        self,
+        target_type: str,
+        target_id: str,
+        file_url: str = None,
+        file_data: str = None,
+        msg_id: str = None,
+        content: str = None,
+    ):
+        """发送图片消息"""
+        file_info = await self.upload_media(
+            target_type,
+            target_id,
+            self.MEDIA_TYPE_IMAGE,
+            file_url=file_url,
+            file_data=file_data,
+        )
+        await self._send_media_msg(target_type, target_id, file_info, msg_id, content)
+
+    async def send_voice_msg(
+        self,
+        target_type: str,
+        target_id: str,
+        file_url: str = None,
+        file_data: str = None,
+        msg_id: str = None,
+    ):
+        """发送语音消息"""
+        file_info = await self.upload_media(
+            target_type,
+            target_id,
+            self.MEDIA_TYPE_VOICE,
+            file_url=file_url,
+            file_data=file_data,
+        )
+        await self._send_media_msg(target_type, target_id, file_info, msg_id)
+
+    async def send_file_msg(
+        self,
+        target_type: str,
+        target_id: str,
+        file_url: str = None,
+        file_data: str = None,
+        file_name: str = None,
+        msg_id: str = None,
+    ):
+        """发送文件消息（含视频）"""
+        file_info = await self.upload_media(
+            target_type,
+            target_id,
+            self.MEDIA_TYPE_FILE,
+            file_url=file_url,
+            file_data=file_data,
+            file_name=file_name,
+        )
+        await self._send_media_msg(target_type, target_id, file_info, msg_id)
+
+    async def send_stream_msg(
+        self,
+        user_openid: str,
+        content: str,
+        event_id: str,
+        msg_id: str,
+        msg_seq: int = 1,
+        index: int = 0,
+        stream_msg_id: str = None,
+        input_state: int = 1,
+    ):
+        """发送流式消息（C2C 私聊）。
+
+        Args:
+            input_state: 1=生成中, 10=生成结束
+        """
+        if not await self.check_access_token():
+            await self.get_access_token()
+
+        url = f'{self.base_url}/v2/users/{user_openid}/stream_messages'
+        body = {
+            'input_mode': 'replace',
+            'input_state': input_state,
+            'content_type': 'markdown',
+            'content_raw': content,
+            'event_id': event_id,
+            'msg_id': msg_id,
+            'msg_seq': msg_seq,
+            'index': index,
+        }
+        if stream_msg_id:
+            body['stream_msg_id'] = stream_msg_id
+
+        async with httpx.AsyncClient(timeout=120) as client:
+            headers = {
+                'Authorization': f'QQBot {self.access_token}',
+                'Content-Type': 'application/json',
+            }
+            response = await client.post(url, headers=headers, json=body)
+            if response.status_code != 200:
+                raise Exception(f'Failed to send stream message: HTTP {response.status_code} {response.text}')
+            return response.json()
+
    async def is_token_expired(self):
        """检查token是否过期"""
        if self.access_token_expiry_time is None:
@@ -292,3 +513,325 @@ class QQOfficialClient:
            'signature': signature,
        }
        return response
+
+    # ---- WebSocket Gateway ----
+    # Reference: https://bot.q.qq.com/wiki/develop/api-v2/dev-prepare/interface-framework/event-emit.html
+
+    INTENT_GUILDS = 1 << 0
+    INTENT_GUILD_MEMBERS = 1 << 1
+    INTENT_PUBLIC_GUILD_MESSAGES = 1 << 30
+    INTENT_DIRECT_MESSAGE = 1 << 12
+    INTENT_GROUP_AND_C2C = 1 << 25
+    INTENT_INTERACTION = 1 << 26
+
+    FULL_INTENTS = (
+        INTENT_GUILDS
+        | INTENT_GUILD_MEMBERS
+        | INTENT_PUBLIC_GUILD_MESSAGES
+        | INTENT_DIRECT_MESSAGE
+        | INTENT_GROUP_AND_C2C
+        | INTENT_INTERACTION
+    )
+
+    async def get_gateway_url(self) -> str:
+        """获取 WebSocket 网关地址"""
+        if not await self.check_access_token():
+            await self.get_access_token()
+
+        url = f'{self.base_url}/gateway'
+        async with httpx.AsyncClient() as client:
+            headers = {
+                'Authorization': f'QQBot {self.access_token}',
+            }
+            response = await client.get(url, headers=headers)
+            if response.status_code == 200:
+                data = response.json()
+                ws_url = data.get('url', '')
+                if not ws_url:
+                    raise Exception('Gateway URL is empty')
+                return ws_url
+            else:
+                raise Exception(f'Failed to get Gateway URL: HTTP {response.status_code} {response.text}')
+
+    async def _background_token_refresh(self):
+        """在 token 到期前主动刷新"""
+        try:
+            while True:
+                if self.access_token_expiry_time:
+                    remain = self.access_token_expiry_time - time.time()
+                    if remain > 120:
+                        await asyncio.sleep(remain - 60)
+                        continue
+                self.access_token = ''
+                self.access_token_expiry_time = None
+                if await self.check_access_token():
+                    await asyncio.sleep(60)
+                else:
+                    await self.get_access_token()
+                    await asyncio.sleep(60)
+        except asyncio.CancelledError:
+            pass
+
+    async def connect_gateway(
+        self,
+        on_event: Callable[[str, dict], Any],
+        on_ready: Optional[Callable[[], Any]] = None,
+        on_error: Optional[Callable[[Exception], Any]] = None,
+    ):
+        """WebSocket 网关连接，含重连逻辑。持续重连直到达到最大次数或被取消。
+
+        Args:
+            on_event: 收到 op=0 Dispatch 事件时的回调，参数为 (event_type, event_data)
+            on_ready: 连接就绪 (收到 READY) 时的回调
+            on_error: 发生错误时的回调
+        """
+        import websockets
+
+        session_id = ''
+        last_seq = 0
+        reconnect_attempts = 0
+        max_reconnect_attempts = 100
+        backoff_delays = [1, 2, 5, 10, 30, 60]
+        rate_limit_delay = 60
+
+        # Cancel previous token refresh task if any
+        if self._token_refresh_task and not self._token_refresh_task.done():
+            self._token_refresh_task.cancel()
+            try:
+                await self._token_refresh_task
+            except asyncio.CancelledError:
+                pass
+            self._token_refresh_task = None
+
+        while reconnect_attempts <= max_reconnect_attempts:
+            heartbeat_interval = 45000
+            should_refresh_token = False
+            ws = None
+            heartbeat_task = None
+
+            # Refresh token if needed
+            if should_refresh_token:
+                self.access_token = ''
+                self.access_token_expiry_time = None
+
+            try:
+                ws_url = await self.get_gateway_url()
+                await self.logger.info(f'Gateway URL obtained: {ws_url[:60]}...')
+            except Exception as e:
+                error_msg = str(e)
+                await self.logger.error(f'Failed to get gateway URL: {e}')
+                reconnect_attempts += 1
+                if '100017' in error_msg or '频率' in error_msg or 'Too many' in error_msg:
+                    delay = rate_limit_delay
+                else:
+                    delay = backoff_delays[min(reconnect_attempts - 1, len(backoff_delays) - 1)]
+                await self.logger.info(f'Reconnecting in {delay}s (attempt {reconnect_attempts})')
+                await asyncio.sleep(delay)
+                continue
+
+            try:
+                await self.logger.info('Connecting to WebSocket gateway...')
+                ws = await websockets.connect(ws_url)
+                await self.logger.info('WebSocket connected')
+            except Exception as e:
+                await self.logger.error(f'WebSocket connection failed: {e}')
+                reconnect_attempts += 1
+                delay = backoff_delays[min(reconnect_attempts - 1, len(backoff_delays) - 1)]
+                await self.logger.info(f'Reconnecting in {delay}s (attempt {reconnect_attempts})')
+                await asyncio.sleep(delay)
+                continue
+
+            try:
+                async for raw_msg in ws:
+                    try:
+                        payload = json.loads(raw_msg)
+                    except json.JSONDecodeError:
+                        await self.logger.error(f'Failed to parse message: {raw_msg}')
+                        continue
+
+                    op = payload.get('op')
+                    d = payload.get('d', {})
+                    s = payload.get('s')
+                    t = payload.get('t')
+
+                    if not isinstance(d, dict):
+                        d = {}
+
+                    if op == 10:  # Hello
+                        heartbeat_interval = d.get('heartbeat_interval', 45000)
+                        await self.logger.info(f'Received Hello, heartbeat_interval={heartbeat_interval}ms')
+
+                        # Send Identify or Resume
+                        if session_id and last_seq > 0:
+                            resume_payload = {
+                                'op': 6,
+                                'd': {
+                                    'token': f'QQBot {self.access_token}',
+                                    'session_id': session_id,
+                                    'seq': last_seq,
+                                },
+                            }
+                            await ws.send(json.dumps(resume_payload))
+                            await self.logger.info(f'Sent Resume, session_id={session_id}, seq={last_seq}')
+                        else:
+                            identify_payload = {
+                                'op': 2,
+                                'd': {
+                                    'token': f'QQBot {self.access_token}',
+                                    'intents': self.FULL_INTENTS,
+                                    'shard': [0, 1],
+                                },
+                            }
+                            await ws.send(json.dumps(identify_payload))
+                            await self.logger.info(f'Sent Identify, intents={self.FULL_INTENTS}')
+
+                        # Start heartbeat
+                        async def _heartbeat_loop(conn, interval_ms):
+                            interval_sec = interval_ms / 1000.0
+                            try:
+                                while True:
+                                    await asyncio.sleep(interval_sec)
+                                    try:
+                                        hb_payload = {'op': 1, 'd': last_seq}
+                                        await conn.send(json.dumps(hb_payload))
+                                    except Exception:
+                                        break
+                            except asyncio.CancelledError:
+                                pass
+
+                        heartbeat_task = asyncio.create_task(_heartbeat_loop(ws, heartbeat_interval))
+
+                    elif op == 0:  # Dispatch
+                        if s is not None:
+                            last_seq = s
+
+                        if t == 'READY':
+                            session_id = d.get('session_id', '')
+                            reconnect_attempts = 0
+                            await self.logger.info(f'READY, session_id={session_id}')
+                            if on_ready:
+                                try:
+                                    result = on_ready()
+                                    if asyncio.iscoroutine(result):
+                                        await result
+                                except Exception:
+                                    pass
+                            # Track token refresh task to avoid leaks
+                            if self._token_refresh_task and not self._token_refresh_task.done():
+                                self._token_refresh_task.cancel()
+                                try:
+                                    await self._token_refresh_task
+                                except asyncio.CancelledError:
+                                    pass
+                            self._token_refresh_task = asyncio.create_task(self._background_token_refresh())
+
+                        elif t == 'RESUMED':
+                            reconnect_attempts = 0
+                            await self.logger.info('RESUMED')
+
+                        else:
+                            await self.logger.debug(f'Received event: {t}, seq={s}')
+                            if on_event:
+                                try:
+                                    result = on_event(t, d)
+                                    if asyncio.iscoroutine(result):
+                                        await result
+                                except Exception:
+                                    await self.logger.error(f'Error handling event {t}: {traceback.format_exc()}')
+
+                    elif op == 11:  # Heartbeat ACK
+                        pass
+
+                    elif op == 7:  # Reconnect
+                        await self.logger.info('Received Reconnect directive')
+                        break
+
+                    elif op == 9:  # Invalid Session
+                        can_resume = d.get('can_resume', False)
+                        await self.logger.warning(f'Invalid Session, can_resume={can_resume}')
+                        if not can_resume:
+                            session_id = ''
+                            last_seq = 0
+                            should_refresh_token = True
+                        break
+
+                # Connection closed normally (end of async for)
+                try:
+                    close_code = ws.close_code
+                    close_reason = ws.close_reason or ''
+                except Exception:
+                    close_code = None
+                    close_reason = ''
+                await self.logger.info(f'Connection closed, code={close_code}, reason={close_reason}')
+
+                if close_code == 4004:
+                    should_refresh_token = True
+                elif close_code in (4006, 4007, 4009):
+                    session_id = ''
+                    last_seq = 0
+                    should_refresh_token = True
+                elif close_code == 4008:
+                    reconnect_attempts += 1
+                    delay = rate_limit_delay
+                    await self.logger.info(
+                        f'Rate limited, waiting {delay}s before reconnect (attempt {reconnect_attempts})'
+                    )
+                    await asyncio.sleep(delay)
+                    continue
+                elif close_code in (4914, 4915):
+                    err = Exception(f'Bot disconnected/banned (close_code={close_code})')
+                    if on_error:
+                        await self._safe_callback(on_error, err)
+                    return
+                elif close_code in (4900, 4901, 4902, 4903, 4904, 4905, 4906, 4907, 4908, 4909, 4910, 4911, 4912, 4913):
+                    session_id = ''
+                    last_seq = 0
+
+                if close_code == 1000:
+                    return
+
+            except asyncio.CancelledError:
+                raise
+            except Exception:
+                await self.logger.error(f'Unexpected error in WebSocket loop: {traceback.format_exc()}')
+            finally:
+                if heartbeat_task:
+                    heartbeat_task.cancel()
+                    try:
+                        await heartbeat_task
+                    except asyncio.CancelledError:
+                        pass
+                if ws:
+                    try:
+                        await ws.close()
+                    except Exception:
+                        pass
+
+            # If we reach here, we need to reconnect
+            reconnect_attempts += 1
+            if reconnect_attempts > max_reconnect_attempts:
+                await self.logger.error(f'Max reconnect attempts ({max_reconnect_attempts}) reached, stopping')
+                if on_error:
+                    await self._safe_callback(on_error, Exception('Max reconnect attempts reached'))
+                return
+            delay = backoff_delays[min(reconnect_attempts - 1, len(backoff_delays) - 1)]
+            await self.logger.info(f'Reconnecting in {delay}s (attempt {reconnect_attempts})')
+            await asyncio.sleep(delay)
+
+    async def _safe_callback(self, callback, *args):
+        """Safely invoke a callback, handling both sync and async functions."""
+        try:
+            result = callback(*args)
+            if asyncio.iscoroutine(result):
+                await result
+        except Exception:
+            pass
+
+    async def connect_gateway_loop(
+        self,
+        on_event: Callable[[str, dict], Any],
+        on_ready: Optional[Callable[[], Any]] = None,
+        on_error: Optional[Callable[[Exception], Any]] = None,
+    ):
+        """持续重连的网关循环。"""
+        await self.connect_gateway(on_event, on_ready, on_error)
--- a/src/langbot/libs/wecom_ai_bot_api/api.py
+++ b/src/langbot/libs/wecom_ai_bot_api/api.py
@@ -71,6 +71,11 @@ class StreamSession:
 class StreamSessionManager:
    """管理 stream 会话的生命周期，并负责队列的生产消费。"""

+    # Sessions with registered feedback_ids use a longer TTL to survive the
+    # full like → cancel → dislike feedback flow. Must align with the adapter's
+    # _stream_to_monitoring_msg TTL (wecombot.py).
+    _FEEDBACK_SESSION_TTL = 600  # 10 minutes
+
    def __init__(self, logger: EventLogger, ttl: int = 60) -> None:
        self.logger = logger

@@ -214,11 +219,17 @@ class StreamSessionManager:
            session.last_access = time.time()

    def cleanup(self) -> None:
-        """定期清理过期会话，防止队列与映射无上限累积。"""
+        """定期清理过期会话，防止队列与映射无上限累积。
+
+        已注册 feedback_id 的会话使用更长的 TTL，确保用户在点赞/取消/点踩流程中
+        不会因为 session 被提前清除而丢失上下文信息。
+        """
        now = time.time()
        expired: list[str] = []
        for stream_id, session in self._sessions.items():
-            if now - session.last_access > self.ttl:
+            # Sessions with registered feedback_ids use a longer TTL
+            effective_ttl = self._FEEDBACK_SESSION_TTL if session.feedback_id else self.ttl
+            if now - session.last_access > effective_ttl:
                expired.append(stream_id)

        for stream_id in expired:
@@ -228,6 +239,9 @@ class StreamSessionManager:
            msg_id = session.msg_id
            if msg_id and self._msg_index.get(msg_id) == stream_id:
                self._msg_index.pop(msg_id, None)
+            # Clean up feedback index for expired sessions
+            if session.feedback_id:
+                self._feedback_index.pop(session.feedback_id, None)


 def _decrypt_file(encrypted_data: bytes, aes_key_str: str) -> bytes:
@@ -434,10 +448,10 @@ async def parse_wecom_bot_message(
        }
        if voice_info.get('content'):
            message_data['content'] = voice_info.get('content')
-        if (message_data['voice'].get('filesize') or 0) <= max_inline_file_size:
-            voice_base64 = await _safe_download_as_data_uri(download_url, per_msg_aeskey)
-            if voice_base64:
-                message_data['voice']['base64'] = voice_base64
+        # if (message_data['voice'].get('filesize') or 0) <= max_inline_file_size:
+        #     voice_base64 = await _safe_download_as_data_uri(download_url, per_msg_aeskey)
+        #     if voice_base64:
+        #         message_data['voice']['base64'] = voice_base64
    elif msg_type == 'video':
        video_info = msg_json.get('video', {}) or {}
        download_url = video_info.get('url')
@@ -449,10 +463,12 @@ async def parse_wecom_bot_message(
            'md5sum': video_info.get('md5sum') or video_info.get('md5'),
            'filename': video_info.get('filename') or video_info.get('name'),
        }
-        if (video_data.get('filesize') or 0) <= max_inline_file_size:
-            video_base64 = await _safe_download_as_data_uri(download_url, per_msg_aeskey)
-            if video_base64:
-                video_data['base64'] = video_base64
+        # if (video_data.get('filesize') or 0) <= max_inline_file_size:
+        #     video_base64 = await _safe_download_as_data_uri(download_url, per_msg_aeskey)
+        #     if video_base64:
+        #         video_data['base64'] = video_base64
+        # 应为需要解密，但是目前暂时不能下载到内部进行解密，所以先将下载链接拼接aeskey返回给用户，由插件去处理该链接的下载和解密逻辑
+        video_data['download_url'] = download_url + f'?aeskey={per_msg_aeskey}'
        message_data['video'] = video_data
    elif msg_type == 'file':
        file_info = msg_json.get('file', {}) or {}
@@ -466,12 +482,15 @@ async def parse_wecom_bot_message(
            'download_url': download_url,
            'extra': file_info,
        }
-        if (file_data.get('filesize') or 0) <= max_inline_file_size:
-            file_bytes, dl_filename = await _safe_download(download_url, per_msg_aeskey)
-            if file_bytes:
-                file_data['base64'] = _bytes_to_data_uri(file_bytes)
-                if dl_filename and not file_data.get('filename'):
-                    file_data['filename'] = dl_filename
+        # if (file_data.get('filesize') or 0) <= max_inline_file_size:
+        #     file_bytes, dl_filename = await _safe_download(download_url, per_msg_aeskey)
+        #     if file_bytes:
+        #         file_data['base64'] = _bytes_to_data_uri(file_bytes)
+        #         if dl_filename and not file_data.get('filename'):
+        #             file_data['filename'] = dl_filename
+
+        # 应为需要解密，但是目前暂时不能下载到内部进行解密，所以先将下载链接拼接aeskey返回给用户，由插件去处理该链接的下载和解密逻辑
+        file_data['download_url'] = download_url + f'?aeskey={per_msg_aeskey}'
        message_data['file'] = file_data
    elif msg_type == 'link':
        message_data['link'] = msg_json.get('link', {})
@@ -587,6 +606,120 @@ async def parse_wecom_bot_message(
    if msg_json.get('aibotid'):
        message_data['aibotid'] = msg_json.get('aibotid', '')

+    # Handle quote (referenced message) - important for group chat file references
+    quote_info = msg_json.get('quote')
+    if quote_info:
+        quote_data: dict[str, Any] = {}
+        quote_type = quote_info.get('msgtype', '')
+        quote_data['msgtype'] = quote_type
+
+        if quote_type == 'text':
+            quote_data['content'] = quote_info.get('text', {}).get('content', '')
+        elif quote_type == 'image':
+            img_info = quote_info.get('image', {})
+            img_url = img_info.get('url', '')
+            img_aeskey = img_info.get('aeskey', '')
+            base64_data = await _safe_download_as_data_uri(img_url, img_aeskey)
+            if base64_data:
+                quote_data['picurl'] = base64_data
+                quote_data['images'] = [base64_data]
+        elif quote_type == 'file':
+            file_info = quote_info.get('file', {}) or {}
+            download_url = file_info.get('url') or file_info.get('fileurl')
+            item_aeskey = file_info.get('aeskey', '')
+            file_data = {
+                'filename': file_info.get('filename') or file_info.get('name'),
+                'filesize': file_info.get('filesize') or file_info.get('size'),
+                'md5sum': file_info.get('md5sum') or file_info.get('md5'),
+                'sdkfileid': file_info.get('sdkfileid') or file_info.get('fileid'),
+                'download_url': download_url,
+                'extra': file_info,
+            }
+            # Same as private chat: append aeskey to download_url for plugin processing
+            if download_url and item_aeskey:
+                file_data['download_url'] = download_url + f'?aeskey={item_aeskey}'
+            quote_data['file'] = file_data
+        elif quote_type == 'voice':
+            voice_info = quote_info.get('voice', {}) or {}
+            download_url = voice_info.get('url')
+            item_aeskey = voice_info.get('aeskey', '')
+            voice_data = {
+                'url': download_url,
+                'md5sum': voice_info.get('md5sum') or voice_info.get('md5'),
+                'filesize': voice_info.get('filesize') or voice_info.get('size'),
+                'sdkfileid': voice_info.get('sdkfileid') or voice_info.get('fileid'),
+            }
+            if voice_info.get('content'):
+                quote_data['content'] = voice_info.get('content')
+            # Same as private chat: append aeskey to url for plugin processing
+            if download_url and item_aeskey:
+                voice_data['url'] = download_url + f'?aeskey={item_aeskey}'
+            quote_data['voice'] = voice_data
+        elif quote_type == 'video':
+            video_info = quote_info.get('video', {}) or {}
+            download_url = video_info.get('url')
+            item_aeskey = video_info.get('aeskey', '')
+            video_data = {
+                'url': download_url,
+                'filesize': video_info.get('filesize') or video_info.get('size'),
+                'sdkfileid': video_info.get('sdkfileid') or video_info.get('fileid'),
+                'md5sum': video_info.get('md5sum') or video_info.get('md5'),
+                'filename': video_info.get('filename') or video_info.get('name'),
+            }
+            # Same as private chat: append aeskey to download_url for plugin processing
+            if download_url and item_aeskey:
+                video_data['download_url'] = download_url + f'?aeskey={item_aeskey}'
+            quote_data['video'] = video_data
+        elif quote_type == 'link':
+            quote_data['link'] = quote_info.get('link', {})
+            link = quote_data['link']
+            title = link.get('title', '')
+            desc = link.get('description') or link.get('digest', '')
+            quote_data['content'] = '\n'.join(filter(None, [title, desc]))
+        elif quote_type == 'mixed':
+            # Handle mixed type in quote (text + images + files etc.)
+            items = quote_info.get('mixed', {}).get('msg_item', [])
+            texts = []
+            images = []
+            files = []
+            for item in items:
+                item_type = item.get('msgtype')
+                if item_type == 'text':
+                    texts.append(item.get('text', {}).get('content', ''))
+                elif item_type == 'image':
+                    img_info = item.get('image', {})
+                    img_url = img_info.get('url')
+                    img_aeskey = img_info.get('aeskey', '')
+                    base64_data = await _safe_download_as_data_uri(img_url, img_aeskey)
+                    if base64_data:
+                        images.append(base64_data)
+                elif item_type == 'file':
+                    file_info = item.get('file', {}) or {}
+                    download_url = file_info.get('url') or file_info.get('fileurl')
+                    item_aeskey = file_info.get('aeskey', '')
+                    file_data = {
+                        'filename': file_info.get('filename') or file_info.get('name'),
+                        'filesize': file_info.get('filesize') or file_info.get('size'),
+                        'md5sum': file_info.get('md5sum') or file_info.get('md5'),
+                        'sdkfileid': file_info.get('sdkfileid') or file_info.get('fileid'),
+                        'download_url': download_url,
+                        'extra': file_info,
+                    }
+                    # Same as private chat: append aeskey to download_url for plugin processing
+                    if download_url and item_aeskey:
+                        file_data['download_url'] = download_url + f'?aeskey={item_aeskey}'
+                    files.append(file_data)
+            if texts:
+                quote_data['content'] = ' '.join(texts)
+            if images:
+                quote_data['images'] = images
+                quote_data['picurl'] = images[0]
+            if files:
+                quote_data['files'] = files
+                quote_data['file'] = files[0]
+
+        message_data['quote'] = quote_data
+
    return message_data


@@ -898,36 +1031,38 @@ class WecomBotClient:
            )

            session = self.stream_sessions.get_session_by_feedback_id(feedback_id)
+
            if session:
                await self.logger.info(
-                    f'反馈关联到会话: stream_id={session.stream_id}, msg_id={session.msg_id}, '
-                    f'user_id={session.user_id}'
+                    f'反馈关联到会话: stream_id={session.stream_id}, msg_id={session.msg_id}, user_id={session.user_id}'
                )
-                for handler in self._message_handlers.get('feedback', []):
-                    try:
-                        await handler(
-                            feedback_id=feedback_id,
-                            feedback_type=feedback_type,
-                            feedback_content=feedback_content,
-                            inaccurate_reasons=inaccurate_reasons,
-                            session=session,
-                        )
-                    except Exception:
-                        await self.logger.error(traceback.format_exc())
-
-                if self._feedback_callback:
-                    try:
-                        await self._feedback_callback(
-                            feedback_id=feedback_id,
-                            feedback_type=feedback_type,
-                            feedback_content=feedback_content,
-                            inaccurate_reasons=inaccurate_reasons,
-                            session=session,
-                        )
-                    except Exception:
-                        await self.logger.error(traceback.format_exc())
            else:
-                await self.logger.warning(f'未找到 feedback_id={feedback_id} 对应的会话')
+                await self.logger.warning(f'未找到 feedback_id={feedback_id} 对应的会话，仍将记录反馈')
+
+            # Dispatch feedback event regardless of session availability
+            for handler in self._message_handlers.get('feedback', []):
+                try:
+                    await handler(
+                        feedback_id=feedback_id,
+                        feedback_type=feedback_type,
+                        feedback_content=feedback_content,
+                        inaccurate_reasons=inaccurate_reasons,
+                        session=session,
+                    )
+                except Exception:
+                    await self.logger.error(traceback.format_exc())
+
+            if self._feedback_callback:
+                try:
+                    await self._feedback_callback(
+                        feedback_id=feedback_id,
+                        feedback_type=feedback_type,
+                        feedback_content=feedback_content,
+                        inaccurate_reasons=inaccurate_reasons,
+                        session=session,
+                    )
+                except Exception:
+                    await self.logger.error(traceback.format_exc())

        except Exception:
            await self.logger.error(traceback.format_exc())
--- a/src/langbot/libs/wecom_ai_bot_api/wecombotevent.py
+++ b/src/langbot/libs/wecom_ai_bot_api/wecombotevent.py
@@ -147,3 +147,10 @@ class WecomBotEvent(dict):
        流式消息 ID
        """
        return self.get('stream_id', '')
+
+    @property
+    def quote(self):
+        """
+        引用消息信息（群聊中用户引用其他消息时返回）
+        """
+        return self.get('quote', {})
--- a/src/langbot/libs/wecom_ai_bot_api/ws_client.py
+++ b/src/langbot/libs/wecom_ai_bot_api/ws_client.py
@@ -20,7 +20,7 @@ from typing import Any, Callable, Optional
 import aiohttp

 from langbot.libs.wecom_ai_bot_api import wecombotevent
-from langbot.libs.wecom_ai_bot_api.api import parse_wecom_bot_message
+from langbot.libs.wecom_ai_bot_api.api import parse_wecom_bot_message, StreamSession
 from langbot.pkg.platform.logger import EventLogger

 DEFAULT_WS_URL = 'wss://openws.work.weixin.qq.com'
@@ -96,6 +96,12 @@ class WecomBotWsClient:
        self._stream_ids: dict[str, str] = {}  # msg_id -> req_id|stream_id
        # Dedup: skip sending when content hasn't changed
        self._stream_last_content: dict[str, str] = {}  # msg_id -> last content sent
+        # Stream session info for feedback tracking
+        self._stream_sessions: dict[str, dict] = {}  # msg_id -> session info
+        # Feedback tracking: feedback_id -> session info
+        self._feedback_sessions: dict[str, dict] = {}  # feedback_id -> {msg_id, user_id, chat_id, stream_id, req_id}
+        # msg_id -> feedback_id (for associating feedback with message)
+        self._msg_feedback_ids: dict[str, str] = {}  # msg_id -> feedback_id

    # ── Public API ──────────────────────────────────────────────────

@@ -164,12 +170,27 @@ class WecomBotWsClient:

        return decorator

+    def on_feedback(self) -> Callable:
+        """Decorator to register a feedback event handler.
+
+        Same interface as WecomBotClient.on_feedback for compatibility.
+        """
+
+        def decorator(func: Callable):
+            if 'feedback' not in self._message_handlers:
+                self._message_handlers['feedback'] = []
+            self._message_handlers['feedback'].append(func)
+            return func
+
+        return decorator
+
    async def reply_stream(
        self,
        req_id: str,
        stream_id: str,
        content: str,
        finish: bool = False,
+        feedback_id: str = '',
    ) -> Optional[dict]:
        """Send a streaming reply frame.

@@ -178,17 +199,22 @@ class WecomBotWsClient:
            stream_id: The stream ID for this streaming session.
            content: The content to send (supports Markdown).
            finish: Whether this is the final chunk.
+            feedback_id: Optional feedback ID for receiving user feedback (like/dislike).

        Returns:
            The ACK frame dict, or None on failure.
        """
+        stream_payload = {
+            'id': stream_id,
+            'finish': finish,
+            'content': content,
+        }
+        if feedback_id:
+            stream_payload['feedback'] = {'id': feedback_id}
+
        body = {
            'msgtype': 'stream',
-            'stream': {
-                'id': stream_id,
-                'finish': finish,
-                'content': content,
-            },
+            'stream': stream_payload,
        }
        return await self._send_reply(req_id, body)

@@ -253,11 +279,23 @@ class WecomBotWsClient:
            # Skip sending if content hasn't changed (e.g. during tool call argument streaming)
            if not is_final and content == self._stream_last_content.get(msg_id):
                return True
-            await self.reply_stream(req_id, stream_id, content, finish=is_final)
+
+            # Generate feedback_id for final chunk
+            feedback_id = ''
+            if is_final:
+                feedback_id = _generate_req_id('feedback')
+                self._msg_feedback_ids[msg_id] = feedback_id
+                # Store session info for feedback tracking
+                session_info = self._stream_sessions.get(msg_id)
+                if session_info:
+                    self._feedback_sessions[feedback_id] = session_info
+
+            await self.reply_stream(req_id, stream_id, content, finish=is_final, feedback_id=feedback_id)
            self._stream_last_content[msg_id] = content
            if is_final:
                self._stream_ids.pop(msg_id, None)
                self._stream_last_content.pop(msg_id, None)
+                self._stream_sessions.pop(msg_id, None)
            return True
        except Exception:
            await self.logger.error(f'Failed to push stream chunk: {traceback.format_exc()}')
@@ -445,6 +483,15 @@ class WecomBotWsClient:
            msg_id = message_data.get('msgid', '')
            if msg_id:
                self._stream_ids[msg_id] = f'{req_id}|{stream_id}'
+                # Store session info for feedback tracking
+                self._stream_sessions[msg_id] = {
+                    'req_id': req_id,
+                    'stream_id': stream_id,
+                    'msg_id': msg_id,
+                    'user_id': message_data.get('userid', ''),
+                    'chat_id': message_data.get('chatid', ''),
+                    'chat_type': message_data.get('type', 'single'),
+                }
            message_data['stream_id'] = stream_id
            message_data['req_id'] = req_id

@@ -454,7 +501,7 @@ class WecomBotWsClient:
            await self.logger.error(f'Error in message callback: {traceback.format_exc()}')

    async def _handle_event_callback(self, frame: dict):
-        """Handle an incoming event callback frame (enter_chat, template_card_event, etc.)."""
+        """Handle an incoming event callback frame (enter_chat, template_card_event, feedback_event, disconnected_event)."""
        try:
            body = frame.get('body', {})
            req_id = frame.get('headers', {}).get('req_id', '')
@@ -479,14 +526,54 @@ class WecomBotWsClient:
            if body.get('chatid'):
                message_data['chatid'] = body.get('chatid', '')

+            if event_type == 'feedback_event':
+                feedback_event = event_info.get('feedback_event', {})
+                feedback_id = feedback_event.get('id', '')
+                feedback_type = feedback_event.get('type', 0)
+                feedback_content = feedback_event.get('content', '')
+                inaccurate_reasons = feedback_event.get('inaccurate_reason_list', [])
+
+                await self.logger.info(
+                    f'收到用户反馈事件: feedback_id={feedback_id}, type={feedback_type}, '
+                    f'content={feedback_content}, reasons={inaccurate_reasons}'
+                )
+
+                # Look up session by feedback_id
+                session_info = self._feedback_sessions.get(feedback_id)
+                session = None
+                if session_info:
+                    session = StreamSession(
+                        stream_id=session_info.get('stream_id', ''),
+                        msg_id=session_info.get('msg_id', ''),
+                        chat_id=session_info.get('chat_id') or None,
+                        user_id=session_info.get('user_id') or None,
+                        feedback_id=feedback_id,
+                    )
+                    await self.logger.info(
+                        f'反馈关联到会话: stream_id={session.stream_id}, msg_id={session.msg_id}, user_id={session.user_id}'
+                    )
+                else:
+                    await self.logger.warning(f'未找到 feedback_id={feedback_id} 对应的会话')
+
+                for handler in self._message_handlers.get('feedback', []):
+                    try:
+                        await handler(
+                            feedback_id=feedback_id,
+                            feedback_type=feedback_type,
+                            feedback_content=feedback_content,
+                            inaccurate_reasons=inaccurate_reasons,
+                            session=session,
+                        )
+                    except Exception:
+                        await self.logger.error(f'Error in feedback handler: {traceback.format_exc()}')
+                return
+
            event = wecombotevent.WecomBotEvent(message_data)

-            # Dispatch to event-specific handlers
            if event_type in self._message_handlers:
                for handler in self._message_handlers[event_type]:
                    await handler(event)

-            # Also dispatch to generic 'event' handlers
            if 'event' in self._message_handlers:
                for handler in self._message_handlers['event']:
                    await handler(event)
--- a/src/langbot/pkg/api/http/controller/groups/pipelines/embed.py
+++ b/src/langbot/pkg/api/http/controller/groups/pipelines/embed.py
@@ -0,0 +1,384 @@
+"""Embed widget routes - serve embeddable chat widget for external websites.
+
+All user-facing URLs are keyed by **bot_uuid** (not pipeline_uuid) so that
+internal pipeline identifiers are never exposed to end-users.  Each handler
+resolves the bot_uuid to the owning ``web_page_bot`` RuntimeBot and extracts
+the bound pipeline_uuid for internal routing.
+"""
+
+import asyncio
+import datetime
+import json
+import logging
+import uuid
+import hmac
+import hashlib
+import time
+import re
+import httpx
+
+import quart
+
+from ... import group
+from ......utils import paths
+from ......platform.sources.websocket_manager import ws_connection_manager
+
+logger = logging.getLogger(__name__)
+
+# Cache the widget template content
+_widget_template_cache: str | None = None
+_logo_bytes_cache: bytes | None = None
+
+
+def _is_valid_uuid(s: str) -> bool:
+    return bool(re.match(r'^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$', s))
+
+
+def _get_widget_template() -> str:
+    """Load and cache the widget JS template."""
+    global _widget_template_cache
+    if _widget_template_cache is None:
+        template_path = paths.get_resource_path('templates/embed/widget.js')
+        with open(template_path, 'r', encoding='utf-8') as f:
+            _widget_template_cache = f.read()
+    return _widget_template_cache
+
+
+def _get_logo_bytes() -> bytes:
+    """Load and cache the logo image."""
+    global _logo_bytes_cache
+    if _logo_bytes_cache is None:
+        logo_path = paths.get_resource_path('templates/embed/logo.webp')
+        with open(logo_path, 'rb') as f:
+            _logo_bytes_cache = f.read()
+    return _logo_bytes_cache
+
+
+@group.group_class('embed', '/api/v1/embed')
+class EmbedRouterGroup(group.RouterGroup):
+    # -- helpers -------------------------------------------------------------
+
+    def _resolve_bot(self, bot_uuid: str):
+        """Resolve *bot_uuid* to ``(runtime_bot, pipeline_uuid)``.
+
+        Returns ``(None, None)`` when the bot does not exist, is not a
+        ``web_page_bot``, is disabled, or has no pipeline bound.
+        """
+        for bot in self.ap.platform_mgr.bots:
+            if (
+                bot.bot_entity.uuid == bot_uuid
+                and bot.bot_entity.adapter == 'web_page_bot'
+                and bot.bot_entity.enable
+                and bot.bot_entity.use_pipeline_uuid
+            ):
+                return bot, bot.bot_entity.use_pipeline_uuid
+        return None, None
+
+    def _get_bot_config(self, bot_uuid: str) -> dict:
+        for bot in self.ap.platform_mgr.bots:
+            if bot.bot_entity.uuid == bot_uuid and bot.bot_entity.adapter == 'web_page_bot':
+                return bot.bot_entity.adapter_config
+        return {}
+
+    async def _verify_session_token(self, request, bot_uuid: str) -> bool:
+        config = self._get_bot_config(bot_uuid)
+        secret = config.get('turnstile_secret_key', '')
+        if not secret:
+            return True
+        auth_header = request.headers.get('Authorization', '')
+        if not auth_header.startswith('Bearer '):
+            return False
+        token = auth_header[7:]
+        try:
+            ts_str, mac = token.split('.', 1)
+            ts = float(ts_str)
+            if time.time() - ts > 86400:
+                return False
+            expected_mac = hmac.new(secret.encode(), f'{ts_str}'.encode(), hashlib.sha256).hexdigest()
+            return hmac.compare_digest(mac, expected_mac)
+        except Exception:
+            return False
+
+    # -- routes --------------------------------------------------------------
+
+    async def initialize(self) -> None:
+        @self.route('/<bot_uuid>/turnstile/verify', methods=['POST'], auth_type=group.AuthType.NONE)
+        async def verify_turnstile(bot_uuid: str) -> str:
+            if not _is_valid_uuid(bot_uuid):
+                return self.http_status(400, -1, 'Invalid bot_uuid format')
+            runtime_bot, pipeline_uuid = self._resolve_bot(bot_uuid)
+            if runtime_bot is None:
+                return self.http_status(404, -1, 'Bot not found or not available')
+            try:
+                data = await quart.request.get_json()
+                token = data.get('token')
+                if not token:
+                    return self.http_status(400, -1, 'Token is required')
+
+                config = self._get_bot_config(bot_uuid)
+                secret = config.get('turnstile_secret_key', '')
+                if not secret:
+                    ts = time.time()
+                    return self.success(data={'token': f'{ts}.dummy'})
+
+                async with httpx.AsyncClient() as client:
+                    resp = await client.post(
+                        'https://challenges.cloudflare.com/turnstile/v0/siteverify',
+                        data={'secret': secret, 'response': token},
+                    )
+                    result = resp.json()
+
+                if not result.get('success'):
+                    return self.http_status(403, -1, 'Turnstile verification failed')
+
+                ts = time.time()
+                mac = hmac.new(secret.encode(), f'{ts}'.encode(), hashlib.sha256).hexdigest()
+                session_token = f'{ts}.{mac}'
+
+                return self.success(data={'token': session_token})
+
+            except Exception as e:
+                logger.error(f'Turnstile verify failed: {e}', exc_info=True)
+                return self.http_status(500, -1, 'Internal server error')
+
+        @self.route('/<bot_uuid>/widget.js', methods=['GET'], auth_type=group.AuthType.NONE)
+        async def serve_widget(bot_uuid: str) -> quart.Response:
+            """Serve the embed widget JavaScript with injected configuration."""
+            if not _is_valid_uuid(bot_uuid):
+                return self.http_status(400, -1, 'Invalid bot_uuid format')
+            runtime_bot, pipeline_uuid = self._resolve_bot(bot_uuid)
+            if runtime_bot is None:
+                return quart.Response(
+                    '// Bot not found or not available', status=404, content_type='application/javascript'
+                )
+            try:
+                template = _get_widget_template()
+            except FileNotFoundError:
+                return quart.Response('// Widget template not found', status=404, content_type='application/javascript')
+
+            base_url = quart.request.host_url.rstrip('/')
+            webhook_prefix = self.ap.instance_config.data.get('api', {}).get('webhook_prefix', '')
+            if webhook_prefix:
+                base_url = webhook_prefix.rstrip('/')
+
+            if not re.match(r'^https?://[a-zA-Z0-9._:/-]+$', base_url):
+                base_url = quart.request.host_url.rstrip('/')
+
+            config = self._get_bot_config(bot_uuid)
+            site_key = config.get('turnstile_site_key', '')
+            locale = config.get('language', 'en_US') or 'en_US'
+            bubble_icon = config.get('bubble_icon', 'logo') or 'logo'
+            widget_js = template.replace('__LANGBOT_TURNSTILE_SITE_KEY__', site_key)
+            widget_js = widget_js.replace('__LANGBOT_BOT_UUID__', bot_uuid)
+            widget_js = widget_js.replace('__LANGBOT_BASE_URL__', base_url)
+            widget_js = widget_js.replace('__LANGBOT_LOCALE__', locale)
+            widget_js = widget_js.replace('__LANGBOT_BUBBLE_ICON__', bubble_icon)
+
+            response = quart.Response(widget_js, content_type='application/javascript; charset=utf-8')
+            response.headers['Cache-Control'] = 'public, max-age=300'
+            return response
+
+        @self.route('/logo', methods=['GET'], auth_type=group.AuthType.NONE)
+        async def serve_logo() -> quart.Response:
+            """Serve the LangBot logo for the embed widget."""
+            try:
+                logo_data = _get_logo_bytes()
+            except FileNotFoundError:
+                return quart.Response('', status=404)
+
+            response = quart.Response(logo_data, content_type='image/webp')
+            response.headers['Cache-Control'] = 'public, max-age=86400'
+            return response
+
+        @self.route('/<bot_uuid>/messages/<session_type>', methods=['GET'], auth_type=group.AuthType.NONE)
+        async def get_embed_messages(bot_uuid: str, session_type: str) -> str:
+            if not _is_valid_uuid(bot_uuid):
+                return self.http_status(400, -1, 'Invalid bot_uuid format')
+            runtime_bot, pipeline_uuid = self._resolve_bot(bot_uuid)
+            if runtime_bot is None:
+                return self.http_status(404, -1, 'Bot not found or not available')
+            if not await self._verify_session_token(quart.request, bot_uuid):
+                return self.http_status(403, -1, 'Unauthorized or session expired')
+            try:
+                if session_type not in ['person', 'group']:
+                    return self.http_status(400, -1, 'session_type must be person or group')
+
+                websocket_adapter = self.ap.platform_mgr.websocket_proxy_bot.adapter
+                if not websocket_adapter:
+                    return self.http_status(404, -1, 'WebSocket adapter not found')
+
+                messages = websocket_adapter.get_websocket_messages(pipeline_uuid, session_type)
+                return self.success(data={'messages': messages})
+
+            except Exception as e:
+                logger.error(f'Failed to get embed messages: {e}', exc_info=True)
+                return self.http_status(500, -1, 'Internal server error')
+
+        @self.route('/<bot_uuid>/reset/<session_type>', methods=['POST'], auth_type=group.AuthType.NONE)
+        async def reset_embed_session(bot_uuid: str, session_type: str) -> str:
+            if not _is_valid_uuid(bot_uuid):
+                return self.http_status(400, -1, 'Invalid bot_uuid format')
+            runtime_bot, pipeline_uuid = self._resolve_bot(bot_uuid)
+            if runtime_bot is None:
+                return self.http_status(404, -1, 'Bot not found or not available')
+            if not await self._verify_session_token(quart.request, bot_uuid):
+                return self.http_status(403, -1, 'Unauthorized or session expired')
+            try:
+                if session_type not in ['person', 'group']:
+                    return self.http_status(400, -1, 'session_type must be person or group')
+
+                websocket_adapter = self.ap.platform_mgr.websocket_proxy_bot.adapter
+                if not websocket_adapter:
+                    return self.http_status(404, -1, 'WebSocket adapter not found')
+
+                websocket_adapter.reset_session(pipeline_uuid, session_type)
+                return self.success(data={'message': 'Session reset successfully'})
+
+            except Exception as e:
+                logger.error(f'Failed to reset embed session: {e}', exc_info=True)
+                return self.http_status(500, -1, 'Internal server error')
+
+        @self.route('/<bot_uuid>/feedback', methods=['POST'], auth_type=group.AuthType.NONE)
+        async def submit_feedback(bot_uuid: str) -> str:
+            if not _is_valid_uuid(bot_uuid):
+                return self.http_status(400, -1, 'Invalid bot_uuid format')
+            runtime_bot, pipeline_uuid = self._resolve_bot(bot_uuid)
+            if runtime_bot is None:
+                return self.http_status(404, -1, 'Bot not found or not available')
+            if not await self._verify_session_token(quart.request, bot_uuid):
+                return self.http_status(403, -1, 'Unauthorized or session expired')
+            try:
+                data = await quart.request.get_json()
+                message_id = data.get('message_id', '')
+                feedback_type = data.get('feedback_type')
+
+                if feedback_type not in (1, 2, 3):
+                    return self.http_status(400, -1, 'feedback_type must be 1 (like), 2 (dislike), or 3 (cancel)')
+
+                feedback_id = f'embed_{uuid.uuid4().hex[:12]}'
+
+                await self.ap.monitoring_service.record_feedback(
+                    feedback_id=feedback_id,
+                    feedback_type=feedback_type,
+                    bot_id=runtime_bot.bot_entity.uuid,
+                    bot_name=runtime_bot.bot_entity.name or bot_uuid,
+                    pipeline_id=pipeline_uuid,
+                    message_id=str(message_id),
+                    platform='web_page_bot',
+                )
+
+                return self.success(data={'feedback_id': feedback_id})
+
+            except Exception as e:
+                logger.error(f'Failed to record feedback: {e}', exc_info=True)
+                return self.http_status(500, -1, 'Internal server error')
+
+        # -- Embed WebSocket endpoint ----------------------------------------
+
+        @self.quart_app.websocket(self.path + '/<bot_uuid>/ws/connect')
+        async def embed_websocket_connect(bot_uuid: str):
+            """WebSocket connection for embed widget, keyed by bot_uuid."""
+            if not _is_valid_uuid(bot_uuid):
+                await quart.websocket.send(json.dumps({'type': 'error', 'message': 'Invalid bot_uuid format'}))
+                return
+
+            runtime_bot, pipeline_uuid = self._resolve_bot(bot_uuid)
+            if runtime_bot is None:
+                await quart.websocket.send(json.dumps({'type': 'error', 'message': 'Bot not found or not available'}))
+                return
+
+            session_type = quart.websocket.args.get('session_type', 'person')
+            if session_type not in ['person', 'group']:
+                await quart.websocket.send(
+                    json.dumps({'type': 'error', 'message': 'session_type must be person or group'})
+                )
+                return
+
+            websocket_adapter = self.ap.platform_mgr.websocket_proxy_bot.adapter
+            if not websocket_adapter:
+                await quart.websocket.send(json.dumps({'type': 'error', 'message': 'WebSocket adapter not found'}))
+                return
+
+            try:
+                connection = await ws_connection_manager.add_connection(
+                    websocket=quart.websocket._get_current_object(),
+                    pipeline_uuid=pipeline_uuid,
+                    session_type=session_type,
+                    metadata={'user_agent': quart.websocket.headers.get('User-Agent', '')},
+                )
+
+                await quart.websocket.send(
+                    json.dumps(
+                        {
+                            'type': 'connected',
+                            'connection_id': connection.connection_id,
+                            'bot_uuid': bot_uuid,
+                            'session_type': session_type,
+                            'timestamp': connection.created_at.isoformat(),
+                        }
+                    )
+                )
+
+                logger.debug(
+                    f'Embed WebSocket connected: {connection.connection_id} '
+                    f'(bot={bot_uuid}, pipeline={pipeline_uuid}, session_type={session_type})'
+                )
+
+                receive_task = asyncio.create_task(self._handle_receive(connection, websocket_adapter, runtime_bot))
+                send_task = asyncio.create_task(self._handle_send(connection))
+
+                try:
+                    await asyncio.gather(receive_task, send_task)
+                except Exception as e:
+                    logger.error(f'Embed WebSocket task error: {e}')
+                finally:
+                    await ws_connection_manager.remove_connection(connection.connection_id)
+
+            except Exception as e:
+                logger.error(f'Embed WebSocket connection error: {e}', exc_info=True)
+                try:
+                    await quart.websocket.send(json.dumps({'type': 'error', 'message': 'Internal server error'}))
+                except Exception:
+                    pass
+
+    # -- WebSocket receive/send helpers --------------------------------------
+
+    async def _handle_receive(self, connection, websocket_adapter, owner_bot):
+        try:
+            while connection.is_active:
+                message = await quart.websocket.receive()
+                await ws_connection_manager.update_activity(connection.connection_id)
+
+                try:
+                    data = json.loads(message)
+                    message_type = data.get('type', 'message')
+
+                    if message_type == 'ping':
+                        await connection.send_queue.put(
+                            {'type': 'pong', 'timestamp': datetime.datetime.now().isoformat()}
+                        )
+                    elif message_type == 'message':
+                        await websocket_adapter.handle_websocket_message(connection, data, owner_bot=owner_bot)
+                    elif message_type == 'disconnect':
+                        break
+
+                except json.JSONDecodeError:
+                    await connection.send_queue.put({'type': 'error', 'message': 'Invalid JSON format'})
+
+        except Exception as e:
+            logger.error(f'Embed receive error: {e}', exc_info=True)
+        finally:
+            connection.is_active = False
+
+    async def _handle_send(self, connection):
+        try:
+            while connection.is_active:
+                try:
+                    message = await asyncio.wait_for(connection.send_queue.get(), timeout=1.0)
+                    await quart.websocket.send(json.dumps(message))
+                except asyncio.TimeoutError:
+                    continue
+        except Exception as e:
+            logger.error(f'Embed send error: {e}', exc_info=True)
+        finally:
+            connection.is_active = False
--- a/src/langbot/pkg/api/http/controller/groups/pipelines/websocket_chat.py
+++ b/src/langbot/pkg/api/http/controller/groups/pipelines/websocket_chat.py
@@ -43,6 +43,9 @@ class WebSocketChatRouterGroup(group.RouterGroup):
                    await quart.websocket.send(json.dumps({'type': 'error', 'message': 'WebSocket adapter not found'}))
                    return

+                # Find the owning bot for this pipeline (e.g. a web_page_bot)
+                owner_bot = self._find_owner_bot(pipeline_uuid)
+
                # 注册连接
                connection = await ws_connection_manager.add_connection(
                    websocket=quart.websocket._get_current_object(),
@@ -70,7 +73,7 @@ class WebSocketChatRouterGroup(group.RouterGroup):
                )

                # 创建接收和发送任务
-                receive_task = asyncio.create_task(self._handle_receive(connection, websocket_adapter))
+                receive_task = asyncio.create_task(self._handle_receive(connection, websocket_adapter, owner_bot))
                send_task = asyncio.create_task(self._handle_send(connection))

                # 等待任务完成
@@ -178,7 +181,14 @@ class WebSocketChatRouterGroup(group.RouterGroup):
            except Exception as e:
                return self.http_status(500, -1, f'Internal server error: {str(e)}')

-    async def _handle_receive(self, connection, websocket_adapter):
+    def _find_owner_bot(self, pipeline_uuid: str):
+        """Find a user-created bot (e.g. web_page_bot) that owns this pipeline."""
+        for bot in self.ap.platform_mgr.bots:
+            if bot.bot_entity.adapter == 'web_page_bot' and bot.bot_entity.use_pipeline_uuid == pipeline_uuid:
+                return bot
+        return None
+
+    async def _handle_receive(self, connection, websocket_adapter, owner_bot=None):
        """处理接收消息的任务"""
        try:
            while connection.is_active:
@@ -203,7 +213,7 @@ class WebSocketChatRouterGroup(group.RouterGroup):
                        logger.debug(f'收到消息: {data} from {connection.connection_id}')

                        # 处理消息（不等待响应，响应会通过broadcast异步发送）
-                        await websocket_adapter.handle_websocket_message(connection, data)
+                        await websocket_adapter.handle_websocket_message(connection, data, owner_bot=owner_bot)

                    elif message_type == 'disconnect':
                        # 客户端主动断开
--- a/src/langbot/pkg/api/http/controller/groups/platform/adapters.py
+++ b/src/langbot/pkg/api/http/controller/groups/platform/adapters.py
@@ -1,5 +1,6 @@
 import quart
 import mimetypes
+import asyncio
 from ... import group
 from langbot.pkg.utils import importutil

@@ -35,3 +36,617 @@ class AdaptersRouterGroup(group.RouterGroup):
            return quart.Response(
                importutil.read_resource_file_bytes(icon_path), mimetype=mimetypes.guess_type(icon_path)[0]
            )
+
+        # In-memory session store for active registrations
+        _create_app_sessions: dict = {}
+        _SESSION_TTL = 900  # 15 minutes
+
+        def _cleanup_expired_sessions():
+            """Remove sessions that have exceeded their TTL."""
+            import time
+
+            now = time.time()
+            expired = [sid for sid, s in _create_app_sessions.items() if now - s.get('created_at', 0) > _SESSION_TTL]
+            for sid in expired:
+                session = _create_app_sessions.pop(sid, None)
+                if session and session.get('task') and not session['task'].done():
+                    session['task'].cancel()
+
+        @self.route('/lark/create-app', methods=['POST'])
+        async def _() -> str:
+            """Start Feishu one-click app registration. Returns session_id + QR code URL."""
+            import uuid
+            import time
+            import lark_oapi as lark
+            from lark_oapi.scene.registration.errors import AppAccessDeniedError, AppExpiredError
+
+            _cleanup_expired_sessions()
+
+            session_id = str(uuid.uuid4())
+            loop = asyncio.get_running_loop()
+
+            session = {
+                'status': 'pending',
+                'qr_url': None,
+                'expire_at': None,
+                'app_id': None,
+                'app_secret': None,
+                'error': None,
+                'created_at': time.time(),
+            }
+            _create_app_sessions[session_id] = session
+
+            def on_qr_code(info):
+                # May be called from a background thread by the SDK;
+                # use call_soon_threadsafe to safely update session state.
+                def _update():
+                    session['qr_url'] = info['url']
+                    session['expire_at'] = time.time() + 600  # 10 minutes
+                    session['status'] = 'waiting'
+
+                loop.call_soon_threadsafe(_update)
+
+            async def run_registration():
+                try:
+                    result = await lark.aregister_app(
+                        on_qr_code=on_qr_code,
+                        source='langbot',
+                    )
+                    session['status'] = 'success'
+                    session['app_id'] = result['client_id']
+                    session['app_secret'] = result['client_secret']
+                except AppAccessDeniedError:
+                    session['status'] = 'error'
+                    session['error'] = 'User denied authorization'
+                except AppExpiredError:
+                    session['status'] = 'error'
+                    session['error'] = 'QR code expired'
+                except Exception as e:
+                    session['status'] = 'error'
+                    session['error'] = str(e)
+
+            task = asyncio.create_task(run_registration())
+            session['task'] = task
+
+            # Wait for QR code to be ready (max 10 seconds)
+            for _ in range(20):
+                if session['qr_url']:
+                    break
+                await asyncio.sleep(0.5)
+
+            if not session['qr_url']:
+                task.cancel()
+                session['status'] = 'error'
+                session['error'] = 'Timeout waiting for QR code'
+                return self.http_status(504, -1, 'Timeout waiting for QR code')
+
+            return self.success(
+                data={
+                    'session_id': session_id,
+                    'qr_url': session['qr_url'],
+                    'expire_at': session['expire_at'],
+                }
+            )
+
+        @self.route('/lark/create-app/status/<session_id>', methods=['GET'])
+        async def _(session_id: str) -> str:
+            """Poll registration status."""
+            session = _create_app_sessions.get(session_id)
+            if not session:
+                return self.http_status(404, -1, 'Session not found')
+
+            data = {'status': session['status']}
+
+            if session['status'] == 'success':
+                data['app_id'] = session['app_id']
+                data['app_secret'] = session['app_secret']
+                _create_app_sessions.pop(session_id, None)
+            elif session['status'] == 'error':
+                data['error'] = session['error']
+                _create_app_sessions.pop(session_id, None)
+
+            return self.success(data=data)
+
+        @self.route('/lark/create-app/<session_id>', methods=['DELETE'])
+        async def _(session_id: str) -> str:
+            """Cancel and clean up a registration session."""
+            session = _create_app_sessions.pop(session_id, None)
+            if session and session.get('task') and not session['task'].done():
+                session['task'].cancel()
+            return self.success(data={})
+
+        # -----------------------------------------------------------------------
+        # WeChat QR Code Login
+        # -----------------------------------------------------------------------
+
+        _weixin_login_sessions: dict = {}
+        _WEIXIN_SESSION_TTL = 600  # 10 minutes (3 retries × 3 min QR validity)
+
+        def _cleanup_expired_weixin_sessions():
+            import time
+
+            now = time.time()
+            expired = [
+                sid for sid, s in _weixin_login_sessions.items() if now - s.get('created_at', 0) > _WEIXIN_SESSION_TTL
+            ]
+            for sid in expired:
+                session = _weixin_login_sessions.pop(sid, None)
+                if session and session.get('task') and not session['task'].done():
+                    session['task'].cancel()
+
+        @self.route('/weixin/login', methods=['POST'])
+        async def _() -> str:
+            """Start WeChat QR code login. Returns session_id + QR code data URL."""
+            import uuid
+            import time
+
+            from langbot.libs.openclaw_weixin_api.client import OpenClawWeixinClient, DEFAULT_BASE_URL
+
+            _cleanup_expired_weixin_sessions()
+
+            session_id = str(uuid.uuid4())
+            loop = asyncio.get_running_loop()
+
+            session = {
+                'status': 'pending',
+                'qr_data_url': None,
+                'expire_at': None,
+                'token': None,
+                'base_url': None,
+                'account_id': None,
+                'error': None,
+                'created_at': time.time(),
+            }
+            _weixin_login_sessions[session_id] = session
+
+            client = OpenClawWeixinClient(
+                base_url=DEFAULT_BASE_URL,
+                token='',
+            )
+
+            async def run_login():
+                try:
+
+                    def on_qrcode(qr_data_url: str, _qr_url: str):
+                        def _update():
+                            session['qr_data_url'] = qr_data_url
+                            session['expire_at'] = time.time() + 180
+                            session['status'] = 'waiting'
+
+                        loop.call_soon_threadsafe(_update)
+
+                    result = await client.login(
+                        max_retries=1,
+                        poll_timeout_ms=180_000,
+                        on_qrcode=on_qrcode,
+                    )
+                    session['status'] = 'success'
+                    session['token'] = result.token
+                    session['base_url'] = result.base_url
+                    session['account_id'] = result.account_id
+                except Exception as e:
+                    error_message = str(e)
+                    if 'expired' in error_message.lower() or 'max retries exceeded' in error_message.lower():
+                        session['status'] = 'expired'
+                        session['error'] = 'QR code expired'
+                    else:
+                        session['status'] = 'error'
+                        session['error'] = error_message
+                finally:
+                    await client.close()
+
+            task = asyncio.create_task(run_login())
+            session['task'] = task
+
+            # Wait for QR code to be ready (max 10 seconds)
+            for _ in range(20):
+                if session['qr_data_url']:
+                    break
+                await asyncio.sleep(0.5)
+
+            if not session['qr_data_url']:
+                task.cancel()
+                session['status'] = 'error'
+                session['error'] = 'Timeout waiting for QR code'
+                return self.http_status(504, -1, 'Timeout waiting for QR code')
+
+            return self.success(
+                data={
+                    'session_id': session_id,
+                    'qr_data_url': session['qr_data_url'],
+                    'expire_at': session['expire_at'],
+                }
+            )
+
+        @self.route('/weixin/login/status/<session_id>', methods=['GET'])
+        async def _(session_id: str) -> str:
+            """Poll WeChat login status."""
+            session = _weixin_login_sessions.get(session_id)
+            if not session:
+                return self.http_status(404, -1, 'Session not found')
+
+            data = {
+                'status': session['status'],
+                'qr_data_url': session['qr_data_url'],
+                'expire_at': session['expire_at'],
+            }
+
+            if session['status'] == 'success':
+                data['token'] = session['token']
+                data['base_url'] = session['base_url']
+                data['account_id'] = session['account_id']
+                _weixin_login_sessions.pop(session_id, None)
+            elif session['status'] == 'error':
+                data['error'] = session['error']
+                _weixin_login_sessions.pop(session_id, None)
+            elif session['status'] == 'expired':
+                data['error'] = session['error']
+                _weixin_login_sessions.pop(session_id, None)
+
+            return self.success(data=data)
+
+        @self.route('/weixin/login/<session_id>', methods=['DELETE'])
+        async def _(session_id: str) -> str:
+            """Cancel and clean up a WeChat login session."""
+            session = _weixin_login_sessions.pop(session_id, None)
+            if session and session.get('task') and not session['task'].done():
+                session['task'].cancel()
+            return self.success(data={})
+
+        # -----------------------------------------------------------------------
+        # DingTalk Device Flow QR Code Login
+        # -----------------------------------------------------------------------
+
+        _dingtalk_sessions: dict = {}
+        _DINGTALK_SESSION_TTL = 600  # 10 minutes (QR code validity window)
+
+        def _cleanup_expired_dingtalk_sessions():
+            import time
+
+            now = time.time()
+            expired = [
+                sid for sid, s in _dingtalk_sessions.items() if now - s.get('created_at', 0) > _DINGTALK_SESSION_TTL
+            ]
+            for sid in expired:
+                session = _dingtalk_sessions.pop(sid, None)
+                if session and session.get('task') and not session['task'].done():
+                    session['task'].cancel()
+
+        @self.route('/dingtalk/create-app', methods=['POST'])
+        async def _() -> str:
+            """Start DingTalk one-click app creation via Device Flow. Returns session_id + QR code URL."""
+            import uuid
+            import time
+            import aiohttp
+
+            DINGTALK_BASE_URL = 'https://oapi.dingtalk.com'
+
+            _cleanup_expired_dingtalk_sessions()
+
+            session_id = str(uuid.uuid4())
+
+            session = {
+                'status': 'pending',
+                'qr_url': None,
+                'expire_at': None,
+                'client_id': None,
+                'client_secret': None,
+                'error': None,
+                'created_at': time.time(),
+                'device_code': None,
+                'interval': 5,
+            }
+            _dingtalk_sessions[session_id] = session
+
+            async def run_device_flow():
+                try:
+                    timeout = aiohttp.ClientTimeout(total=10)
+                    async with aiohttp.ClientSession(timeout=timeout) as http:
+                        # Step 1: Init — get nonce
+                        async with http.post(
+                            f'{DINGTALK_BASE_URL}/app/registration/init',
+                            json={'source': 'langbot'},
+                        ) as resp:
+                            try:
+                                data = await resp.json()
+                            except (aiohttp.ContentTypeError, ValueError):
+                                session['status'] = 'error'
+                                session['error'] = 'Invalid response from DingTalk service'
+                                return
+                            if data.get('errcode', -1) != 0:
+                                session['status'] = 'error'
+                                session['error'] = data.get('errmsg', 'Failed to init')
+                                return
+                            nonce = data['nonce']
+
+                        # Step 2: Begin — get device_code + QR URL
+                        async with http.post(
+                            f'{DINGTALK_BASE_URL}/app/registration/begin',
+                            json={'nonce': nonce},
+                        ) as resp:
+                            try:
+                                data = await resp.json()
+                            except (aiohttp.ContentTypeError, ValueError):
+                                session['status'] = 'error'
+                                session['error'] = 'Invalid response from DingTalk service'
+                                return
+                            if data.get('errcode', -1) != 0:
+                                session['status'] = 'error'
+                                session['error'] = data.get('errmsg', 'Failed to begin authorization')
+                                return
+
+                            device_code = data['device_code']
+                            verification_uri_complete = data.get('verification_uri_complete', '')
+                            expires_in = data.get('expires_in', 7200)
+                            interval = data.get('interval', 5)
+
+                            session['device_code'] = device_code
+                            session['interval'] = interval
+                            session['qr_url'] = verification_uri_complete
+                            session['expire_at'] = time.time() + 600  # QR code valid for ~10 min
+                            session['status'] = 'waiting'
+
+                        # Step 3: Poll for authorization result
+                        deadline = time.time() + expires_in
+                        while time.time() < deadline:
+                            await asyncio.sleep(interval)
+
+                            async with http.post(
+                                f'{DINGTALK_BASE_URL}/app/registration/poll',
+                                json={'device_code': device_code},
+                            ) as poll_resp:
+                                try:
+                                    poll_data = await poll_resp.json()
+                                except (aiohttp.ContentTypeError, ValueError):
+                                    continue
+
+                                if poll_data.get('errcode', -1) != 0:
+                                    session['status'] = 'error'
+                                    session['error'] = poll_data.get('errmsg', 'Poll failed')
+                                    return
+
+                                status = poll_data.get('status', '')
+
+                                if status == 'SUCCESS':
+                                    session['status'] = 'success'
+                                    session['client_id'] = poll_data.get('client_id', '')
+                                    session['client_secret'] = poll_data.get('client_secret', '')
+                                    return
+                                elif status == 'FAIL':
+                                    session['status'] = 'error'
+                                    session['error'] = poll_data.get('fail_reason', 'Authorization failed')
+                                    return
+                                elif status == 'EXPIRED':
+                                    session['status'] = 'error'
+                                    session['error'] = 'QR code expired'
+                                    return
+                                # status == 'WAITING': continue polling
+
+                        # Timeout
+                        session['status'] = 'error'
+                        session['error'] = 'QR code expired'
+
+                except asyncio.CancelledError:
+                    return
+                except Exception as e:
+                    session['status'] = 'error'
+                    session['error'] = str(e)
+
+            task = asyncio.create_task(run_device_flow())
+            session['task'] = task
+
+            # Wait for QR code to be ready (max 10 seconds)
+            for _ in range(20):
+                if session['qr_url'] or session['error']:
+                    break
+                await asyncio.sleep(0.5)
+
+            if session['error']:
+                task.cancel()
+                return self.http_status(502, -1, session['error'])
+
+            if not session['qr_url']:
+                task.cancel()
+                session['status'] = 'error'
+                session['error'] = 'Timeout waiting for QR code'
+                return self.http_status(504, -1, 'Timeout waiting for QR code')
+
+            return self.success(
+                data={
+                    'session_id': session_id,
+                    'qr_url': session['qr_url'],
+                    'expire_at': session['expire_at'],
+                }
+            )
+
+        @self.route('/dingtalk/create-app/status/<session_id>', methods=['GET'])
+        async def _(session_id: str) -> str:
+            """Poll DingTalk Device Flow status."""
+            _cleanup_expired_dingtalk_sessions()
+            session = _dingtalk_sessions.get(session_id)
+            if not session:
+                return self.http_status(404, -1, 'Session not found')
+
+            data = {'status': session['status']}
+
+            if session['status'] == 'success':
+                data['client_id'] = session['client_id']
+                data['client_secret'] = session['client_secret']
+                _dingtalk_sessions.pop(session_id, None)
+            elif session['status'] == 'error':
+                data['error'] = session['error']
+                _dingtalk_sessions.pop(session_id, None)
+
+            return self.success(data=data)
+
+        @self.route('/dingtalk/create-app/<session_id>', methods=['DELETE'])
+        async def _(session_id: str) -> str:
+            """Cancel and clean up a DingTalk Device Flow session."""
+            session = _dingtalk_sessions.pop(session_id, None)
+            if session and session.get('task') and not session['task'].done():
+                session['task'].cancel()
+            return self.success(data={})
+
+        # -----------------------------------------------------------------------
+        # WeComBot QR Code One-Click Create
+        # -----------------------------------------------------------------------
+
+        _wecombot_sessions: dict = {}
+        _WECOMBOT_SESSION_TTL = 300  # 5 minutes (WeCom QR validity window)
+
+        def _cleanup_expired_wecombot_sessions():
+            import time
+
+            now = time.time()
+            expired = [
+                sid for sid, s in _wecombot_sessions.items() if now - s.get('created_at', 0) > _WECOMBOT_SESSION_TTL
+            ]
+            for sid in expired:
+                session = _wecombot_sessions.pop(sid, None)
+                if session and session.get('task') and not session['task'].done():
+                    session['task'].cancel()
+
+        @self.route('/wecombot/create-bot', methods=['POST'])
+        async def _() -> str:
+            """Start WeComBot one-click creation via QR code. Returns session_id + QR code URL."""
+            import uuid
+            import time
+            import aiohttp
+
+            WECOM_QC_GENERATE_URL = 'https://work.weixin.qq.com/ai/qc/generate'
+            WECOM_QC_QUERY_URL = 'https://work.weixin.qq.com/ai/qc/query_result'
+
+            _cleanup_expired_wecombot_sessions()
+
+            session_id = str(uuid.uuid4())
+
+            session = {
+                'status': 'pending',
+                'qr_url': None,
+                'expire_at': None,
+                'botid': None,
+                'secret': None,
+                'error': None,
+                'created_at': time.time(),
+                'scode': None,
+                'task': None,
+            }
+            _wecombot_sessions[session_id] = session
+
+            async def run_qr_flow():
+                try:
+                    timeout = aiohttp.ClientTimeout(total=10)
+                    async with aiohttp.ClientSession(timeout=timeout) as http:
+                        # Step 1: Generate QR code
+                        async with http.get(
+                            f'{WECOM_QC_GENERATE_URL}?source=langbot&plat=0',
+                        ) as resp:
+                            try:
+                                data = await resp.json()
+                            except (aiohttp.ContentTypeError, ValueError):
+                                session['status'] = 'error'
+                                session['error'] = 'Invalid response from WeCom service'
+                                return
+                            if not data.get('data', {}).get('scode') or not data.get('data', {}).get('auth_url'):
+                                session['status'] = 'error'
+                                session['error'] = data.get('errmsg', 'Failed to generate QR code')
+                                return
+
+                            scode = data['data']['scode']
+                            auth_url = data['data']['auth_url']
+
+                            session['scode'] = scode
+                            session['qr_url'] = auth_url
+                            session['expire_at'] = time.time() + _WECOMBOT_SESSION_TTL
+                            session['status'] = 'waiting'
+
+                        # Step 2: Poll for scan result
+                        deadline = time.time() + _WECOMBOT_SESSION_TTL
+                        while time.time() < deadline:
+                            await asyncio.sleep(3)
+
+                            async with http.get(
+                                f'{WECOM_QC_QUERY_URL}?scode={scode}',
+                            ) as poll_resp:
+                                try:
+                                    poll_data = await poll_resp.json()
+                                except (aiohttp.ContentTypeError, ValueError):
+                                    continue
+
+                                status = poll_data.get('data', {}).get('status', '')
+                                if status == 'success':
+                                    bot_info = poll_data.get('data', {}).get('bot_info', {})
+                                    if bot_info.get('botid') and bot_info.get('secret'):
+                                        session['status'] = 'success'
+                                        session['botid'] = bot_info['botid']
+                                        session['secret'] = bot_info['secret']
+                                        return
+                                    else:
+                                        session['status'] = 'error'
+                                        session['error'] = 'Scan succeeded but bot info is incomplete'
+                                        return
+
+                        # Timeout
+                        session['status'] = 'error'
+                        session['error'] = 'QR code expired'
+
+                except asyncio.CancelledError:
+                    return
+                except Exception as e:
+                    session['status'] = 'error'
+                    session['error'] = str(e)
+
+            task = asyncio.create_task(run_qr_flow())
+            session['task'] = task
+
+            # Wait for QR code to be ready (max 10 seconds)
+            for _ in range(20):
+                if session['qr_url'] or session['error']:
+                    break
+                await asyncio.sleep(0.5)
+
+            if session['error']:
+                task.cancel()
+                return self.http_status(502, -1, session['error'])
+
+            if not session['qr_url']:
+                task.cancel()
+                session['status'] = 'error'
+                session['error'] = 'Timeout waiting for QR code'
+                return self.http_status(504, -1, 'Timeout waiting for QR code')
+
+            return self.success(
+                data={
+                    'session_id': session_id,
+                    'qr_url': session['qr_url'],
+                    'expire_at': session['expire_at'],
+                }
+            )
+
+        @self.route('/wecombot/create-bot/status/<session_id>', methods=['GET'])
+        async def _(session_id: str) -> str:
+            """Poll WeComBot creation status."""
+            _cleanup_expired_wecombot_sessions()
+            session = _wecombot_sessions.get(session_id)
+            if not session:
+                return self.http_status(404, -1, 'Session not found')
+
+            data = {'status': session['status']}
+
+            if session['status'] == 'success':
+                data['botid'] = session['botid']
+                data['secret'] = session['secret']
+                _wecombot_sessions.pop(session_id, None)
+            elif session['status'] == 'error':
+                data['error'] = session['error']
+                _wecombot_sessions.pop(session_id, None)
+
+            return self.success(data=data)
+
+        @self.route('/wecombot/create-bot/<session_id>', methods=['DELETE'])
+        async def _(session_id: str) -> str:
+            """Cancel and clean up a WeComBot creation session."""
+            session = _wecombot_sessions.pop(session_id, None)
+            if session and session.get('task') and not session['task'].done():
+                session['task'].cancel()
+            return self.success(data={})
--- a/src/langbot/pkg/api/http/controller/groups/plugins.py
+++ b/src/langbot/pkg/api/http/controller/groups/plugins.py
@@ -6,11 +6,50 @@ import re
 import httpx
 import uuid
 import os
+import posixpath
+import sqlalchemy

 from .....core import taskmgr
+from .....entity.persistence import plugin as persistence_plugin
 from .. import group
 from langbot_plugin.runtime.plugin.mgr import PluginInstallSource

+# Resolve the built-in page SDK JS from the langbot_plugin package
+_PAGE_SDK_PATH = None
+try:
+    import langbot_plugin.assets as _assets_pkg
+
+    _candidate = os.path.join(os.path.dirname(_assets_pkg.__file__), 'langbot-page-sdk.js')
+    if os.path.exists(_candidate):
+        _PAGE_SDK_PATH = _candidate
+except Exception:
+    pass
+
+
+def _normalize_plugin_asset_path(filepath: str) -> str | None:
+    filepath = filepath.replace('\\', '/')
+    if filepath.startswith('/'):
+        return None
+
+    normalized = posixpath.normpath(filepath)
+    if normalized == '.' or normalized.startswith('../') or normalized == '..':
+        return None
+
+    if normalized.startswith('components/pages/'):
+        return normalized
+
+    return f'assets/{normalized}'
+
+
+def _get_request_origin() -> str:
+    """Return the public request origin, respecting reverse-proxy headers."""
+    forwarded_proto = quart.request.headers.get('X-Forwarded-Proto', '').split(',')[0].strip()
+    forwarded_host = quart.request.headers.get('X-Forwarded-Host', '').split(',')[0].strip()
+
+    scheme = forwarded_proto or quart.request.scheme
+    host = forwarded_host or quart.request.host
+    return f'{scheme}://{host}'
+

@group.group_class('plugins', '/api/v1/plugins')
 class PluginsRouterGroup(group.RouterGroup):
@@ -27,6 +66,15 @@ class PluginsRouterGroup(group.RouterGroup):
        return None

    async def initialize(self) -> None:
+        @self.route('/_sdk/page-sdk.js', methods=['GET'], auth_type=group.AuthType.NONE)
+        async def _() -> quart.Response:
+            """Serve the built-in LangBot page SDK JavaScript."""
+            if _PAGE_SDK_PATH and os.path.exists(_PAGE_SDK_PATH):
+                with open(_PAGE_SDK_PATH, 'r') as f:
+                    content = f.read()
+                return quart.Response(content, mimetype='application/javascript')
+            return quart.Response('// SDK not found', status=404, mimetype='application/javascript')
+
        @self.route('', methods=['GET'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _() -> str:
            plugins = await self.ap.plugin_connector.list_plugins()
@@ -102,7 +150,15 @@ class PluginsRouterGroup(group.RouterGroup):
                return self.http_status(404, -1, 'plugin not found')

            if quart.request.method == 'GET':
-                return self.success(data={'config': plugin['plugin_config']})
+                result = await self.ap.persistence_mgr.execute_async(
+                    sqlalchemy.select(persistence_plugin.PluginSetting.config)
+                    .where(persistence_plugin.PluginSetting.plugin_author == author)
+                    .where(persistence_plugin.PluginSetting.plugin_name == plugin_name)
+                )
+                persisted_config = result.scalar_one_or_none()
+
+                config = persisted_config if persisted_config is not None else plugin['plugin_config']
+                return self.success(data={'config': config})
            elif quart.request.method == 'PUT':
                data = await quart.request.json

@@ -135,15 +191,62 @@ class PluginsRouterGroup(group.RouterGroup):
            return quart.Response(icon_data, mimetype=mime_type)

        @self.route(
-            '/<author>/<plugin_name>/assets/<filepath>',
+            '/<author>/<plugin_name>/assets/<path:filepath>',
            methods=['GET'],
            auth_type=group.AuthType.NONE,
        )
        async def _(author: str, plugin_name: str, filepath: str) -> quart.Response:
-            asset_data = await self.ap.plugin_connector.get_plugin_assets(author, plugin_name, filepath)
+            asset_path = _normalize_plugin_asset_path(filepath)
+            if asset_path is None:
+                return quart.Response('Asset not found', status=404)
+
+            asset_data = await self.ap.plugin_connector.get_plugin_assets(author, plugin_name, asset_path)
+            if not asset_data.get('asset_base64'):
+                return quart.Response('Asset not found', status=404)
            asset_bytes = base64.b64decode(asset_data['asset_base64'])
            mime_type = asset_data['mime_type']
-            return quart.Response(asset_bytes, mimetype=mime_type)
+            resp = quart.Response(asset_bytes, mimetype=mime_type)
+            # CSP for HTML pages served to sandboxed iframes (opaque origin).
+            # 'self' doesn't work in sandboxed iframes — use actual server origin.
+            if mime_type and mime_type.startswith('text/html'):
+                origin = _get_request_origin()
+                resp.headers['Content-Security-Policy'] = (
+                    f'default-src {origin}; '
+                    f"script-src {origin} 'unsafe-inline'; "
+                    f"style-src {origin} 'unsafe-inline'; "
+                    f'img-src {origin} data:; '
+                    f'connect-src {origin}; '
+                    "frame-src 'none'; "
+                    "object-src 'none'"
+                )
+            return resp
+
+        @self.route(
+            '/<author>/<plugin_name>/page-api',
+            methods=['POST'],
+            auth_type=group.AuthType.USER_TOKEN_OR_API_KEY,
+        )
+        async def _(author: str, plugin_name: str) -> str:
+            """Forward a page API request to the plugin."""
+            data = await quart.request.json
+            if not isinstance(data, dict):
+                return self.http_status(400, -1, 'invalid request body')
+
+            page_id = data.get('page_id', '')
+            endpoint = data.get('endpoint', '')
+            method = data.get('method', 'POST')
+            body = data.get('body')
+            if not isinstance(page_id, str) or not isinstance(endpoint, str) or not isinstance(method, str):
+                return self.http_status(400, -1, 'invalid page api request')
+            if not endpoint.startswith('/') or '..' in endpoint:
+                return self.http_status(400, -1, 'invalid endpoint')
+
+            result = await self.ap.plugin_connector.handle_page_api(
+                author, plugin_name, page_id, endpoint, method.upper(), body
+            )
+            if result.get('error'):
+                return self.http_status(400, -1, result['error'])
+            return self.success(data=result.get('data'))

        @self.route('/github/releases', methods=['POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _() -> str:
--- a/src/langbot/pkg/api/http/controller/groups/provider/models.py
+++ b/src/langbot/pkg/api/http/controller/groups/provider/models.py
@@ -97,3 +97,51 @@ class EmbeddingModelsRouterGroup(group.RouterGroup):
            await self.ap.embedding_models_service.test_embedding_model(model_uuid, json_data)

            return self.success()
+
+
+@group.group_class('models/rerank', '/api/v1/provider/models/rerank')
+class RerankModelsRouterGroup(group.RouterGroup):
+    async def initialize(self) -> None:
+        @self.route('', methods=['GET', 'POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
+        async def _() -> str:
+            if quart.request.method == 'GET':
+                provider_uuid = quart.request.args.get('provider_uuid')
+                if provider_uuid:
+                    return self.success(
+                        data={
+                            'models': await self.ap.rerank_models_service.get_rerank_models_by_provider(provider_uuid)
+                        }
+                    )
+                return self.success(data={'models': await self.ap.rerank_models_service.get_rerank_models()})
+            elif quart.request.method == 'POST':
+                json_data = await quart.request.json
+                model_uuid = await self.ap.rerank_models_service.create_rerank_model(json_data)
+                return self.success(data={'uuid': model_uuid})
+
+        @self.route('/<model_uuid>', methods=['GET', 'PUT', 'DELETE'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
+        async def _(model_uuid: str) -> str:
+            if quart.request.method == 'GET':
+                model = await self.ap.rerank_models_service.get_rerank_model(model_uuid)
+
+                if model is None:
+                    return self.http_status(404, -1, 'model not found')
+
+                return self.success(data={'model': model})
+            elif quart.request.method == 'PUT':
+                json_data = await quart.request.json
+
+                await self.ap.rerank_models_service.update_rerank_model(model_uuid, json_data)
+
+                return self.success()
+            elif quart.request.method == 'DELETE':
+                await self.ap.rerank_models_service.delete_rerank_model(model_uuid)
+
+                return self.success()
+
+        @self.route('/<model_uuid>/test', methods=['POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
+        async def _(model_uuid: str) -> str:
+            json_data = await quart.request.json
+
+            await self.ap.rerank_models_service.test_rerank_model(model_uuid, json_data)
+
+            return self.success()
--- a/src/langbot/pkg/api/http/controller/groups/provider/providers.py
+++ b/src/langbot/pkg/api/http/controller/groups/provider/providers.py
@@ -15,6 +15,7 @@ class ModelProvidersRouterGroup(group.RouterGroup):
                    counts = await self.ap.provider_service.get_provider_model_counts(provider['uuid'])
                    provider['llm_count'] = counts['llm_count']
                    provider['embedding_count'] = counts['embedding_count']
+                    provider['rerank_count'] = counts['rerank_count']
                return self.success(data={'providers': providers})
            elif quart.request.method == 'POST':
                json_data = await quart.request.json
@@ -32,6 +33,7 @@ class ModelProvidersRouterGroup(group.RouterGroup):
                counts = await self.ap.provider_service.get_provider_model_counts(provider_uuid)
                provider['llm_count'] = counts['llm_count']
                provider['embedding_count'] = counts['embedding_count']
+                provider['rerank_count'] = counts['rerank_count']
                return self.success(data={'provider': provider})
            elif quart.request.method == 'PUT':
                json_data = await quart.request.json
@@ -43,3 +45,12 @@ class ModelProvidersRouterGroup(group.RouterGroup):
                    return self.success()
                except ValueError as e:
                    return self.http_status(400, -1, str(e))
+
+        @self.route('/<provider_uuid>/scan-models', methods=['GET'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
+        async def _(provider_uuid: str) -> str:
+            try:
+                model_type = quart.request.args.get('type')
+                result = await self.ap.provider_service.scan_provider_models(provider_uuid, model_type)
+                return self.success(data=result)
+            except ValueError as e:
+                return self.http_status(400, -1, str(e))
--- a/src/langbot/pkg/api/http/controller/groups/resources/tools.py
+++ b/src/langbot/pkg/api/http/controller/groups/resources/tools.py
@@ -0,0 +1,45 @@
+from __future__ import annotations
+
+from ... import group
+
+
+@group.group_class('tools', '/api/v1/tools')
+class ToolsRouterGroup(group.RouterGroup):
+    async def initialize(self) -> None:
+        @self.route('', methods=['GET'], auth_type=group.AuthType.USER_TOKEN)
+        async def _() -> str:
+            """获取所有可用工具列表"""
+            tools = await self.ap.tool_mgr.get_all_tools()
+
+            tool_list = []
+            for tool in tools:
+                tool_list.append(
+                    {
+                        'name': tool.name,
+                        'description': tool.description,
+                        'human_desc': tool.human_desc,
+                        'parameters': tool.parameters,
+                    }
+                )
+
+            return self.success(data={'tools': tool_list})
+
+        @self.route('/<tool_name>', methods=['GET'], auth_type=group.AuthType.USER_TOKEN)
+        async def _(tool_name: str) -> str:
+            """获取特定工具详情"""
+            tools = await self.ap.tool_mgr.get_all_tools()
+
+            for tool in tools:
+                if tool.name == tool_name:
+                    return self.success(
+                        data={
+                            'tool': {
+                                'name': tool.name,
+                                'description': tool.description,
+                                'human_desc': tool.human_desc,
+                                'parameters': tool.parameters,
+                            }
+                        }
+                    )
+
+            return self.http_status(404, -1, f'Tool not found: {tool_name}')
--- a/src/langbot/pkg/api/http/controller/groups/system.py
+++ b/src/langbot/pkg/api/http/controller/groups/system.py
@@ -136,16 +136,9 @@ class SystemRouterGroup(group.RouterGroup):

            return self.success(data=task.to_dict())

-        @self.route('/debug/exec', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
+        @self.route('/storage-analysis', methods=['GET'], auth_type=group.AuthType.USER_TOKEN)
        async def _() -> str:
-            if not constants.debug_mode:
-                return self.http_status(403, 403, 'Forbidden')
-
-            py_code = await quart.request.data
-
-            ap = self.ap
-
-            return self.success(data=exec(py_code, {'ap': ap}))
+            return self.success(data=await self.ap.maintenance_service.get_storage_analysis())

        @self.route(
            '/debug/plugin/action',
--- a/src/langbot/pkg/api/http/controller/groups/user.py
+++ b/src/langbot/pkg/api/http/controller/groups/user.py
@@ -146,6 +146,7 @@ class UserRouterGroup(group.RouterGroup):
                return self.fail(3, str(e))
            except ValueError as e:
                traceback.print_exc()
+                self.ap.logger.warning(f'Space OAuth callback failed: {e}')
                return self.fail(1, str(e))
            except Exception as e:
                traceback.print_exc()
--- a/src/langbot/pkg/api/http/controller/main.py
+++ b/src/langbot/pkg/api/http/controller/main.py
@@ -105,23 +105,24 @@ class HTTPController:
            ):
                if os.path.exists(os.path.join(frontend_path, path + '.html')):
                    path += '.html'
-                elif path.startswith('home/'):
-                    # SPA fallback for /home/* sub-routes.
-                    # Entity detail views use query params (e.g. /home/bots?id=uuid),
-                    # so the pre-rendered list page is served directly via path + '.html'.
-                    # This fallback handles any remaining unmatched sub-paths.
-                    segments = path.rstrip('/').split('/')
+                elif not path.startswith('api/'):
+                    # SPA fallback: serve index.html for all non-API, non-static routes
+                    # so that React Router can handle client-side routing (Vite SPA).
+                    # For /home/* sub-routes, first try parent .html files (pre-rendered pages).
+                    if path.startswith('home/'):
+                        segments = path.rstrip('/').split('/')
+                        for i in range(len(segments) - 1, 0, -1):
+                            parent_path = '/'.join(segments[:i]) + '.html'
+                            if os.path.exists(os.path.join(frontend_path, parent_path)):
+                                response = await quart.send_from_directory(
+                                    frontend_path, parent_path, mimetype='text/html'
+                                )
+                                response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate'
+                                response.headers['Pragma'] = 'no-cache'
+                                response.headers['Expires'] = '0'
+                                return response

-                    # Walk up parent segments looking for matching .html files
-                    for i in range(len(segments) - 1, 0, -1):
-                        parent_path = '/'.join(segments[:i]) + '.html'
-                        if os.path.exists(os.path.join(frontend_path, parent_path)):
-                            response = await quart.send_from_directory(frontend_path, parent_path, mimetype='text/html')
-                            response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate'
-                            response.headers['Pragma'] = 'no-cache'
-                            response.headers['Expires'] = '0'
-                            return response
-                    # Final fallback to index.html for /home/* routes
+                    # Fallback to index.html for SPA client-side routing
                    response = await quart.send_from_directory(frontend_path, 'index.html', mimetype='text/html')
                    response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate'
                    response.headers['Pragma'] = 'no-cache'
--- a/src/langbot/pkg/api/http/service/apikey.py
+++ b/src/langbot/pkg/api/http/service/apikey.py
@@ -52,6 +52,9 @@ class ApiKeyService:

    async def verify_api_key(self, key: str) -> bool:
        """Verify if an API key is valid"""
+        if not isinstance(key, str) or not key.startswith('lbk_'):
+            return False
+
        result = await self.ap.persistence_mgr.execute_async(
            sqlalchemy.select(apikey.ApiKey).where(apikey.ApiKey.key == key)
        )
--- a/src/langbot/pkg/api/http/service/bot.py
+++ b/src/langbot/pkg/api/http/service/bot.py
@@ -99,11 +99,11 @@ class BotService:
        # TODO: 检查配置信息格式
        bot_data['uuid'] = str(uuid.uuid4())

-        # checkout the default pipeline
+        # bind the most recently updated pipeline if any exist
        result = await self.ap.persistence_mgr.execute_async(
-            sqlalchemy.select(persistence_pipeline.LegacyPipeline).where(
-                persistence_pipeline.LegacyPipeline.is_default == True
-            )
+            sqlalchemy.select(persistence_pipeline.LegacyPipeline)
+            .order_by(persistence_pipeline.LegacyPipeline.updated_at.desc())
+            .limit(1)
        )
        pipeline = result.first()
        if pipeline is not None:
@@ -120,24 +120,26 @@ class BotService:

    async def update_bot(self, bot_uuid: str, bot_data: dict) -> None:
        """Update bot"""
-        if 'uuid' in bot_data:
-            del bot_data['uuid']
+        update_data = bot_data.copy()
+
+        if 'uuid' in update_data:
+            del update_data['uuid']

        # set use_pipeline_name
-        if 'use_pipeline_uuid' in bot_data:
+        if 'use_pipeline_uuid' in update_data:
            result = await self.ap.persistence_mgr.execute_async(
                sqlalchemy.select(persistence_pipeline.LegacyPipeline).where(
-                    persistence_pipeline.LegacyPipeline.uuid == bot_data['use_pipeline_uuid']
+                    persistence_pipeline.LegacyPipeline.uuid == update_data['use_pipeline_uuid']
                )
            )
            pipeline = result.first()
            if pipeline is not None:
-                bot_data['use_pipeline_name'] = pipeline.name
+                update_data['use_pipeline_name'] = pipeline.name
            else:
                raise Exception('Pipeline not found')

        await self.ap.persistence_mgr.execute_async(
-            sqlalchemy.update(persistence_bot.Bot).values(bot_data).where(persistence_bot.Bot.uuid == bot_uuid)
+            sqlalchemy.update(persistence_bot.Bot).values(update_data).where(persistence_bot.Bot.uuid == bot_uuid)
        )
        await self.ap.platform_mgr.remove_bot(bot_uuid)

--- a/src/langbot/pkg/api/http/service/knowledge.py
+++ b/src/langbot/pkg/api/http/service/knowledge.py
@@ -31,15 +31,126 @@ class KnowledgeService:
        if not knowledge_engine_plugin_id:
            raise ValueError('knowledge_engine_plugin_id is required')

+        creation_settings = kb_data.get('creation_settings', {})
+        retrieval_settings = kb_data.get('retrieval_settings', {})
+
+        # Validate required fields based on plugin's creation_schema and retrieval_schema
+        await self._validate_schema_required_fields(
+            knowledge_engine_plugin_id,
+            creation_settings,
+            retrieval_settings,
+        )
+
        kb = await self.ap.rag_mgr.create_knowledge_base(
            name=kb_data.get('name', 'Untitled'),
            knowledge_engine_plugin_id=knowledge_engine_plugin_id,
-            creation_settings=kb_data.get('creation_settings', {}),
-            retrieval_settings=kb_data.get('retrieval_settings', {}),
+            creation_settings=creation_settings,
+            retrieval_settings=retrieval_settings,
            description=kb_data.get('description', ''),
        )
        return kb.uuid

+    async def _validate_schema_required_fields(
+        self,
+        plugin_id: str,
+        creation_settings: dict,
+        retrieval_settings: dict,
+    ) -> None:
+        """Validate required fields based on plugin's creation_schema and retrieval_schema.
+
+        This is a business-agnostic validation that checks all fields marked as
+        required in the plugin's schema, regardless of field type.
+
+        Args:
+            plugin_id: Knowledge Engine plugin ID.
+            creation_settings: User-provided creation settings.
+            retrieval_settings: User-provided retrieval settings.
+
+        Raises:
+            ValueError: If any required field is missing or empty.
+        """
+        # Validate creation_schema
+        try:
+            creation_schema = await self.ap.plugin_connector.get_rag_creation_schema(plugin_id)
+            self._check_required_fields(creation_schema, creation_settings, 'creation_settings')
+        except ValueError:
+            raise
+        except Exception as e:
+            self.ap.logger.warning(f'Failed to get creation_schema for validation: {e}')
+
+        # Validate retrieval_schema
+        try:
+            retrieval_schema = await self.ap.plugin_connector.get_rag_retrieval_schema(plugin_id)
+            self._check_required_fields(retrieval_schema, retrieval_settings, 'retrieval_settings')
+        except ValueError:
+            raise
+        except Exception as e:
+            self.ap.logger.warning(f'Failed to get retrieval_schema for validation: {e}')
+
+    def _check_required_fields(
+        self,
+        schema: dict | list,
+        settings: dict,
+        context: str,
+    ) -> None:
+        """Check required fields in schema against provided settings.
+
+        Args:
+            schema: Plugin-defined schema (can be list or dict with 'schema' key).
+            settings: User-provided settings values.
+            context: Context name for error messages (e.g., 'creation_settings').
+
+        Raises:
+            ValueError: If a required field is missing or empty.
+        """
+        if not schema:
+            return
+
+        # schema can be a list directly, or a dict with 'schema' key
+        items = schema if isinstance(schema, list) else schema.get('schema', [])
+        if not items:
+            return
+
+        for item in items:
+            field_name = item.get('name')
+            if not field_name:
+                continue
+
+            is_required = item.get('required', False)
+            if not is_required:
+                continue
+
+            # Check show_if condition - if field is conditionally shown, only validate when condition is met
+            show_if = item.get('show_if')
+            if show_if:
+                depend_field = show_if.get('field')
+                operator = show_if.get('operator')
+                expected_value = show_if.get('value')
+
+                if depend_field and operator:
+                    depend_value = settings.get(depend_field)
+                    # If show_if condition is not met, skip validation for this field
+                    if operator == 'eq' and depend_value != expected_value:
+                        continue
+                    if operator == 'neq' and depend_value == expected_value:
+                        continue
+                    if operator == 'in' and isinstance(expected_value, list) and depend_value not in expected_value:
+                        continue
+
+            value = settings.get(field_name)
+
+            # Validate required field has a non-empty value
+            if value is None or (isinstance(value, str) and value.strip() == ''):
+                # Get field label for friendly error message
+                label = item.get('label', {})
+                field_label = (
+                    label.get('en_US', field_name)
+                    or label.get('zh_Hans', field_name)
+                    or label.get('zh_Hant', field_name)
+                    or field_name
+                )
+                raise ValueError(f'{field_label} is required ({context}.{field_name})')
+
    async def update_knowledge_base(self, kb_uuid: str, kb_data: dict) -> None:
        """更新知识库"""
        # Filter to only mutable fields
--- a/src/langbot/pkg/api/http/service/maintenance.py
+++ b/src/langbot/pkg/api/http/service/maintenance.py
@@ -0,0 +1,309 @@
+from __future__ import annotations
+
+import datetime
+import os
+import re
+from pathlib import Path
+from typing import Any
+
+import sqlalchemy
+
+from ....core import app
+from ....entity.persistence import bstorage as persistence_bstorage
+from ....entity.persistence import monitoring as persistence_monitoring
+
+
+LOG_FILE_PATTERN = re.compile(r'^langbot-(\d{4}-\d{2}-\d{2})\.log(?:\.\d+)?$')
+DEFAULT_UPLOAD_FILE_RETENTION_DAYS = 7
+DEFAULT_LOG_RETENTION_DAYS = 3
+
+
+class MaintenanceService:
+    """Storage maintenance and diagnostics."""
+
+    ap: app.Application
+
+    def __init__(self, ap: app.Application) -> None:
+        self.ap = ap
+
+    async def cleanup_expired_files(self) -> dict[str, int]:
+        cleanup_cfg = self.ap.instance_config.data.get('storage', {}).get('cleanup', {})
+        upload_retention_days = self._positive_int(
+            cleanup_cfg.get('uploaded_file_retention_days'),
+            DEFAULT_UPLOAD_FILE_RETENTION_DAYS,
+            'storage.cleanup.uploaded_file_retention_days',
+        )
+        log_retention_days = self._positive_int(
+            cleanup_cfg.get('log_retention_days'),
+            DEFAULT_LOG_RETENTION_DAYS,
+            'storage.cleanup.log_retention_days',
+        )
+
+        return {
+            'uploaded_files': await self._cleanup_expired_uploaded_files(upload_retention_days),
+            'log_files': self._cleanup_expired_log_files(log_retention_days),
+        }
+
+    async def get_storage_analysis(self) -> dict[str, Any]:
+        cleanup_cfg = self.ap.instance_config.data.get('storage', {}).get('cleanup', {})
+        upload_retention_days = self._positive_int(
+            cleanup_cfg.get('uploaded_file_retention_days'),
+            DEFAULT_UPLOAD_FILE_RETENTION_DAYS,
+            'storage.cleanup.uploaded_file_retention_days',
+        )
+        log_retention_days = self._positive_int(
+            cleanup_cfg.get('log_retention_days'),
+            DEFAULT_LOG_RETENTION_DAYS,
+            'storage.cleanup.log_retention_days',
+        )
+
+        database_cfg = self.ap.instance_config.data.get('database', {})
+        database_type = database_cfg.get('use', 'sqlite')
+        database_path = (
+            Path(database_cfg.get('sqlite', {}).get('path', 'data/langbot.db')) if database_type == 'sqlite' else None
+        )
+        roots: list[tuple[str, Path | None]] = [
+            ('database', database_path),
+            ('logs', Path('data/logs')),
+            ('storage', Path('data/storage')),
+            ('vector_store', Path('data/chroma')),
+            ('plugins', Path('data/plugins')),
+            ('mcp', Path('data/mcp')),
+            ('temp', Path('data/temp')),
+        ]
+
+        sections = []
+        for key, path in roots:
+            sections.append(
+                {
+                    'key': key,
+                    'path': str(path) if path else '',
+                    'exists': path.exists() if path else False,
+                    'size_bytes': self._path_size(path) if path else 0,
+                    'file_count': self._file_count(path) if path else 0,
+                }
+            )
+
+        monitoring_counts = await self._monitoring_counts()
+        binary_storage = await self._binary_storage_stats()
+        upload_candidates = await self._expired_uploaded_candidates(upload_retention_days)
+        log_candidates = self._expired_log_candidates(log_retention_days)
+
+        return {
+            'generated_at': datetime.datetime.now(datetime.timezone.utc).isoformat(),
+            'cleanup_policy': {
+                'uploaded_file_retention_days': upload_retention_days,
+                'log_retention_days': log_retention_days,
+            },
+            'sections': sections,
+            'database': {
+                'type': database_type,
+                'monitoring_counts': monitoring_counts,
+                'binary_storage': binary_storage,
+            },
+            'cleanup_candidates': {
+                'uploaded_files': upload_candidates,
+                'log_files': log_candidates,
+            },
+            'tasks': self.ap.task_mgr.get_stats() if self.ap.task_mgr else {},
+        }
+
+    async def _cleanup_expired_uploaded_files(self, retention_days: int) -> int:
+        provider = self.ap.storage_mgr.storage_provider
+        provider_name = provider.__class__.__name__
+        if provider_name == 'LocalStorageProvider':
+            candidates = self._expired_local_upload_candidates(retention_days, include_paths=True)
+            deleted = 0
+            for item in candidates:
+                try:
+                    os.remove(item['path'])
+                    deleted += 1
+                except FileNotFoundError:
+                    pass
+                except Exception as e:
+                    self.ap.logger.warning(f'Failed to delete expired uploaded file {item["key"]}: {e}')
+            return deleted
+
+        if provider_name == 'S3StorageProvider':
+            return await self._cleanup_expired_s3_uploaded_files(retention_days)
+
+        return 0
+
+    async def _expired_uploaded_candidates(self, retention_days: int) -> list[dict[str, Any]]:
+        provider_name = self.ap.storage_mgr.storage_provider.__class__.__name__
+        if provider_name == 'LocalStorageProvider':
+            return self._expired_local_upload_candidates(retention_days)
+        if provider_name == 'S3StorageProvider':
+            return await self._expired_s3_upload_candidates(retention_days)
+        return []
+
+    async def _cleanup_expired_s3_uploaded_files(self, retention_days: int) -> int:
+        provider = self.ap.storage_mgr.storage_provider
+        candidates = await self._expired_s3_upload_candidates(retention_days)
+        deleted = 0
+        for item in candidates:
+            await provider.delete(item['key'])
+            deleted += 1
+        return deleted
+
+    async def _expired_s3_upload_candidates(self, retention_days: int) -> list[dict[str, Any]]:
+        provider = self.ap.storage_mgr.storage_provider
+        cutoff = datetime.datetime.now(datetime.timezone.utc) - datetime.timedelta(days=retention_days)
+        candidates = []
+        paginator = provider.s3_client.get_paginator('list_objects_v2')
+
+        for page in paginator.paginate(Bucket=provider.bucket_name):
+            for obj in page.get('Contents', []):
+                key = obj.get('Key', '')
+                last_modified = obj.get('LastModified')
+                if not self._is_uploaded_file_key(key):
+                    continue
+                if last_modified and last_modified < cutoff:
+                    candidates.append(
+                        {
+                            'key': key,
+                            'size_bytes': obj.get('Size', 0),
+                            'modified_at': last_modified.isoformat(),
+                        }
+                    )
+
+        return candidates
+
+    def _cleanup_expired_log_files(self, retention_days: int) -> int:
+        deleted = 0
+        for item in self._expired_log_candidates(retention_days, include_paths=True):
+            try:
+                os.remove(item['path'])
+                deleted += 1
+            except FileNotFoundError:
+                pass
+            except Exception as e:
+                self.ap.logger.warning(f'Failed to delete expired log file {item["name"]}: {e}')
+        return deleted
+
+    def _expired_local_upload_candidates(
+        self, retention_days: int, include_paths: bool = False
+    ) -> list[dict[str, Any]]:
+        storage_root = Path('data/storage')
+        if not storage_root.exists():
+            return []
+
+        cutoff = datetime.datetime.now().timestamp() - retention_days * 86400
+        candidates = []
+        for entry in storage_root.iterdir():
+            if not entry.is_file() or not self._is_uploaded_file_key(entry.name):
+                continue
+            stat = entry.stat()
+            if stat.st_mtime >= cutoff:
+                continue
+            item = {
+                'key': entry.name,
+                'size_bytes': stat.st_size,
+                'modified_at': datetime.datetime.fromtimestamp(stat.st_mtime, datetime.timezone.utc).isoformat(),
+            }
+            if include_paths:
+                item['path'] = str(entry)
+            candidates.append(item)
+        return candidates
+
+    def _expired_log_candidates(self, retention_days: int, include_paths: bool = False) -> list[dict[str, Any]]:
+        log_root = Path('data/logs')
+        if not log_root.exists():
+            return []
+
+        cutoff_date = datetime.date.today() - datetime.timedelta(days=retention_days - 1)
+        candidates = []
+        for entry in log_root.iterdir():
+            if not entry.is_file():
+                continue
+            match = LOG_FILE_PATTERN.match(entry.name)
+            if not match:
+                continue
+            try:
+                file_date = datetime.date.fromisoformat(match.group(1))
+            except ValueError:
+                continue
+            if file_date >= cutoff_date:
+                continue
+            stat = entry.stat()
+            item = {
+                'name': entry.name,
+                'date': file_date.isoformat(),
+                'size_bytes': stat.st_size,
+            }
+            if include_paths:
+                item['path'] = str(entry)
+            candidates.append(item)
+        return candidates
+
+    def _is_uploaded_file_key(self, key: str) -> bool:
+        return '/' not in key and not key.startswith('plugin_config_')
+
+    async def _monitoring_counts(self) -> dict[str, int]:
+        tables = {
+            'messages': persistence_monitoring.MonitoringMessage.id,
+            'llm_calls': persistence_monitoring.MonitoringLLMCall.id,
+            'embedding_calls': persistence_monitoring.MonitoringEmbeddingCall.id,
+            'errors': persistence_monitoring.MonitoringError.id,
+            'sessions': persistence_monitoring.MonitoringSession.session_id,
+            'feedback': persistence_monitoring.MonitoringFeedback.id,
+        }
+        counts: dict[str, int] = {}
+        for key, column in tables.items():
+            result = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(sqlalchemy.func.count(column)))
+            counts[key] = result.scalar() or 0
+        return counts
+
+    async def _binary_storage_stats(self) -> dict[str, Any]:
+        count_result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(sqlalchemy.func.count(persistence_bstorage.BinaryStorage.unique_key))
+        )
+        size_bytes = None
+        try:
+            size_result = await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.select(sqlalchemy.func.sum(sqlalchemy.func.length(persistence_bstorage.BinaryStorage.value)))
+            )
+            size_bytes = size_result.scalar() or 0
+        except Exception as e:
+            self.ap.logger.warning(f'Failed to estimate binary storage size: {e}')
+
+        return {
+            'count': count_result.scalar() or 0,
+            'size_bytes': size_bytes,
+        }
+
+    def _path_size(self, path: Path) -> int:
+        if not path.exists():
+            return 0
+        if path.is_file():
+            return path.stat().st_size
+        total = 0
+        for root, _, files in os.walk(path):
+            for file_name in files:
+                file_path = Path(root) / file_name
+                try:
+                    total += file_path.stat().st_size
+                except FileNotFoundError:
+                    pass
+        return total
+
+    def _file_count(self, path: Path) -> int:
+        if not path.exists():
+            return 0
+        if path.is_file():
+            return 1
+        count = 0
+        for _, _, files in os.walk(path):
+            count += len(files)
+        return count
+
+    def _positive_int(self, value: Any, default: int, name: str) -> int:
+        try:
+            parsed = int(value)
+        except (TypeError, ValueError):
+            self.ap.logger.warning(f'Invalid {name}: {value!r}, using {default}')
+            return default
+        if parsed < 1:
+            self.ap.logger.warning(f'Invalid {name}: {value!r}, using {default}')
+            return default
+        return parsed
--- a/src/langbot/pkg/api/http/service/model.py
+++ b/src/langbot/pkg/api/http/service/model.py
@@ -23,6 +23,17 @@ def _parse_provider_api_keys(provider_dict: dict) -> dict:
    return provider_dict


+def _runtime_model_data(model_uuid: str, model_data: dict) -> dict:
+    """Return model data for rebuilding runtime models after an update.
+
+    Update payloads intentionally omit uuid before writing to the database.
+    Runtime model entities still need the stable uuid so pipeline configs can
+    resolve the in-memory model immediately after an edit, without requiring a
+    process restart.
+    """
+    return {**model_data, 'uuid': model_uuid}
+
+
 class LLMModelsService:
    ap: app.Application

@@ -173,7 +184,7 @@ class LLMModelsService:
            raise Exception('provider not found')

        runtime_llm_model = await self.ap.model_mgr.load_llm_model_with_provider(
-            persistence_model.LLMModel(**model_data),
+            persistence_model.LLMModel(**_runtime_model_data(model_uuid, model_data)),
            runtime_provider,
        )
        self.ap.model_mgr.llm_models.append(runtime_llm_model)
@@ -334,7 +345,7 @@ class EmbeddingModelsService:
            raise Exception('provider not found')

        runtime_embedding_model = await self.ap.model_mgr.load_embedding_model_with_provider(
-            persistence_model.EmbeddingModel(**model_data),
+            persistence_model.EmbeddingModel(**_runtime_model_data(model_uuid, model_data)),
            runtime_provider,
        )
        self.ap.model_mgr.embedding_models.append(runtime_embedding_model)
@@ -367,3 +378,162 @@ class EmbeddingModelsService:
            input_text=['Hello, world!'],
            extra_args={},
        )
+
+
+class RerankModelsService:
+    ap: app.Application
+
+    def __init__(self, ap: app.Application) -> None:
+        self.ap = ap
+
+    async def get_rerank_models(self) -> list[dict]:
+        """Get all rerank models with provider info"""
+        result = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(persistence_model.RerankModel))
+        models = result.all()
+
+        providers_result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_model.ModelProvider)
+        )
+        providers = {p.uuid: p for p in providers_result.all()}
+
+        models_list = []
+        for model in models:
+            model_dict = self.ap.persistence_mgr.serialize_model(persistence_model.RerankModel, model)
+            provider = providers.get(model.provider_uuid)
+            if provider:
+                provider_dict = self.ap.persistence_mgr.serialize_model(persistence_model.ModelProvider, provider)
+                model_dict['provider'] = _parse_provider_api_keys(provider_dict)
+            models_list.append(model_dict)
+
+        return models_list
+
+    async def get_rerank_models_by_provider(self, provider_uuid: str) -> list[dict]:
+        """Get rerank models by provider UUID"""
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_model.RerankModel).where(
+                persistence_model.RerankModel.provider_uuid == provider_uuid
+            )
+        )
+        models = result.all()
+        return [self.ap.persistence_mgr.serialize_model(persistence_model.RerankModel, m) for m in models]
+
+    async def create_rerank_model(self, model_data: dict, preserve_uuid: bool = False) -> str:
+        """Create a new rerank model"""
+        if not preserve_uuid:
+            model_data['uuid'] = str(uuid.uuid4())
+
+        if 'provider' in model_data:
+            provider_data = model_data.pop('provider')
+            if provider_data.get('uuid'):
+                model_data['provider_uuid'] = provider_data['uuid']
+            else:
+                provider_uuid = await self.ap.provider_service.find_or_create_provider(
+                    requester=provider_data.get('requester', ''),
+                    base_url=provider_data.get('base_url', ''),
+                    api_keys=provider_data.get('api_keys', []),
+                )
+                model_data['provider_uuid'] = provider_uuid
+
+        await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.insert(persistence_model.RerankModel).values(**model_data)
+        )
+
+        runtime_provider = self.ap.model_mgr.provider_dict.get(model_data['provider_uuid'])
+        if runtime_provider is None:
+            raise Exception('provider not found')
+
+        runtime_rerank_model = await self.ap.model_mgr.load_rerank_model_with_provider(
+            persistence_model.RerankModel(**model_data),
+            runtime_provider,
+        )
+        self.ap.model_mgr.rerank_models.append(runtime_rerank_model)
+
+        return model_data['uuid']
+
+    async def get_rerank_model(self, model_uuid: str) -> dict | None:
+        """Get a single rerank model with provider info"""
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_model.RerankModel).where(persistence_model.RerankModel.uuid == model_uuid)
+        )
+        model = result.first()
+        if model is None:
+            return None
+
+        model_dict = self.ap.persistence_mgr.serialize_model(persistence_model.RerankModel, model)
+
+        provider_result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_model.ModelProvider).where(
+                persistence_model.ModelProvider.uuid == model.provider_uuid
+            )
+        )
+        provider = provider_result.first()
+        if provider:
+            provider_dict = self.ap.persistence_mgr.serialize_model(persistence_model.ModelProvider, provider)
+            model_dict['provider'] = _parse_provider_api_keys(provider_dict)
+
+        return model_dict
+
+    async def update_rerank_model(self, model_uuid: str, model_data: dict) -> None:
+        """Update an existing rerank model"""
+        if 'uuid' in model_data:
+            del model_data['uuid']
+
+        if 'provider' in model_data:
+            provider_data = model_data.pop('provider')
+            if provider_data.get('uuid'):
+                model_data['provider_uuid'] = provider_data['uuid']
+            else:
+                provider_uuid = await self.ap.provider_service.find_or_create_provider(
+                    requester=provider_data.get('requester', ''),
+                    base_url=provider_data.get('base_url', ''),
+                    api_keys=provider_data.get('api_keys', []),
+                )
+                model_data['provider_uuid'] = provider_uuid
+
+        await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.update(persistence_model.RerankModel)
+            .where(persistence_model.RerankModel.uuid == model_uuid)
+            .values(**model_data)
+        )
+
+        await self.ap.model_mgr.remove_rerank_model(model_uuid)
+
+        runtime_provider = self.ap.model_mgr.provider_dict.get(model_data['provider_uuid'])
+        if runtime_provider is None:
+            raise Exception('provider not found')
+
+        runtime_rerank_model = await self.ap.model_mgr.load_rerank_model_with_provider(
+            persistence_model.RerankModel(**_runtime_model_data(model_uuid, model_data)),
+            runtime_provider,
+        )
+        self.ap.model_mgr.rerank_models.append(runtime_rerank_model)
+
+    async def delete_rerank_model(self, model_uuid: str) -> None:
+        """Delete a rerank model"""
+        await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.delete(persistence_model.RerankModel).where(persistence_model.RerankModel.uuid == model_uuid)
+        )
+        await self.ap.model_mgr.remove_rerank_model(model_uuid)
+
+    async def test_rerank_model(self, model_uuid: str, model_data: dict) -> None:
+        """Test a rerank model"""
+        runtime_rerank_model: model_requester.RuntimeRerankModel | None = None
+
+        if model_uuid != '_':
+            for model in self.ap.model_mgr.rerank_models:
+                if model.model_entity.uuid == model_uuid:
+                    runtime_rerank_model = model
+                    break
+            if runtime_rerank_model is None:
+                raise Exception('model not found')
+        else:
+            runtime_rerank_model = await self.ap.model_mgr.init_temporary_runtime_rerank_model(model_data)
+
+        await runtime_rerank_model.provider.invoke_rerank(
+            model=runtime_rerank_model,
+            query='What is artificial intelligence?',
+            documents=[
+                'Artificial intelligence is a branch of computer science.',
+                'The weather is nice today.',
+            ],
+        )
--- a/src/langbot/pkg/api/http/service/monitoring.py
+++ b/src/langbot/pkg/api/http/service/monitoring.py
@@ -18,55 +18,119 @@ class MonitoringService:

    # ========== Cleanup Methods ==========

-    async def cleanup_expired_records(self, retention_days: int) -> dict[str, int]:
+    async def cleanup_expired_records(self, retention_days: int, batch_size: int = 1000) -> dict[str, int]:
        """Delete monitoring records older than the specified retention period.

        Args:
            retention_days: Number of days to retain records.
+            batch_size: Maximum rows to delete per table batch.

        Returns:
            A dict mapping table name to the number of deleted rows.
        """
+        if retention_days < 1:
+            raise ValueError('retention_days must be >= 1')
+        if batch_size < 1:
+            raise ValueError('batch_size must be >= 1')
+
        cutoff = datetime.datetime.now(datetime.timezone.utc).replace(tzinfo=None) - datetime.timedelta(
            days=retention_days
        )

-        tables_and_columns: list[tuple[str, type, sqlalchemy.Column]] = [
+        tables_and_columns: list[tuple[str, type, sqlalchemy.Column, sqlalchemy.Column]] = [
            (
                'monitoring_messages',
                persistence_monitoring.MonitoringMessage,
                persistence_monitoring.MonitoringMessage.timestamp,
+                persistence_monitoring.MonitoringMessage.id,
            ),
            (
                'monitoring_llm_calls',
                persistence_monitoring.MonitoringLLMCall,
                persistence_monitoring.MonitoringLLMCall.timestamp,
+                persistence_monitoring.MonitoringLLMCall.id,
            ),
            (
                'monitoring_embedding_calls',
                persistence_monitoring.MonitoringEmbeddingCall,
                persistence_monitoring.MonitoringEmbeddingCall.timestamp,
+                persistence_monitoring.MonitoringEmbeddingCall.id,
            ),
            (
                'monitoring_errors',
                persistence_monitoring.MonitoringError,
                persistence_monitoring.MonitoringError.timestamp,
+                persistence_monitoring.MonitoringError.id,
            ),
            (
                'monitoring_sessions',
                persistence_monitoring.MonitoringSession,
                persistence_monitoring.MonitoringSession.last_activity,
+                persistence_monitoring.MonitoringSession.session_id,
+            ),
+            (
+                'monitoring_feedback',
+                persistence_monitoring.MonitoringFeedback,
+                persistence_monitoring.MonitoringFeedback.timestamp,
+                persistence_monitoring.MonitoringFeedback.id,
            ),
        ]

        deleted_counts: dict[str, int] = {}

-        for table_name, model_cls, ts_column in tables_and_columns:
-            result = await self.ap.persistence_mgr.execute_async(sqlalchemy.delete(model_cls).where(ts_column < cutoff))
-            deleted_counts[table_name] = result.rowcount
+        for table_name, model_cls, ts_column, pk_column in tables_and_columns:
+            deleted_counts[table_name] = await self._delete_expired_in_batches(
+                model_cls=model_cls,
+                ts_column=ts_column,
+                pk_column=pk_column,
+                cutoff=cutoff,
+                batch_size=batch_size,
+            )
+
+        if sum(deleted_counts.values()) > 0:
+            await self._release_sqlite_space()

        return deleted_counts

+    async def _delete_expired_in_batches(
+        self,
+        model_cls: type,
+        ts_column: sqlalchemy.Column,
+        pk_column: sqlalchemy.Column,
+        cutoff: datetime.datetime,
+        batch_size: int,
+    ) -> int:
+        deleted_total = 0
+
+        while True:
+            select_result = await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.select(pk_column).where(ts_column < cutoff).limit(batch_size)
+            )
+            pk_values = list(select_result.scalars().all())
+            if not pk_values:
+                break
+
+            delete_result = await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.delete(model_cls).where(pk_column.in_(pk_values))
+            )
+            deleted = delete_result.rowcount or 0
+            deleted_total += deleted
+
+            if len(pk_values) < batch_size:
+                break
+
+        return deleted_total
+
+    async def _release_sqlite_space(self) -> None:
+        database_type = self.ap.instance_config.data.get('database', {}).get('use', 'sqlite')
+        if database_type != 'sqlite':
+            return
+
+        async with self.ap.persistence_mgr.get_db_engine().connect() as conn:
+            autocommit_conn = await conn.execution_options(isolation_level='AUTOCOMMIT')
+            await autocommit_conn.execute(sqlalchemy.text('PRAGMA wal_checkpoint(TRUNCATE)'))
+            await autocommit_conn.execute(sqlalchemy.text('VACUUM'))
+
    # ========== Recording Methods ==========

    async def record_message(
@@ -1224,30 +1288,83 @@ class MonitoringService:
        """
        import json

-        record_id = str(uuid.uuid4())
-        record_data = {
-            'id': record_id,
-            'timestamp': datetime.datetime.now(datetime.timezone.utc).replace(tzinfo=None),
-            'feedback_id': feedback_id,
-            'feedback_type': feedback_type,
-            'feedback_content': feedback_content,
-            'inaccurate_reasons': json.dumps(inaccurate_reasons, ensure_ascii=False) if inaccurate_reasons else None,
-            'bot_id': bot_id,
-            'bot_name': bot_name,
-            'pipeline_id': pipeline_id,
-            'pipeline_name': pipeline_name,
-            'session_id': session_id,
-            'message_id': message_id,
-            'stream_id': stream_id,
-            'user_id': user_id,
-            'platform': platform,
-        }
+        now = datetime.datetime.now(datetime.timezone.utc).replace(tzinfo=None)
+        reasons_json = json.dumps(inaccurate_reasons, ensure_ascii=False) if inaccurate_reasons else None

-        await self.ap.persistence_mgr.execute_async(
-            sqlalchemy.insert(persistence_monitoring.MonitoringFeedback).values(record_data)
+        MonitoringFeedback = persistence_monitoring.MonitoringFeedback
+
+        # Handle cancel feedback (type=3): delete existing record
+        if feedback_type == 3:
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.delete(MonitoringFeedback).where(MonitoringFeedback.feedback_id == feedback_id)
+            )
+            return None
+
+        # Check if record with this feedback_id already exists
+        existing_result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(MonitoringFeedback).where(MonitoringFeedback.feedback_id == feedback_id)
        )
+        existing_row = existing_result.first()

-        return record_id
+        if existing_row:
+            # UPDATE existing record
+            existing = existing_row[0] if isinstance(existing_row, tuple) else existing_row
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.update(MonitoringFeedback)
+                .where(MonitoringFeedback.feedback_id == feedback_id)
+                .values(
+                    timestamp=now,
+                    feedback_type=feedback_type,
+                    feedback_content=feedback_content,
+                    inaccurate_reasons=reasons_json,
+                    bot_id=bot_id or existing.bot_id,
+                    bot_name=bot_name or existing.bot_name,
+                    pipeline_id=pipeline_id or existing.pipeline_id,
+                    pipeline_name=pipeline_name or existing.pipeline_name,
+                    session_id=session_id or existing.session_id,
+                    message_id=message_id or existing.message_id,
+                    stream_id=stream_id or existing.stream_id,
+                    user_id=user_id or existing.user_id,
+                    platform=platform or existing.platform,
+                )
+            )
+            return existing.id
+        else:
+            # INSERT new record with IntegrityError defense
+            record_id = str(uuid.uuid4())
+            record_data = {
+                'id': record_id,
+                'timestamp': now,
+                'feedback_id': feedback_id,
+                'feedback_type': feedback_type,
+                'feedback_content': feedback_content,
+                'inaccurate_reasons': reasons_json,
+                'bot_id': bot_id,
+                'bot_name': bot_name,
+                'pipeline_id': pipeline_id,
+                'pipeline_name': pipeline_name,
+                'session_id': session_id,
+                'message_id': message_id,
+                'stream_id': stream_id,
+                'user_id': user_id,
+                'platform': platform,
+            }
+            try:
+                await self.ap.persistence_mgr.execute_async(sqlalchemy.insert(MonitoringFeedback).values(record_data))
+                return record_id
+            except Exception:
+                # UNIQUE constraint conflict (concurrent feedback for same feedback_id)
+                await self.ap.persistence_mgr.execute_async(
+                    sqlalchemy.update(MonitoringFeedback)
+                    .where(MonitoringFeedback.feedback_id == feedback_id)
+                    .values(
+                        timestamp=now,
+                        feedback_type=feedback_type,
+                        feedback_content=feedback_content,
+                        inaccurate_reasons=reasons_json,
+                    )
+                )
+                return feedback_id

    async def get_feedback_stats(
        self,
@@ -1301,28 +1418,19 @@ class MonitoringService:
        satisfaction_rate = (total_likes / total_feedback * 100) if total_feedback > 0 else 0

        # Get feedback by bot
-        bot_stats_query = (
-            sqlalchemy.select(
-                persistence_monitoring.MonitoringFeedback.bot_id,
-                persistence_monitoring.MonitoringFeedback.bot_name,
-                sqlalchemy.func.count(persistence_monitoring.MonitoringFeedback.id).label('total'),
-                sqlalchemy.func.sum(
-                    sqlalchemy.case(
-                        (persistence_monitoring.MonitoringFeedback.feedback_type == 1, 1),
-                        else_=0
-                    )
-                ).label('likes'),
-                sqlalchemy.func.sum(
-                    sqlalchemy.case(
-                        (persistence_monitoring.MonitoringFeedback.feedback_type == 2, 1),
-                        else_=0
-                    )
-                ).label('dislikes'),
-            )
-            .group_by(
-                persistence_monitoring.MonitoringFeedback.bot_id,
-                persistence_monitoring.MonitoringFeedback.bot_name,
-            )
+        bot_stats_query = sqlalchemy.select(
+            persistence_monitoring.MonitoringFeedback.bot_id,
+            persistence_monitoring.MonitoringFeedback.bot_name,
+            sqlalchemy.func.count(persistence_monitoring.MonitoringFeedback.id).label('total'),
+            sqlalchemy.func.sum(
+                sqlalchemy.case((persistence_monitoring.MonitoringFeedback.feedback_type == 1, 1), else_=0)
+            ).label('likes'),
+            sqlalchemy.func.sum(
+                sqlalchemy.case((persistence_monitoring.MonitoringFeedback.feedback_type == 2, 1), else_=0)
+            ).label('dislikes'),
+        ).group_by(
+            persistence_monitoring.MonitoringFeedback.bot_id,
+            persistence_monitoring.MonitoringFeedback.bot_name,
        )
        if conditions:
            bot_stats_query = bot_stats_query.where(sqlalchemy.and_(*conditions))
@@ -1433,7 +1541,9 @@ class MonitoringService:
                'id': row[0].id if isinstance(row, tuple) else row.id,
                'timestamp': self._format_timestamp(row[0].timestamp if isinstance(row, tuple) else row.timestamp),
                'feedback_id': row[0].feedback_id if isinstance(row, tuple) else row.feedback_id,
-                'feedback_type': 'like' if (row[0].feedback_type if isinstance(row, tuple) else row.feedback_type) == 1 else 'dislike',
+                'feedback_type': 'like'
+                if (row[0].feedback_type if isinstance(row, tuple) else row.feedback_type) == 1
+                else 'dislike',
                'feedback_content': row[0].feedback_content if isinstance(row, tuple) else row.feedback_content,
                'inaccurate_reasons': row[0].inaccurate_reasons if isinstance(row, tuple) else row.inaccurate_reasons,
                'bot_id': row[0].bot_id if isinstance(row, tuple) else row.bot_id,
--- a/src/langbot/pkg/api/http/service/pipeline.py
+++ b/src/langbot/pkg/api/http/service/pipeline.py
@@ -113,14 +113,9 @@ class PipelineService:
        return pipeline_data['uuid']

    async def update_pipeline(self, pipeline_uuid: str, pipeline_data: dict) -> None:
-        if 'uuid' in pipeline_data:
-            del pipeline_data['uuid']
-        if 'for_version' in pipeline_data:
-            del pipeline_data['for_version']
-        if 'stages' in pipeline_data:
-            del pipeline_data['stages']
-        if 'is_default' in pipeline_data:
-            del pipeline_data['is_default']
+        pipeline_data = pipeline_data.copy()
+        for protected_field in ('uuid', 'for_version', 'stages', 'is_default'):
+            pipeline_data.pop(protected_field, None)

        await self.ap.persistence_mgr.execute_async(
            sqlalchemy.update(persistence_pipeline.LegacyPipeline)
--- a/src/langbot/pkg/api/http/service/provider.py
+++ b/src/langbot/pkg/api/http/service/provider.py
@@ -1,6 +1,7 @@
 from __future__ import annotations

 import uuid
+import traceback

 import sqlalchemy

@@ -16,6 +17,24 @@ class ModelProviderService:
    def __init__(self, ap: app.Application) -> None:
        self.ap = ap

+    @staticmethod
+    def _normalize_api_keys(api_keys: str | list[str] | tuple[str, ...] | None) -> list[str]:
+        if api_keys is None:
+            return []
+
+        raw_keys = [api_keys] if isinstance(api_keys, str) else list(api_keys)
+        normalized_keys = []
+        seen_keys = set()
+
+        for raw_key in raw_keys:
+            normalized_key = raw_key.strip() if isinstance(raw_key, str) else ''
+            if not normalized_key or normalized_key in seen_keys:
+                continue
+            normalized_keys.append(normalized_key)
+            seen_keys.add(normalized_key)
+
+        return normalized_keys
+
    async def get_providers(self) -> list[dict]:
        """Get all providers"""
        result = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(persistence_model.ModelProvider))
@@ -58,6 +77,7 @@ class ModelProviderService:
    async def create_provider(self, provider_data: dict) -> str:
        """Create a new provider"""
        provider_data['uuid'] = str(uuid.uuid4())
+        provider_data['api_keys'] = self._normalize_api_keys(provider_data.get('api_keys'))
        await self.ap.persistence_mgr.execute_async(
            sqlalchemy.insert(persistence_model.ModelProvider).values(**provider_data)
        )
@@ -71,6 +91,8 @@ class ModelProviderService:
        """Update an existing provider"""
        if 'uuid' in provider_data:
            del provider_data['uuid']
+        if 'api_keys' in provider_data:
+            provider_data['api_keys'] = self._normalize_api_keys(provider_data.get('api_keys'))
        await self.ap.persistence_mgr.execute_async(
            sqlalchemy.update(persistence_model.ModelProvider)
            .where(persistence_model.ModelProvider.uuid == provider_uuid)
@@ -97,6 +119,14 @@ class ModelProviderService:
        if embedding_result.first() is not None:
            raise ValueError('Cannot delete provider: Embedding models still reference it')

+        rerank_result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_model.RerankModel).where(
+                persistence_model.RerankModel.provider_uuid == provider_uuid
+            )
+        )
+        if rerank_result.first() is not None:
+            raise ValueError('Cannot delete provider: Rerank models still reference it')
+
        await self.ap.persistence_mgr.execute_async(
            sqlalchemy.delete(persistence_model.ModelProvider).where(
                persistence_model.ModelProvider.uuid == provider_uuid
@@ -121,10 +151,19 @@ class ModelProviderService:
        )
        embedding_count = embedding_result.scalar() or 0

-        return {'llm_count': llm_count, 'embedding_count': embedding_count}
+        rerank_result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(sqlalchemy.func.count())
+            .select_from(persistence_model.RerankModel)
+            .where(persistence_model.RerankModel.provider_uuid == provider_uuid)
+        )
+        rerank_count = rerank_result.scalar() or 0
+
+        return {'llm_count': llm_count, 'embedding_count': embedding_count, 'rerank_count': rerank_count}

    async def find_or_create_provider(self, requester: str, base_url: str, api_keys: list) -> str:
        """Find existing provider or create new one"""
+        api_keys = self._normalize_api_keys(api_keys)
+
        # Try to find existing provider with same config
        result = await self.ap.persistence_mgr.execute_async(
            sqlalchemy.select(persistence_model.ModelProvider).where(
@@ -152,7 +191,7 @@ class ModelProviderService:
                'name': provider_name,
                'requester': requester,
                'base_url': base_url,
-                'api_keys': api_keys or [],
+                'api_keys': api_keys,
            }
        )

@@ -161,6 +200,69 @@ class ModelProviderService:
        await self.ap.persistence_mgr.execute_async(
            sqlalchemy.update(persistence_model.ModelProvider)
            .where(persistence_model.ModelProvider.uuid == '00000000-0000-0000-0000-000000000000')
-            .values(api_keys=[api_key])
+            .values(api_keys=self._normalize_api_keys(api_key))
        )
        await self.ap.model_mgr.reload_provider('00000000-0000-0000-0000-000000000000')
+
+    async def scan_provider_models(self, provider_uuid: str, model_type: str | None = None) -> dict:
+        provider = await self.get_provider(provider_uuid)
+        if provider is None:
+            raise ValueError('provider not found')
+
+        runtime_provider = await self.ap.model_mgr.load_provider(provider)
+
+        try:
+            scan_result = await runtime_provider.requester.scan_models(
+                runtime_provider.token_mgr.get_token() if runtime_provider.token_mgr.tokens else None
+            )
+        except NotImplementedError:
+            raise ValueError('current provider does not support model scanning')
+        except Exception as exc:
+            self.ap.logger.warning(
+                f'Failed to scan models for provider {provider_uuid}: {exc}\n{traceback.format_exc()}'
+            )
+            raise ValueError(str(exc)) from exc
+
+        if isinstance(scan_result, dict):
+            scanned_models = scan_result.get('models', [])
+            debug_info = scan_result.get('debug')
+        else:
+            scanned_models = scan_result
+            debug_info = None
+
+        llm_models = await self.ap.llm_model_service.get_llm_models_by_provider(provider_uuid)
+        embedding_models = await self.ap.embedding_models_service.get_embedding_models_by_provider(provider_uuid)
+        existing_llm_names = {model['name'] for model in llm_models}
+        existing_embedding_names = {model['name'] for model in embedding_models}
+
+        filtered_models = []
+        for model in scanned_models:
+            scanned_type = model.get('type', 'llm')
+            if model_type and scanned_type != model_type:
+                continue
+
+            model_name = model.get('name') or model.get('id')
+            if not model_name:
+                continue
+
+            filtered_models.append(
+                {
+                    'id': model.get('id', model_name),
+                    'name': model_name,
+                    'type': scanned_type,
+                    'abilities': model.get('abilities', []),
+                    'display_name': model.get('display_name'),
+                    'description': model.get('description'),
+                    'context_length': model.get('context_length'),
+                    'owned_by': model.get('owned_by'),
+                    'input_modalities': model.get('input_modalities', []),
+                    'output_modalities': model.get('output_modalities', []),
+                    'already_added': (
+                        model_name in existing_embedding_names
+                        if scanned_type == 'embedding'
+                        else model_name in existing_llm_names
+                    ),
+                }
+            )
+
+        return {'models': filtered_models, 'debug': debug_info}
--- a/src/langbot/pkg/api/http/service/space.py
+++ b/src/langbot/pkg/api/http/service/space.py
@@ -179,7 +179,7 @@ class SpaceService:
        space_url = space_config['url']

        session = httpclient.get_session()
-        async with session.get(f'{space_url}/api/v1/models') as response:
+        async with session.get(f'{space_url}/api/v1/models', params={'page_size': 100}) as response:
            if response.status != 200:
                raise ValueError(f'Failed to get models: {await response.text()}')
            data = await response.json()
--- a/src/langbot/pkg/api/http/service/user.py
+++ b/src/langbot/pkg/api/http/service/user.py
@@ -65,8 +65,8 @@ class UserService:

        user_obj = result_list[0]

-        # Check if this is a Space account
-        if user_obj.account_type == 'space':
+        # Check if this user has a local password set
+        if not user_obj.password:
            raise ValueError('请使用 Space 账户登录')

        ph = argon2.PasswordHasher()
@@ -108,9 +108,8 @@ class UserService:
        if user_obj is None:
            raise ValueError('User not found')

-        # Space accounts cannot change password locally
-        if user_obj.account_type == 'space':
-            raise ValueError('Space account cannot change password locally')
+        if not user_obj.password:
+            raise ValueError('No local password set, please set a password first')

        ph.verify(user_obj.password, current_password)

--- a/src/langbot/pkg/core/app.py
+++ b/src/langbot/pkg/core/app.py
@@ -31,6 +31,7 @@ from ..api.http.service import mcp as mcp_service
 from ..api.http.service import apikey as apikey_service
 from ..api.http.service import webhook as webhook_service
 from ..api.http.service import monitoring as monitoring_service
+from ..api.http.service import maintenance as maintenance_service

 from ..discover import engine as discover_engine
 from ..storage import mgr as storagemgr
@@ -133,6 +134,8 @@ class Application:

    embedding_models_service: model_service.EmbeddingModelsService = None

+    rerank_models_service: model_service.RerankModelsService = None
+
    provider_service: provider_service.ModelProviderService = None

    pipeline_service: pipeline_service.PipelineService = None
@@ -153,6 +156,8 @@ class Application:

    monitoring_service: monitoring_service.MonitoringService = None

+    maintenance_service: maintenance_service.MaintenanceService = None
+
    def __init__(self):
        pass

@@ -192,14 +197,30 @@ class Application:
            monitoring_cfg = self.instance_config.data.get('monitoring', {})
            auto_cleanup_cfg = monitoring_cfg.get('auto_cleanup', {})
            if auto_cleanup_cfg.get('enabled', True):
-                retention_days = auto_cleanup_cfg.get('retention_days', 30)
-                check_interval_hours = auto_cleanup_cfg.get('check_interval_hours', 1)
+                retention_days = self._get_positive_int_config(
+                    auto_cleanup_cfg.get('retention_days', 30),
+                    default=30,
+                    name='monitoring.auto_cleanup.retention_days',
+                )
+                delete_batch_size = self._get_positive_int_config(
+                    auto_cleanup_cfg.get('delete_batch_size', 1000),
+                    default=1000,
+                    name='monitoring.auto_cleanup.delete_batch_size',
+                )
+                check_interval_hours = self._get_positive_float_config(
+                    auto_cleanup_cfg.get('check_interval_hours', 1),
+                    default=1,
+                    name='monitoring.auto_cleanup.check_interval_hours',
+                )

                async def monitoring_cleanup_loop():
                    check_interval_seconds = check_interval_hours * 3600
                    while True:
                        try:
-                            deleted = await self.monitoring_service.cleanup_expired_records(retention_days)
+                            deleted = await self.monitoring_service.cleanup_expired_records(
+                                retention_days,
+                                batch_size=delete_batch_size,
+                            )
                            total_deleted = sum(deleted.values())
                            if total_deleted > 0:
                                self.logger.info(
@@ -216,6 +237,33 @@ class Application:
                    scopes=[core_entities.LifecycleControlScope.APPLICATION],
                )

+            # Start storage/log maintenance task if enabled
+            storage_cleanup_cfg = self.instance_config.data.get('storage', {}).get('cleanup', {})
+            if storage_cleanup_cfg.get('enabled', True) and self.maintenance_service is not None:
+                check_interval_hours = self._get_positive_float_config(
+                    storage_cleanup_cfg.get('check_interval_hours', 1),
+                    default=1,
+                    name='storage.cleanup.check_interval_hours',
+                )
+
+                async def storage_cleanup_loop():
+                    check_interval_seconds = check_interval_hours * 3600
+                    while True:
+                        try:
+                            deleted = await self.maintenance_service.cleanup_expired_files()
+                            total_deleted = sum(deleted.values())
+                            if total_deleted > 0:
+                                self.logger.info(f'Storage maintenance: deleted expired files: {deleted}')
+                        except Exception as e:
+                            self.logger.warning(f'Storage maintenance error: {e}')
+                        await asyncio.sleep(check_interval_seconds)
+
+                self.task_mgr.create_task(
+                    storage_cleanup_loop(),
+                    name='storage-maintenance',
+                    scopes=[core_entities.LifecycleControlScope.APPLICATION],
+                )
+
            self.task_mgr.create_task(
                never_ending(),
                name='never-ending-task',
@@ -230,6 +278,28 @@ class Application:
            self.logger.error(f'Application runtime fatal exception: {e}')
            self.logger.debug(f'Traceback: {traceback.format_exc()}')

+    def _get_positive_int_config(self, value, default: int, name: str) -> int:
+        try:
+            parsed = int(value)
+        except (TypeError, ValueError):
+            self.logger.warning(f'Invalid {name}: {value!r}, using {default}')
+            return default
+        if parsed < 1:
+            self.logger.warning(f'Invalid {name}: {value!r}, using {default}')
+            return default
+        return parsed
+
+    def _get_positive_float_config(self, value, default: float, name: str) -> float:
+        try:
+            parsed = float(value)
+        except (TypeError, ValueError):
+            self.logger.warning(f'Invalid {name}: {value!r}, using {default}')
+            return default
+        if parsed <= 0:
+            self.logger.warning(f'Invalid {name}: {value!r}, using {default}')
+            return default
+        return parsed
+
    def dispose(self):
        self.plugin_connector.dispose()

--- a/src/langbot/pkg/core/boot.py
+++ b/src/langbot/pkg/core/boot.py
@@ -46,12 +46,14 @@ async def make_app(loop: asyncio.AbstractEventLoop) -> app.Application:


 async def main(loop: asyncio.AbstractEventLoop):
+    app_inst: app.Application | None = None
    try:
        # Hang system signal processing
        import signal

        def signal_handler(sig, frame):
-            app_inst.dispose()
+            if app_inst is not None:
+                app_inst.dispose()
            print('[Signal] Program exit.')
            os._exit(0)

--- a/src/langbot/pkg/core/stages/build_app.py
+++ b/src/langbot/pkg/core/stages/build_app.py
@@ -28,6 +28,7 @@ from ...api.http.service import mcp as mcp_service
 from ...api.http.service import apikey as apikey_service
 from ...api.http.service import webhook as webhook_service
 from ...api.http.service import monitoring as monitoring_service
+from ...api.http.service import maintenance as maintenance_service
 from ...discover import engine as discover_engine
 from ...storage import mgr as storagemgr
 from ...utils import logcache
@@ -61,6 +62,9 @@ class BuildAppStage(stage.BootingStage):
        embedding_models_service_inst = model_service.EmbeddingModelsService(ap)
        ap.embedding_models_service = embedding_models_service_inst

+        rerank_models_service_inst = model_service.RerankModelsService(ap)
+        ap.rerank_models_service = rerank_models_service_inst
+
        provider_service_inst = provider_service.ModelProviderService(ap)
        ap.provider_service = provider_service_inst

@@ -164,6 +168,9 @@ class BuildAppStage(stage.BootingStage):
        monitoring_service_inst = monitoring_service.MonitoringService(ap)
        ap.monitoring_service = monitoring_service_inst

+        maintenance_service_inst = maintenance_service.MaintenanceService(ap)
+        ap.maintenance_service = maintenance_service_inst
+
        async def runtime_disconnect_callback(connector: plugin_connector.PluginRuntimeConnector) -> None:
            await asyncio.sleep(3)
            await plugin_connector_inst.initialize()
--- a/src/langbot/pkg/core/stages/load_config.py
+++ b/src/langbot/pkg/core/stages/load_config.py
@@ -80,8 +80,12 @@ def _apply_env_overrides_to_config(cfg: dict) -> dict:
            if i == len(keys) - 1:
                # At the final key
                if key in current:
-                    if isinstance(current[key], (dict, list)):
-                        # Skip dict and list types
+                    if isinstance(current[key], list):
+                        # Convert comma-separated string to list
+                        # e.g., SYSTEM__DISABLED_ADAPTERS="aiocqhttp,dingtalk"
+                        current[key] = [item.strip() for item in env_value.split(',') if item.strip()]
+                    elif isinstance(current[key], dict):
+                        # Skip dict types
                        pass
                    else:
                        # Valid scalar value - convert and set it
--- a/src/langbot/pkg/core/taskmgr.py
+++ b/src/langbot/pkg/core/taskmgr.py
@@ -3,6 +3,7 @@ from __future__ import annotations
 import asyncio
 import typing
 import datetime
+import time

 from . import app
 from . import entities as core_entities
@@ -119,6 +120,7 @@ class TaskWrapper:
        self.label = label if label != '' else name
        self.task.set_name(name)
        self.scopes = scopes
+        self.created_at = time.time()

    def assume_exception(self):
        try:
@@ -154,6 +156,7 @@ class TaskWrapper:
            'name': self.name,
            'label': self.label,
            'scopes': [scope.value for scope in self.scopes],
+            'created_at': self.created_at,
            'task_context': self.task_context.to_dict(),
            'runtime': {
                'done': self.task.done(),
@@ -193,6 +196,8 @@ class AsyncTaskManager:
    ) -> TaskWrapper:
        wrapper = TaskWrapper(self.ap, coro, task_type, kind, name, label, context, scopes)
        self.tasks.append(wrapper)
+        wrapper.task.add_done_callback(lambda _: self._prune_completed_tasks())
+        self._prune_completed_tasks()
        return wrapper

    def create_user_task(
@@ -226,6 +231,15 @@ class AsyncTaskManager:
            'id_index': TaskWrapper._id_index,
        }

+    def get_stats(self) -> dict:
+        completed = sum(1 for t in self.tasks if t.task.done())
+        return {
+            'total': len(self.tasks),
+            'running': len(self.tasks) - completed,
+            'completed': completed,
+            'id_index': TaskWrapper._id_index,
+        }
+
    def get_task_by_id(self, id: int) -> TaskWrapper | None:
        for t in self.tasks:
            if t.id == id:
@@ -243,3 +257,27 @@ class AsyncTaskManager:
                if not wrapper.task.done():
                    wrapper.task.cancel()
                return
+
+    def _prune_completed_tasks(self):
+        completed_limit = (
+            self.ap.instance_config.data.get('system', {})
+            .get('task_retention', {})
+            .get(
+                'completed_limit',
+                200,
+            )
+        )
+        try:
+            completed_limit = int(completed_limit)
+        except (TypeError, ValueError):
+            completed_limit = 200
+        if completed_limit < 1:
+            completed_limit = 1
+
+        completed_tasks = [wrapper for wrapper in self.tasks if wrapper.task.done()]
+        overflow = len(completed_tasks) - completed_limit
+        if overflow <= 0:
+            return
+
+        remove_ids = {wrapper.id for wrapper in completed_tasks[:overflow]}
+        self.tasks = [wrapper for wrapper in self.tasks if wrapper.id not in remove_ids]
--- a/src/langbot/pkg/entity/persistence/bot.py
+++ b/src/langbot/pkg/entity/persistence/bot.py
@@ -16,6 +16,7 @@ class Bot(Base):
    enable = sqlalchemy.Column(sqlalchemy.Boolean, nullable=False, default=False)
    use_pipeline_name = sqlalchemy.Column(sqlalchemy.String(255), nullable=True)
    use_pipeline_uuid = sqlalchemy.Column(sqlalchemy.String(255), nullable=True)
+    pipeline_routing_rules = sqlalchemy.Column(sqlalchemy.JSON, nullable=False, server_default='[]')
    created_at = sqlalchemy.Column(sqlalchemy.DateTime, nullable=False, server_default=sqlalchemy.func.now())
    updated_at = sqlalchemy.Column(
        sqlalchemy.DateTime,
--- a/src/langbot/pkg/entity/persistence/model.py
+++ b/src/langbot/pkg/entity/persistence/model.py
@@ -59,3 +59,22 @@ class EmbeddingModel(Base):
        server_default=sqlalchemy.func.now(),
        onupdate=sqlalchemy.func.now(),
    )
+
+
+class RerankModel(Base):
+    """Rerank model"""
+
+    __tablename__ = 'rerank_models'
+
+    uuid = sqlalchemy.Column(sqlalchemy.String(255), primary_key=True, unique=True)
+    name = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)
+    provider_uuid = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)
+    extra_args = sqlalchemy.Column(sqlalchemy.JSON, nullable=False, default={})
+    prefered_ranking = sqlalchemy.Column(sqlalchemy.Integer, nullable=False, default=0)
+    created_at = sqlalchemy.Column(sqlalchemy.DateTime, nullable=False, server_default=sqlalchemy.func.now())
+    updated_at = sqlalchemy.Column(
+        sqlalchemy.DateTime,
+        nullable=False,
+        server_default=sqlalchemy.func.now(),
+        onupdate=sqlalchemy.func.now(),
+    )
--- a/src/langbot/pkg/persistence/alembic/init.py
+++ b/src/langbot/pkg/persistence/alembic/init.py
--- a/src/langbot/pkg/persistence/alembic/env.py
+++ b/src/langbot/pkg/persistence/alembic/env.py
@@ -0,0 +1,51 @@
+"""Alembic environment for LangBot.
+
+This env.py is designed to be called programmatically (not via CLI).
+It supports both SQLite and PostgreSQL.
+
+The sync connection is passed via config attributes by the runner.
+"""
+
+from __future__ import annotations
+
+from alembic import context
+from sqlalchemy.engine import Connection
+
+from langbot.pkg.entity.persistence.base import Base
+
+target_metadata = Base.metadata
+
+
+def run_migrations_offline() -> None:
+    """Run migrations in 'offline' mode — emit SQL without a live connection."""
+    url = context.config.get_main_option('sqlalchemy.url')
+    context.configure(
+        url=url,
+        target_metadata=target_metadata,
+        literal_binds=True,
+        dialect_opts={'paramstyle': 'named'},
+    )
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+def run_migrations_online() -> None:
+    """Run migrations with a live sync connection passed via config attributes."""
+    connection: Connection = context.config.attributes.get('connection')
+    if connection is None:
+        raise RuntimeError('connection not provided in alembic config attributes')
+
+    context.configure(
+        connection=connection,
+        target_metadata=target_metadata,
+        # render_as_batch=True is critical for SQLite ALTER TABLE support
+        render_as_batch=True,
+    )
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    run_migrations_online()
--- a/src/langbot/pkg/persistence/alembic/script.py.mako
+++ b/src/langbot/pkg/persistence/alembic/script.py.mako
@@ -0,0 +1,24 @@
+# Alembic script.py.mako — template for auto-generated revisions
+"""${message}
+
+Revision ID: ${up_revision}
+Revises: ${down_revision | comma,n}
+Create Date: ${create_date}
+"""
+from alembic import op
+import sqlalchemy as sa
+${imports if imports else ""}
+
+# revision identifiers
+revision = ${repr(up_revision)}
+down_revision = ${repr(down_revision)}
+branch_labels = ${repr(branch_labels)}
+depends_on = ${repr(depends_on)}
+
+
+def upgrade() -> None:
+    ${upgrades if upgrades else "pass"}
+
+
+def downgrade() -> None:
+    ${downgrades if downgrades else "pass"}
--- a/src/langbot/pkg/persistence/alembic/versions/0001_baseline.py
+++ b/src/langbot/pkg/persistence/alembic/versions/0001_baseline.py
@@ -0,0 +1,24 @@
+"""baseline: stamp existing schema (db version 25)
+
+This is a no-op migration that marks the starting point for Alembic.
+All tables already exist via create_all() + legacy DBMigration system.
+
+Revision ID: 0001_baseline
+Revises: None
+Create Date: 2026-04-08
+"""
+
+revision = '0001_baseline'
+down_revision = None
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    # No-op: existing schema is already at database_version=25
+    # This revision serves as the Alembic baseline.
+    pass
+
+
+def downgrade() -> None:
+    pass
--- a/src/langbot/pkg/persistence/alembic/versions/0002_sample.py
+++ b/src/langbot/pkg/persistence/alembic/versions/0002_sample.py
@@ -0,0 +1,62 @@
+"""example: sample migration demonstrating Alembic patterns
+
+This is a SAMPLE showing how to write migrations that work
+seamlessly across SQLite and PostgreSQL. Delete or adapt as needed.
+
+Revision ID: 0002_sample
+Revises: 0001_baseline
+Create Date: 2026-04-08
+
+Patterns demonstrated:
+  1. Schema change (add column) — works on both DBs via render_as_batch
+  2. Data migration (read + modify JSON) — pure SQLAlchemy, no dialect branching
+"""
+
+revision = '0002_sample'
+down_revision = '0001_baseline'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    """
+    EXAMPLE: Uncomment to use. This shows the patterns.
+
+    # --- Pattern 1: Schema change (add/drop column) ---
+    # render_as_batch=True in env.py makes this work on SQLite too.
+    #
+    # op.add_column('pipelines', sa.Column('description', sa.String(512), server_default=''))
+
+    # --- Pattern 2: Data migration (read + modify JSON field) ---
+    # No if/else for sqlite vs postgres needed!
+    #
+    # conn = op.get_bind()
+    # rows = conn.execute(sa.text("SELECT uuid, config FROM pipelines")).fetchall()
+    # for row in rows:
+    #     config = json.loads(row[1]) if isinstance(row[1], str) else row[1]
+    #     # Modify the config
+    #     config.setdefault('ai', {}).setdefault('some_new_key', 'default_value')
+    #     conn.execute(
+    #         sa.text("UPDATE pipelines SET config = :cfg WHERE uuid = :uuid"),
+    #         {"cfg": json.dumps(config), "uuid": row[0]}
+    #     )
+
+    # --- Pattern 3: Create a new table ---
+    #
+    # op.create_table(
+    #     'audit_log',
+    #     sa.Column('id', sa.Integer, primary_key=True, autoincrement=True),
+    #     sa.Column('action', sa.String(255), nullable=False),
+    #     sa.Column('detail', sa.Text),
+    #     sa.Column('created_at', sa.DateTime, server_default=sa.func.now()),
+    # )
+    """
+    pass
+
+
+def downgrade() -> None:
+    """
+    # op.drop_column('pipelines', 'description')
+    # op.drop_table('audit_log')
+    """
+    pass
--- a/src/langbot/pkg/persistence/alembic/versions/0003_add_rerank_models.py
+++ b/src/langbot/pkg/persistence/alembic/versions/0003_add_rerank_models.py
@@ -0,0 +1,35 @@
+"""add rerank_models table
+
+Revision ID: 0003_add_rerank_models
+Revises: 0002_sample
+Create Date: 2026-04-19
+"""
+
+import sqlalchemy as sa
+from alembic import op
+
+revision = '0003_add_rerank_models'
+down_revision = '0002_sample'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    # Check if table already exists (may have been created by create_all())
+    conn = op.get_bind()
+    inspector = sa.inspect(conn)
+    if 'rerank_models' not in inspector.get_table_names():
+        op.create_table(
+            'rerank_models',
+            sa.Column('uuid', sa.String(255), primary_key=True, unique=True),
+            sa.Column('name', sa.String(255), nullable=False),
+            sa.Column('provider_uuid', sa.String(255), nullable=False),
+            sa.Column('extra_args', sa.JSON, nullable=False, server_default='{}'),
+            sa.Column('prefered_ranking', sa.Integer, nullable=False, server_default='0'),
+            sa.Column('created_at', sa.DateTime, nullable=False, server_default=sa.func.now()),
+            sa.Column('updated_at', sa.DateTime, nullable=False, server_default=sa.func.now()),
+        )
+
+
+def downgrade() -> None:
+    op.drop_table('rerank_models')
--- a/src/langbot/pkg/persistence/alembic/versions/init.py
+++ b/src/langbot/pkg/persistence/alembic/versions/init.py
--- a/src/langbot/pkg/persistence/alembic_runner.py
+++ b/src/langbot/pkg/persistence/alembic_runner.py
@@ -0,0 +1,150 @@
+"""Programmatic Alembic runner for LangBot.
+
+Usage from async code:
+    from langbot.pkg.persistence.alembic_runner import run_alembic_upgrade
+    await run_alembic_upgrade(async_engine)
+
+CLI usage (autogenerate):
+    python -m langbot.pkg.persistence.alembic_runner autogenerate "add description column"
+    python -m langbot.pkg.persistence.alembic_runner upgrade
+    python -m langbot.pkg.persistence.alembic_runner current
+"""
+
+from __future__ import annotations
+
+import os
+from typing import TYPE_CHECKING
+
+from alembic.config import Config
+from alembic import command
+from alembic.runtime.migration import MigrationContext
+
+if TYPE_CHECKING:
+    from sqlalchemy.ext.asyncio import AsyncEngine
+    from sqlalchemy.engine import Connection
+
+
+_ALEMBIC_DIR = os.path.join(os.path.dirname(__file__), 'alembic')
+
+
+def _build_config(connection: Connection) -> Config:
+    """Build an Alembic Config with sync connection attached."""
+    cfg = Config()
+    cfg.set_main_option('script_location', _ALEMBIC_DIR)
+    cfg.attributes['connection'] = connection
+    return cfg
+
+
+def _do_upgrade(connection: Connection, revision: str = 'head') -> None:
+    """Synchronous upgrade — runs inside run_sync."""
+    cfg = _build_config(connection)
+    command.upgrade(cfg, revision)
+
+
+def _do_stamp(connection: Connection, revision: str = 'head') -> None:
+    """Synchronous stamp — runs inside run_sync."""
+    cfg = _build_config(connection)
+    command.stamp(cfg, revision)
+
+
+def _do_get_current(connection: Connection) -> str | None:
+    """Get current alembic revision synchronously."""
+    ctx = MigrationContext.configure(connection)
+    return ctx.get_current_revision()
+
+
+def _do_autogenerate(connection: Connection, message: str = 'auto migration') -> None:
+    """Synchronous autogenerate — runs inside run_sync."""
+    cfg = _build_config(connection)
+    command.revision(cfg, message=message, autogenerate=True)
+
+
+async def run_alembic_upgrade(async_engine: AsyncEngine, revision: str = 'head') -> None:
+    """Run Alembic upgrade to the given revision."""
+    async with async_engine.connect() as conn:
+        await conn.run_sync(_do_upgrade, revision)
+        await conn.commit()
+
+
+async def run_alembic_stamp(async_engine: AsyncEngine, revision: str = 'head') -> None:
+    """Stamp the database with a revision without running migrations."""
+    async with async_engine.connect() as conn:
+        await conn.run_sync(_do_stamp, revision)
+        await conn.commit()
+
+
+async def get_alembic_current(async_engine: AsyncEngine) -> str | None:
+    """Get current alembic revision, or None if not stamped."""
+    async with async_engine.connect() as conn:
+        return await conn.run_sync(_do_get_current)
+
+
+async def run_alembic_autogenerate(async_engine: AsyncEngine, message: str = 'auto migration') -> None:
+    """Compare ORM models against DB schema and generate a migration script."""
+    async with async_engine.connect() as conn:
+        await conn.run_sync(_do_autogenerate, message)
+
+
+# CLI entrypoint: python -m langbot.pkg.persistence.alembic_runner <command> [args]
+if __name__ == '__main__':
+    import sys
+    import asyncio
+
+    def _get_engine():
+        """Create engine from data/config.yaml or default SQLite."""
+        from sqlalchemy.ext.asyncio import create_async_engine
+
+        try:
+            import yaml
+
+            with open('data/config.yaml') as f:
+                config = yaml.safe_load(f)
+            db_cfg = config.get('database', {})
+            db_type = db_cfg.get('use', 'sqlite')
+            if db_type == 'postgresql':
+                pg = db_cfg.get('postgresql', {})
+                url = (
+                    f'postgresql+asyncpg://{pg.get("user", "postgres")}:{pg.get("password", "postgres")}'
+                    f'@{pg.get("host", "127.0.0.1")}:{pg.get("port", 5432)}/{pg.get("database", "postgres")}'
+                )
+            else:
+                path = db_cfg.get('sqlite', {}).get('path', 'data/langbot.db')
+                url = f'sqlite+aiosqlite:///{path}'
+        except Exception:
+            url = 'sqlite+aiosqlite:///data/langbot.db'
+
+        return create_async_engine(url)
+
+    def main():
+        if len(sys.argv) < 2:
+            print('Usage: python -m langbot.pkg.persistence.alembic_runner <command> [args]')
+            print('Commands:')
+            print('  autogenerate "message"  — Generate migration from ORM model diff')
+            print('  upgrade [revision]      — Upgrade database (default: head)')
+            print('  stamp [revision]        — Stamp revision without running (default: head)')
+            print('  current                 — Show current revision')
+            sys.exit(1)
+
+        cmd = sys.argv[1]
+        engine = _get_engine()
+
+        if cmd == 'autogenerate':
+            msg = sys.argv[2] if len(sys.argv) > 2 else 'auto migration'
+            asyncio.run(run_alembic_autogenerate(engine, msg))
+            print(f'Migration generated: {msg}')
+        elif cmd == 'upgrade':
+            rev = sys.argv[2] if len(sys.argv) > 2 else 'head'
+            asyncio.run(run_alembic_upgrade(engine, rev))
+            print(f'Upgraded to: {rev}')
+        elif cmd == 'stamp':
+            rev = sys.argv[2] if len(sys.argv) > 2 else 'head'
+            asyncio.run(run_alembic_stamp(engine, rev))
+            print(f'Stamped: {rev}')
+        elif cmd == 'current':
+            rev = asyncio.run(get_alembic_current(engine))
+            print(f'Current revision: {rev}')
+        else:
+            print(f'Unknown command: {cmd}')
+            sys.exit(1)
+
+    main()
--- a/src/langbot/pkg/persistence/mgr.py
+++ b/src/langbot/pkg/persistence/mgr.py
@@ -76,6 +76,9 @@ class PersistenceManager:

            self.ap.logger.info(f'Successfully upgraded database to version {last_migration_number}.')

+        # Run Alembic migrations (new migration system)
+        await self._run_alembic_migrations()
+
        await self.write_space_model_providers()

    async def create_tables(self):
@@ -135,6 +138,28 @@ class PersistenceManager:

    # =================================

+    async def _run_alembic_migrations(self):
+        """Run Alembic-based migrations after legacy migrations complete."""
+        from . import alembic_runner
+
+        engine = self.get_db_engine()
+
+        try:
+            current_rev = await alembic_runner.get_alembic_current(engine)
+
+            if current_rev is None:
+                # First time: stamp baseline so Alembic knows existing schema is up-to-date
+                self.ap.logger.info('Alembic: no revision found, stamping baseline...')
+                await alembic_runner.run_alembic_stamp(engine, '0001_baseline')
+                current_rev = '0001_baseline'
+
+            # Upgrade to head
+            await alembic_runner.run_alembic_upgrade(engine, 'head')
+            self.ap.logger.info('Alembic migrations completed.')
+        except Exception as e:
+            self.ap.logger.error(f'Alembic migration failed: {e}', exc_info=True)
+            raise
+
    async def execute_async(self, *args, **kwargs) -> sqlalchemy.engine.cursor.CursorResult:
        async with self.get_db_engine().connect() as conn:
            result = await conn.execute(*args, **kwargs)
--- a/src/langbot/pkg/persistence/migrations/dbm025_bot_pipeline_routing_rules.py
+++ b/src/langbot/pkg/persistence/migrations/dbm025_bot_pipeline_routing_rules.py
@@ -0,0 +1,15 @@
+import sqlalchemy
+from .. import migration
+
+
+@migration.migration_class(25)
+class DBMigrateBotPipelineRoutingRules(migration.DBMigration):
+    """Add pipeline_routing_rules column to bots table"""
+
+    async def upgrade(self):
+        sql_text = sqlalchemy.text("ALTER TABLE bots ADD COLUMN pipeline_routing_rules JSON NOT NULL DEFAULT '[]'")
+        await self.ap.persistence_mgr.execute_async(sql_text)
+
+    async def downgrade(self):
+        sql_text = sqlalchemy.text('ALTER TABLE bots DROP COLUMN pipeline_routing_rules')
+        await self.ap.persistence_mgr.execute_async(sql_text)
--- a/src/langbot/pkg/persistence/migrations/dbm025_feedback_stats.py
+++ b/src/langbot/pkg/persistence/migrations/dbm025_feedback_stats.py
@@ -1,75 +0,0 @@
-import sqlalchemy
-from .. import migration
-
-
-@migration.migration_class(25)
-class DBMigrateFeedbackStats(migration.DBMigration):
-    """Add monitoring_feedback table for storing user feedback from AI Bot conversations"""
-
-    async def _table_exists(self, table_name: str) -> bool:
-        """Check if a table exists (works for both SQLite and PostgreSQL)."""
-        if self.ap.persistence_mgr.db.name == 'postgresql':
-            result = await self.ap.persistence_mgr.execute_async(
-                sqlalchemy.text(
-                    'SELECT EXISTS (SELECT FROM information_schema.tables WHERE table_name = :table_name);'
-                ).bindparams(table_name=table_name)
-            )
-            return bool(result.scalar())
-        else:
-            result = await self.ap.persistence_mgr.execute_async(
-                sqlalchemy.text("SELECT name FROM sqlite_master WHERE type='table' AND name=:table_name;").bindparams(
-                    table_name=table_name
-                )
-            )
-            return result.first() is not None
-
-    async def upgrade(self):
-        """Create monitoring_feedback table."""
-        if await self._table_exists('monitoring_feedback'):
-            self.ap.logger.debug('monitoring_feedback table already exists, skipping migration.')
-            return
-
-        # Create monitoring_feedback table with all columns
-        create_table_sql = '''
-            CREATE TABLE monitoring_feedback (
-                id VARCHAR(255) PRIMARY KEY,
-                timestamp DATETIME NOT NULL,
-                feedback_id VARCHAR(255) NOT NULL UNIQUE,
-                feedback_type INTEGER NOT NULL,
-                feedback_content TEXT,
-                inaccurate_reasons TEXT,
-                bot_id VARCHAR(255),
-                bot_name VARCHAR(255),
-                pipeline_id VARCHAR(255),
-                pipeline_name VARCHAR(255),
-                session_id VARCHAR(255),
-                message_id VARCHAR(255),
-                stream_id VARCHAR(255),
-                user_id VARCHAR(255),
-                platform VARCHAR(255)
-            )
-        '''
-        await self.ap.persistence_mgr.execute_async(sqlalchemy.text(create_table_sql))
-
-        # Create indexes
-        indexes = [
-            'CREATE INDEX ix_monitoring_feedback_timestamp ON monitoring_feedback (timestamp)',
-            'CREATE UNIQUE INDEX ix_monitoring_feedback_feedback_id ON monitoring_feedback (feedback_id)',
-            'CREATE INDEX ix_monitoring_feedback_bot_id ON monitoring_feedback (bot_id)',
-            'CREATE INDEX ix_monitoring_feedback_pipeline_id ON monitoring_feedback (pipeline_id)',
-            'CREATE INDEX ix_monitoring_feedback_session_id ON monitoring_feedback (session_id)',
-            'CREATE INDEX ix_monitoring_feedback_message_id ON monitoring_feedback (message_id)',
-            'CREATE INDEX ix_monitoring_feedback_stream_id ON monitoring_feedback (stream_id)',
-        ]
-        for index_sql in indexes:
-            await self.ap.persistence_mgr.execute_async(sqlalchemy.text(index_sql))
-
-        self.ap.logger.info('Created monitoring_feedback table with indexes.')
-
-    async def downgrade(self):
-        """Drop monitoring_feedback table."""
-        if await self._table_exists('monitoring_feedback'):
-            await self.ap.persistence_mgr.execute_async(
-                sqlalchemy.text('DROP TABLE monitoring_feedback')
-            )
-            self.ap.logger.info('Dropped monitoring_feedback table.')
--- a/src/langbot/pkg/pipeline/aggregator.py
+++ b/src/langbot/pkg/pipeline/aggregator.py
@@ -37,6 +37,7 @@ class PendingMessage:
    message_chain: platform_message.MessageChain
    adapter: abstract_platform_adapter.AbstractMessagePlatformAdapter
    pipeline_uuid: typing.Optional[str]
+    routed_by_rule: bool = False
    timestamp: float = field(default_factory=time.time)


@@ -125,6 +126,7 @@ class MessageAggregator:
        message_chain: platform_message.MessageChain,
        adapter: abstract_platform_adapter.AbstractMessagePlatformAdapter,
        pipeline_uuid: typing.Optional[str] = None,
+        routed_by_rule: bool = False,
    ) -> None:
        """Add a message to the aggregation buffer

@@ -145,6 +147,7 @@ class MessageAggregator:
                message_chain=message_chain,
                adapter=adapter,
                pipeline_uuid=pipeline_uuid,
+                routed_by_rule=routed_by_rule,
            )
            return

@@ -159,6 +162,7 @@ class MessageAggregator:
            message_chain=message_chain,
            adapter=adapter,
            pipeline_uuid=pipeline_uuid,
+            routed_by_rule=routed_by_rule,
        )

        force_flush = False
@@ -217,6 +221,7 @@ class MessageAggregator:
                message_chain=msg.message_chain,
                adapter=msg.adapter,
                pipeline_uuid=msg.pipeline_uuid,
+                routed_by_rule=msg.routed_by_rule,
            )
            return

@@ -231,6 +236,7 @@ class MessageAggregator:
            message_chain=merged_msg.message_chain,
            adapter=merged_msg.adapter,
            pipeline_uuid=merged_msg.pipeline_uuid,
+            routed_by_rule=merged_msg.routed_by_rule,
        )

    def _merge_messages(self, messages: list[PendingMessage]) -> PendingMessage:
@@ -269,6 +275,7 @@ class MessageAggregator:
            message_chain=merged_chain,
            adapter=base_msg.adapter,
            pipeline_uuid=base_msg.pipeline_uuid,
+            routed_by_rule=any(msg.routed_by_rule for msg in messages),
        )

    async def flush_all(self) -> None:
--- a/src/langbot/pkg/pipeline/controller.py
+++ b/src/langbot/pkg/pipeline/controller.py
@@ -63,6 +63,14 @@ class Controller:
                                pipeline = await self.ap.pipeline_mgr.get_pipeline_by_uuid(pipeline_uuid)
                                if pipeline:
                                    await pipeline.run(selected_query)
+                                else:
+                                    self.ap.logger.warning(
+                                        f'Pipeline {pipeline_uuid} not found for query {selected_query.query_id}, query dropped'
+                                    )
+                            else:
+                                self.ap.logger.warning(
+                                    f'No pipeline_uuid for query {selected_query.query_id}, query dropped'
+                                )

                        async with self.ap.query_pool:
                            (await self.ap.sess_mgr.get_session(selected_query))._semaphore.release()
--- a/src/langbot/pkg/pipeline/longtext/longtext.py
+++ b/src/langbot/pkg/pipeline/longtext/longtext.py
@@ -76,6 +76,10 @@ class LongTextProcessStage(stage.PipelineStage):
            self.ap.logger.debug('Long message processing strategy is not set, skip long message processing.')
            return entities.StageProcessResult(result_type=entities.ResultType.CONTINUE, new_query=query)

+        if not query.resp_message_chain:
+            self.ap.logger.debug('Response message chain is empty, skip long message processing.')
+            return entities.StageProcessResult(result_type=entities.ResultType.CONTINUE, new_query=query)
+
        # 检查是否包含非 Plain 组件
        contains_non_plain = False

--- a/src/langbot/pkg/pipeline/monitoring_helper.py
+++ b/src/langbot/pkg/pipeline/monitoring_helper.py
@@ -353,62 +353,3 @@ class LLMCallMonitor:
            )

        return False  # Don't suppress exceptions
-
-
-class FeedbackMonitor:
-    """Helper for recording user feedback from AI Bot conversations"""
-
-    @staticmethod
-    async def record_feedback(
-        ap: app.Application,
-        feedback_id: str,
-        feedback_type: int,
-        feedback_content: str | None = None,
-        inaccurate_reasons: list[str] | None = None,
-        bot_id: str | None = None,
-        bot_name: str | None = None,
-        pipeline_id: str | None = None,
-        pipeline_name: str | None = None,
-        session_id: str | None = None,
-        message_id: str | None = None,
-        stream_id: str | None = None,
-        user_id: str | None = None,
-        platform: str = 'wecom',
-    ):
-        """Record user feedback (like/dislike) from AI Bot conversation.
-
-        Args:
-            ap: Application instance
-            feedback_id: Unique feedback identifier from platform
-            feedback_type: 1 = like, 2 = dislike
-            feedback_content: Optional user feedback text
-            inaccurate_reasons: List of reasons for inaccurate response
-            bot_id: Bot UUID
-            bot_name: Bot name
-            pipeline_id: Pipeline UUID
-            pipeline_name: Pipeline name
-            session_id: Session ID
-            message_id: Message ID
-            stream_id: Stream ID
-            user_id: User ID
-            platform: Platform name (default: wecom)
-        """
-        try:
-            await ap.monitoring_service.record_feedback(
-                feedback_id=feedback_id,
-                feedback_type=feedback_type,
-                feedback_content=feedback_content,
-                inaccurate_reasons=inaccurate_reasons,
-                bot_id=bot_id,
-                bot_name=bot_name,
-                pipeline_id=pipeline_id,
-                pipeline_name=pipeline_name,
-                session_id=session_id,
-                message_id=message_id,
-                stream_id=stream_id,
-                user_id=user_id,
-                platform=platform,
-            )
-            ap.logger.info(f'Recorded feedback: feedback_id={feedback_id}, type={feedback_type}')
-        except Exception as e:
-            ap.logger.error(f'Failed to record feedback: {e}')
--- a/src/langbot/pkg/pipeline/pipelinemgr.py
+++ b/src/langbot/pkg/pipeline/pipelinemgr.py
@@ -157,7 +157,7 @@ class RuntimePipeline:
                    bot_message=query.resp_messages[-1],
                    message=result.user_notice,
                    quote_origin=query.pipeline_config['output']['misc']['quote-origin'],
-                    is_final=[msg.is_final for msg in query.resp_messages][0],
+                    is_final=[msg.is_final for msg in query.resp_messages][-1],
                )
            else:
                await query.adapter.reply_message(
@@ -297,6 +297,9 @@ class RuntimePipeline:
            )
            # Store message_id in query variables for LLM call monitoring
            query.variables['_monitoring_message_id'] = message_id
+            # Notify adapter so it can map platform-specific IDs to monitoring message ID
+            if hasattr(query.adapter, 'on_monitoring_message_created'):
+                await query.adapter.on_monitoring_message_created(query, message_id)
        except Exception as e:
            self.ap.logger.error(f'Failed to record query start: {e}')

@@ -323,6 +326,9 @@ class RuntimePipeline:
            event_ctx = await self.ap.plugin_connector.emit_event(event_obj, bound_plugins)

            if event_ctx.is_prevented_default():
+                self.ap.logger.debug(
+                    f'MessageReceived event prevented default for query {query.query_id}, pipeline={pipeline_name}'
+                )
                return

            self.ap.logger.debug(f'Processing query {query.query_id}')
--- a/src/langbot/pkg/pipeline/pool.py
+++ b/src/langbot/pkg/pipeline/pool.py
@@ -41,9 +41,14 @@ class QueryPool:
        message_chain: platform_message.MessageChain,
        adapter: abstract_platform_adapter.AbstractMessagePlatformAdapter,
        pipeline_uuid: typing.Optional[str] = None,
+        routed_by_rule: bool = False,
+        variables: typing.Optional[dict[str, typing.Any]] = None,
    ) -> pipeline_query.Query:
        async with self.condition:
            query_id = self.query_id_counter
+            initial_variables: dict[str, typing.Any] = {'_routed_by_rule': routed_by_rule}
+            if variables:
+                initial_variables.update(variables)
            query = pipeline_query.Query(
                bot_uuid=bot_uuid,
                query_id=query_id,
@@ -52,7 +57,7 @@ class QueryPool:
                sender_id=sender_id,
                message_event=message_event,
                message_chain=message_chain,
-                variables={},
+                variables=initial_variables,
                resp_messages=[],
                resp_message_chain=[],
                adapter=adapter,
@@ -62,6 +67,7 @@ class QueryPool:
            self.cached_queries[query_id] = query
            self.query_id_counter += 1
            self.condition.notify_all()
+            return query

    async def __aenter__(self):
        await self.pool_lock.acquire()
--- a/src/langbot/pkg/pipeline/preproc/preproc.py
+++ b/src/langbot/pkg/pipeline/preproc/preproc.py
@@ -75,6 +75,27 @@ class PreProcessor(stage.PipelineStage):
            query.bot_uuid,
        )

+        # Expire externally managed conversation ids after the conversation has
+        # been idle for longer than the configured conversation expire time.
+        # The idle window is measured from the last preprocess/update time, not
+        # from the conversation creation time.
+        conversation_expire_time = query.pipeline_config.get('ai', {}).get('runner', {}).get('expire-time', None)
+        now = datetime.datetime.now()
+        if conversation_expire_time is not None and conversation_expire_time > 0:
+            last_update_time = getattr(conversation, 'update_time', None) or getattr(conversation, 'create_time', None)
+            if last_update_time is not None:
+                conversation_idle_time = now.timestamp() - last_update_time.timestamp()
+                if conversation_idle_time > conversation_expire_time:
+                    self.ap.logger.info(
+                        f'Conversation({query.query_id}) is expired (idle: {conversation_idle_time}s), create new conversation'
+                    )
+                    conversation.uuid = None
+
+        # Treat every preprocess pass as a conversation activity update. This
+        # makes future expiry checks use the latest incoming message/preprocess
+        # time instead of the first message/creation time.
+        conversation.update_time = now
+
        # 设置query
        query.session = session
        query.prompt = conversation.prompt.copy()
@@ -160,8 +181,10 @@ class PreProcessor(stage.PipelineStage):
                elif me.url:
                    content_list.append(provider_message.ContentElement.from_file_url(me.url, 'voice'))
            elif isinstance(me, platform_message.File):
-                # if me.url is not None:
-                content_list.append(provider_message.ContentElement.from_file_url(me.url, me.name))
+                if me.base64:
+                    content_list.append(provider_message.ContentElement.from_file_base64(me.base64, me.name))
+                elif me.url:
+                    content_list.append(provider_message.ContentElement.from_file_url(me.url, me.name))
            elif isinstance(me, platform_message.Quote) and quote_msg:
                for msg in me.origin:
                    if isinstance(msg, platform_message.Plain):
@@ -172,6 +195,18 @@ class PreProcessor(stage.PipelineStage):
                        ):
                            if msg.base64 is not None:
                                content_list.append(provider_message.ContentElement.from_image_base64(msg.base64))
+                    elif isinstance(msg, platform_message.File):
+                        if msg.base64:
+                            content_list.append(provider_message.ContentElement.from_file_base64(msg.base64, msg.name))
+                        elif msg.url:
+                            content_list.append(provider_message.ContentElement.from_file_url(msg.url, msg.name))
+                    elif isinstance(msg, platform_message.Voice):
+                        if msg.base64:
+                            content_list.append(
+                                provider_message.ContentElement.from_file_base64(msg.base64, 'voice.silk')
+                            )
+                        elif msg.url:
+                            content_list.append(provider_message.ContentElement.from_file_url(msg.url, 'voice'))

        query.variables['user_message_text'] = plain_text

--- a/src/langbot/pkg/pipeline/process/handlers/chat.py
+++ b/src/langbot/pkg/pipeline/process/handlers/chat.py
@@ -61,6 +61,9 @@ class ChatMessageHandler(handler.MessageHandler):

                yield entities.StageProcessResult(result_type=entities.ResultType.CONTINUE, new_query=query)
            else:
+                self.ap.logger.debug(
+                    f'NormalMessageReceived event prevented default for query {query.query_id} without reply'
+                )
                yield entities.StageProcessResult(result_type=entities.ResultType.INTERRUPT, new_query=query)
        else:
            if event_ctx.event.user_message_alter is not None:
@@ -205,6 +208,7 @@ class ChatMessageHandler(handler.MessageHandler):
                        'model_name': model_name,
                        'version': constants.semantic_version,
                        'instance_id': constants.instance_id,
+                        'edition': constants.edition,
                        'pipeline_plugins': pipeline_plugins,
                        'error': locals().get('error_info', None),
                        'timestamp': datetime.utcnow().isoformat(),
--- a/src/langbot/pkg/pipeline/respback/respback.py
+++ b/src/langbot/pkg/pipeline/respback/respback.py
@@ -40,7 +40,7 @@ class SendResponseBackStage(stage.PipelineStage):
        has_chunks = any(isinstance(msg, provider_message.MessageChunk) for msg in query.resp_messages)
        # TODO 命令与流式的兼容性问题
        if await query.adapter.is_stream_output_supported() and has_chunks:
-            is_final = [msg.is_final for msg in query.resp_messages][0]
+            is_final = [msg.is_final for msg in query.resp_messages][-1]
            await query.adapter.reply_message_chunk(
                message_source=query.message_event,
                bot_message=query.resp_messages[-1],
--- a/src/langbot/pkg/pipeline/resprule/resprule.py
+++ b/src/langbot/pkg/pipeline/resprule/resprule.py
@@ -37,6 +37,10 @@ class GroupRespondRuleCheckStage(stage.PipelineStage):
        if query.launcher_type.value != 'group':  # 只处理群消息
            return entities.StageProcessResult(result_type=entities.ResultType.CONTINUE, new_query=query)

+        # 通过路由规则明确指定的流水线，跳过群响应规则检查
+        if query.variables and query.variables.get('_routed_by_rule', False):
+            return entities.StageProcessResult(result_type=entities.ResultType.CONTINUE, new_query=query)
+
        rules = query.pipeline_config['trigger']['group-respond-rules']

        use_rule = rules
--- a/src/langbot/pkg/platform/botmgr.py
+++ b/src/langbot/pkg/platform/botmgr.py
@@ -1,6 +1,8 @@
 from __future__ import annotations

 import asyncio
+import json
+import re
 import traceback
 import sqlalchemy

@@ -52,6 +54,148 @@ class RuntimeBot:
        self.task_context = taskmgr.TaskContext()
        self.logger = logger

+    @staticmethod
+    def _match_operator(actual: str, operator: str, expected: str) -> bool:
+        """Evaluate a single operator condition."""
+        if operator == 'eq':
+            return actual == expected
+        elif operator == 'neq':
+            return actual != expected
+        elif operator == 'contains':
+            return expected in actual
+        elif operator == 'not_contains':
+            return expected not in actual
+        elif operator == 'starts_with':
+            return actual.startswith(expected)
+        elif operator == 'regex':
+            try:
+                return bool(re.search(expected, actual))
+            except re.error:
+                return False
+        return False
+
+    PIPELINE_DISCARD = '__discard__'
+    PIPELINE_DISCARD_DISPLAY_NAME = 'Discarded'
+
+    def resolve_pipeline_uuid(
+        self,
+        launcher_type: str,
+        launcher_id: str,
+        message_text: str,
+        message_element_types: list[str] | None = None,
+    ) -> tuple[str | None, bool]:
+        """Resolve pipeline UUID based on routing rules.
+
+        Rules are evaluated in order; first match wins.
+        Falls back to use_pipeline_uuid if no rule matches.
+
+        Rule types:
+          - launcher_type: session type ("person" / "group")
+          - launcher_id: session / group id
+          - message_content: message text content
+          - message_has_element: message contains element of given type
+            (Image, Voice, File, Forward, Face, At, AtAll, Quote)
+            Operators: eq (has), neq (doesn't have)
+
+        Operators: eq, neq, contains, not_contains, starts_with, regex
+
+        When pipeline_uuid is ``__discard__``, the message should be
+        silently dropped by the caller.
+
+        Returns:
+            tuple: (pipeline_uuid, routed_by_rule) - routed_by_rule is True
+            when a routing rule matched, False when falling back to default.
+        """
+        rules = self.bot_entity.pipeline_routing_rules or []
+        element_type_set = set(message_element_types or [])
+
+        for rule in rules:
+            rule_type = rule.get('type')
+            operator = rule.get('operator', 'eq')
+            rule_value = rule.get('value', '')
+            target_uuid = rule.get('pipeline_uuid')
+            if not rule_type or not target_uuid:
+                continue
+
+            if rule_type == 'launcher_type':
+                if self._match_operator(launcher_type, operator, rule_value):
+                    return target_uuid, True
+            elif rule_type == 'launcher_id':
+                if self._match_operator(str(launcher_id), operator, str(rule_value)):
+                    return target_uuid, True
+            elif rule_type == 'message_content':
+                if self._match_operator(message_text, operator, rule_value):
+                    return target_uuid, True
+            elif rule_type == 'message_has_element':
+                has_element = rule_value in element_type_set
+                if operator == 'eq' and has_element:
+                    return target_uuid, True
+                elif operator == 'neq' and not has_element:
+                    return target_uuid, True
+
+        return self.bot_entity.use_pipeline_uuid, False
+
+    async def _record_discarded_message(
+        self,
+        launcher_type: provider_session.LauncherTypes,
+        launcher_id: str | int,
+        sender_id: str | int,
+        message_event: platform_events.MessageEvent,
+        message_chain: platform_message.MessageChain,
+    ) -> None:
+        """Record a discarded message in the monitoring system."""
+        try:
+            if hasattr(message_chain, 'model_dump'):
+                message_content = json.dumps(message_chain.model_dump(), ensure_ascii=False)
+            else:
+                message_content = str(message_chain)
+
+            sender_name = None
+            if hasattr(message_event, 'sender'):
+                if hasattr(message_event.sender, 'nickname'):
+                    sender_name = message_event.sender.nickname
+                elif hasattr(message_event.sender, 'member_name'):
+                    sender_name = message_event.sender.member_name
+
+            # Use the same session_id format as monitoring_helper.py
+            session_id = f'{launcher_type}_{launcher_id}'
+            platform = launcher_type.value if hasattr(launcher_type, 'value') else str(launcher_type)
+
+            await self.ap.monitoring_service.record_message(
+                bot_id=self.bot_entity.uuid,
+                bot_name=self.bot_entity.name or self.bot_entity.uuid,
+                pipeline_id=self.PIPELINE_DISCARD,
+                pipeline_name=self.PIPELINE_DISCARD_DISPLAY_NAME,
+                message_content=message_content,
+                session_id=session_id,
+                status='discarded',
+                level='info',
+                platform=platform,
+                user_id=str(sender_id),
+                user_name=sender_name,
+            )
+
+            # Ensure the session exists so the message appears in the session monitor.
+            # Don't overwrite pipeline info — a session may have messages from
+            # multiple pipelines; discarding shouldn't change the displayed pipeline.
+            session_updated = await self.ap.monitoring_service.update_session_activity(
+                session_id,
+            )
+            if not session_updated:
+                # No session yet (first message for this launcher was discarded).
+                await self.ap.monitoring_service.record_session_start(
+                    session_id=session_id,
+                    bot_id=self.bot_entity.uuid,
+                    bot_name=self.bot_entity.name or self.bot_entity.uuid,
+                    pipeline_id=self.PIPELINE_DISCARD,
+                    pipeline_name=self.PIPELINE_DISCARD_DISPLAY_NAME,
+                    platform=platform,
+                    user_id=str(sender_id),
+                    user_name=sender_name,
+                )
+        except Exception as e:
+            await self.logger.error(f'Failed to record discarded message: {e}')
+
    async def initialize(self):
        async def on_friend_message(
            event: platform_events.FriendMessage,
@@ -83,6 +227,23 @@ class RuntimeBot:
                    if custom_launcher_id:
                        launcher_id = custom_launcher_id

+                message_text = str(event.message_chain)
+                element_types = [comp.type for comp in event.message_chain]
+                pipeline_uuid, routed_by_rule = self.resolve_pipeline_uuid(
+                    'person', launcher_id, message_text, element_types
+                )
+
+                if pipeline_uuid == self.PIPELINE_DISCARD:
+                    await self.logger.info('Person message discarded by routing rule')
+                    await self._record_discarded_message(
+                        provider_session.LauncherTypes.PERSON,
+                        launcher_id,
+                        event.sender.id,
+                        event,
+                        event.message_chain,
+                    )
+                    return
+
                await self.ap.msg_aggregator.add_message(
                    bot_uuid=self.bot_entity.uuid,
                    launcher_type=provider_session.LauncherTypes.PERSON,
@@ -91,7 +252,8 @@ class RuntimeBot:
                    message_event=event,
                    message_chain=event.message_chain,
                    adapter=adapter,
-                    pipeline_uuid=self.bot_entity.use_pipeline_uuid,
+                    pipeline_uuid=pipeline_uuid,
+                    routed_by_rule=routed_by_rule,
                )
            else:
                await self.logger.info('Pipeline skipped for person message due to webhook response')
@@ -126,6 +288,23 @@ class RuntimeBot:
                    if custom_launcher_id:
                        launcher_id = custom_launcher_id

+                message_text = str(event.message_chain)
+                element_types = [comp.type for comp in event.message_chain]
+                pipeline_uuid, routed_by_rule = self.resolve_pipeline_uuid(
+                    'group', launcher_id, message_text, element_types
+                )
+
+                if pipeline_uuid == self.PIPELINE_DISCARD:
+                    await self.logger.info('Group message discarded by routing rule')
+                    await self._record_discarded_message(
+                        provider_session.LauncherTypes.GROUP,
+                        launcher_id,
+                        event.sender.id,
+                        event,
+                        event.message_chain,
+                    )
+                    return
+
                await self.ap.msg_aggregator.add_message(
                    bot_uuid=self.bot_entity.uuid,
                    launcher_type=provider_session.LauncherTypes.GROUP,
@@ -134,7 +313,8 @@ class RuntimeBot:
                    message_event=event,
                    message_chain=event.message_chain,
                    adapter=adapter,
-                    pipeline_uuid=self.bot_entity.use_pipeline_uuid,
+                    pipeline_uuid=pipeline_uuid,
+                    routed_by_rule=routed_by_rule,
                )
            else:
                await self.logger.info('Pipeline skipped for group message due to webhook response')
@@ -142,6 +322,50 @@ class RuntimeBot:
        self.adapter.register_listener(platform_events.FriendMessage, on_friend_message)
        self.adapter.register_listener(platform_events.GroupMessage, on_group_message)

+        # Register feedback listener (only effective on adapters that support it)
+        async def on_feedback(
+            event: platform_events.FeedbackEvent,
+            adapter: abstract_platform_adapter.AbstractMessagePlatformAdapter,
+        ):
+            try:
+                # Resolve pipeline name
+                pipeline_name = ''
+                if self.bot_entity.use_pipeline_uuid:
+                    try:
+                        pipeline_result = await self.ap.persistence_mgr.execute_async(
+                            sqlalchemy.select(persistence_pipeline.LegacyPipeline.name).where(
+                                persistence_pipeline.LegacyPipeline.uuid == self.bot_entity.use_pipeline_uuid
+                            )
+                        )
+                        pipeline_row = pipeline_result.first()
+                        if pipeline_row:
+                            pipeline_name = pipeline_row[0]
+                    except Exception:
+                        pass
+
+                await self.ap.monitoring_service.record_feedback(
+                    feedback_id=event.feedback_id,
+                    feedback_type=event.feedback_type,
+                    feedback_content=event.feedback_content,
+                    inaccurate_reasons=event.inaccurate_reasons,
+                    bot_id=self.bot_entity.uuid,
+                    bot_name=self.bot_entity.name,
+                    pipeline_id=self.bot_entity.use_pipeline_uuid or '',
+                    pipeline_name=pipeline_name,
+                    session_id=event.session_id,
+                    message_id=event.message_id,
+                    stream_id=event.stream_id,
+                    user_id=event.user_id,
+                    platform=adapter.__class__.__name__,
+                )
+                await self.logger.info(
+                    f'Recorded feedback: feedback_id={event.feedback_id}, type={event.feedback_type}'
+                )
+            except Exception:
+                await self.logger.error(f'Failed to record feedback: {traceback.format_exc()}')
+
+        self.adapter.register_listener(platform_events.FeedbackEvent, on_feedback)
+
    async def run(self):
        async def exception_wrapper():
            try:
@@ -197,12 +421,20 @@ class PlatformManager:
        # delete all bot log images
        await self.ap.storage_mgr.storage_provider.delete_dir_recursive('bot_log_images')

+        disabled_adapters = self.ap.instance_config.data.get('system', {}).get('disabled_adapters', []) or []
+
        self.adapter_components = self.ap.discover.get_components_by_kind('MessagePlatformAdapter')
        adapter_dict: dict[str, type[abstract_platform_adapter.AbstractMessagePlatformAdapter]] = {}
        for component in self.adapter_components:
+            if component.metadata.name in disabled_adapters:
+                continue
            adapter_dict[component.metadata.name] = component.get_python_component_class()
        self.adapter_dict = adapter_dict

+        # Filter out disabled adapters from components list (for API responses)
+        if disabled_adapters:
+            self.adapter_components = [c for c in self.adapter_components if c.metadata.name not in disabled_adapters]
+
        # initialize websocket adapter
        websocket_adapter_class = self.adapter_dict['websocket']
        websocket_logger = EventLogger(name='websocket-adapter', ap=self.ap)
@@ -268,35 +500,14 @@ class PlatformManager:
        adapter_inst = self.adapter_dict[bot_entity.adapter](
            bot_entity.adapter_config,
            logger,
-            ap=self.ap,
        )
+        if hasattr(adapter_inst, 'ap'):
+            adapter_inst.ap = self.ap

        # 如果 adapter 支持 set_bot_uuid 方法，设置 bot_uuid（用于统一 webhook）
        if hasattr(adapter_inst, 'set_bot_uuid'):
            adapter_inst.set_bot_uuid(bot_entity.uuid)

-        # 如果 adapter 支持 set_bot_info 方法，设置 bot 信息（用于监控记录）
-        if hasattr(adapter_inst, 'set_bot_info'):
-            pipeline_name = ''
-            if bot_entity.use_pipeline_uuid:
-                try:
-                    pipeline_result = await self.ap.persistence_mgr.execute_async(
-                        sqlalchemy.select(persistence_pipeline.LegacyPipeline.name).where(
-                            persistence_pipeline.LegacyPipeline.uuid == bot_entity.use_pipeline_uuid
-                        )
-                    )
-                    pipeline_row = pipeline_result.first()
-                    if pipeline_row:
-                        pipeline_name = pipeline_row[0]
-                except Exception:
-                    pass
-            adapter_inst.set_bot_info(
-                bot_id=bot_entity.uuid,
-                bot_name=bot_entity.name,
-                pipeline_id=bot_entity.use_pipeline_uuid or '',
-                pipeline_name=pipeline_name,
-            )
-
        runtime_bot = RuntimeBot(ap=self.ap, bot_entity=bot_entity, adapter=adapter_inst, logger=logger)

        await runtime_bot.initialize()
@@ -314,7 +525,7 @@ class PlatformManager:
        return None

    async def remove_bot(self, bot_uuid: str):
-        for bot in self.bots:
+        for bot in self.bots[:]:
            if bot.bot_entity.uuid == bot_uuid:
                if bot.enable:
                    await bot.shutdown()
--- a/src/langbot/pkg/platform/sources/aiocqhttp.py
+++ b/src/langbot/pkg/platform/sources/aiocqhttp.py
@@ -3,6 +3,7 @@ import typing
 import asyncio
 import traceback
 import datetime
+import json

 import aiocqhttp
 import pydantic
@@ -293,6 +294,29 @@ class AiocqhttpMessageConverter(abstract_platform_adapter.AbstractMessageConvert
            elif msg.type == 'dice':
                face_id = msg.data['result']
                yiri_msg_list.append(platform_message.Face(face_type='dice', face_id=int(face_id), face_name='骰子'))
+            elif msg.type == 'json':
+                try:
+                    raw = msg.data.get('data', {})
+                    if isinstance(raw, str):
+                        raw = json.loads(raw)
+                    if isinstance(raw, dict):
+                        _meta = raw.get('meta', {}) or {}
+                        if isinstance(_meta, dict):
+                            _detail = _meta.get('detail_1') or _meta.get('music') or _meta.get('news') or {}
+                        else:
+                            _detail = {}
+                        if isinstance(_detail, dict):
+                            preview = _detail.get('preview', '')
+                            title = _detail.get('desc', '') or _detail.get('title', '')
+                            url = _detail.get('qqdocurl', '') or _detail.get('jumpUrl', '')
+                        else:
+                            preview = title = url = ''
+                        text = ' '.join([f'[{raw.get("app", "")}]', preview, title, url]).strip()
+                        yiri_msg_list.append(platform_message.Plain(text=text or '[收到一张JSON卡片]'))
+                    else:
+                        yiri_msg_list.append(platform_message.Plain(text=str(raw)))
+                except Exception:
+                    yiri_msg_list.append(platform_message.Plain(text='[收到一张JSON卡片]'))

        chain = platform_message.MessageChain(yiri_msg_list)

--- a/src/langbot/pkg/platform/sources/aiocqhttp.yaml
+++ b/src/langbot/pkg/platform/sources/aiocqhttp.yaml
@@ -14,6 +14,10 @@ metadata:
 spec:
  categories:
    - protocol
+  help_links:
+    zh: https://link.langbot.app/zh/platforms/aiocqhttp
+    en: https://link.langbot.app/en/platforms/aiocqhttp
+    ja: https://link.langbot.app/ja/platforms/aiocqhttp
  config:
    - name: host
      label:
--- a/src/langbot/pkg/platform/sources/dingtalk.py
+++ b/src/langbot/pkg/platform/sources/dingtalk.py
@@ -71,7 +71,8 @@ class DingTalkMessageConverter(abstract_platform_adapter.AbstractMessageConverte
                    yiri_msg_list.append(platform_message.Image(base64=element['Picture']))
        else:
            # 回退到原有简单逻辑
-            if event.content:
+            # 对于音频消息，content 来自 recognition 转写文字，在下方音频处理块中统一处理
+            if event.content and event.type != 'audio':
                text_content = event.content.replace('@' + bot_name, '')
                yiri_msg_list.append(platform_message.Plain(text=text_content))
            if event.picture:
@@ -81,7 +82,38 @@ class DingTalkMessageConverter(abstract_platform_adapter.AbstractMessageConverte
        if event.file:
            yiri_msg_list.append(platform_message.File(url=event.file, name=event.name))
        if event.audio:
-            yiri_msg_list.append(platform_message.Voice(base64=event.audio))
+            # 优先使用钉钉自带的语音转写文字（recognition字段）
+            if event.content and event.type == 'audio':
+                yiri_msg_list.append(platform_message.Plain(text=event.content))
+            else:
+                yiri_msg_list.append(platform_message.Voice(base64=event.audio))
+
+        # Handle quoted/replied message - extract content as top-level components
+        # so that plugins like FileReader can process them the same way as direct messages
+        if event.quoted_message:
+            quote_info = event.quoted_message
+            msg_type = quote_info.get('msg_type', '')
+
+            # Process quoted file - add as top-level File component (same as private chat)
+            if msg_type == 'file' and quote_info.get('file_url'):
+                file_name = quote_info.get('file_name', 'file')
+                yiri_msg_list.append(platform_message.File(url=quote_info['file_url'], name=file_name))
+
+            # Process quoted image - add as top-level Image component
+            elif msg_type == 'picture' and quote_info.get('picture'):
+                yiri_msg_list.append(platform_message.Image(base64=quote_info['picture']))
+
+            # Process quoted audio - add as top-level Voice component
+            elif msg_type == 'audio' and quote_info.get('audio'):
+                yiri_msg_list.append(platform_message.Voice(base64=quote_info['audio']))
+
+            # Process quoted text - add as Plain text with context prefix
+            elif msg_type == 'text' and quote_info.get('content'):
+                yiri_msg_list.append(platform_message.Plain(text=f'[引用消息] {quote_info["content"]}'))
+
+            # Process quoted rich text - add as Plain text with context prefix
+            elif msg_type == 'richText' and quote_info.get('content'):
+                yiri_msg_list.append(platform_message.Plain(text=f'[引用消息] {quote_info["content"]}'))

        chain = platform_message.MessageChain(yiri_msg_list)

@@ -139,7 +171,7 @@ class DingTalkAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter):
        dict  # 回复卡片消息字典，key为消息id，value为回复卡片实例id，用于在流式消息时判断是否发送到指定卡片
    )

-    def __init__(self, config: dict, logger: EventLogger, ap=None, **kwargs):
+    def __init__(self, config: dict, logger: EventLogger):
        required_keys = [
            'client_id',
            'client_secret',
--- a/src/langbot/pkg/platform/sources/dingtalk.yaml
+++ b/src/langbot/pkg/platform/sources/dingtalk.yaml
@@ -14,7 +14,23 @@ metadata:
 spec:
  categories:
    - china
+  help_links:
+    zh: https://link.langbot.app/zh/platforms/dingtalk
+    en: https://link.langbot.app/en/platforms/dingtalk
+    ja: https://link.langbot.app/ja/platforms/dingtalk
  config:
+    - name: one-click-create
+      label:
+        en_US: One-Click Create App
+        zh_Hans: 一键创建应用
+        zh_Hant: 一鍵建立應用
+      description:
+        en_US: "Scan QR code with DingTalk to automatically create an app and fill in credentials. Note: Robot Code cannot be obtained automatically, you need to copy it from the DingTalk Developer Backend manually."
+        zh_Hans: "使用钉钉扫码自动创建应用并填写凭据。注意：机器人代码无法自动获取，需前往钉钉开发者后台手动复制。"
+        zh_Hant: "使用釘釘掃碼自動建立應用並填寫憑證。注意：機器人代碼無法自動取得，需前往釘釘開發者後台手動複製。"
+      type: qr-code-login
+      login_platform: dingtalk
+      required: false
    - name: client_id
      label:
        en_US: Client ID
@@ -36,6 +52,10 @@ spec:
        en_US: Robot Code
        zh_Hans: 机器人代码
        zh_Hant: 機器人代碼
+      description:
+        en_US: "Required for image recognition, file upload and other features. Get it from DingTalk Developer Backend > Robot Configuration."
+        zh_Hans: "识图、上传文件等功能必填。请前往钉钉开发者后台 > 机器人配置中获取。"
+        zh_Hant: "識圖、上傳檔案等功能必填。請前往釘釘開發者後台 > 機器人設定中取得。"
      type: string
      required: true
      default: ""
--- a/src/langbot/pkg/platform/sources/discord.yaml
+++ b/src/langbot/pkg/platform/sources/discord.yaml
@@ -23,6 +23,10 @@ spec:
  categories:
    - popular
    - global
+  help_links:
+    zh: https://link.langbot.app/zh/platforms/discord
+    en: https://link.langbot.app/en/platforms/discord
+    ja: https://link.langbot.app/ja/platforms/discord
  config:
    - name: client_id
      label:
--- a/src/langbot/pkg/platform/sources/kook.yaml
+++ b/src/langbot/pkg/platform/sources/kook.yaml
@@ -14,6 +14,10 @@ metadata:
 spec:
  categories:
    - china
+  help_links:
+    zh: https://link.langbot.app/zh/platforms/kook
+    en: https://link.langbot.app/en/platforms/kook
+    ja: https://link.langbot.app/ja/platforms/kook
  config:
    - name: token
      label:
--- a/src/langbot/pkg/platform/sources/lark.py
+++ b/src/langbot/pkg/platform/sources/lark.py
--- a/src/langbot/pkg/platform/sources/lark.yaml
+++ b/src/langbot/pkg/platform/sources/lark.yaml
@@ -18,7 +18,25 @@ spec:
    - popular
    - china
    - global
+  help_links:
+    zh: https://link.langbot.app/zh/platforms/lark
+    en: https://link.langbot.app/en/platforms/lark
+    ja: https://link.langbot.app/ja/platforms/lark
  config:
+    - name: one-click-create
+      label:
+        en_US: One-Click Create App
+        zh_Hans: 一键创建应用
+        zh_Hant: 一鍵建立應用
+        ja_JP: ワンクリックでアプリ作成
+      description:
+        en_US: Scan QR code to automatically create a Feishu app and fill in credentials
+        zh_Hans: 扫码自动创建飞书应用并填写凭据
+        zh_Hant: 掃碼自動建立飛書應用並填寫憑證
+        ja_JP: QRコードをスキャンしてFeishuアプリを自動作成し、認証情報を入力
+      type: qr-code-login
+      login_platform: feishu
+      required: false
    - name: app_id
      label:
        en_US: App ID
--- a/src/langbot/pkg/platform/sources/line.py
+++ b/src/langbot/pkg/platform/sources/line.py
@@ -136,7 +136,7 @@ class LINEAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter):

    seq: int  # 用于在发送卡片消息中识别消息顺序，直接以seq作为标识

-    def __init__(self, config: dict, logger: EventLogger, ap=None, **kwargs):
+    def __init__(self, config: dict, logger: EventLogger):
        configuration = Configuration(access_token=config['channel_access_token'])
        line_webhook = WebhookHandler(config['channel_secret'])
        parser = WebhookParser(config['channel_secret'])
--- a/src/langbot/pkg/platform/sources/line.yaml
+++ b/src/langbot/pkg/platform/sources/line.yaml
@@ -21,6 +21,10 @@ metadata:
 spec:
  categories:
    - global
+  help_links:
+    zh: https://link.langbot.app/zh/platforms/line
+    en: https://link.langbot.app/en/platforms/line
+    ja: https://link.langbot.app/ja/platforms/line
  config:
    - name: webhook_url
      label:
--- a/src/langbot/pkg/platform/sources/matrix.png
+++ b/src/langbot/pkg/platform/sources/matrix.png
--- a/src/langbot/pkg/platform/sources/matrix.py
+++ b/src/langbot/pkg/platform/sources/matrix.py
@@ -0,0 +1,693 @@
+from __future__ import annotations
+
+import typing
+import asyncio
+import traceback
+import base64
+import json
+
+import nio
+
+from langbot.pkg.utils import httpclient
+import langbot_plugin.api.definition.abstract.platform.adapter as abstract_platform_adapter
+import langbot_plugin.api.entities.builtin.platform.message as platform_message
+import langbot_plugin.api.entities.builtin.platform.events as platform_events
+import langbot_plugin.api.entities.builtin.platform.entities as platform_entities
+import langbot_plugin.api.definition.abstract.platform.event_logger as abstract_platform_logger
+
+
+class MatrixMessageConverter(abstract_platform_adapter.AbstractMessageConverter):
+    @staticmethod
+    async def yiri2target(message_chain: platform_message.MessageChain, client: nio.AsyncClient) -> list[dict]:
+        components = []
+        for component in message_chain:
+            if isinstance(component, platform_message.Plain):
+                components.append({'type': 'text', 'text': component.text})
+            elif isinstance(component, platform_message.Image):
+                image_bytes = None
+                if component.base64:
+                    b64_data = component.base64
+                    if ';base64,' in b64_data:
+                        b64_data = b64_data.split(';base64,', 1)[1]
+                    image_bytes = base64.b64decode(b64_data)
+                elif component.url:
+                    session = httpclient.get_session()
+                    async with session.get(component.url) as response:
+                        image_bytes = await response.read()
+                elif component.path:
+                    with open(component.path, 'rb') as f:
+                        image_bytes = f.read()
+                if image_bytes:
+                    resp = await client.upload(image_bytes, content_type='image/png')
+                    if isinstance(resp, nio.UploadResponse):
+                        components.append({'type': 'image', 'mxc_url': resp.content_uri})
+            elif isinstance(component, platform_message.File):
+                file_bytes = None
+                if component.base64:
+                    b64_data = component.base64
+                    if ';base64,' in b64_data:
+                        b64_data = b64_data.split(';base64,', 1)[1]
+                    file_bytes = base64.b64decode(b64_data)
+                elif component.url:
+                    session = httpclient.get_session()
+                    async with session.get(component.url) as response:
+                        file_bytes = await response.read()
+                elif component.path:
+                    with open(component.path, 'rb') as f:
+                        file_bytes = f.read()
+                if file_bytes:
+                    file_name = getattr(component, 'name', None) or 'file'
+                    resp = await client.upload(file_bytes, content_type='application/octet-stream', filename=file_name)
+                    if isinstance(resp, nio.UploadResponse):
+                        components.append(
+                            {
+                                'type': 'file',
+                                'mxc_url': resp.content_uri,
+                                'filename': file_name,
+                                'size': len(file_bytes),
+                            }
+                        )
+            elif isinstance(component, platform_message.Forward):
+                for node in component.node_list:
+                    components.extend(await MatrixMessageConverter.yiri2target(node.message_chain, client))
+        return components
+
+    @staticmethod
+    async def target2yiri(event: nio.RoomMessageText | nio.RoomMessageImage, client: nio.AsyncClient, bot_user_id: str):
+        message_components = []
+
+        if isinstance(event, nio.RoomMessageText):
+            text = event.body
+            if bot_user_id and bot_user_id in text:
+                message_components.append(platform_message.At(target=bot_user_id))
+                text = text.replace(bot_user_id, '').strip()
+            message_components.append(platform_message.Plain(text=text))
+
+        elif isinstance(event, nio.RoomMessageImage):
+            mxc_url = event.url
+            if mxc_url:
+                resp = await client.download(mxc_url)
+                if isinstance(resp, nio.DownloadResponse):
+                    b64 = base64.b64encode(resp.body).decode('utf-8')
+                    content_type = resp.content_type or 'image/png'
+                    message_components.append(platform_message.Image(base64=f'data:{content_type};base64,{b64}'))
+            if event.body:
+                message_components.append(platform_message.Plain(text=event.body))
+
+        return platform_message.MessageChain(message_components)
+
+
+class MatrixEventConverter(abstract_platform_adapter.AbstractEventConverter):
+    @staticmethod
+    async def yiri2target(event: platform_events.MessageEvent):
+        return event.source_platform_object
+
+    @staticmethod
+    async def target2yiri(
+        event: nio.RoomMessageText | nio.RoomMessageImage,
+        room: nio.MatrixRoom,
+        client: nio.AsyncClient,
+        bot_user_id: str,
+        bridge_user_ids: list[str] | None = None,
+    ):
+        lb_message = await MatrixMessageConverter.target2yiri(event, client, bot_user_id)
+
+        # Determine if this is a direct/private chat or a group chat.
+        # Exclude bot itself and bridge bots, count remaining real users.
+        exclude_ids = {bot_user_id}
+        if bridge_user_ids:
+            exclude_ids.update(bridge_user_ids)
+        real_users = [uid for uid in room.users if uid not in exclude_ids]
+        is_direct = len(real_users) <= 1
+
+        if is_direct:
+            return platform_events.FriendMessage(
+                sender=platform_entities.Friend(
+                    id=event.sender,
+                    nickname=room.user_name(event.sender) or event.sender,
+                    remark='',
+                ),
+                message_chain=lb_message,
+                time=event.server_timestamp / 1000.0,
+                source_platform_object={'event': event, 'room': room},
+            )
+        else:
+            return platform_events.GroupMessage(
+                sender=platform_entities.GroupMember(
+                    id=event.sender,
+                    member_name=room.user_name(event.sender) or event.sender,
+                    permission=platform_entities.Permission.Member,
+                    group=platform_entities.Group(
+                        id=room.room_id,
+                        name=room.display_name or room.room_id,
+                        permission=platform_entities.Permission.Member,
+                    ),
+                    special_title='',
+                ),
+                message_chain=lb_message,
+                time=event.server_timestamp / 1000.0,
+                source_platform_object={'event': event, 'room': room},
+            )
+
+
+class BridgeState:
+    """Per-bridge runtime state."""
+
+    def __init__(self, user_id: str, login_command: str, logout_command: str, success_keyword: str, check_command: str):
+        self.user_id = user_id
+        self.login_command = login_command
+        self.logout_command = logout_command
+        self.success_keyword = success_keyword
+        self.check_command = check_command or login_command
+        self.logged_in = False
+        self.dm_room_id: str | None = None
+        self.login_task: asyncio.Task | None = None
+        self.check_task: asyncio.Task | None = None
+        self.check_responded = False
+
+
+class MatrixAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter):
+    client: typing.Any = None
+    message_converter: MatrixMessageConverter = MatrixMessageConverter()
+    event_converter: MatrixEventConverter = MatrixEventConverter()
+    config: dict
+    listeners: typing.Dict[typing.Type[platform_events.Event], typing.Callable] = {}
+    _running: bool = False
+    _initial_sync_done: bool = False
+    _bridges: list = []
+
+    def __init__(self, config: dict, logger: abstract_platform_logger.AbstractEventLogger):
+        homeserver_url = config.get('homeserver_url', '')
+        access_token = config.get('access_token', '')
+        user_id = config.get('user_id', '')
+
+        if not homeserver_url or not access_token or not user_id:
+            raise ValueError('Matrix 机器人缺少必要配置项 (homeserver_url, user_id, access_token)')
+
+        client = nio.AsyncClient(homeserver_url, user_id)
+        client.access_token = access_token
+        client.user_id = user_id
+
+        super().__init__(
+            config=config,
+            logger=logger,
+            bot_account_id=user_id,
+            client=client,
+            listeners={},
+        )
+
+        # Parse bridges config AFTER super().__init__() to avoid Pydantic resetting _bridges
+        self._bridges = []
+        bridges_raw = config.get('bridges', '')
+        if bridges_raw:
+            if isinstance(bridges_raw, str):
+                try:
+                    bridges_list = json.loads(bridges_raw)
+                except (json.JSONDecodeError, TypeError) as e:
+                    raise ValueError(f'bridges 配置 JSON 解析失败: {e}\n原始值: {bridges_raw}')
+            else:
+                bridges_list = bridges_raw
+            for b in bridges_list:
+                if isinstance(b, dict) and b.get('user_id', '').strip():
+                    self._bridges.append(
+                        BridgeState(
+                            user_id=b['user_id'].strip(),
+                            login_command=b.get('login_command', '').strip(),
+                            logout_command=b.get('logout_command', '').strip(),
+                            success_keyword=b.get('success_keyword', 'Successfully logged in').strip(),
+                            check_command=b.get('check_command', '').strip(),
+                        )
+                    )
+        # Backward compatibility: old single-bridge config
+        if not self._bridges:
+            old_user_id = config.get('bridge_user_id', '').strip()
+            old_command = config.get('bridge_login_command', '').strip()
+            old_keyword = config.get('bridge_login_success_keyword', 'Successfully logged in').strip()
+            old_check = config.get('bridge_check_command', '').strip()
+            old_logout = config.get('bridge_logout_command', '').strip()
+            if old_user_id:
+                self._bridges.append(
+                    BridgeState(
+                        user_id=old_user_id,
+                        login_command=old_command,
+                        logout_command=old_logout,
+                        success_keyword=old_keyword,
+                        check_command=old_check,
+                    )
+                )
+
+    async def send_message(self, target_type: str, target_id: str, message: platform_message.MessageChain):
+        components = await self.message_converter.yiri2target(message, self.client)
+        for component in components:
+            await self._send_component(target_id, component)
+
+    async def reply_message(
+        self,
+        message_source: platform_events.MessageEvent,
+        message: platform_message.MessageChain,
+        quote_origin: bool = False,
+    ):
+        source_obj = message_source.source_platform_object
+        room_id = source_obj['room'].room_id
+        components = await self.message_converter.yiri2target(message, self.client)
+
+        for component in components:
+            if quote_origin:
+                original_event = source_obj['event']
+                await self._send_component(room_id, component, reply_to=original_event.event_id)
+            else:
+                await self._send_component(room_id, component)
+
+    async def _send_component(self, room_id: str, component: dict, reply_to: str | None = None):
+        content = {}
+        if component['type'] == 'text':
+            content = {
+                'msgtype': 'm.text',
+                'body': component['text'],
+            }
+        elif component['type'] == 'image':
+            content = {
+                'msgtype': 'm.image',
+                'body': 'image.png',
+                'url': component['mxc_url'],
+            }
+        elif component['type'] == 'file':
+            content = {
+                'msgtype': 'm.file',
+                'body': component.get('filename', 'file'),
+                'url': component['mxc_url'],
+                'info': {'size': component.get('size', 0)},
+            }
+
+        if reply_to and content:
+            content['m.relates_to'] = {
+                'm.in_reply_to': {'event_id': reply_to},
+            }
+
+        if content:
+            await self.client.room_send(
+                room_id=room_id,
+                message_type='m.room.message',
+                content=content,
+            )
+
+    def register_listener(
+        self,
+        event_type: typing.Type[platform_events.Event],
+        callback: typing.Callable[
+            [platform_events.Event, abstract_platform_adapter.AbstractMessagePlatformAdapter], None
+        ],
+    ):
+        self.listeners[event_type] = callback
+
+    async def run_async(self):
+        self._running = True
+        await self.logger.info('Matrix adapter starting...')
+
+        # Debug: log bridge parsing result
+        bridges_raw = self.config.get('bridges', '')
+        await self.logger.debug(f'bridges config raw: type={type(bridges_raw).__name__}, repr={repr(bridges_raw)}')
+        await self.logger.debug(
+            f'parsed _bridges count: {len(self._bridges)}, ids: {[b.user_id for b in self._bridges]}'
+        )
+
+        # Collect all bridge bot user IDs for filtering
+        _bridge_user_ids = [b.user_id for b in self._bridges]
+        _bridge_user_id_set = set(_bridge_user_ids)
+
+        # Auto-join invited rooms
+        async def on_invite(room: nio.MatrixRoom, event: nio.InviteMemberEvent):
+            if event.membership == 'invite' and event.state_key == self.client.user_id:
+                await self.client.join(room.room_id)
+                await self.logger.debug(f'Auto-joined room: {room.display_name or room.room_id}')
+
+        self.client.add_event_callback(on_invite, nio.InviteMemberEvent)
+
+        # Handle text messages
+        async def on_message(room: nio.MatrixRoom, event: nio.RoomMessageText):
+            if not self._initial_sync_done:
+                return
+            if event.sender == self.client.user_id:
+                return
+
+            # Admin commands (from any non-bridge user)
+            if event.sender not in _bridge_user_id_set:
+                body = (event.body or '').strip()
+                if body == '!relogin':
+                    await self._handle_relogin_command(room.room_id)
+                    return
+                if body == '!status':
+                    await self._handle_status_command(room.room_id)
+                    return
+
+            if event.sender in _bridge_user_id_set:
+                return
+            try:
+                lb_event = await self.event_converter.target2yiri(
+                    event, room, self.client, self.bot_account_id, _bridge_user_ids
+                )
+                if type(lb_event) in self.listeners:
+                    result = self.listeners[type(lb_event)](lb_event, self)
+                    if asyncio.iscoroutine(result):
+                        await result
+            except Exception:
+                await self.logger.error(f'Error handling Matrix message: {traceback.format_exc()}')
+
+        self.client.add_event_callback(on_message, nio.RoomMessageText)
+
+        # Handle image messages
+        async def on_image(room: nio.MatrixRoom, event: nio.RoomMessageImage):
+            if not self._initial_sync_done:
+                return
+            if event.sender == self.client.user_id:
+                return
+            if event.sender in _bridge_user_id_set:
+                return
+            try:
+                lb_event = await self.event_converter.target2yiri(
+                    event, room, self.client, self.bot_account_id, _bridge_user_ids
+                )
+                if type(lb_event) in self.listeners:
+                    result = self.listeners[type(lb_event)](lb_event, self)
+                    if asyncio.iscoroutine(result):
+                        await result
+            except Exception:
+                await self.logger.error(f'Error handling Matrix image: {traceback.format_exc()}')
+
+        self.client.add_event_callback(on_image, nio.RoomMessageImage)
+
+        # Set up bridge-specific callbacks for each bridge
+        _disconnect_keywords = ['disconnected', 'logged out', 'connection lost', 'session expired', 'token expired']
+
+        for bridge in self._bridges:
+            # Login success detection (notice)
+            async def on_bridge_notice(room: nio.MatrixRoom, event: nio.RoomMessageNotice, _b=bridge):
+                if not self._initial_sync_done:
+                    return
+                if event.sender != _b.user_id:
+                    return
+                _b.check_responded = True
+                if _b.success_keyword in (event.body or ''):
+                    _b.logged_in = True
+                    await self.logger.info(f'[{_b.user_id}] Bridge login succeeded.')
+                # Disconnect detection
+                body_lower = (event.body or '').lower()
+                for kw in _disconnect_keywords:
+                    if kw in body_lower and _b.logged_in:
+                        _b.logged_in = False
+                        await self.logger.info(f'[{_b.user_id}] Bridge 账号掉线 (检测到: "{kw}"), 将自动重新登录...')
+                        self._restart_bridge_login(_b)
+                        break
+
+            self.client.add_event_callback(on_bridge_notice, nio.RoomMessageNotice)
+
+            # Login success + disconnect detection (text)
+            async def on_bridge_text(room: nio.MatrixRoom, event: nio.RoomMessageText, _b=bridge):
+                if not self._initial_sync_done:
+                    return
+                if event.sender != _b.user_id:
+                    return
+                _b.check_responded = True
+                if _b.success_keyword in (event.body or ''):
+                    _b.logged_in = True
+                    await self.logger.info(f'[{_b.user_id}] Bridge login succeeded.')
+                body_lower = (event.body or '').lower()
+                for kw in _disconnect_keywords:
+                    if kw in body_lower and _b.logged_in:
+                        _b.logged_in = False
+                        await self.logger.info(f'[{_b.user_id}] Bridge 账号掉线 (检测到: "{kw}"), 将自动重新登录...')
+                        self._restart_bridge_login(_b)
+                        break
+
+            self.client.add_event_callback(on_bridge_text, nio.RoomMessageText)
+
+            # QR code image forwarding
+            async def on_bridge_image(room: nio.MatrixRoom, event: nio.RoomMessageImage, _b=bridge):
+                if not self._initial_sync_done:
+                    return
+                if event.sender != _b.user_id:
+                    return
+                mxc_url = event.url
+                if not mxc_url:
+                    return
+                try:
+                    resp = await self.client.download(mxc_url)
+                    if isinstance(resp, nio.DownloadResponse):
+                        b64 = base64.b64encode(resp.body).decode('utf-8')
+                        content_type = resp.content_type or 'image/png'
+                        await self.logger.info(
+                            f'[{_b.user_id}] Bridge 发送了二维码，请扫码登录:',
+                            images=[platform_message.Image(base64=f'data:{content_type};base64,{b64}')],
+                        )
+                except Exception:
+                    await self.logger.error(
+                        f'[{_b.user_id}] Failed to download bridge QR image: {traceback.format_exc()}'
+                    )
+
+            self.client.add_event_callback(on_bridge_image, nio.RoomMessageImage)
+
+        await self.logger.debug('Matrix adapter running, starting sync...')
+
+        # Initial sync to skip old messages
+        resp = await self.client.sync(timeout=10000)
+        if isinstance(resp, nio.SyncResponse):
+            await self.logger.debug(f'Matrix initial sync done, next_batch: {resp.next_batch}')
+        self._initial_sync_done = True
+
+        # Display account info
+        display_name = self.client.user_id
+        try:
+            profile_resp = await self.client.get_displayname(self.client.user_id)
+            if isinstance(profile_resp, nio.ProfileGetDisplayNameResponse) and profile_resp.displayname:
+                display_name = profile_resp.displayname
+        except Exception:
+            pass
+        joined_rooms = len(self.client.rooms)
+        homeserver = self.config.get('homeserver_url', '')
+        bridge_info = ''
+        if self._bridges:
+            bridge_names = ', '.join(b.user_id for b in self._bridges)
+            bridge_info = f' | 桥接: [{bridge_names}]'
+        await self.logger.info(
+            f'Matrix 账号: {display_name} ({self.client.user_id}) | '
+            f'服务器: {homeserver} | 已加入 {joined_rooms} 个房间{bridge_info}'
+        )
+
+        # Start bridge login and status check tasks for each bridge
+        for bridge in self._bridges:
+            if bridge.login_command:
+                await self.logger.info(
+                    f'[{bridge.user_id}] Bridge login enabled (命令: "{bridge.login_command}", '
+                    f'关键词: "{bridge.success_keyword}")'
+                )
+                bridge.login_task = asyncio.create_task(self._periodic_bridge_login(bridge))
+                bridge.check_task = asyncio.create_task(self._periodic_bridge_check(bridge))
+            else:
+                await self.logger.debug(f'[{bridge.user_id}] Bridge login not configured (no login_command)')
+
+        # Main sync loop
+        while self._running:
+            try:
+                await self.client.sync(timeout=30000)
+            except Exception:
+                await self.logger.error(f'Matrix sync error: {traceback.format_exc()}')
+                await asyncio.sleep(5)
+
+    async def _periodic_bridge_login(self, bridge: BridgeState):
+        """Periodically send login command to a bridge bot until login succeeds."""
+        try:
+            await self.logger.info(f'[{bridge.user_id}] Bridge login task started, looking for DM room...')
+            dm_room_id = None
+            for room_id, room in self.client.rooms.items():
+                if room.member_count == 2 and bridge.user_id in [m for m in room.users]:
+                    dm_room_id = room_id
+                    break
+
+            if not dm_room_id:
+                resp = await self.client.room_create(
+                    is_direct=True,
+                    invite=[bridge.user_id],
+                )
+                if isinstance(resp, nio.RoomCreateResponse):
+                    dm_room_id = resp.room_id
+                    await self.logger.debug(f'[{bridge.user_id}] Created DM room: {dm_room_id}')
+                else:
+                    await self.logger.error(f'[{bridge.user_id}] Failed to create DM room: {resp}')
+                    return
+
+            bridge.dm_room_id = dm_room_id
+
+            # Force logout first on every adapter start
+            logout_cmd = bridge.logout_command or bridge.login_command.replace('login', 'logout')
+            await self.logger.info(f'[{bridge.user_id}] 强制登出: "{logout_cmd}"')
+            await self.client.room_send(
+                room_id=dm_room_id,
+                message_type='m.room.message',
+                content={'msgtype': 'm.text', 'body': logout_cmd},
+            )
+            await asyncio.sleep(3)
+
+            while self._running and not bridge.logged_in:
+                await self.logger.debug(f'[{bridge.user_id}] Sending "{bridge.login_command}" in room {dm_room_id}')
+                await self.client.room_send(
+                    room_id=dm_room_id,
+                    message_type='m.room.message',
+                    content={'msgtype': 'm.text', 'body': bridge.login_command},
+                )
+                for _ in range(60):
+                    if not self._running or bridge.logged_in:
+                        break
+                    await asyncio.sleep(1)
+
+            if bridge.logged_in:
+                await self.logger.debug(f'[{bridge.user_id}] Bridge login confirmed, periodic login stopped.')
+        except asyncio.CancelledError:
+            pass
+        except Exception:
+            await self.logger.error(f'[{bridge.user_id}] Bridge periodic login error: {traceback.format_exc()}')
+
+    def _restart_bridge_login(self, bridge: BridgeState):
+        """Cancel existing login task and start a new one."""
+        if bridge.login_task and not bridge.login_task.done():
+            bridge.login_task.cancel()
+        bridge.login_task = asyncio.create_task(self._periodic_bridge_login(bridge))
+
+    async def _periodic_bridge_check(self, bridge: BridgeState):
+        """Periodically check a bridge's login status."""
+        try:
+            while self._running and not bridge.logged_in:
+                await asyncio.sleep(5)
+
+            check_interval = 300  # 5 minutes
+            response_timeout = 30
+            await self.logger.debug(f'[{bridge.user_id}] Bridge status check started (interval: {check_interval}s)')
+
+            while self._running:
+                for _ in range(check_interval):
+                    if not self._running:
+                        return
+                    await asyncio.sleep(1)
+
+                if not bridge.logged_in or not bridge.dm_room_id:
+                    continue
+
+                try:
+                    bridge.check_responded = False
+                    await self.client.room_send(
+                        room_id=bridge.dm_room_id,
+                        message_type='m.room.message',
+                        content={'msgtype': 'm.text', 'body': bridge.check_command},
+                    )
+                    await self.logger.debug(f'[{bridge.user_id}] Bridge status check: sent "{bridge.check_command}"')
+
+                    for _ in range(response_timeout):
+                        if bridge.check_responded or not self._running:
+                            break
+                        await asyncio.sleep(1)
+
+                    if bridge.check_responded:
+                        await self.logger.debug(f'[{bridge.user_id}] Bridge status check: OK')
+                    else:
+                        await self.logger.info(
+                            f'[{bridge.user_id}] Bridge status check: 无响应, 可能已掉线, 尝试重新登录...'
+                        )
+                        bridge.logged_in = False
+                        self._restart_bridge_login(bridge)
+                except Exception:
+                    await self.logger.error(f'[{bridge.user_id}] Bridge status check error: {traceback.format_exc()}')
+        except asyncio.CancelledError:
+            pass
+        except Exception:
+            await self.logger.error(f'[{bridge.user_id}] Bridge status check fatal error: {traceback.format_exc()}')
+
+    async def _handle_relogin_command(self, room_id: str):
+        """Handle !relogin command: logout then re-login all bridges."""
+        if not self._bridges:
+            await self.client.room_send(
+                room_id=room_id,
+                message_type='m.room.message',
+                content={'msgtype': 'm.text', 'body': '没有配置任何桥。'},
+            )
+            return
+
+        lines = ['开始重新登录所有桥...']
+        for bridge in self._bridges:
+            if not bridge.login_command or not bridge.dm_room_id:
+                lines.append(f'[{bridge.user_id}] 跳过（未配置登录命令或无DM房间）')
+                continue
+
+                # Use configured logout command, fallback to deriving from login command
+                logout_cmd = bridge.logout_command or bridge.login_command.replace('login', 'logout')
+            lines.append(f'[{bridge.user_id}] 发送 "{logout_cmd}"...')
+
+            # Cancel existing tasks
+            if bridge.login_task and not bridge.login_task.done():
+                bridge.login_task.cancel()
+            if bridge.check_task and not bridge.check_task.done():
+                bridge.check_task.cancel()
+
+            # Send logout
+            try:
+                await self.client.room_send(
+                    room_id=bridge.dm_room_id,
+                    message_type='m.room.message',
+                    content={'msgtype': 'm.text', 'body': logout_cmd},
+                )
+            except Exception as e:
+                lines.append(f'[{bridge.user_id}] logout 发送失败: {e}')
+
+            await asyncio.sleep(2)
+
+            # Reset state and restart login
+            bridge.logged_in = False
+            self._restart_bridge_login(bridge)
+            lines.append(f'[{bridge.user_id}] 已触发重新登录')
+
+        await self.client.room_send(
+            room_id=room_id,
+            message_type='m.room.message',
+            content={'msgtype': 'm.text', 'body': '\n'.join(lines)},
+        )
+
+    async def _handle_status_command(self, room_id: str):
+        """Handle !status command: show bridge states."""
+        if not self._bridges:
+            await self.client.room_send(
+                room_id=room_id,
+                message_type='m.room.message',
+                content={'msgtype': 'm.text', 'body': '没有配置任何桥。'},
+            )
+            return
+
+        lines = ['桥状态:']
+        for bridge in self._bridges:
+            status = '已登录 ✓' if bridge.logged_in else '未登录 ✗'
+            dm = bridge.dm_room_id or '无'
+            lines.append(f'• {bridge.user_id}: {status} (DM: {dm})')
+        await self.client.room_send(
+            room_id=room_id,
+            message_type='m.room.message',
+            content={'msgtype': 'm.text', 'body': '\n'.join(lines)},
+        )
+
+    async def kill(self) -> bool:
+        self._running = False
+        for bridge in self._bridges:
+            if bridge.login_task and not bridge.login_task.done():
+                bridge.login_task.cancel()
+            if bridge.check_task and not bridge.check_task.done():
+                bridge.check_task.cancel()
+        if self.client:
+            await self.client.close()
+        await self.logger.debug('Matrix adapter stopped')
+        return True
+
+    async def unregister_listener(
+        self,
+        event_type: typing.Type[platform_events.Event],
+        callback: typing.Callable[
+            [platform_events.Event, abstract_platform_adapter.AbstractMessagePlatformAdapter], None
+        ],
+    ):
+        if event_type in self.listeners:
+            del self.listeners[event_type]
--- a/src/langbot/pkg/platform/sources/matrix.yaml
+++ b/src/langbot/pkg/platform/sources/matrix.yaml
@@ -0,0 +1,123 @@
+apiVersion: v1
+kind: MessagePlatformAdapter
+metadata:
+  name: matrix
+  label:
+    en_US: Matrix
+    zh_Hans: Matrix
+    zh_Hant: Matrix
+    ja_JP: Matrix
+    th_TH: Matrix
+    vi_VN: Matrix
+    es_ES: Matrix
+  description:
+    en_US: Matrix protocol adapter, supports self-hosted Synapse servers and any Matrix-compatible homeserver
+    zh_Hans: Matrix 协议适配器，支持自建 Synapse 服务器及任何 Matrix 兼容的 Homeserver
+    zh_Hant: Matrix 協議適配器，支持自建 Synapse 伺服器及任何 Matrix 相容的 Homeserver
+    ja_JP: Matrix プロトコルアダプター、セルフホストの Synapse サーバーおよび Matrix 互換のホームサーバーをサポート
+    th_TH: อะแดปเตอร์โปรโตคอล Matrix รองรับเซิร์ฟเวอร์ Synapse ที่โฮสต์เองและ Homeserver ที่เข้ากันได้กับ Matrix
+    vi_VN: Bộ điều hợp giao thức Matrix, hỗ trợ máy chủ Synapse tự lưu trữ và bất kỳ Homeserver tương thích Matrix nào
+    es_ES: Adaptador del protocolo Matrix, compatible con servidores Synapse autoalojados y cualquier Homeserver compatible con Matrix
+  icon: matrix.png
+spec:
+  categories:
+    - global
+    - protocol
+  config:
+    - name: homeserver_url
+      label:
+        en_US: Homeserver URL
+        zh_Hans: Homeserver 地址
+        zh_Hant: Homeserver 地址
+        ja_JP: Homeserver URL
+        th_TH: URL ของ Homeserver
+        vi_VN: URL Homeserver
+        es_ES: URL del Homeserver
+      description:
+        en_US: "The URL of the Matrix homeserver, e.g. http://localhost:8008"
+        zh_Hans: "Matrix Homeserver 的地址，例如 http://localhost:8008"
+      type: string
+      required: true
+      default: "http://localhost:8008"
+    - name: user_id
+      label:
+        en_US: Bot User ID
+        zh_Hans: 机器人用户 ID
+        zh_Hant: 機器人用戶 ID
+        ja_JP: ボットユーザー ID
+        th_TH: ID ผู้ใช้บอท
+        vi_VN: ID người dùng bot
+        es_ES: ID de usuario del bot
+      description:
+        en_US: "The full Matrix user ID, e.g. @bot:localhost"
+        zh_Hans: "完整的 Matrix 用户 ID，例如 @bot:localhost"
+      type: string
+      required: true
+      default: "@langbot:localhost"
+    - name: access_token
+      label:
+        en_US: Access Token
+        zh_Hans: 访问令牌
+        zh_Hant: 訪問令牌
+        ja_JP: アクセストークン
+        th_TH: โทเค็นการเข้าถึง
+        vi_VN: Mã truy cập
+        es_ES: Token de acceso
+      description:
+        en_US: "Access token obtained by logging in via the Matrix client API"
+        zh_Hans: "通过 Matrix Client API 登录获取的访问令牌"
+      type: string
+      required: true
+      default: ""
+    - name: bridge_user_id
+      label:
+        en_US: Bridge Bot User ID (single bridge, legacy)
+        zh_Hans: 桥机器人用户 ID（单桥兼容）
+      description:
+        en_US: "Single bridge bot user ID (legacy). Prefer 'bridges' for multi-bridge. e.g. @discordbot:localhost"
+        zh_Hans: "单桥机器人用户 ID（旧格式兼容）。推荐使用 bridges 配置多桥。例如 @discordbot:localhost"
+      type: string
+      required: false
+      default: ""
+    - name: bridge_login_command
+      label:
+        en_US: Bridge Login Command (single bridge, legacy)
+        zh_Hans: 桥登录命令（单桥兼容）
+      description:
+        en_US: "Login command for single bridge (legacy). e.g. !discord login"
+        zh_Hans: "单桥登录命令（旧格式兼容）。例如 !discord login"
+      type: string
+      required: false
+      default: ""
+    - name: bridge_login_success_keyword
+      label:
+        en_US: Bridge Login Success Keyword (single bridge, legacy)
+        zh_Hans: 桥登录成功关键词（单桥兼容）
+      description:
+        en_US: "Success keyword for single bridge (legacy). e.g. Successfully logged in"
+        zh_Hans: "单桥登录成功关键词（旧格式兼容）。例如 Successfully logged in"
+      type: string
+      required: false
+      default: "Successfully logged in"
+    - name: bridges
+      label:
+        en_US: Bridges Config (Multi-bridge)
+        zh_Hans: 桥配置（多桥）
+      description:
+        en_US: >
+          JSON array of bridge configs. Each bridge: {"user_id": "@bot:host", "login_command": "!xx login",
+          "success_keyword": "logged in", "check_command": "!xx ping"}.
+          Example: [{"user_id":"@discordbot:localhost","login_command":"!discord login","success_keyword":"logged in"},
+          {"user_id":"@telegrambot:localhost","login_command":"!tg login","success_keyword":"logged in"}]
+        zh_Hans: >
+          JSON 数组格式的多桥配置。每个桥: {"user_id": "@bot:host", "login_command": "!xx login",
+          "success_keyword": "logged in", "check_command": "!xx ping"}。
+          示例: [{"user_id":"@discordbot:localhost","login_command":"!discord login","success_keyword":"logged in"},
+          {"user_id":"@telegrambot:localhost","login_command":"!tg login","success_keyword":"logged in"}]
+      type: string
+      required: false
+      default: ""
+execution:
+  python:
+    path: ./matrix.py
+    attr: MatrixAdapter
--- a/src/langbot/pkg/platform/sources/officialaccount.py
+++ b/src/langbot/pkg/platform/sources/officialaccount.py
@@ -60,7 +60,7 @@ class OfficialAccountAdapter(abstract_platform_adapter.AbstractMessagePlatformAd
    bot: typing.Union[OAClient, OAClientForLongerResponse] = pydantic.Field(exclude=True)
    bot_uuid: str = None

-    def __init__(self, config: dict, logger: EventLogger, ap=None, **kwargs):
+    def __init__(self, config: dict, logger: EventLogger):
        # 校验必填项
        required_keys = ['token', 'EncodingAESKey', 'AppSecret', 'AppID', 'Mode']
        missing_keys = [k for k in required_keys if k not in config]
--- a/src/langbot/pkg/platform/sources/officialaccount.yaml
+++ b/src/langbot/pkg/platform/sources/officialaccount.yaml
@@ -14,6 +14,10 @@ metadata:
 spec:
  categories:
    - china
+  help_links:
+    zh: https://link.langbot.app/zh/platforms/officialaccount
+    en: https://link.langbot.app/en/platforms/officialaccount
+    ja: https://link.langbot.app/ja/platforms/officialaccount
  config:
    - name: webhook_url
      label:
--- a/src/langbot/pkg/platform/sources/openclaw_weixin.yaml
+++ b/src/langbot/pkg/platform/sources/openclaw_weixin.yaml
@@ -15,6 +15,10 @@ spec:
  categories:
    - popular
    - china
+  help_links:
+    zh: https://link.langbot.app/zh/platforms/openclaw_weixin
+    en: https://link.langbot.app/en/platforms/openclaw_weixin
+    ja: https://link.langbot.app/ja/platforms/openclaw_weixin
  config:
    - name: base_url
      label:
@@ -28,6 +32,20 @@ spec:
      type: string
      required: true
      default: "https://ilinkai.weixin.qq.com"
+    - name: qr-login
+      label:
+        en_US: Scan QR Login
+        zh_Hans: 扫码登录
+        zh_Hant: 掃碼登入
+        ja_JP: QRコードでログイン
+      description:
+        en_US: Scan QR code with WeChat to authorize and automatically fill in the token
+        zh_Hans: 使用微信扫码授权，自动填写令牌
+        zh_Hant: 使用微信掃碼授權，自動填寫令牌
+        ja_JP: WeChatでQRコードをスキャンし、トークンを自動入力
+      type: qr-code-login
+      login_platform: weixin
+      required: false
    - name: token
      label:
        en_US: Token
--- a/src/langbot/pkg/platform/sources/qqofficial.py
+++ b/src/langbot/pkg/platform/sources/qqofficial.py
@@ -1,9 +1,11 @@
 from __future__ import annotations
 import typing
+import re
 import asyncio
 import traceback

 import datetime
+import time

 import langbot_plugin.api.definition.abstract.platform.adapter as abstract_platform_adapter
 import langbot_plugin.api.entities.builtin.platform.message as platform_message
@@ -15,11 +17,25 @@ from ...utils import image
 from ..logger import EventLogger


+def _is_base64_data(value: str) -> bool:
+    """Check if a string contains base64-encoded data rather than a URL."""
+    if not value:
+        return False
+    # data: URI scheme (e.g. data:image/png;base64,xxx)
+    if value.startswith('data:'):
+        return True
+    # Only treat as base64 if it doesn't look like a URL/path and has valid base64 chars
+    if value.startswith(('http://', 'https://', '/', './', '../')):
+        return False
+    # Check if it looks like base64 (only valid chars, reasonable length)
+    return bool(re.fullmatch(r'[A-Za-z0-9+/=\s]{20,}', value))
+
+
 class QQOfficialMessageConverter(abstract_platform_adapter.AbstractMessageConverter):
    @staticmethod
    async def yiri2target(message_chain: platform_message.MessageChain):
+        """将 LangBot 消息链转换为 QQ Official 消息格式列表。"""
        content_list = []
-        # 只实现了发文字
        for msg in message_chain:
            if type(msg) is platform_message.Plain:
                content_list.append(
@@ -28,6 +44,49 @@ class QQOfficialMessageConverter(abstract_platform_adapter.AbstractMessageConver
                        'content': msg.text,
                    }
                )
+            elif type(msg) is platform_message.Image:
+                url = msg.url if hasattr(msg, 'url') and msg.url else None
+                b64 = msg.base64 if hasattr(msg, 'base64') and msg.base64 else None
+                # Some plugins (e.g. MimoTTS) store base64 data in the url field
+                if url and not b64 and _is_base64_data(url):
+                    b64 = url
+                    url = None
+                content_list.append(
+                    {
+                        'type': 'image',
+                        'url': url,
+                        'base64': b64,
+                    }
+                )
+            elif type(msg) is platform_message.Voice:
+                url = msg.url if hasattr(msg, 'url') and msg.url else None
+                b64 = msg.base64 if hasattr(msg, 'base64') and msg.base64 else None
+                # Some plugins (e.g. MimoTTS) store base64 data in the url field
+                if url and not b64 and _is_base64_data(url):
+                    b64 = url
+                    url = None
+                content_list.append(
+                    {
+                        'type': 'voice',
+                        'url': url,
+                        'base64': b64,
+                    }
+                )
+            elif type(msg) is platform_message.File:
+                url = msg.url if hasattr(msg, 'url') and msg.url else None
+                b64 = msg.base64 if hasattr(msg, 'base64') and msg.base64 else None
+                # Some plugins store base64 data in the url field
+                if url and not b64 and _is_base64_data(url):
+                    b64 = url
+                    url = None
+                content_list.append(
+                    {
+                        'type': 'file',
+                        'url': url,
+                        'base64': b64,
+                        'name': msg.name if hasattr(msg, 'name') else 'file',
+                    }
+                )

        return content_list

@@ -129,12 +188,19 @@ class QQOfficialAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter
    config: dict
    bot_account_id: str
    bot_uuid: str = None
+    enable_webhook: bool = False
    message_converter: QQOfficialMessageConverter = QQOfficialMessageConverter()
    event_converter: QQOfficialEventConverter = QQOfficialEventConverter()

-    def __init__(self, config: dict, logger: EventLogger, ap=None, **kwargs):
+    def __init__(self, config: dict, logger: EventLogger):
+        enable_webhook = config.get('enable-webhook', False)
+
        bot = QQOfficialClient(
-            app_id=config['appid'], secret=config['secret'], token=config['token'], logger=logger, unified_mode=True
+            app_id=config['appid'],
+            secret=config['secret'],
+            token=config['token'],
+            logger=logger,
+            unified_mode=enable_webhook,
        )

        super().__init__(
@@ -144,6 +210,13 @@ class QQOfficialAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter
            bot_account_id=config['appid'],
        )

+        self.enable_webhook = enable_webhook
+        self._ws_task: asyncio.Task = None
+        self._stream_ctx: dict = {}
+        self._stream_ctx_ts: dict[str, float] = {}
+        self._fallback_text: dict[str, str] = {}
+        self._fallback_text_ts: dict[str, float] = {}
+
    async def reply_message(
        self,
        message_source: platform_events.MessageEvent,
@@ -156,28 +229,18 @@ class QQOfficialAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter

        content_list = await QQOfficialMessageConverter.yiri2target(message)

-        # 私聊消息
+        # 确定 target_type 和 target_id
+        target_type = None
+        target_id = None
+
        if qq_official_event.t == 'C2C_MESSAGE_CREATE':
-            for content in content_list:
-                if content['type'] == 'text':
-                    await self.bot.send_private_text_msg(
-                        qq_official_event.user_openid,
-                        content['content'],
-                        qq_official_event.d_id,
-                    )
-
-        # 群聊消息
-        if qq_official_event.t == 'GROUP_AT_MESSAGE_CREATE':
-            for content in content_list:
-                if content['type'] == 'text':
-                    await self.bot.send_group_text_msg(
-                        qq_official_event.group_openid,
-                        content['content'],
-                        qq_official_event.d_id,
-                    )
-
-        # 频道群聊
-        if qq_official_event.t == 'AT_MESSAGE_CREATE':
+            target_type = 'c2c'
+            target_id = qq_official_event.user_openid
+        elif qq_official_event.t == 'GROUP_AT_MESSAGE_CREATE':
+            target_type = 'group'
+            target_id = qq_official_event.group_openid
+        elif qq_official_event.t == 'AT_MESSAGE_CREATE':
+            # 频道群聊使用频道 API，暂不支持富媒体
            for content in content_list:
                if content['type'] == 'text':
                    await self.bot.send_channle_group_text_msg(
@@ -185,9 +248,9 @@ class QQOfficialAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter
                        content['content'],
                        qq_official_event.d_id,
                    )
-
-        # 频道私聊
-        if qq_official_event.t == 'DIRECT_MESSAGE_CREATE':
+            return
+        elif qq_official_event.t == 'DIRECT_MESSAGE_CREATE':
+            # 频道私聊使用频道 API，暂不支持富媒体
            for content in content_list:
                if content['type'] == 'text':
                    await self.bot.send_channle_private_text_msg(
@@ -195,6 +258,63 @@ class QQOfficialAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter
                        content['content'],
                        qq_official_event.d_id,
                    )
+            return
+
+        # C2C 和群聊：支持文字 + 富媒体
+        for content in content_list:
+            content_type = content.get('type', 'text')
+
+            if content_type == 'text':
+                if target_type == 'c2c':
+                    await self.bot.send_private_text_msg(
+                        target_id,
+                        content['content'],
+                        qq_official_event.d_id,
+                    )
+                elif target_type == 'group':
+                    await self.bot.send_group_text_msg(
+                        target_id,
+                        content['content'],
+                        qq_official_event.d_id,
+                    )
+
+            elif content_type == 'image':
+                file_url = content.get('url')
+                file_data = content.get('base64')
+                if file_url or file_data:
+                    await self.bot.send_image_msg(
+                        target_type,
+                        target_id,
+                        file_url=file_url,
+                        file_data=file_data,
+                        msg_id=qq_official_event.d_id,
+                    )
+
+            elif content_type == 'voice':
+                file_url = content.get('url')
+                file_data = content.get('base64')
+                if file_url or file_data:
+                    await self.bot.send_voice_msg(
+                        target_type,
+                        target_id,
+                        file_url=file_url,
+                        file_data=file_data,
+                        msg_id=qq_official_event.d_id,
+                    )
+
+            elif content_type == 'file':
+                file_url = content.get('url')
+                file_data = content.get('base64')
+                file_name = content.get('name', 'file')
+                if file_url or file_data:
+                    await self.bot.send_file_msg(
+                        target_type,
+                        target_id,
+                        file_url=file_url,
+                        file_data=file_data,
+                        file_name=file_name,
+                        msg_id=qq_official_event.d_id,
+                    )

    async def send_message(self, target_type: str, target_id: str, message: platform_message.MessageChain):
        pass
@@ -238,17 +358,196 @@ class QQOfficialAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter
        return await self.bot.handle_unified_webhook(request)

    async def run_async(self):
-        # 统一 webhook 模式下，不启动独立的 Quart 应用
-        # 保持运行但不启动独立端口
+        if not self.enable_webhook:
+            await self._run_websocket()
+        else:
+            # 统一 webhook 模式下，不启动独立的 Quart 应用
+            async def keep_alive():
+                while True:
+                    await asyncio.sleep(1)

-        async def keep_alive():
-            while True:
-                await asyncio.sleep(1)
+            await keep_alive()

-        await keep_alive()
+    async def _run_websocket(self):
+        """以 WebSocket 模式运行网关连接"""
+        await self.logger.info('QQ Official adapter starting in WebSocket mode')
+
+        async def on_ready():
+            await self.logger.info('QQ Official WebSocket connected and ready')
+
+        async def on_event(event_type: str, event_data: dict):
+            # 只处理消息事件，忽略 READY/RESUMED 等系统事件
+            message_event_types = {
+                'C2C_MESSAGE_CREATE',
+                'DIRECT_MESSAGE_CREATE',
+                'GROUP_AT_MESSAGE_CREATE',
+                'AT_MESSAGE_CREATE',
+            }
+            if event_type not in message_event_types:
+                return
+            if not isinstance(event_data, dict):
+                await self.logger.warning(f'Event data is not dict, skipping: {event_type} -> {type(event_data)}')
+                return
+            await self.logger.info(f'Processing message event: {event_type}')
+            # 构造与 webhook 模式相同的 payload 结构
+            payload = {'t': event_type, 'd': event_data}
+            message_data = await self.bot.get_message(payload)
+            if message_data:
+                event = QQOfficialEvent.from_payload(message_data)
+                await self.bot._handle_message(event)
+
+        async def on_error(error: Exception):
+            await self.logger.error(f'WebSocket error: {error}')
+            await self.logger.error(f'QQ Official WebSocket error: {error}')
+
+        self._ws_task = asyncio.create_task(self.bot.connect_gateway_loop(on_event, on_ready, on_error))
+        try:
+            await self._ws_task
+        except asyncio.CancelledError:
+            pass

    async def kill(self) -> bool:
-        return False
+        if self._ws_task:
+            self._ws_task.cancel()
+            try:
+                await self._ws_task
+            except asyncio.CancelledError:
+                pass
+            self._ws_task = None
+        return True
+
+    # --------------- 流式输出 ---------------
+
+    _STREAM_CTX_TTL = 300  # seconds
+
+    async def _cleanup_stale_streams(self):
+        """Remove stream contexts that have not been updated for more than _STREAM_CTX_TTL seconds."""
+        now = time.time()
+        stale_ids = [mid for mid, ts in self._stream_ctx_ts.items() if now - ts > self._STREAM_CTX_TTL]
+        for mid in stale_ids:
+            self._stream_ctx.pop(mid, None)
+            self._stream_ctx_ts.pop(mid, None)
+        stale_fb = [mid for mid, ts in self._fallback_text_ts.items() if now - ts > self._STREAM_CTX_TTL]
+        for mid in stale_fb:
+            self._fallback_text.pop(mid, None)
+            self._fallback_text_ts.pop(mid, None)
+        if stale_ids or stale_fb:
+            await self.logger.debug(f'Cleaned up {len(stale_ids)} stream contexts, {len(stale_fb)} fallback texts')
+
+    async def is_stream_output_supported(self) -> bool:
+        return self.config.get('enable-stream-reply', False)
+
+    async def create_message_card(self, message_id: str, event: platform_events.MessageEvent) -> bool:
+        source = event.source_platform_object
+        # Streaming API only supports C2C private chat
+        if source.t != 'C2C_MESSAGE_CREATE':
+            return False
+
+        ctx = {
+            'user_openid': source.user_openid,
+            'msg_id': source.d_id,
+            'stream_msg_id': None,
+            'msg_seq': 1,
+            'index': 0,
+            'last_update_ts': 0,
+            'accumulated_text': '',
+            'sent_length': 0,
+            'session_started': False,
+        }
+
+        self._stream_ctx[message_id] = ctx
+        self._stream_ctx_ts[message_id] = time.time()
+        return True
+
+    async def reply_message_chunk(
+        self,
+        message_source: platform_events.MessageEvent,
+        bot_message: dict,
+        message: platform_message.MessageChain,
+        quote_origin: bool = False,
+        is_final: bool = False,
+    ):
+        # Periodically clean up stale stream contexts
+        await self._cleanup_stale_streams()
+        # 提取纯文本内容（当前 chunk 的文本）
+        text_parts = []
+        for msg in message:
+            if type(msg) is platform_message.Plain:
+                text_parts.append(msg.text)
+        chunk_text = '\n\n'.join(text_parts)
+
+        message_id = (
+            bot_message.get('resp_message_id')
+            if isinstance(bot_message, dict)
+            else getattr(bot_message, 'resp_message_id', None)
+        )
+        if not message_id or message_id not in self._stream_ctx:
+            # 非流式场景（如群聊不支持流式），累积文本后一次性回复
+            if chunk_text:
+                self._fallback_text[message_id] = self._fallback_text.get(message_id, '') + chunk_text
+                self._fallback_text_ts[message_id] = time.time()
+            if is_final:
+                full_text = self._fallback_text.pop(message_id, '')
+                if full_text:
+                    fallback_msg = platform_message.MessageChain([platform_message.Plain(text=full_text)])
+                    await self.reply_message(message_source, fallback_msg, quote_origin)
+            return
+
+        ctx = self._stream_ctx[message_id]
+
+        # 累积文本
+        if chunk_text:
+            ctx['accumulated_text'] += chunk_text
+
+        # 未启动会话时，等第一个有内容的 chunk 来建立会话
+        if not ctx['session_started']:
+            if not ctx['accumulated_text']:
+                return
+            # 用第一个 chunk 的文本建立会话（不发 "..." 避免污染前缀）
+            ctx['session_started'] = True
+
+        # 发送内容 = 全量累积文本
+        # QQ API 的 replace 模式不允许修改已下发前缀，所以：
+        # - 首次：发送全部文本，建立会话
+        # - 后续：只能发送新增部分（append 行为）
+        content_to_send = ctx['accumulated_text'][ctx['sent_length'] :]
+        if not content_to_send and not is_final:
+            return
+
+        input_state = 10 if is_final else 1
+
+        # Rate limiting: skip non-final updates if last update was <0.5s ago
+        now = time.time()
+        if not is_final and (now - ctx['last_update_ts']) < 0.5:
+            return
+        ctx['last_update_ts'] = now
+
+        try:
+            resp = await self.bot.send_stream_msg(
+                user_openid=ctx['user_openid'],
+                content=content_to_send,
+                event_id=ctx['msg_id'],
+                msg_id=ctx['msg_id'],
+                msg_seq=ctx['msg_seq'],
+                index=ctx['index'],
+                stream_msg_id=ctx['stream_msg_id'],
+                input_state=input_state,
+            )
+            if resp and isinstance(resp, dict):
+                new_stream_id = resp.get('id')
+                if new_stream_id:
+                    ctx['stream_msg_id'] = new_stream_id
+            ctx['sent_length'] = len(ctx['accumulated_text'])
+            ctx['index'] += 1
+            await self.logger.debug(
+                f'[QQ Official] 流式 chunk 已发送, index={ctx["index"]}, '
+                f'sent_len={ctx["sent_length"]}, is_final={is_final}'
+            )
+        except Exception as e:
+            await self.logger.error(f'Failed to send stream message: {e}')
+
+        if is_final:
+            self._stream_ctx.pop(message_id, None)

    def unregister_listener(
        self,
--- a/Show More
+++ b/Show More