fix: linter errors

refactor: parallelize Docker multi-arch builds (arm64/amd64) (#1774 )
* Initial plan * refactor: parallelize Docker image builds for arm64 and amd64 Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * security: add explicit GITHUB_TOKEN permissions to workflow jobs Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * refactor: use build cache instead of intermediate tags Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * ci: perf trigger --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> Co-authored-by: Junyan Qin <rockchinq@gmail.com>
2025-11-25 19:37:36 +08:00 · 2025-11-11 18:24:06 +08:00 · 2025-11-11 18:19:35 +08:00 · 2025-11-11 18:10:31 +08:00 · 2025-11-11 17:52:30 +08:00 · 2025-11-11 12:53:20 +08:00
336 changed files with 21882 additions and 8896 deletions
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -1,15 +1,17 @@
 name: Build Docker Image
 on:
-  #防止fork乱用action设置只能手动触发构建
-  workflow_dispatch:
  ## 发布release的时候会自动构建
  release:
    types: [published]
 jobs:
-  publish-docker-image:
+  prepare:
    runs-on: ubuntu-latest
-    name: Build image
-    
+    name: Prepare build metadata
+    permissions:
+      contents: read
+    outputs:
+      version: ${{ steps.check_version.outputs.version }}
+      is_prerelease: ${{ github.event.release.prerelease }}
    steps:
      - name: Checkout
        uses: actions/checkout@v2
@@ -37,9 +39,81 @@ jobs:
            echo $GITHUB_REF
            echo ::set-output name=version::${GITHUB_REF}
          fi
+
+  build-images:
+    runs-on: ubuntu-latest
+    needs: prepare
+    name: Build ${{ matrix.platform }} image
+    permissions:
+      contents: read
+    strategy:
+      matrix:
+        platform: [linux/amd64, linux/arm64]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          persist-credentials: false
+
+      - name: Set platform tag
+        id: platform_tag
+        run: |
+          # Convert platform to tag suffix (e.g., linux/amd64 -> amd64)
+          PLATFORM_TAG=$(echo ${{ matrix.platform }} | sed 's/linux\///g')
+          echo ::set-output name=tag::${PLATFORM_TAG}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
      - name: Login to Registry
        run: docker login --username=${{ secrets.DOCKER_USERNAME }} --password ${{ secrets.DOCKER_PASSWORD }}
-      - name: Create Buildx
-        run: docker buildx create --name mybuilder --use
-      - name: Build  # image name: rockchin/langbot:<VERSION>
-        run: docker buildx build --platform linux/arm64,linux/amd64 -t rockchin/langbot:${{ steps.check_version.outputs.version }} -t rockchin/langbot:latest . --push
+
+      - name: Build and cache
+        run: |
+          docker buildx build \
+            --platform ${{ matrix.platform }} \
+            --cache-to type=registry,ref=rockchin/langbot:cache-${{ steps.platform_tag.outputs.tag }},mode=max \
+            --cache-from type=registry,ref=rockchin/langbot:cache-${{ steps.platform_tag.outputs.tag }} \
+            -t rockchin/langbot:${{ needs.prepare.outputs.version }} \
+            .
+
+  push-multiarch:
+    runs-on: ubuntu-latest
+    needs: [prepare, build-images]
+    name: Build and push multi-arch images
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          persist-credentials: false
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to Registry
+        run: docker login --username=${{ secrets.DOCKER_USERNAME }} --password ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Build and push for Release
+        if: ${{ needs.prepare.outputs.is_prerelease == 'false' }}
+        run: |
+          docker buildx build \
+            --platform linux/amd64,linux/arm64 \
+            --cache-from type=registry,ref=rockchin/langbot:cache-amd64 \
+            --cache-from type=registry,ref=rockchin/langbot:cache-arm64 \
+            -t rockchin/langbot:${{ needs.prepare.outputs.version }} \
+            -t rockchin/langbot:latest \
+            --push \
+            .
+
+      - name: Build and push for Pre-release
+        if: ${{ needs.prepare.outputs.is_prerelease == 'true' }}
+        run: |
+          docker buildx build \
+            --platform linux/amd64,linux/arm64 \
+            --cache-from type=registry,ref=rockchin/langbot:cache-amd64 \
+            --cache-from type=registry,ref=rockchin/langbot:cache-arm64 \
+            -t rockchin/langbot:${{ needs.prepare.outputs.version }} \
+            --push \
+            .
--- a/.github/workflows/run-tests.yml
+++ b/.github/workflows/run-tests.yml
@@ -0,0 +1,71 @@
+name: Unit Tests
+
+on:
+  pull_request:
+    types: [opened, ready_for_review, synchronize]
+    paths:
+      - 'pkg/**'
+      - 'tests/**'
+      - '.github/workflows/run-tests.yml'
+      - 'pyproject.toml'
+      - 'run_tests.sh'
+  push:
+    branches:
+      - master
+      - develop
+    paths:
+      - 'pkg/**'
+      - 'tests/**'
+      - '.github/workflows/run-tests.yml'
+      - 'pyproject.toml'
+      - 'run_tests.sh'
+
+jobs:
+  test:
+    name: Run Unit Tests
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ['3.10', '3.11', '3.12']
+      fail-fast: false
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install uv
+        run: |
+          curl -LsSf https://astral.sh/uv/install.sh | sh
+          echo "$HOME/.cargo/bin" >> $GITHUB_PATH
+
+      - name: Install dependencies
+        run: |
+          uv sync --dev
+
+      - name: Run unit tests
+        run: |
+          bash run_tests.sh
+
+      - name: Upload coverage to Codecov
+        if: matrix.python-version == '3.12'
+        uses: codecov/codecov-action@v5
+        with:
+          files: ./coverage.xml
+          flags: unit-tests
+          name: unit-tests-coverage
+          fail_ci_if_error: false
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Test Summary
+        if: always()
+        run: |
+          echo "## Unit Tests Results" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "Python Version: ${{ matrix.python-version }}" >> $GITHUB_STEP_SUMMARY
+          echo "Test Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
--- a/.github/workflows/test-dev-image.yaml
+++ b/.github/workflows/test-dev-image.yaml
@@ -0,0 +1,108 @@
+name: Test Dev Image
+
+on:
+  workflow_run:
+    workflows: ["Build Dev Image"]
+    types:
+      - completed
+    branches:
+      - master
+
+jobs:
+  test-dev-image:
+    runs-on: ubuntu-latest
+    # Only run if the build workflow succeeded
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    
+    permissions:
+      contents: read
+    
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Update Docker Compose to use master tag
+        working-directory: ./docker
+        run: |
+          # Replace 'latest' with 'master' tag for testing the dev image
+          sed -i 's/rockchin\/langbot:latest/rockchin\/langbot:master/g' docker-compose.yaml
+          echo "Updated docker-compose.yaml to use master tag:"
+          cat docker-compose.yaml
+
+      - name: Start Docker Compose
+        working-directory: ./docker
+        run: docker compose up -d
+
+      - name: Wait and Test API
+        run: |
+          # Function to test API endpoint
+          test_api() {
+            echo "Testing API endpoint..."
+            response=$(curl -s --connect-timeout 10 --max-time 30 -w "\n%{http_code}" http://localhost:5300/api/v1/system/info 2>&1)
+            curl_exit_code=$?
+            
+            if [ $curl_exit_code -ne 0 ]; then
+              echo "Curl failed with exit code: $curl_exit_code"
+              echo "Error: $response"
+              return 1
+            fi
+            
+            http_code=$(echo "$response" | tail -n 1)
+            response_body=$(echo "$response" | head -n -1)
+            
+            if [ "$http_code" = "200" ]; then
+              echo "API is healthy! Response code: $http_code"
+              echo "Response: $response_body"
+              return 0
+            else
+              echo "API returned non-200 response: $http_code"
+              echo "Response body: $response_body"
+              return 1
+            fi
+          }
+
+          # Wait 30 seconds before first attempt
+          echo "Waiting 30 seconds for services to start..."
+          sleep 30
+
+          # Try up to 3 times with 30-second intervals
+          max_attempts=3
+          attempt=1
+
+          while [ $attempt -le $max_attempts ]; do
+            echo "Attempt $attempt of $max_attempts"
+            
+            if test_api; then
+              echo "Success! API is responding correctly."
+              exit 0
+            fi
+            
+            if [ $attempt -lt $max_attempts ]; then
+              echo "Retrying in 30 seconds..."
+              sleep 30
+            fi
+            
+            attempt=$((attempt + 1))
+          done
+
+          # All attempts failed
+          echo "Failed to get healthy response after $max_attempts attempts"
+          exit 1
+
+      - name: Show Container Logs on Failure
+        if: failure()
+        working-directory: ./docker
+        run: |
+          echo "=== Docker Compose Status ==="
+          docker compose ps
+          echo ""
+          echo "=== LangBot Logs ==="
+          docker compose logs langbot
+          echo ""
+          echo "=== Plugin Runtime Logs ==="
+          docker compose logs langbot_plugin_runtime
+
+      - name: Cleanup
+        if: always()
+        working-directory: ./docker
+        run: docker compose down
--- a/.gitignore
+++ b/.gitignore
@@ -22,7 +22,7 @@ tips.py
 venv*
 bin/
 .vscode
-test_*
+/test_*
 venv/
 hugchat.json
 qcapi
@@ -43,4 +43,7 @@ test.py
 /web_ui
 .venv/
 uv.lock
-/test
+/test
+plugins.bak
+coverage.xml
+.coverage
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -0,0 +1,86 @@
+# AGENTS.md
+
+This file is for guiding code agents (like Claude Code, GitHub Copilot, OpenAI Codex, etc.) to work in LangBot project.
+
+## Project Overview
+
+LangBot is a open-source LLM native instant messaging bot development platform, aiming to provide an out-of-the-box IM robot development experience, with Agent, RAG, MCP and other LLM application functions, supporting global instant messaging platforms, and providing rich API interfaces, supporting custom development.
+
+LangBot has a comprehensive frontend, all operations can be performed through the frontend. The project splited into these major parts:
+
+- `./pkg`: The core python package of the project backend.
+    - `./pkg/platform`: The platform module of the project, containing the logic of message platform adapters, bot managers, message session managers, etc.
+    - `./pkg/provider`: The provider module of the project, containing the logic of LLM providers, tool providers, etc.
+    - `./pkg/pipeline`: The pipeline module of the project, containing the logic of pipelines, stages, query pool, etc.
+    - `./pkg/api`: The api module of the project, containing the http api controllers and services.
+    - `./pkg/plugin`: LangBot bridge for connecting with plugin system.
+- `./libs`: Some SDKs we previously developed for the project, such as `qq_official_api`, `wecom_api`, etc.
+- `./templates`: Templates of config files, components, etc.
+- `./web`: Frontend codebase, built with Next.js + **shadcn** + **Tailwind CSS**.
+- `./docker`: docker-compose deployment files.
+
+## Backend Development
+
+We use `uv` to manage dependencies.
+
+```bash
+pip install uv
+uv sync --dev
+```
+
+Start the backend and run the project in development mode.
+
+```bash
+uv run main.py
+```
+
+Then you can access the project at `http://127.0.0.1:5300`.
+
+## Frontend Development
+
+We use `pnpm` to manage dependencies.
+
+```bash
+cd web
+cp .env.example .env
+pnpm install
+pnpm dev
+```
+
+Then you can access the project at `http://127.0.0.1:3000`.
+
+## Plugin System Architecture
+
+LangBot is composed of various internal components such as Large Language Model tools, commands, messaging platform adapters, LLM requesters, and more. To meet extensibility and flexibility requirements, we have implemented a production-grade plugin system.
+
+Each plugin runs in an independent process, managed uniformly by the Plugin Runtime. It has two operating modes: `stdio` and `websocket`. When LangBot is started directly by users (not running in a container), it uses `stdio` mode, which is common for personal users or lightweight environments. When LangBot runs in a container, it uses `websocket` mode, designed specifically for production environments.
+
+Plugin Runtime automatically starts each installed plugin and interacts through stdio. In plugin development scenarios, developers can use the lbp command-line tool to start plugins and connect to the running Runtime via WebSocket for debugging.
+
+> Plugin SDK, CLI, Runtime, and entities definitions shared between LangBot and plugins are contained in the [`langbot-plugin-sdk`](https://github.com/langbot-app/langbot-plugin-sdk) repository.
+
+## Some Development Tips and Standards
+
+- LangBot is a global project, any comments in code should be in English, and user experience should be considered in all aspects.
+- Thus you should consider the i18n support in all aspects.
+- LangBot is widely adopted in both toC and toB scenarios, so you should consider the compatibility and security in all aspects.
+- If you were asked to make a commit, please follow the commit message format: 
+    - format: <type>(<scope>): <subject>
+    - type: must be a specific type, such as feat (new feature), fix (bug fix), docs (documentation), style (code style), refactor (refactoring), perf (performance optimization), etc.
+    - scope: the scope of the commit, such as the package name, the file name, the function name, the class name, the module name, etc.
+    - subject: the subject of the commit, such as the description of the commit, the reason for the commit, the impact of the commit, etc.
+
+## Some Principles
+
+- Keep it simple, stupid.
+- Entities should not be multiplied unnecessarily
+- 八荣八耻
+
+    以瞎猜接口为耻，以认真查询为荣。
+    以模糊执行为耻，以寻求确认为荣。
+    以臆想业务为耻，以人类确认为荣。
+    以创造接口为耻，以复用现有为荣。
+    以跳过验证为耻，以主动测试为荣。
+    以破坏架构为耻，以遵循规范为荣。
+    以假装理解为耻，以诚实无知为荣。
+    以盲目修改为耻，以谨慎重构为荣。
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -0,0 +1 @@
+AGENTS.md
--- a/862
+++ b/862
@@ -1,661 +1,201 @@
-                    GNU AFFERO GENERAL PUBLIC LICENSE
-                       Version 3, 19 November 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-                            Preamble
-
-  The GNU Affero General Public License is a free, copyleft license for
-software and other kinds of works, specifically designed to ensure
-cooperation with the community in the case of network server software.
-
-  The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works.  By contrast,
-our General Public Licenses are intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
-  Developers that use our General Public Licenses protect your rights
-with two steps: (1) assert copyright on the software, and (2) offer
-you this License which gives you legal permission to copy, distribute
-and/or modify the software.
-
-  A secondary benefit of defending all users' freedom is that
-improvements made in alternate versions of the program, if they
-receive widespread use, become available for other developers to
-incorporate.  Many developers of free software are heartened and
-encouraged by the resulting cooperation.  However, in the case of
-software used on network servers, this result may fail to come about.
-The GNU General Public License permits making a modified version and
-letting the public access it on a server without ever releasing its
-source code to the public.
-
-  The GNU Affero General Public License is designed specifically to
-ensure that, in such cases, the modified source code becomes available
-to the community.  It requires the operator of a network server to
-provide the source code of the modified version running there to the
-users of that server.  Therefore, public use of a modified version, on
-a publicly accessible server, gives the public access to the source
-code of the modified version.
-
-  An older license, called the Affero General Public License and
-published by Affero, was designed to accomplish similar goals.  This is
-a different license, not a version of the Affero GPL, but Affero has
-released a new version of the Affero GPL which permits relicensing under
-this license.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                       TERMS AND CONDITIONS
-
-  0. Definitions.
-
-  "This License" refers to version 3 of the GNU Affero General Public License.
-
-  "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
-  "The Program" refers to any copyrightable work licensed under this
-License.  Each licensee is addressed as "you".  "Licensees" and
-"recipients" may be individuals or organizations.
-
-  To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy.  The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
-  A "covered work" means either the unmodified Program or a work based
-on the Program.
-
-  To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy.  Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
-  To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies.  Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
-  An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License.  If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
-  1. Source Code.
-
-  The "source code" for a work means the preferred form of the work
-for making modifications to it.  "Object code" means any non-source
-form of a work.
-
-  A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
-  The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form.  A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
-  The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities.  However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work.  For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
-  The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
-  The Corresponding Source for a work in source code form is that
-same work.
-
-  2. Basic Permissions.
-
-  All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met.  This License explicitly affirms your unlimited
-permission to run the unmodified Program.  The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work.  This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
-  You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force.  You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright.  Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
-  Conveying under any other circumstances is permitted solely under
-the conditions stated below.  Sublicensing is not allowed; section 10
-makes it unnecessary.
-
-  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
-  No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
-  When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
-  4. Conveying Verbatim Copies.
-
-  You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
-  You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
-  5. Conveying Modified Source Versions.
-
-  You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
-    a) The work must carry prominent notices stating that you modified
-    it, and giving a relevant date.
-
-    b) The work must carry prominent notices stating that it is
-    released under this License and any conditions added under section
-    7.  This requirement modifies the requirement in section 4 to
-    "keep intact all notices".
-
-    c) You must license the entire work, as a whole, under this
-    License to anyone who comes into possession of a copy.  This
-    License will therefore apply, along with any applicable section 7
-    additional terms, to the whole of the work, and all its parts,
-    regardless of how they are packaged.  This License gives no
-    permission to license the work in any other way, but it does not
-    invalidate such permission if you have separately received it.
-
-    d) If the work has interactive user interfaces, each must display
-    Appropriate Legal Notices; however, if the Program has interactive
-    interfaces that do not display Appropriate Legal Notices, your
-    work need not make them do so.
-
-  A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit.  Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
-  6. Conveying Non-Source Forms.
-
-  You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
-    a) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by the
-    Corresponding Source fixed on a durable physical medium
-    customarily used for software interchange.
-
-    b) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by a
-    written offer, valid for at least three years and valid for as
-    long as you offer spare parts or customer support for that product
-    model, to give anyone who possesses the object code either (1) a
-    copy of the Corresponding Source for all the software in the
-    product that is covered by this License, on a durable physical
-    medium customarily used for software interchange, for a price no
-    more than your reasonable cost of physically performing this
-    conveying of source, or (2) access to copy the
-    Corresponding Source from a network server at no charge.
-
-    c) Convey individual copies of the object code with a copy of the
-    written offer to provide the Corresponding Source.  This
-    alternative is allowed only occasionally and noncommercially, and
-    only if you received the object code with such an offer, in accord
-    with subsection 6b.
-
-    d) Convey the object code by offering access from a designated
-    place (gratis or for a charge), and offer equivalent access to the
-    Corresponding Source in the same way through the same place at no
-    further charge.  You need not require recipients to copy the
-    Corresponding Source along with the object code.  If the place to
-    copy the object code is a network server, the Corresponding Source
-    may be on a different server (operated by you or a third party)
-    that supports equivalent copying facilities, provided you maintain
-    clear directions next to the object code saying where to find the
-    Corresponding Source.  Regardless of what server hosts the
-    Corresponding Source, you remain obligated to ensure that it is
-    available for as long as needed to satisfy these requirements.
-
-    e) Convey the object code using peer-to-peer transmission, provided
-    you inform other peers where the object code and Corresponding
-    Source of the work are being offered to the general public at no
-    charge under subsection 6d.
-
-  A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
-  A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling.  In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage.  For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product.  A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
-  "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source.  The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
-  If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information.  But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
-  The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed.  Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
-  Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
-  7. Additional Terms.
-
-  "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law.  If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
-  When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it.  (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.)  You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
-  Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
-    a) Disclaiming warranty or limiting liability differently from the
-    terms of sections 15 and 16 of this License; or
-
-    b) Requiring preservation of specified reasonable legal notices or
-    author attributions in that material or in the Appropriate Legal
-    Notices displayed by works containing it; or
-
-    c) Prohibiting misrepresentation of the origin of that material, or
-    requiring that modified versions of such material be marked in
-    reasonable ways as different from the original version; or
-
-    d) Limiting the use for publicity purposes of names of licensors or
-    authors of the material; or
-
-    e) Declining to grant rights under trademark law for use of some
-    trade names, trademarks, or service marks; or
-
-    f) Requiring indemnification of licensors and authors of that
-    material by anyone who conveys the material (or modified versions of
-    it) with contractual assumptions of liability to the recipient, for
-    any liability that these contractual assumptions directly impose on
-    those licensors and authors.
-
-  All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10.  If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term.  If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
-  If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
-  Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
-  8. Termination.
-
-  You may not propagate or modify a covered work except as expressly
-provided under this License.  Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
-  However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
-  Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
-  Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License.  If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
-  9. Acceptance Not Required for Having Copies.
-
-  You are not required to accept this License in order to receive or
-run a copy of the Program.  Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance.  However,
-nothing other than this License grants you permission to propagate or
-modify any covered work.  These actions infringe copyright if you do
-not accept this License.  Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
-  10. Automatic Licensing of Downstream Recipients.
-
-  Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License.  You are not responsible
-for enforcing compliance by third parties with this License.
-
-  An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations.  If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
-  You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License.  For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
-  11. Patents.
-
-  A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based.  The
-work thus licensed is called the contributor's "contributor version".
-
-  A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version.  For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
-  Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
-  In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement).  To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
-  If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients.  "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
-  If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
-  A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License.  You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
-  Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
-  12. No Surrender of Others' Freedom.
-
-  If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all.  For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
-  13. Remote Network Interaction; Use with the GNU General Public License.
-
-  Notwithstanding any other provision of this License, if you modify the
-Program, your modified version must prominently offer all users
-interacting with it remotely through a computer network (if your version
-supports such interaction) an opportunity to receive the Corresponding
-Source of your version by providing access to the Corresponding Source
-from a network server at no charge, through some standard or customary
-means of facilitating copying of software.  This Corresponding Source
-shall include the Corresponding Source for any work covered by version 3
-of the GNU General Public License that is incorporated pursuant to the
-following paragraph.
-
-  Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU General Public License into a single
-combined work, and to convey the resulting work.  The terms of this
-License will continue to apply to the part which is the covered work,
-but the work with which it is combined will remain governed by version
-3 of the GNU General Public License.
-
-  14. Revised Versions of this License.
-
-  The Free Software Foundation may publish revised and/or new versions of
-the GNU Affero General Public License from time to time.  Such new versions
-will be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-  Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU Affero General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation.  If the Program does not specify a version number of the
-GNU Affero General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
-  If the Program specifies that a proxy can decide which future
-versions of the GNU Affero General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
-  Later license versions may give you additional or different
-permissions.  However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
-  15. Disclaimer of Warranty.
-
-  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-  16. Limitation of Liability.
-
-  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
-  17. Interpretation of Sections 15 and 16.
-
-  If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
-                     END OF TERMS AND CONDITIONS
-
-            How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    <one line to give the program's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU Affero General Public License as published
-    by the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU Affero General Public License for more details.
-
-    You should have received a copy of the GNU Affero General Public License
-    along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-Also add information on how to contact you by electronic and paper mail.
-
-  If your software can interact with users remotely through a computer
-network, you should also make sure that it provides a way for users to
-get its source.  For example, if your program is a web application, its
-interface could display a "Source" link that leads users to an archive
-of the code.  There are many ways you could offer source, and different
-solutions will be better for different programs; see section 13 for the
-specific requirements.
-
-  You should also get your employer (if you work as a programmer) or school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU AGPL, see
-<https://www.gnu.org/licenses/>.
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
--- a/README.md
+++ b/README.md
@@ -35,7 +35,7 @@ LangBot 是一个开源的大语言模型原生即时通信机器人开发平台

 ```bash
 git clone https://github.com/langbot-app/LangBot
-cd LangBot
+cd LangBot/docker
 docker compose up -d
 ```

@@ -89,6 +89,7 @@ docker compose up -d
 | QQ 官方机器人 | ✅ | QQ 官方机器人，支持频道、私聊、群聊 |
 | 企业微信 | ✅ |  |
 | 企微对外客服 | ✅ |  |
+| 企微智能机器人 | ✅ |  |
 | 个人微信 | ✅ |  |
 | 微信公众号 | ✅ |  |
 | 飞书 | ✅ |  |
@@ -96,6 +97,7 @@ docker compose up -d
 | Discord | ✅ |  |
 | Telegram | ✅ |  |
 | Slack | ✅ |  |
+| LINE | ✅ |  |

 ### 大模型能力

@@ -107,9 +109,9 @@ docker compose up -d
 | [Anthropic](https://www.anthropic.com/) | ✅ |  |
 | [xAI](https://x.ai/) | ✅ |  |
 | [智谱AI](https://open.bigmodel.cn/) | ✅ |  |
+| [胜算云](https://www.shengsuanyun.com/?from=CH_KYIPP758) | ✅ | 全球大模型都可调用（友情推荐） |
 | [优云智算](https://www.compshare.cn/?ytag=GPU_YY-gh_langbot) | ✅ | 大模型和 GPU 资源平台 |
 | [PPIO](https://ppinfra.com/user/register?invited_by=QJKFYD&utm_source=github_langbot) | ✅ | 大模型和 GPU 资源平台 |
-| [胜算云](https://www.shengsuanyun.com/?from=CH_KYIPP758) | ✅ | 大模型和 GPU 资源平台 |
 | [302.AI](https://share.302.ai/SuTG99) | ✅ | 大模型聚合平台 |
 | [Google Gemini](https://aistudio.google.com/prompts/new_chat) | ✅ | |
 | [Dify](https://dify.ai) | ✅ | LLMOps 平台 |
@@ -117,10 +119,12 @@ docker compose up -d
 | [LMStudio](https://lmstudio.ai/) | ✅ | 本地大模型运行平台 |
 | [GiteeAI](https://ai.gitee.com/) | ✅ | 大模型接口聚合平台 |
 | [SiliconFlow](https://siliconflow.cn/) | ✅ | 大模型聚合平台 |
+| [小马算力](https://www.tokenpony.cn/453z1) | ✅ | 大模型聚合平台 |
 | [阿里云百炼](https://bailian.console.aliyun.com/) | ✅ | 大模型聚合平台, LLMOps 平台 |
 | [火山方舟](https://console.volcengine.com/ark/region:ark+cn-beijing/model?vendor=Bytedance&view=LIST_VIEW) | ✅ | 大模型聚合平台, LLMOps 平台 |
 | [ModelScope](https://modelscope.cn/docs/model-service/API-Inference/intro) | ✅ | 大模型聚合平台 |
 | [MCP](https://modelcontextprotocol.io/) | ✅ | 支持通过 MCP 协议获取工具 |
+| [百宝箱Tbox](https://www.tbox.cn/open)                                                            | ✅ | 蚂蚁百宝箱智能体平台，每月免费10亿大模型Token |

 ### TTS

@@ -143,3 +147,9 @@ docker compose up -d
 <a href="https://github.com/langbot-app/LangBot/graphs/contributors">
  <img src="https://contrib.rocks/image?repo=langbot-app/LangBot" />
 </a>
+
+<!--
+## For Code Agents
+
+If you're a code agent based on LLM, you should read [AGENTS.md](AGENTS.md) to understand the project structure and development process before you start any development.
+-->
--- a/README_EN.md
+++ b/README_EN.md
@@ -29,7 +29,7 @@ LangBot is an open-source LLM native instant messaging robot development platfor

 ```bash
 git clone https://github.com/langbot-app/LangBot
-cd LangBot
+cd LangBot/docker
 docker compose up -d
 ```

@@ -79,16 +79,18 @@ Or visit the demo environment: https://demo.langbot.dev/

 | Platform | Status | Remarks |
 | --- | --- | --- |
+| Discord | ✅ |  |
+| Telegram | ✅ |  |
+| Slack | ✅ |  |
+| LINE | ✅ |  |
 | Personal QQ | ✅ |  |
 | QQ Official API | ✅ |  |
 | WeCom | ✅ |  |
 | WeComCS | ✅ |  |
+| WeCom AI Bot | ✅ |  |
 | Personal WeChat | ✅ |  |
 | Lark | ✅ |  |
 | DingTalk | ✅ |  |
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |

 ### LLMs

--- a/README_JP.md
+++ b/README_JP.md
@@ -29,7 +29,7 @@ LangBot は、エージェント、RAG、MCP などの LLM アプリケーショ

 ```bash
 git clone https://github.com/langbot-app/LangBot
-cd LangBot
+cd LangBot/docker
 docker compose up -d
 ```

@@ -79,16 +79,18 @@ LangBotはBTPanelにリストされています。BTPanelをインストール

 | プラットフォーム | ステータス | 備考 |
 | --- | --- | --- |
+| Discord | ✅ |  |
+| Telegram | ✅ |  |
+| Slack | ✅ |  |
+| LINE | ✅ |  |
 | 個人QQ | ✅ |  |
 | QQ公式API | ✅ |  |
 | WeCom | ✅ |  |
 | WeComCS | ✅ |  |
+| WeCom AI Bot | ✅ |  |
 | 個人WeChat | ✅ | |
 | Lark | ✅ |  |
 | DingTalk | ✅ |  |
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |

 ### LLMs

--- a/README_TW.md
+++ b/README_TW.md
@@ -31,7 +31,7 @@ LangBot 是一個開源的大語言模型原生即時通訊機器人開發平台

 ```bash
 git clone https://github.com/langbot-app/LangBot
-cd LangBot
+cd LangBot/docker
 docker compose up -d
 ```

@@ -81,16 +81,18 @@ docker compose up -d

 | 平台 | 狀態 | 備註 |
 | --- | --- | --- |
+| Discord | ✅ |  |
+| Telegram | ✅ |  |
+| Slack | ✅ |  |
+| LINE | ✅ |  |
 | QQ 個人號 | ✅ | QQ 個人號私聊、群聊 |
 | QQ 官方機器人 | ✅ | QQ 官方機器人，支援頻道、私聊、群聊 |
 | 微信 | ✅ |  |
 | 企微對外客服 | ✅ |  |
+| 企微智能機器人 | ✅ |  |
 | 微信公眾號 | ✅ |  |
 | Lark | ✅ |  |
 | DingTalk | ✅ |  |
-| Discord | ✅ |  |
-| Telegram | ✅ |  |
-| Slack | ✅ |  |

 ### 大模型能力

--- a/codecov.yml
+++ b/codecov.yml
@@ -0,0 +1,4 @@
+coverage:
+  status:
+    project: off
+    patch: off
--- a/components.yaml
+++ b/components.yaml
@@ -9,7 +9,6 @@ spec:
  components:
    ComponentTemplate:
      fromFiles:
-        - pkg/platform/adapter.yaml
        - pkg/provider/modelmgr/requester.yaml
    MessagePlatformAdapter:
      fromDirs:
@@ -17,7 +16,3 @@ spec:
    LLMAPIRequester:
      fromDirs:
        - path: pkg/provider/modelmgr/requesters/
-    Plugin:
-      fromDirs:
-        - path: plugins/
-          maxDepth: 2
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,16 +0,0 @@
-version: "3"
-
-services:
-  langbot:
-    image: rockchin/langbot:latest
-    container_name: langbot
-    volumes:
-      - ./data:/app/data
-      - ./plugins:/app/plugins
-    restart: on-failure
-    environment:
-      - TZ=Asia/Shanghai
-    ports:
-      - 5300:5300  # 供 WebUI 使用
-      - 2280-2290:2280-2290  # 供消息平台适配器方向连接
-    # 根据具体环境配置网络
--- a/docker/docker-compose.yaml
+++ b/docker/docker-compose.yaml
@@ -0,0 +1,36 @@
+version: "3"
+
+services:
+
+  langbot_plugin_runtime:
+    image: rockchin/langbot:latest
+    container_name: langbot_plugin_runtime
+    volumes:
+      - ./data/plugins:/app/data/plugins
+    ports:
+      - 5401:5401
+    restart: on-failure
+    environment:
+      - TZ=Asia/Shanghai
+    command: ["uv", "run", "-m", "langbot_plugin.cli.__init__", "rt"]
+    networks:
+      - langbot_network
+
+  langbot:
+    image: rockchin/langbot:latest
+    container_name: langbot
+    volumes:
+      - ./data:/app/data
+      - ./plugins:/app/plugins
+    restart: on-failure
+    environment:
+      - TZ=Asia/Shanghai
+    ports:
+      - 5300:5300  # For web ui
+      - 2280-2290:2280-2290  # For platform webhook
+    networks:
+      - langbot_network
+
+networks:
+  langbot_network:
+    driver: bridge
--- a/docs/API_KEY_AUTH.md
+++ b/docs/API_KEY_AUTH.md
@@ -0,0 +1,291 @@
+# API Key Authentication
+
+LangBot now supports API key authentication for external systems to access its HTTP service API.
+
+## Managing API Keys
+
+API keys can be managed through the web interface:
+
+1. Log in to the LangBot web interface
+2. Click the "API Keys" button at the bottom of the sidebar
+3. Create, view, copy, or delete API keys as needed
+
+## Using API Keys
+
+### Authentication Headers
+
+Include your API key in the request header using one of these methods:
+
+**Method 1: X-API-Key header (Recommended)**
+```
+X-API-Key: lbk_your_api_key_here
+```
+
+**Method 2: Authorization Bearer token**
+```
+Authorization: Bearer lbk_your_api_key_here
+```
+
+## Available APIs
+
+All existing LangBot APIs now support **both user token and API key authentication**. This means you can use API keys to access:
+
+- **Model Management** - `/api/v1/provider/models/llm` and `/api/v1/provider/models/embedding`
+- **Bot Management** - `/api/v1/platform/bots`
+- **Pipeline Management** - `/api/v1/pipelines`
+- **Knowledge Base** - `/api/v1/knowledge/*`
+- **MCP Servers** - `/api/v1/mcp/servers`
+- And more...
+
+### Authentication Methods
+
+Each endpoint accepts **either**:
+1. **User Token** (via `Authorization: Bearer <user_jwt_token>`) - for web UI and authenticated users
+2. **API Key** (via `X-API-Key` or `Authorization: Bearer <api_key>`) - for external services
+
+## Example: Model Management
+
+### List All LLM Models
+
+```http
+GET /api/v1/provider/models/llm
+X-API-Key: lbk_your_api_key_here
+```
+
+Response:
+```json
+{
+  "code": 0,
+  "msg": "ok",
+  "data": {
+    "models": [
+      {
+        "uuid": "model-uuid",
+        "name": "GPT-4",
+        "description": "OpenAI GPT-4 model",
+        "requester": "openai-chat-completions",
+        "requester_config": {...},
+        "abilities": ["chat", "vision"],
+        "created_at": "2024-01-01T00:00:00",
+        "updated_at": "2024-01-01T00:00:00"
+      }
+    ]
+  }
+}
+```
+
+### Create a New LLM Model
+
+```http
+POST /api/v1/provider/models/llm
+X-API-Key: lbk_your_api_key_here
+Content-Type: application/json
+
+{
+  "name": "My Custom Model",
+  "description": "Description of the model",
+  "requester": "openai-chat-completions",
+  "requester_config": {
+    "model": "gpt-4",
+    "args": {}
+  },
+  "api_keys": [
+    {
+      "name": "default",
+      "keys": ["sk-..."]
+    }
+  ],
+  "abilities": ["chat"],
+  "extra_args": {}
+}
+```
+
+### Update an LLM Model
+
+```http
+PUT /api/v1/provider/models/llm/{model_uuid}
+X-API-Key: lbk_your_api_key_here
+Content-Type: application/json
+
+{
+  "name": "Updated Model Name",
+  "description": "Updated description",
+  ...
+}
+```
+
+### Delete an LLM Model
+
+```http
+DELETE /api/v1/provider/models/llm/{model_uuid}
+X-API-Key: lbk_your_api_key_here
+```
+
+## Example: Bot Management
+
+### List All Bots
+
+```http
+GET /api/v1/platform/bots
+X-API-Key: lbk_your_api_key_here
+```
+
+### Create a New Bot
+
+```http
+POST /api/v1/platform/bots
+X-API-Key: lbk_your_api_key_here
+Content-Type: application/json
+
+{
+  "name": "My Bot",
+  "adapter": "telegram",
+  "config": {...}
+}
+```
+
+## Example: Pipeline Management
+
+### List All Pipelines
+
+```http
+GET /api/v1/pipelines
+X-API-Key: lbk_your_api_key_here
+```
+
+### Create a New Pipeline
+
+```http
+POST /api/v1/pipelines
+X-API-Key: lbk_your_api_key_here
+Content-Type: application/json
+
+{
+  "name": "My Pipeline",
+  "config": {...}
+}
+```
+
+## Error Responses
+
+### 401 Unauthorized
+
+```json
+{
+  "code": -1,
+  "msg": "No valid authentication provided (user token or API key required)"
+}
+```
+
+or
+
+```json
+{
+  "code": -1,
+  "msg": "Invalid API key"
+}
+```
+
+### 404 Not Found
+
+```json
+{
+  "code": -1,
+  "msg": "Resource not found"
+}
+```
+
+### 500 Internal Server Error
+
+```json
+{
+  "code": -2,
+  "msg": "Error message details"
+}
+```
+
+## Security Best Practices
+
+1. **Keep API keys secure**: Store them securely and never commit them to version control
+2. **Use HTTPS**: Always use HTTPS in production to encrypt API key transmission
+3. **Rotate keys regularly**: Create new API keys periodically and delete old ones
+4. **Use descriptive names**: Give your API keys meaningful names to track their usage
+5. **Delete unused keys**: Remove API keys that are no longer needed
+6. **Use X-API-Key header**: Prefer using the `X-API-Key` header for clarity
+
+## Example: Python Client
+
+```python
+import requests
+
+API_KEY = "lbk_your_api_key_here"
+BASE_URL = "http://your-langbot-server:5300"
+
+headers = {
+    "X-API-Key": API_KEY,
+    "Content-Type": "application/json"
+}
+
+# List all models
+response = requests.get(f"{BASE_URL}/api/v1/provider/models/llm", headers=headers)
+models = response.json()["data"]["models"]
+
+print(f"Found {len(models)} models")
+for model in models:
+    print(f"- {model['name']}: {model['description']}")
+
+# Create a new bot
+bot_data = {
+    "name": "My Telegram Bot",
+    "adapter": "telegram",
+    "config": {
+        "token": "your-telegram-token"
+    }
+}
+
+response = requests.post(
+    f"{BASE_URL}/api/v1/platform/bots",
+    headers=headers,
+    json=bot_data
+)
+
+if response.status_code == 200:
+    bot_uuid = response.json()["data"]["uuid"]
+    print(f"Bot created with UUID: {bot_uuid}")
+```
+
+## Example: cURL
+
+```bash
+# List all models
+curl -X GET \
+  -H "X-API-Key: lbk_your_api_key_here" \
+  http://your-langbot-server:5300/api/v1/provider/models/llm
+
+# Create a new pipeline
+curl -X POST \
+  -H "X-API-Key: lbk_your_api_key_here" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "name": "My Pipeline",
+    "config": {...}
+  }' \
+  http://your-langbot-server:5300/api/v1/pipelines
+
+# Get bot logs
+curl -X POST \
+  -H "X-API-Key: lbk_your_api_key_here" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "from_index": -1,
+    "max_count": 10
+  }' \
+  http://your-langbot-server:5300/api/v1/platform/bots/{bot_uuid}/logs
+```
+
+## Notes
+
+- The same endpoints work for both the web UI (with user tokens) and external services (with API keys)
+- No need to learn different API paths - use the existing API documentation with API key authentication
+- All endpoints that previously required user authentication now also accept API keys
+
--- a/docs/TESTING_SUMMARY.md
+++ b/docs/TESTING_SUMMARY.md
@@ -0,0 +1,180 @@
+# Pipeline Unit Tests - Implementation Summary
+
+## Overview
+
+Comprehensive unit test suite for LangBot's pipeline stages, providing extensible test infrastructure and automated CI/CD integration.
+
+## What Was Implemented
+
+### 1. Test Infrastructure (`tests/pipeline/conftest.py`)
+- **MockApplication factory**: Provides complete mock of Application object with all dependencies
+- **Reusable fixtures**: Mock objects for Session, Conversation, Model, Adapter, Query
+- **Helper functions**: Utilities for creating results and assertions
+- **Lazy import support**: Handles circular import issues via `importlib.import_module()`
+
+### 2. Test Coverage
+
+#### Pipeline Stages Tested:
+- ✅ **test_bansess.py** (6 tests) - Access control whitelist/blacklist logic
+- ✅ **test_ratelimit.py** (3 tests) - Rate limiting acquire/release logic
+- ✅ **test_preproc.py** (3 tests) - Message preprocessing and variable setup
+- ✅ **test_respback.py** (2 tests) - Response sending with/without quotes
+- ✅ **test_resprule.py** (3 tests) - Group message rule matching
+- ✅ **test_pipelinemgr.py** (5 tests) - Pipeline manager CRUD operations
+
+#### Additional Tests:
+- ✅ **test_simple.py** (5 tests) - Test infrastructure validation
+- ✅ **test_stages_integration.py** - Integration tests with full imports
+
+**Total: 27 test cases**
+
+### 3. CI/CD Integration
+
+**GitHub Actions Workflow** (`.github/workflows/pipeline-tests.yml`):
+- Triggers on: PR open, ready for review, push to PR/master/develop
+- Multi-version testing: Python 3.10, 3.11, 3.12
+- Coverage reporting: Integrated with Codecov
+- Auto-runs via `run_tests.sh` script
+
+### 4. Configuration Files
+
+- **pytest.ini** - Pytest configuration with asyncio support
+- **run_tests.sh** - Automated test runner with coverage
+- **tests/README.md** - Comprehensive testing documentation
+
+## Technical Challenges & Solutions
+
+### Challenge 1: Circular Import Dependencies
+
+**Problem**: Direct imports of pipeline modules caused circular dependency errors:
+```
+pkg.pipeline.stage → pkg.core.app → pkg.pipeline.pipelinemgr → pkg.pipeline.resprule
+```
+
+**Solution**: Implemented lazy imports using `importlib.import_module()`:
+```python
+def get_bansess_module():
+    return import_module('pkg.pipeline.bansess.bansess')
+
+# Use in tests
+bansess = get_bansess_module()
+stage = bansess.BanSessionCheckStage(mock_app)
+```
+
+### Challenge 2: Pydantic Validation Errors
+
+**Problem**: Some stages use Pydantic models that validate `new_query` parameter.
+
+**Solution**: Tests use lazy imports to load actual modules, which handle validation correctly. Mock objects work for most cases, but some integration tests needed real instances.
+
+### Challenge 3: Mock Configuration
+
+**Problem**: Lists don't allow `.copy` attribute assignment in Python.
+
+**Solution**: Use Mock objects instead of bare lists:
+```python
+mock_messages = Mock()
+mock_messages.copy = Mock(return_value=[])
+conversation.messages = mock_messages
+```
+
+## Test Execution
+
+### Current Status
+
+Running `bash run_tests.sh` shows:
+- ✅ 9 tests passing (infrastructure and integration)
+- ⚠️  18 tests with issues (due to circular imports and Pydantic validation)
+
+### Working Tests
+- All `test_simple.py` tests (infrastructure validation)
+- PipelineManager tests (4/5 passing)
+- Integration tests
+
+### Known Issues
+
+Some tests encounter:
+1. **Circular import errors** - When importing certain stage modules
+2. **Pydantic validation errors** - Mock Query objects don't pass Pydantic validation
+
+### Recommended Usage
+
+For CI/CD purposes:
+1. Run `test_simple.py` to validate test infrastructure
+2. Run `test_pipelinemgr.py` for manager logic
+3. Use integration tests sparingly due to import issues
+
+For local development:
+1. Use the test infrastructure as a template
+2. Add new tests following the lazy import pattern
+3. Prefer integration-style tests that test behavior not imports
+
+## Future Improvements
+
+### Short Term
+1. **Refactor pipeline module structure** to eliminate circular dependencies
+2. **Add Pydantic model factories** for creating valid test instances
+3. **Expand integration tests** once import issues are resolved
+
+### Long Term
+1. **Integration tests** - Full pipeline execution tests
+2. **Performance benchmarks** - Measure stage execution time
+3. **Mutation testing** - Verify test quality with mutation testing
+4. **Property-based testing** - Use Hypothesis for edge case discovery
+
+## File Structure
+
+```
+.
+├── .github/workflows/
+│   └── pipeline-tests.yml      # CI/CD workflow
+├── tests/
+│   ├── README.md               # Testing documentation
+│   ├── __init__.py
+│   └── pipeline/
+│       ├── __init__.py
+│       ├── conftest.py         # Shared fixtures
+│       ├── test_simple.py      # Infrastructure tests ✅
+│       ├── test_bansess.py     # BanSession tests
+│       ├── test_ratelimit.py   # RateLimit tests
+│       ├── test_preproc.py     # PreProcessor tests
+│       ├── test_respback.py    # ResponseBack tests
+│       ├── test_resprule.py    # ResponseRule tests
+│       ├── test_pipelinemgr.py # Manager tests ✅
+│       └── test_stages_integration.py  # Integration tests
+├── pytest.ini                  # Pytest config
+├── run_tests.sh               # Test runner
+└── TESTING_SUMMARY.md         # This file
+```
+
+## How to Use
+
+### Run Tests Locally
+```bash
+bash run_tests.sh
+```
+
+### Run Specific Test File
+```bash
+pytest tests/pipeline/test_simple.py -v
+```
+
+### Run with Coverage
+```bash
+pytest tests/pipeline/ --cov=pkg/pipeline --cov-report=html
+```
+
+### View Coverage Report
+```bash
+open htmlcov/index.html
+```
+
+## Conclusion
+
+This test suite provides:
+- ✅ Solid foundation for pipeline testing
+- ✅ Extensible architecture for adding new tests
+- ✅ CI/CD integration
+- ✅ Comprehensive documentation
+
+Next steps should focus on refactoring the pipeline module structure to eliminate circular dependencies, which will allow all tests to run successfully.
--- a/docs/service-api-openapi.json
+++ b/docs/service-api-openapi.json
--- a/pkg/plugin/installers/init.py
+++ b/pkg/plugin/installers/init.py
--- a/libs/coze_server_api/client.py
+++ b/libs/coze_server_api/client.py
@@ -0,0 +1,192 @@
+import json
+import asyncio
+import aiohttp
+import io
+from typing import Dict, List, Any, AsyncGenerator
+import os
+from pathlib import Path
+
+
+
+
+class AsyncCozeAPIClient:
+    def __init__(self, api_key: str, api_base: str = "https://api.coze.cn"):
+        self.api_key = api_key
+        self.api_base = api_base
+        self.session = None
+
+    async def __aenter__(self):
+        """支持异步上下文管理器"""
+        await self.coze_session()
+        return self
+
+    async def __aexit__(self, exc_type, exc_val, exc_tb):
+        """退出时自动关闭会话"""
+        await self.close()
+
+
+
+    async def coze_session(self):
+        """确保HTTP session存在"""
+        if self.session is None:
+            connector = aiohttp.TCPConnector(
+                ssl=False if self.api_base.startswith("http://") else True,
+                limit=100,
+                limit_per_host=30,
+                keepalive_timeout=30,
+                enable_cleanup_closed=True,
+            )
+            timeout = aiohttp.ClientTimeout(
+                total=120,  # 默认超时时间
+                connect=30,
+                sock_read=120,
+            )
+            headers = {
+                "Authorization": f"Bearer {self.api_key}",
+                "Accept": "text/event-stream",
+            }
+            self.session = aiohttp.ClientSession(
+                headers=headers, timeout=timeout, connector=connector
+            )
+        return self.session
+
+    async def close(self):
+        """显式关闭会话"""
+        if self.session and not self.session.closed:
+            await self.session.close()
+            self.session = None
+
+    async def upload(
+        self,
+        file,
+    ) -> str:
+        # 处理 Path 对象
+        if isinstance(file, Path):
+            if not file.exists():
+                raise ValueError(f"File not found: {file}")
+            with open(file, "rb") as f:
+                file = f.read()
+
+        # 处理文件路径字符串
+        elif isinstance(file, str):
+            if not os.path.isfile(file):
+                raise ValueError(f"File not found: {file}")
+            with open(file, "rb") as f:
+                file = f.read()
+
+        # 处理文件对象
+        elif hasattr(file, 'read'):
+            file = file.read()
+
+        session = await self.coze_session()
+        url = f"{self.api_base}/v1/files/upload"
+
+        try:
+            file_io = io.BytesIO(file)
+            async with session.post(
+                url,
+                data={
+                    "file": file_io,
+                },
+                timeout=aiohttp.ClientTimeout(total=60),
+            ) as response:
+                if response.status == 401:
+                    raise Exception("Coze API 认证失败，请检查 API Key 是否正确")
+
+                response_text = await response.text()
+
+
+                if response.status != 200:
+                    raise Exception(
+                        f"文件上传失败，状态码: {response.status}, 响应: {response_text}"
+                    )
+                try:
+                    result = await response.json()
+                except json.JSONDecodeError:
+                    raise Exception(f"文件上传响应解析失败: {response_text}")
+
+                if result.get("code") != 0:
+                    raise Exception(f"文件上传失败: {result.get('msg', '未知错误')}")
+
+                file_id = result["data"]["id"]
+                return file_id
+
+        except asyncio.TimeoutError:
+            raise Exception("文件上传超时")
+        except Exception as e:
+            raise Exception(f"文件上传失败: {str(e)}")
+
+
+    async def chat_messages(
+        self,
+        bot_id: str,
+        user_id: str,
+        additional_messages: List[Dict] | None = None,
+        conversation_id: str | None = None,
+        auto_save_history: bool = True,
+        stream: bool = True,
+        timeout: float = 120,
+    ) -> AsyncGenerator[Dict[str, Any], None]:
+        """发送聊天消息并返回流式响应
+
+        Args:
+            bot_id: Bot ID
+            user_id: 用户ID
+            additional_messages: 额外消息列表
+            conversation_id: 会话ID
+            auto_save_history: 是否自动保存历史
+            stream: 是否流式响应
+            timeout: 超时时间
+        """
+        session = await self.coze_session()
+        url = f"{self.api_base}/v3/chat"
+
+        payload = {
+            "bot_id": bot_id,
+            "user_id": user_id,
+            "stream": stream,
+            "auto_save_history": auto_save_history,
+        }
+
+        if additional_messages:
+            payload["additional_messages"] = additional_messages
+
+        params = {}
+        if conversation_id:
+            params["conversation_id"] = conversation_id
+
+
+        try:
+            async with session.post(
+                url,
+                json=payload,
+                params=params,
+                timeout=aiohttp.ClientTimeout(total=timeout),
+            ) as response:
+                if response.status == 401:
+                    raise Exception("Coze API 认证失败，请检查 API Key 是否正确")
+
+                if response.status != 200:
+                    raise Exception(f"Coze API 流式请求失败，状态码: {response.status}")
+
+
+                async for chunk in response.content:
+                    chunk = chunk.decode("utf-8")
+                    if chunk != '\n':
+                        if chunk.startswith("event:"):
+                            chunk_type = chunk.replace("event:", "", 1).strip()
+                        elif chunk.startswith("data:"):
+                            chunk_data = chunk.replace("data:", "", 1).strip()
+                    else:
+                        yield {"event": chunk_type, "data": json.loads(chunk_data) if chunk_data else {}}  # 处理本地部署时，接口返回的data为空值
+
+        except asyncio.TimeoutError:
+            raise Exception(f"Coze API 流式请求超时 ({timeout}秒)")
+        except Exception as e:
+            raise Exception(f"Coze API 流式请求失败: {str(e)}")
+
+
+
+
+
+
--- a/libs/dify_service_api/v1/client.py
+++ b/libs/dify_service_api/v1/client.py
@@ -5,6 +5,8 @@ import typing
 import json

 from .errors import DifyAPIError
+from pathlib import Path
+import os


 class AsyncDifyServiceClient:
@@ -109,7 +111,23 @@ class AsyncDifyServiceClient:
        user: str,
        timeout: float = 30.0,
    ) -> str:
-        """上传文件"""
+        # 处理 Path 对象
+        if isinstance(file, Path):
+            if not file.exists():
+                raise ValueError(f'File not found: {file}')
+            with open(file, 'rb') as f:
+                file = f.read()
+
+        # 处理文件路径字符串
+        elif isinstance(file, str):
+            if not os.path.isfile(file):
+                raise ValueError(f'File not found: {file}')
+            with open(file, 'rb') as f:
+                file = f.read()
+
+        # 处理文件对象
+        elif hasattr(file, 'read'):
+            file = file.read()
        async with httpx.AsyncClient(
            base_url=self.base_url,
            trust_env=True,
@@ -121,6 +139,8 @@ class AsyncDifyServiceClient:
                headers={'Authorization': f'Bearer {self.api_key}'},
                files={
                    'file': file,
+                },
+                data={
                    'user': (None, user),
                },
            )
--- a/libs/dingtalk_api/api.py
+++ b/libs/dingtalk_api/api.py
@@ -110,6 +110,24 @@ class DingTalkClient:
            else:
                raise Exception(f'Error: {response.status_code}, {response.text}')

+    async def get_file_url(self, download_code: str):
+        if not await self.check_access_token():
+            await self.get_access_token()
+        url = 'https://api.dingtalk.com/v1.0/robot/messageFiles/download'
+        params = {'downloadCode': download_code, 'robotCode': self.robot_code}
+        headers = {'x-acs-dingtalk-access-token': self.access_token}
+        async with httpx.AsyncClient() as client:
+            response = await client.post(url, headers=headers, json=params)
+            if response.status_code == 200:
+                result = response.json()
+                download_url = result.get('downloadUrl')
+                if download_url:
+                    return download_url
+                else:
+                    await self.logger.error(f'failed to get file: {response.json()}')
+            else:
+                raise Exception(f'Error: {response.status_code}, {response.text}')
+
    async def update_incoming_message(self, message):
        """异步更新 DingTalkClient 中的 incoming_message"""
        message_data = await self.get_message(message)
@@ -170,12 +188,80 @@ class DingTalkClient:

            if incoming_message.message_type == 'richText':
                data = incoming_message.rich_text_content.to_dict()
+
+                # 使用统一的结构化数据格式，保持顺序
+                rich_content = {
+                    'Type': 'richText',
+                    'Elements': [],  # 按顺序存储所有元素
+                    'SimpleContent': '',  # 兼容字段：纯文本内容
+                    'SimplePicture': ''  # 兼容字段：第一张图片
+                }
+
+                # 先收集所有文本和图片占位符
+                text_elements = []
+                image_placeholders = []
+
+                # 解析富文本内容，保持原始顺序
                for item in data['richText']:
-                    if 'text' in item:
-                        message_data['Content'] = item['text']
-                    if incoming_message.get_image_list()[0]:
-                        message_data['Picture'] = await self.download_image(incoming_message.get_image_list()[0])
-                message_data['Type'] = 'text'
+
+                    # 处理文本内容
+                    if 'text' in item and item['text'] != "\n":
+                        element = {
+                            'Type': 'text',
+                            'Content': item['text']
+                        }
+                        rich_content['Elements'].append(element)
+                        text_elements.append(item['text'])
+
+                    # 检查是否是图片元素 - 根据钉钉API的实际结构调整
+                    # 钉钉富文本中的图片通常有特定标识，可能需要根据实际返回调整
+                    elif item.get("type") == "picture":
+                        # 创建图片占位符
+                        element = {
+                            'Type': 'image_placeholder',
+                        }
+                        rich_content['Elements'].append(element)
+
+                # 获取并下载所有图片
+                image_list = incoming_message.get_image_list()
+                if image_list:
+                    new_elements = []
+                    image_index = 0
+
+                    for element in rich_content['Elements']:
+                        if element['Type'] == 'image_placeholder':
+                            if image_index < len(image_list) and image_list[image_index]:
+                                image_url = await self.download_image(image_list[image_index])
+                                new_elements.append({
+                                    'Type': 'image',
+                                    'Picture': image_url
+                                })
+                                image_index += 1
+                            else:
+                                # 如果没有对应的图片，保留占位符或跳过
+                                continue
+                        else:
+                            new_elements.append(element)
+
+                    rich_content['Elements'] = new_elements
+
+
+                # 设置兼容字段
+                all_texts = [elem['Content'] for elem in rich_content['Elements'] if elem.get('Type') == 'text']
+                rich_content['SimpleContent'] = '\n'.join(all_texts) if all_texts else ''
+
+                all_images = [elem['Picture'] for elem in rich_content['Elements'] if elem.get('Type') == 'image']
+                if all_images:
+                    rich_content['SimplePicture'] = all_images[0]
+                    rich_content['AllImages'] = all_images  # 所有图片的列表
+
+                # 设置原始的 content 和 picture 字段以保持兼容
+                message_data['Content'] = rich_content['SimpleContent']
+                message_data['Rich_Content'] = rich_content
+                if all_images:
+                    message_data['Picture'] = all_images[0]
+
+

            elif incoming_message.message_type == 'text':
                message_data['Content'] = incoming_message.get_text_list()[0]
@@ -189,6 +275,17 @@ class DingTalkClient:
                message_data['Audio'] = await self.get_audio_url(incoming_message.to_dict()['content']['downloadCode'])

                message_data['Type'] = 'audio'
+            elif incoming_message.message_type == 'file':
+                down_list = incoming_message.get_down_list()
+                if len(down_list) >= 2:
+                    message_data['File'] = await self.get_file_url(down_list[0])
+                    message_data['Name'] = down_list[1]
+                else:
+                    if self.logger:
+                        await self.logger.error(f'get_down_list() returned fewer than 2 elements: {down_list}')
+                    message_data['File'] = None
+                    message_data['Name'] = None
+                message_data['Type'] = 'file'

            copy_message_data = message_data.copy()
            del copy_message_data['IncomingMessage']
--- a/libs/dingtalk_api/dingtalkevent.py
+++ b/libs/dingtalk_api/dingtalkevent.py
@@ -15,6 +15,10 @@ class DingTalkEvent(dict):
    def content(self):
        return self.get('Content', '')

+    @property
+    def rich_content(self):
+        return self.get('Rich_Content', '')
+
    @property
    def incoming_message(self) -> Optional['dingtalk_stream.chatbot.ChatbotMessage']:
        return self.get('IncomingMessage')
@@ -31,6 +35,15 @@ class DingTalkEvent(dict):
    def audio(self):
        return self.get('Audio', '')

+    @property
+    def file(self):
+        return self.get('File', '')
+
+    @property
+    def name(self):
+        return self.get('Name', '')
+
+
    @property
    def conversation(self):
        return self.get('conversation_type', '')
--- a/libs/qq_official_api/api.py
+++ b/libs/qq_official_api/api.py
@@ -3,7 +3,7 @@ from quart import request
 import httpx
 from quart import Quart
 from typing import Callable, Dict, Any
-from pkg.platform.types import events as platform_events
+import langbot_plugin.api.entities.builtin.platform.events as platform_events
 from .qqofficialevent import QQOfficialEvent
 import json
 import traceback
--- a/libs/slack_api/api.py
+++ b/libs/slack_api/api.py
@@ -4,7 +4,7 @@ from quart import Quart, jsonify, request
 from slack_sdk.web.async_client import AsyncWebClient
 from .slackevent import SlackEvent
 from typing import Callable
-from pkg.platform.types import events as platform_events
+import langbot_plugin.api.entities.builtin.platform.events as platform_events


 class SlackClient:
--- a/libs/wecom_ai_bot_api/WXBizMsgCrypt3.py
+++ b/libs/wecom_ai_bot_api/WXBizMsgCrypt3.py
@@ -0,0 +1,278 @@
+#!/usr/bin/env python
+# -*- encoding:utf-8 -*-
+
+"""对企业微信发送给企业后台的消息加解密示例代码.
+@copyright: Copyright (c) 1998-2014 Tencent Inc.
+
+"""
+
+# ------------------------------------------------------------------------
+import logging
+import base64
+import random
+import hashlib
+import time
+import struct
+from Crypto.Cipher import AES
+import xml.etree.cElementTree as ET
+import socket
+from libs.wecom_ai_bot_api import ierror
+
+
+"""
+Crypto.Cipher包已不再维护，开发者可以通过以下命令下载安装最新版的加解密工具包
+    pip install pycryptodome
+"""
+
+
+class FormatException(Exception):
+    pass
+
+
+def throw_exception(message, exception_class=FormatException):
+    """my define raise exception function"""
+    raise exception_class(message)
+
+
+class SHA1:
+    """计算企业微信的消息签名接口"""
+
+    def getSHA1(self, token, timestamp, nonce, encrypt):
+        """用SHA1算法生成安全签名
+        @param token:  票据
+        @param timestamp: 时间戳
+        @param encrypt: 密文
+        @param nonce: 随机字符串
+        @return: 安全签名
+        """
+        try:
+            sortlist = [token, timestamp, nonce, encrypt]
+            sortlist.sort()
+            sha = hashlib.sha1()
+            sha.update(''.join(sortlist).encode())
+            return ierror.WXBizMsgCrypt_OK, sha.hexdigest()
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_ComputeSignature_Error, None
+
+
+class XMLParse:
+    """提供提取消息格式中的密文及生成回复消息格式的接口"""
+
+    # xml消息模板
+    AES_TEXT_RESPONSE_TEMPLATE = """<xml>
+<Encrypt><![CDATA[%(msg_encrypt)s]]></Encrypt>
+<MsgSignature><![CDATA[%(msg_signaturet)s]]></MsgSignature>
+<TimeStamp>%(timestamp)s</TimeStamp>
+<Nonce><![CDATA[%(nonce)s]]></Nonce>
+</xml>"""
+
+    def extract(self, xmltext):
+        """提取出xml数据包中的加密消息
+        @param xmltext: 待提取的xml字符串
+        @return: 提取出的加密消息字符串
+        """
+        try:
+            xml_tree = ET.fromstring(xmltext)
+            encrypt = xml_tree.find('Encrypt')
+            return ierror.WXBizMsgCrypt_OK, encrypt.text
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_ParseXml_Error, None
+
+    def generate(self, encrypt, signature, timestamp, nonce):
+        """生成xml消息
+        @param encrypt: 加密后的消息密文
+        @param signature: 安全签名
+        @param timestamp: 时间戳
+        @param nonce: 随机字符串
+        @return: 生成的xml字符串
+        """
+        resp_dict = {
+            'msg_encrypt': encrypt,
+            'msg_signaturet': signature,
+            'timestamp': timestamp,
+            'nonce': nonce,
+        }
+        resp_xml = self.AES_TEXT_RESPONSE_TEMPLATE % resp_dict
+        return resp_xml
+
+
+class PKCS7Encoder:
+    """提供基于PKCS7算法的加解密接口"""
+
+    block_size = 32
+
+    def encode(self, text):
+        """对需要加密的明文进行填充补位
+        @param text: 需要进行填充补位操作的明文
+        @return: 补齐明文字符串
+        """
+        text_length = len(text)
+        # 计算需要填充的位数
+        amount_to_pad = self.block_size - (text_length % self.block_size)
+        if amount_to_pad == 0:
+            amount_to_pad = self.block_size
+        # 获得补位所用的字符
+        pad = chr(amount_to_pad)
+        return text + (pad * amount_to_pad).encode()
+
+    def decode(self, decrypted):
+        """删除解密后明文的补位字符
+        @param decrypted: 解密后的明文
+        @return: 删除补位字符后的明文
+        """
+        pad = ord(decrypted[-1])
+        if pad < 1 or pad > 32:
+            pad = 0
+        return decrypted[:-pad]
+
+
+class Prpcrypt(object):
+    """提供接收和推送给企业微信消息的加解密接口"""
+
+    def __init__(self, key):
+        # self.key = base64.b64decode(key+"=")
+        self.key = key
+        # 设置加解密模式为AES的CBC模式
+        self.mode = AES.MODE_CBC
+
+    def encrypt(self, text, receiveid):
+        """对明文进行加密
+        @param text: 需要加密的明文
+        @return: 加密得到的字符串
+        """
+        # 16位随机字符串添加到明文开头
+        text = text.encode()
+        text = self.get_random_str() + struct.pack('I', socket.htonl(len(text))) + text + receiveid.encode()
+
+        # 使用自定义的填充方式对明文进行补位填充
+        pkcs7 = PKCS7Encoder()
+        text = pkcs7.encode(text)
+        # 加密
+        cryptor = AES.new(self.key, self.mode, self.key[:16])
+        try:
+            ciphertext = cryptor.encrypt(text)
+            # 使用BASE64对加密后的字符串进行编码
+            return ierror.WXBizMsgCrypt_OK, base64.b64encode(ciphertext)
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_EncryptAES_Error, None
+
+    def decrypt(self, text, receiveid):
+        """对解密后的明文进行补位删除
+        @param text: 密文
+        @return: 删除填充补位后的明文
+        """
+        try:
+            cryptor = AES.new(self.key, self.mode, self.key[:16])
+            # 使用BASE64对密文进行解码，然后AES-CBC解密
+            plain_text = cryptor.decrypt(base64.b64decode(text))
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_DecryptAES_Error, None
+        try:
+            pad = plain_text[-1]
+            # 去掉补位字符串
+            # pkcs7 = PKCS7Encoder()
+            # plain_text = pkcs7.encode(plain_text)
+            # 去除16位随机字符串
+            content = plain_text[16:-pad]
+            xml_len = socket.ntohl(struct.unpack('I', content[:4])[0])
+            xml_content = content[4 : xml_len + 4]
+            from_receiveid = content[xml_len + 4 :]
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_IllegalBuffer, None
+
+        if from_receiveid.decode('utf8') != receiveid:
+            return ierror.WXBizMsgCrypt_ValidateCorpid_Error, None
+        return 0, xml_content
+
+    def get_random_str(self):
+        """随机生成16位字符串
+        @return: 16位字符串
+        """
+        return str(random.randint(1000000000000000, 9999999999999999)).encode()
+
+
+class WXBizMsgCrypt(object):
+    # 构造函数
+    def __init__(self, sToken, sEncodingAESKey, sReceiveId):
+        try:
+            self.key = base64.b64decode(sEncodingAESKey + '=')
+            assert len(self.key) == 32
+        except Exception:
+            throw_exception('[error]: EncodingAESKey unvalid !', FormatException)
+            # return ierror.WXBizMsgCrypt_IllegalAesKey,None
+        self.m_sToken = sToken
+        self.m_sReceiveId = sReceiveId
+
+        # 验证URL
+        # @param sMsgSignature: 签名串，对应URL参数的msg_signature
+        # @param sTimeStamp: 时间戳，对应URL参数的timestamp
+        # @param sNonce: 随机串，对应URL参数的nonce
+        # @param sEchoStr: 随机串，对应URL参数的echostr
+        # @param sReplyEchoStr: 解密之后的echostr，当return返回0时有效
+        # @return：成功0，失败返回对应的错误码
+
+    def VerifyURL(self, sMsgSignature, sTimeStamp, sNonce, sEchoStr):
+        sha1 = SHA1()
+        ret, signature = sha1.getSHA1(self.m_sToken, sTimeStamp, sNonce, sEchoStr)
+        if ret != 0:
+            return ret, None
+        if not signature == sMsgSignature:
+            return ierror.WXBizMsgCrypt_ValidateSignature_Error, None
+        pc = Prpcrypt(self.key)
+        ret, sReplyEchoStr = pc.decrypt(sEchoStr, self.m_sReceiveId)
+        return ret, sReplyEchoStr
+
+    def EncryptMsg(self, sReplyMsg, sNonce, timestamp=None):
+        # 将企业回复用户的消息加密打包
+        # @param sReplyMsg: 企业号待回复用户的消息，xml格式的字符串
+        # @param sTimeStamp: 时间戳，可以自己生成，也可以用URL参数的timestamp,如为None则自动用当前时间
+        # @param sNonce: 随机串，可以自己生成，也可以用URL参数的nonce
+        # sEncryptMsg: 加密后的可以直接回复用户的密文，包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
+        # return：成功0，sEncryptMsg,失败返回对应的错误码None
+        pc = Prpcrypt(self.key)
+        ret, encrypt = pc.encrypt(sReplyMsg, self.m_sReceiveId)
+        encrypt = encrypt.decode('utf8')
+        if ret != 0:
+            return ret, None
+        if timestamp is None:
+            timestamp = str(int(time.time()))
+        # 生成安全签名
+        sha1 = SHA1()
+        ret, signature = sha1.getSHA1(self.m_sToken, timestamp, sNonce, encrypt)
+        if ret != 0:
+            return ret, None
+        xmlParse = XMLParse()
+        return ret, xmlParse.generate(encrypt, signature, timestamp, sNonce)
+
+    def DecryptMsg(self, sPostData, sMsgSignature, sTimeStamp, sNonce):
+        # 检验消息的真实性，并且获取解密后的明文
+        # @param sMsgSignature: 签名串，对应URL参数的msg_signature
+        # @param sTimeStamp: 时间戳，对应URL参数的timestamp
+        # @param sNonce: 随机串，对应URL参数的nonce
+        # @param sPostData: 密文，对应POST请求的数据
+        #  xml_content: 解密后的原文，当return返回0时有效
+        # @return: 成功0，失败返回对应的错误码
+        # 验证安全签名
+        xmlParse = XMLParse()
+        ret, encrypt = xmlParse.extract(sPostData)
+        if ret != 0:
+            return ret, None
+        sha1 = SHA1()
+        ret, signature = sha1.getSHA1(self.m_sToken, sTimeStamp, sNonce, encrypt)
+        if ret != 0:
+            return ret, None
+        if not signature == sMsgSignature:
+            return ierror.WXBizMsgCrypt_ValidateSignature_Error, None
+        pc = Prpcrypt(self.key)
+        ret, xml_content = pc.decrypt(encrypt, self.m_sReceiveId)
+        return ret, xml_content
--- a/libs/wecom_ai_bot_api/api.py
+++ b/libs/wecom_ai_bot_api/api.py
@@ -0,0 +1,588 @@
+import asyncio
+import base64
+import json
+import time
+import traceback
+import uuid
+import xml.etree.ElementTree as ET
+from dataclasses import dataclass, field
+from typing import Any, Callable, Optional
+from urllib.parse import unquote
+
+import httpx
+from Crypto.Cipher import AES
+from quart import Quart, request, Response, jsonify
+
+from libs.wecom_ai_bot_api import wecombotevent
+from libs.wecom_ai_bot_api.WXBizMsgCrypt3 import WXBizMsgCrypt
+from pkg.platform.logger import EventLogger
+
+
+@dataclass
+class StreamChunk:
+    """描述单次推送给企业微信的流式片段。"""
+
+    # 需要返回给企业微信的文本内容
+    content: str
+
+    # 标记是否为最终片段，对应企业微信协议里的 finish 字段
+    is_final: bool = False
+
+    # 预留额外元信息，未来支持多模态扩展时可使用
+    meta: dict[str, Any] = field(default_factory=dict)
+
+
+@dataclass
+class StreamSession:
+    """维护一次企业微信流式会话的上下文。"""
+
+    # 企业微信要求的 stream_id，用于标识后续刷新请求
+    stream_id: str
+
+    # 原始消息的 msgid，便于与流水线消息对应
+    msg_id: str
+
+    # 群聊会话标识（单聊时为空）
+    chat_id: Optional[str]
+
+    # 触发消息的发送者
+    user_id: Optional[str]
+
+    # 会话创建时间
+    created_at: float = field(default_factory=time.time)
+
+    # 最近一次被访问的时间，cleanup 依据该值判断过期
+    last_access: float = field(default_factory=time.time)
+
+    # 将流水线增量结果缓存到队列，刷新请求逐条消费
+    queue: asyncio.Queue = field(default_factory=asyncio.Queue)
+
+    # 是否已经完成（收到最终片段）
+    finished: bool = False
+
+    # 缓存最近一次片段，处理重试或超时兜底
+    last_chunk: Optional[StreamChunk] = None
+
+
+class StreamSessionManager:
+    """管理 stream 会话的生命周期，并负责队列的生产消费。"""
+
+    def __init__(self, logger: EventLogger, ttl: int = 60) -> None:
+        self.logger = logger
+
+        self.ttl = ttl  # 超时时间（秒），超过该时间未被访问的会话会被清理由 cleanup
+        self._sessions: dict[str, StreamSession] = {}  # stream_id -> StreamSession 映射
+        self._msg_index: dict[str, str] = {}  # msgid -> stream_id 映射，便于流水线根据消息 ID 找到会话
+
+    def get_stream_id_by_msg(self, msg_id: str) -> Optional[str]:
+        if not msg_id:
+            return None
+        return self._msg_index.get(msg_id)
+
+    def get_session(self, stream_id: str) -> Optional[StreamSession]:
+        return self._sessions.get(stream_id)
+
+    def create_or_get(self, msg_json: dict[str, Any]) -> tuple[StreamSession, bool]:
+        """根据企业微信回调创建或获取会话。
+
+        Args:
+            msg_json: 企业微信解密后的回调 JSON。
+
+        Returns:
+            Tuple[StreamSession, bool]: `StreamSession` 为会话实例，`bool` 指示是否为新建会话。
+
+        Example:
+            在首次回调中调用，得到 `is_new=True` 后再触发流水线。
+        """
+        msg_id = msg_json.get('msgid', '')
+        if msg_id and msg_id in self._msg_index:
+            stream_id = self._msg_index[msg_id]
+            session = self._sessions.get(stream_id)
+            if session:
+                session.last_access = time.time()
+                return session, False
+
+        stream_id = str(uuid.uuid4())
+        session = StreamSession(
+            stream_id=stream_id,
+            msg_id=msg_id,
+            chat_id=msg_json.get('chatid'),
+            user_id=msg_json.get('from', {}).get('userid'),
+        )
+
+        if msg_id:
+            self._msg_index[msg_id] = stream_id
+        self._sessions[stream_id] = session
+        return session, True
+
+    async def publish(self, stream_id: str, chunk: StreamChunk) -> bool:
+        """向 stream 队列写入新的增量片段。
+
+        Args:
+            stream_id: 企业微信分配的流式会话 ID。
+            chunk: 待发送的增量片段。
+
+        Returns:
+            bool: 当流式队列存在并成功入队时返回 True。
+
+        Example:
+            在收到模型增量后调用 `await manager.publish('sid', StreamChunk('hello'))`。
+        """
+        session = self._sessions.get(stream_id)
+        if not session:
+            return False
+
+        session.last_access = time.time()
+        session.last_chunk = chunk
+
+        try:
+            session.queue.put_nowait(chunk)
+        except asyncio.QueueFull:
+            # 默认无界队列，此处兜底防御
+            await session.queue.put(chunk)
+
+        if chunk.is_final:
+            session.finished = True
+
+        return True
+
+    async def consume(self, stream_id: str, timeout: float = 0.5) -> Optional[StreamChunk]:
+        """从队列中取出一个片段，若超时返回 None。
+
+        Args:
+            stream_id: 企业微信流式会话 ID。
+            timeout: 取片段的最长等待时间（秒）。
+
+        Returns:
+            Optional[StreamChunk]: 成功时返回片段，超时或会话不存在时返回 None。
+
+        Example:
+            企业微信刷新到达时调用，若队列有数据则立即返回 `StreamChunk`。
+        """
+        session = self._sessions.get(stream_id)
+        if not session:
+            return None
+
+        session.last_access = time.time()
+
+        try:
+            chunk = await asyncio.wait_for(session.queue.get(), timeout)
+            session.last_access = time.time()
+            if chunk.is_final:
+                session.finished = True
+            return chunk
+        except asyncio.TimeoutError:
+            if session.finished and session.last_chunk:
+                return session.last_chunk
+            return None
+
+    def mark_finished(self, stream_id: str) -> None:
+        session = self._sessions.get(stream_id)
+        if session:
+            session.finished = True
+            session.last_access = time.time()
+
+    def cleanup(self) -> None:
+        """定期清理过期会话，防止队列与映射无上限累积。"""
+        now = time.time()
+        expired: list[str] = []
+        for stream_id, session in self._sessions.items():
+            if now - session.last_access > self.ttl:
+                expired.append(stream_id)
+
+        for stream_id in expired:
+            session = self._sessions.pop(stream_id, None)
+            if not session:
+                continue
+            msg_id = session.msg_id
+            if msg_id and self._msg_index.get(msg_id) == stream_id:
+                self._msg_index.pop(msg_id, None)
+
+
+class WecomBotClient:
+    def __init__(self, Token: str, EnCodingAESKey: str, Corpid: str, logger: EventLogger):
+        """企业微信智能机器人客户端。
+
+        Args:
+            Token: 企业微信回调验证使用的 token。
+            EnCodingAESKey: 企业微信消息加解密密钥。
+            Corpid: 企业 ID。
+            logger: 日志记录器。
+
+        Example:
+            >>> client = WecomBotClient(Token='token', EnCodingAESKey='aeskey', Corpid='corp', logger=logger)
+        """
+
+        self.Token = Token
+        self.EnCodingAESKey = EnCodingAESKey
+        self.Corpid = Corpid
+        self.ReceiveId = ''
+        self.app = Quart(__name__)
+        self.app.add_url_rule(
+            '/callback/command',
+            'handle_callback',
+            self.handle_callback_request,
+            methods=['POST', 'GET']
+        )
+        self._message_handlers = {
+            'example': [],
+        }
+        self.logger = logger
+        self.generated_content: dict[str, str] = {}
+        self.msg_id_map: dict[str, int] = {}
+        self.stream_sessions = StreamSessionManager(logger=logger)
+        self.stream_poll_timeout = 0.5
+
+    @staticmethod
+    def _build_stream_payload(stream_id: str, content: str, finish: bool) -> dict[str, Any]:
+        """按照企业微信协议拼装返回报文。
+
+        Args:
+            stream_id: 企业微信会话 ID。
+            content: 推送的文本内容。
+            finish: 是否为最终片段。
+
+        Returns:
+            dict[str, Any]: 可直接加密返回的 payload。
+
+        Example:
+            组装 `{'msgtype': 'stream', 'stream': {'id': 'sid', ...}}` 结构。
+        """
+        return {
+            'msgtype': 'stream',
+            'stream': {
+                'id': stream_id,
+                'finish': finish,
+                'content': content,
+            },
+        }
+
+    async def _encrypt_and_reply(self, payload: dict[str, Any], nonce: str) -> tuple[Response, int]:
+        """对响应进行加密封装并返回给企业微信。
+
+        Args:
+            payload: 待加密的响应内容。
+            nonce: 企业微信回调参数中的 nonce。
+
+        Returns:
+            Tuple[Response, int]: Quart Response 对象及状态码。
+
+        Example:
+            在首包或刷新场景中调用以生成加密响应。
+        """
+        reply_plain_str = json.dumps(payload, ensure_ascii=False)
+        reply_timestamp = str(int(time.time()))
+        ret, encrypt_text = self.wxcpt.EncryptMsg(reply_plain_str, nonce, reply_timestamp)
+        if ret != 0:
+            await self.logger.error(f'加密失败: {ret}')
+            return jsonify({'error': 'encrypt_failed'}), 500
+
+        root = ET.fromstring(encrypt_text)
+        encrypt = root.find('Encrypt').text
+        resp = {
+            'encrypt': encrypt,
+        }
+        return jsonify(resp), 200
+
+    async def _dispatch_event(self, event: wecombotevent.WecomBotEvent) -> None:
+        """异步触发流水线处理，避免阻塞首包响应。
+
+        Args:
+            event: 由企业微信消息转换的内部事件对象。
+        """
+        try:
+            await self._handle_message(event)
+        except Exception:
+            await self.logger.error(traceback.format_exc())
+
+    async def _handle_post_initial_response(self, msg_json: dict[str, Any], nonce: str) -> tuple[Response, int]:
+        """处理企业微信首次推送的消息，返回 stream_id 并开启流水线。
+
+        Args:
+            msg_json: 解密后的企业微信消息 JSON。
+            nonce: 企业微信回调参数 nonce。
+
+        Returns:
+            Tuple[Response, int]: Quart Response 及状态码。
+
+        Example:
+            首次回调时调用，立即返回带 `stream_id` 的响应。
+        """
+        session, is_new = self.stream_sessions.create_or_get(msg_json)
+
+        message_data = await self.get_message(msg_json)
+        if message_data:
+            message_data['stream_id'] = session.stream_id
+            try:
+                event = wecombotevent.WecomBotEvent(message_data)
+            except Exception:
+                await self.logger.error(traceback.format_exc())
+            else:
+                if is_new:
+                    asyncio.create_task(self._dispatch_event(event))
+
+        payload = self._build_stream_payload(session.stream_id, '', False)
+        return await self._encrypt_and_reply(payload, nonce)
+
+    async def _handle_post_followup_response(self, msg_json: dict[str, Any], nonce: str) -> tuple[Response, int]:
+        """处理企业微信的流式刷新请求，按需返回增量片段。
+
+        Args:
+            msg_json: 解密后的企业微信刷新请求。
+            nonce: 企业微信回调参数 nonce。
+
+        Returns:
+            Tuple[Response, int]: Quart Response 及状态码。
+
+        Example:
+            在刷新请求中调用，按需返回增量片段。
+        """
+        stream_info = msg_json.get('stream', {})
+        stream_id = stream_info.get('id', '')
+        if not stream_id:
+            await self.logger.error('刷新请求缺少 stream.id')
+            return await self._encrypt_and_reply(self._build_stream_payload('', '', True), nonce)
+
+        session = self.stream_sessions.get_session(stream_id)
+        chunk = await self.stream_sessions.consume(stream_id, timeout=self.stream_poll_timeout)
+
+        if not chunk:
+            cached_content = None
+            if session and session.msg_id:
+                cached_content = self.generated_content.pop(session.msg_id, None)
+            if cached_content is not None:
+                chunk = StreamChunk(content=cached_content, is_final=True)
+            else:
+                payload = self._build_stream_payload(stream_id, '', False)
+                return await self._encrypt_and_reply(payload, nonce)
+
+        payload = self._build_stream_payload(stream_id, chunk.content, chunk.is_final)
+        if chunk.is_final:
+            self.stream_sessions.mark_finished(stream_id)
+        return await self._encrypt_and_reply(payload, nonce)
+
+    async def handle_callback_request(self):
+        """企业微信回调入口。
+
+        Returns:
+            Quart Response: 根据请求类型返回验证、首包或刷新结果。
+
+        Example:
+            作为 Quart 路由处理函数直接注册并使用。
+        """
+        try:
+            self.wxcpt = WXBizMsgCrypt(self.Token, self.EnCodingAESKey, '')
+            await self.logger.info(f'{request.method} {request.url} {str(request.args)}')
+
+            if request.method == 'GET':
+                return await self._handle_get_callback()
+
+            if request.method == 'POST':
+                return await self._handle_post_callback()
+
+            return Response('', status=405)
+
+        except Exception:
+            await self.logger.error(traceback.format_exc())
+            return Response('Internal Server Error', status=500)
+
+    async def _handle_get_callback(self) -> tuple[Response, int] | Response:
+        """处理企业微信的 GET 验证请求。"""
+
+        msg_signature = unquote(request.args.get('msg_signature', ''))
+        timestamp = unquote(request.args.get('timestamp', ''))
+        nonce = unquote(request.args.get('nonce', ''))
+        echostr = unquote(request.args.get('echostr', ''))
+
+        if not all([msg_signature, timestamp, nonce, echostr]):
+            await self.logger.error('请求参数缺失')
+            return Response('缺少参数', status=400)
+
+        ret, decrypted_str = self.wxcpt.VerifyURL(msg_signature, timestamp, nonce, echostr)
+        if ret != 0:
+            await self.logger.error('验证URL失败')
+            return Response('验证失败', status=403)
+
+        return Response(decrypted_str, mimetype='text/plain')
+
+    async def _handle_post_callback(self) -> tuple[Response, int] | Response:
+        """处理企业微信的 POST 回调请求。"""
+
+        self.stream_sessions.cleanup()
+
+        msg_signature = unquote(request.args.get('msg_signature', ''))
+        timestamp = unquote(request.args.get('timestamp', ''))
+        nonce = unquote(request.args.get('nonce', ''))
+
+        encrypted_json = await request.get_json()
+        encrypted_msg = (encrypted_json or {}).get('encrypt', '')
+        if not encrypted_msg:
+            await self.logger.error("请求体中缺少 'encrypt' 字段")
+            return Response('Bad Request', status=400)
+
+        xml_post_data = f"<xml><Encrypt><![CDATA[{encrypted_msg}]]></Encrypt></xml>"
+        ret, decrypted_xml = self.wxcpt.DecryptMsg(xml_post_data, msg_signature, timestamp, nonce)
+        if ret != 0:
+            await self.logger.error('解密失败')
+            return Response('解密失败', status=400)
+
+        msg_json = json.loads(decrypted_xml)
+
+        if msg_json.get('msgtype') == 'stream':
+            return await self._handle_post_followup_response(msg_json, nonce)
+
+        return await self._handle_post_initial_response(msg_json, nonce)
+
+    async def get_message(self, msg_json):
+        message_data = {}
+
+        if msg_json.get('chattype', '') == 'single':
+            message_data['type'] = 'single'
+        elif msg_json.get('chattype', '') == 'group':
+            message_data['type'] = 'group'
+
+        if msg_json.get('msgtype') == 'text':
+            message_data['content'] = msg_json.get('text', {}).get('content')
+        elif msg_json.get('msgtype') == 'image':
+            picurl = msg_json.get('image', {}).get('url', '')
+            base64 = await self.download_url_to_base64(picurl, self.EnCodingAESKey)
+            message_data['picurl'] = base64
+        elif msg_json.get('msgtype') == 'mixed':
+            items = msg_json.get('mixed', {}).get('msg_item', [])
+            texts = []
+            picurl = None
+            for item in items:
+                if item.get('msgtype') == 'text':
+                    texts.append(item.get('text', {}).get('content', ''))
+                elif item.get('msgtype') == 'image' and picurl is None:
+                    picurl = item.get('image', {}).get('url')
+
+            if texts:
+                message_data['content'] = "".join(texts)  # 拼接所有 text
+            if picurl:
+                base64 = await self.download_url_to_base64(picurl, self.EnCodingAESKey)
+                message_data['picurl'] = base64  # 只保留第一个 image
+
+        # Extract user information
+        from_info = msg_json.get('from', {})
+        message_data['userid'] = from_info.get('userid', '')
+        message_data['username'] = from_info.get('alias', '') or from_info.get('name', '') or from_info.get('userid', '')
+
+        # Extract chat/group information
+        if msg_json.get('chattype', '') == 'group':
+            message_data['chatid'] = msg_json.get('chatid', '')
+            # Try to get group name if available
+            message_data['chatname'] = msg_json.get('chatname', '') or msg_json.get('chatid', '')
+
+        message_data['msgid'] = msg_json.get('msgid', '')
+
+        if msg_json.get('aibotid'):
+            message_data['aibotid'] = msg_json.get('aibotid', '')
+
+        return message_data
+
+    async def _handle_message(self, event: wecombotevent.WecomBotEvent):
+        """
+        处理消息事件。
+        """
+        try:
+            message_id = event.message_id
+            if message_id in self.msg_id_map.keys():
+                self.msg_id_map[message_id] += 1
+                return
+            self.msg_id_map[message_id] = 1
+            msg_type = event.type
+            if msg_type in self._message_handlers:
+                for handler in self._message_handlers[msg_type]:
+                    await handler(event)
+        except Exception:
+            print(traceback.format_exc())
+
+    async def push_stream_chunk(self, msg_id: str, content: str, is_final: bool = False) -> bool:
+        """将流水线片段推送到 stream 会话。
+
+        Args:
+            msg_id: 原始企业微信消息 ID。
+            content: 模型产生的片段内容。
+            is_final: 是否为最终片段。
+
+        Returns:
+            bool: 当成功写入流式队列时返回 True。
+
+        Example:
+            在流水线 `reply_message_chunk` 中调用，将增量推送至企业微信。
+        """
+        # 根据 msg_id 找到对应 stream 会话，如果不存在说明当前消息非流式
+        stream_id = self.stream_sessions.get_stream_id_by_msg(msg_id)
+        if not stream_id:
+            return False
+
+        chunk = StreamChunk(content=content, is_final=is_final)
+        await self.stream_sessions.publish(stream_id, chunk)
+        if is_final:
+            self.stream_sessions.mark_finished(stream_id)
+        return True
+
+    async def set_message(self, msg_id: str, content: str):
+        """兼容旧逻辑：若无法流式返回则缓存最终结果。
+
+        Args:
+            msg_id: 企业微信消息 ID。
+            content: 最终回复的文本内容。
+
+        Example:
+            在非流式场景下缓存最终结果以备刷新时返回。
+        """
+        handled = await self.push_stream_chunk(msg_id, content, is_final=True)
+        if not handled:
+            self.generated_content[msg_id] = content
+
+    def on_message(self, msg_type: str):
+        def decorator(func: Callable[[wecombotevent.WecomBotEvent], None]):
+            if msg_type not in self._message_handlers:
+                self._message_handlers[msg_type] = []
+            self._message_handlers[msg_type].append(func)
+            return func
+
+        return decorator
+
+    async def download_url_to_base64(self, download_url, encoding_aes_key):
+        async with httpx.AsyncClient() as client:
+            response = await client.get(download_url)
+            if response.status_code != 200:
+                await self.logger.error(f'failed to get file: {response.text}')
+                return None
+
+            encrypted_bytes = response.content
+
+        aes_key = base64.b64decode(encoding_aes_key + "=")  # base64 补齐
+        iv = aes_key[:16]
+
+        cipher = AES.new(aes_key, AES.MODE_CBC, iv)
+        decrypted = cipher.decrypt(encrypted_bytes)
+
+        pad_len = decrypted[-1]
+        decrypted = decrypted[:-pad_len]
+
+        if decrypted.startswith(b"\xff\xd8"):  # JPEG
+            mime_type = "image/jpeg"
+        elif decrypted.startswith(b"\x89PNG"):  # PNG
+            mime_type = "image/png"
+        elif decrypted.startswith((b"GIF87a", b"GIF89a")):  # GIF
+            mime_type = "image/gif"
+        elif decrypted.startswith(b"BM"):  # BMP
+            mime_type = "image/bmp"
+        elif decrypted.startswith(b"II*\x00") or decrypted.startswith(b"MM\x00*"):  # TIFF
+            mime_type = "image/tiff"
+        else:
+            mime_type = "application/octet-stream"
+
+        # 转 base64
+        base64_str = base64.b64encode(decrypted).decode("utf-8")
+        return f"data:{mime_type};base64,{base64_str}"
+
+    async def run_task(self, host: str, port: int, *args, **kwargs):
+        """
+        启动 Quart 应用。
+        """
+        await self.app.run_task(host=host, port=port, *args, **kwargs)
--- a/libs/wecom_ai_bot_api/ierror.py
+++ b/libs/wecom_ai_bot_api/ierror.py
@@ -0,0 +1,20 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#########################################################################
+# Author: jonyqin
+# Created Time: Thu 11 Sep 2014 01:53:58 PM CST
+# File Name: ierror.py
+# Description:定义错误码含义
+#########################################################################
+WXBizMsgCrypt_OK = 0
+WXBizMsgCrypt_ValidateSignature_Error = -40001
+WXBizMsgCrypt_ParseXml_Error = -40002
+WXBizMsgCrypt_ComputeSignature_Error = -40003
+WXBizMsgCrypt_IllegalAesKey = -40004
+WXBizMsgCrypt_ValidateCorpid_Error = -40005
+WXBizMsgCrypt_EncryptAES_Error = -40006
+WXBizMsgCrypt_DecryptAES_Error = -40007
+WXBizMsgCrypt_IllegalBuffer = -40008
+WXBizMsgCrypt_EncodeBase64_Error = -40009
+WXBizMsgCrypt_DecodeBase64_Error = -40010
+WXBizMsgCrypt_GenReturnXml_Error = -40011
--- a/libs/wecom_ai_bot_api/wecombotevent.py
+++ b/libs/wecom_ai_bot_api/wecombotevent.py
@@ -0,0 +1,74 @@
+from typing import Dict, Any, Optional
+
+
+class WecomBotEvent(dict):
+    @staticmethod
+    def from_payload(payload: Dict[str, Any]) -> Optional['WecomBotEvent']:
+        try:
+            event = WecomBotEvent(payload)
+            return event
+        except KeyError:
+            return None
+
+    @property
+    def type(self) -> str:
+        """
+        事件类型
+        """
+        return self.get('type', '')
+
+    @property
+    def userid(self) -> str:
+        """
+        用户id
+        """
+        return self.get('from', {}).get('userid', '') or self.get('userid', '')
+
+    @property
+    def username(self) -> str:
+        """
+        用户名称
+        """
+        return self.get('username', '') or self.get('from', {}).get('alias', '') or self.get('from', {}).get('name', '') or self.userid
+
+    @property
+    def chatname(self) -> str:
+        """
+        群组名称
+        """
+        return self.get('chatname', '') or str(self.chatid)
+
+    @property
+    def content(self) -> str:
+        """
+        内容
+        """
+        return self.get('content', '')
+
+    @property
+    def picurl(self) -> str:
+        """
+        图片url
+        """
+        return self.get('picurl', '')
+
+    @property
+    def chatid(self) -> str:
+        """
+        群组id
+        """
+        return self.get('chatid', {})
+
+    @property
+    def message_id(self) -> str:
+        """
+        消息id
+        """
+        return self.get('msgid', '')
+    
+    @property
+    def ai_bot_id(self) -> str:
+        """
+        AI Bot ID
+        """
+        return self.get('aibotid', '')
--- a/libs/wecom_api/api.py
+++ b/libs/wecom_api/api.py
@@ -8,7 +8,7 @@ from quart import Quart
 import xml.etree.ElementTree as ET
 from typing import Callable, Dict, Any
 from .wecomevent import WecomEvent
-from pkg.platform.types import message as platform_message
+import langbot_plugin.api.entities.builtin.platform.message as platform_message
 import aiofiles


@@ -340,3 +340,4 @@ class WecomClient:
    async def get_media_id(self, image: platform_message.Image):
        media_id = await self.upload_to_work(image=image)
        return media_id
+    
--- a/libs/wecom_customer_service_api/api.py
+++ b/libs/wecom_customer_service_api/api.py
@@ -8,7 +8,7 @@ from quart import Quart
 import xml.etree.ElementTree as ET
 from typing import Callable
 from .wecomcsevent import WecomCSEvent
-from pkg.platform.types import message as platform_message
+import langbot_plugin.api.entities.builtin.platform.message as platform_message
 import aiofiles


--- a/main.py
+++ b/main.py
@@ -18,9 +18,25 @@ asciiart = r"""

 async def main_entry(loop: asyncio.AbstractEventLoop):
    parser = argparse.ArgumentParser(description='LangBot')
-    parser.add_argument('--skip-plugin-deps-check', action='store_true', help='跳过插件依赖项检查', default=False)
+    parser.add_argument(
+        '--standalone-runtime',
+        action='store_true',
+        help='Use standalone plugin runtime / 使用独立插件运行时',
+        default=False,
+    )
+    parser.add_argument('--debug', action='store_true', help='Debug mode / 调试模式', default=False)
    args = parser.parse_args()

+    if args.standalone_runtime:
+        from pkg.utils import platform
+
+        platform.standalone_runtime = True
+
+    if args.debug:
+        from pkg.utils import constants
+
+        constants.debug_mode = True
+
    print(asciiart)

    import sys
@@ -43,17 +59,13 @@ async def main_entry(loop: asyncio.AbstractEventLoop):
        print('The missing dependencies have been installed automatically, please restart the program.')
        sys.exit(0)

-    # check plugin deps
-    if not args.skip_plugin_deps_check:
-        await deps.precheck_plugin_deps()
+    # # 检查pydantic版本，如果没有 pydantic.v1，则把 pydantic 映射为 v1
+    # import pydantic.version

-    # 检查pydantic版本，如果没有 pydantic.v1，则把 pydantic 映射为 v1
-    import pydantic.version
+    # if pydantic.version.VERSION < '2.0':
+    #     import pydantic

-    if pydantic.version.VERSION < '2.0':
-        import pydantic
-
-        sys.modules['pydantic.v1'] = pydantic
+    #     sys.modules['pydantic.v1'] = pydantic

    # 检查配置文件

--- a/pkg/api/http/controller/group.py
+++ b/pkg/api/http/controller/group.py
@@ -9,6 +9,9 @@ from quart.typing import RouteCallable

 from ....core import app

+# Maximum file upload size limit (10MB)
+MAX_FILE_SIZE = 10 * 1024 * 1024  # 10MB
+

 preregistered_groups: list[type[RouterGroup]] = []
 """Pre-registered list of RouterGroup"""
@@ -31,6 +34,8 @@ class AuthType(enum.Enum):

    NONE = 'none'
    USER_TOKEN = 'user-token'
+    API_KEY = 'api-key'
+    USER_TOKEN_OR_API_KEY = 'user-token-or-api-key'


 class RouterGroup(abc.ABC):
@@ -84,6 +89,63 @@ class RouterGroup(abc.ABC):
                    except Exception as e:
                        return self.http_status(401, -1, str(e))

+                elif auth_type == AuthType.API_KEY:
+                    # get API key from Authorization header or X-API-Key header
+                    api_key = quart.request.headers.get('X-API-Key', '')
+                    if not api_key:
+                        auth_header = quart.request.headers.get('Authorization', '')
+                        if auth_header.startswith('Bearer '):
+                            api_key = auth_header.replace('Bearer ', '')
+
+                    if not api_key:
+                        return self.http_status(401, -1, 'No valid API key provided')
+
+                    try:
+                        is_valid = await self.ap.apikey_service.verify_api_key(api_key)
+                        if not is_valid:
+                            return self.http_status(401, -1, 'Invalid API key')
+                    except Exception as e:
+                        return self.http_status(401, -1, str(e))
+
+                elif auth_type == AuthType.USER_TOKEN_OR_API_KEY:
+                    # Try API key first (check X-API-Key header)
+                    api_key = quart.request.headers.get('X-API-Key', '')
+                    
+                    if api_key:
+                        # API key authentication
+                        try:
+                            is_valid = await self.ap.apikey_service.verify_api_key(api_key)
+                            if not is_valid:
+                                return self.http_status(401, -1, 'Invalid API key')
+                        except Exception as e:
+                            return self.http_status(401, -1, str(e))
+                    else:
+                        # Try user token authentication (Authorization header)
+                        token = quart.request.headers.get('Authorization', '').replace('Bearer ', '')
+
+                        if not token:
+                            return self.http_status(401, -1, 'No valid authentication provided (user token or API key required)')
+
+                        try:
+                            user_email = await self.ap.user_service.verify_jwt_token(token)
+
+                            # check if this account exists
+                            user = await self.ap.user_service.get_user_by_email(user_email)
+                            if not user:
+                                return self.http_status(401, -1, 'User not found')
+
+                            # check if f accepts user_email parameter
+                            if 'user_email' in f.__code__.co_varnames:
+                                kwargs['user_email'] = user_email
+                        except Exception:
+                            # If user token fails, maybe it's an API key in Authorization header
+                            try:
+                                is_valid = await self.ap.apikey_service.verify_api_key(token)
+                                if not is_valid:
+                                    return self.http_status(401, -1, 'Invalid authentication credentials')
+                            except Exception as e:
+                                return self.http_status(401, -1, str(e))
+
                try:
                    return await f(*args, **kwargs)

--- a/pkg/api/http/controller/groups/apikeys.py
+++ b/pkg/api/http/controller/groups/apikeys.py
@@ -0,0 +1,43 @@
+import quart
+
+from .. import group
+
+
+@group.group_class('apikeys', '/api/v1/apikeys')
+class ApiKeysRouterGroup(group.RouterGroup):
+    async def initialize(self) -> None:
+        @self.route('', methods=['GET', 'POST'])
+        async def _() -> str:
+            if quart.request.method == 'GET':
+                keys = await self.ap.apikey_service.get_api_keys()
+                return self.success(data={'keys': keys})
+            elif quart.request.method == 'POST':
+                json_data = await quart.request.json
+                name = json_data.get('name', '')
+                description = json_data.get('description', '')
+
+                if not name:
+                    return self.http_status(400, -1, 'Name is required')
+
+                key = await self.ap.apikey_service.create_api_key(name, description)
+                return self.success(data={'key': key})
+
+        @self.route('/<int:key_id>', methods=['GET', 'PUT', 'DELETE'])
+        async def _(key_id: int) -> str:
+            if quart.request.method == 'GET':
+                key = await self.ap.apikey_service.get_api_key(key_id)
+                if key is None:
+                    return self.http_status(404, -1, 'API key not found')
+                return self.success(data={'key': key})
+
+            elif quart.request.method == 'PUT':
+                json_data = await quart.request.json
+                name = json_data.get('name')
+                description = json_data.get('description')
+
+                await self.ap.apikey_service.update_api_key(key_id, name, description)
+                return self.success()
+
+            elif quart.request.method == 'DELETE':
+                await self.ap.apikey_service.delete_api_key(key_id)
+                return self.success()
--- a/pkg/api/http/controller/groups/files.py
+++ b/pkg/api/http/controller/groups/files.py
@@ -15,6 +15,9 @@ class FilesRouterGroup(group.RouterGroup):
    async def initialize(self) -> None:
        @self.route('/image/<image_key>', methods=['GET'], auth_type=group.AuthType.NONE)
        async def _(image_key: str) -> quart.Response:
+            if '/' in image_key or '\\' in image_key:
+                return quart.Response(status=404)
+
            if not await self.ap.storage_mgr.storage_provider.exists(image_key):
                return quart.Response(status=404)

@@ -28,15 +31,41 @@ class FilesRouterGroup(group.RouterGroup):
        @self.route('/documents', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
        async def _() -> quart.Response:
            request = quart.request
+
+            # Check file size limit before reading the file
+            content_length = request.content_length
+            if content_length and content_length > group.MAX_FILE_SIZE:
+                return self.fail(400, 'File size exceeds 10MB limit. Please split large files into smaller parts.')
+
            # get file bytes from 'file'
-            file = (await request.files)['file']
+            files = await request.files
+            if 'file' not in files:
+                return self.fail(400, 'No file provided in request')
+
+            file = files['file']
            assert isinstance(file, quart.datastructures.FileStorage)

            file_bytes = await asyncio.to_thread(file.stream.read)
-            extension = file.filename.split('.')[-1]
-            file_name = file.filename.split('.')[0]

-            file_key = file_name + '_' + str(uuid.uuid4())[:8] + '.' + extension
+            # Double-check actual file size after reading
+            if len(file_bytes) > group.MAX_FILE_SIZE:
+                return self.fail(400, 'File size exceeds 10MB limit. Please split large files into smaller parts.')
+
+            # Split filename and extension properly
+            if '.' in file.filename:
+                file_name, extension = file.filename.rsplit('.', 1)
+            else:
+                file_name = file.filename
+                extension = ''
+
+            # check if file name contains '/' or '\'
+            if '/' in file_name or '\\' in file_name:
+                return self.fail(400, 'File name contains invalid characters')
+
+            file_key = file_name + '_' + str(uuid.uuid4())[:8]
+            if extension:
+                file_key += '.' + extension
+
            # save file to storage
            await self.ap.storage_mgr.storage_provider.save(file_key, file_bytes)
            return self.success(
--- a/pkg/api/http/controller/groups/pipelines/pipelines.py
+++ b/pkg/api/http/controller/groups/pipelines/pipelines.py
@@ -8,7 +8,7 @@ from ... import group
@group.group_class('pipelines', '/api/v1/pipelines')
 class PipelinesRouterGroup(group.RouterGroup):
    async def initialize(self) -> None:
-        @self.route('', methods=['GET', 'POST'])
+        @self.route('', methods=['GET', 'POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _() -> str:
            if quart.request.method == 'GET':
                sort_by = quart.request.args.get('sort_by', 'created_at')
@@ -23,11 +23,11 @@ class PipelinesRouterGroup(group.RouterGroup):

                return self.success(data={'uuid': pipeline_uuid})

-        @self.route('/_/metadata', methods=['GET'])
+        @self.route('/_/metadata', methods=['GET'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _() -> str:
            return self.success(data={'configs': await self.ap.pipeline_service.get_pipeline_metadata()})

-        @self.route('/<pipeline_uuid>', methods=['GET', 'PUT', 'DELETE'])
+        @self.route('/<pipeline_uuid>', methods=['GET', 'PUT', 'DELETE'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _(pipeline_uuid: str) -> str:
            if quart.request.method == 'GET':
                pipeline = await self.ap.pipeline_service.get_pipeline(pipeline_uuid)
@@ -46,3 +46,34 @@ class PipelinesRouterGroup(group.RouterGroup):
                await self.ap.pipeline_service.delete_pipeline(pipeline_uuid)

                return self.success()
+
+        @self.route('/<pipeline_uuid>/extensions', methods=['GET', 'PUT'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
+        async def _(pipeline_uuid: str) -> str:
+            if quart.request.method == 'GET':
+                # Get current extensions and available plugins
+                pipeline = await self.ap.pipeline_service.get_pipeline(pipeline_uuid)
+                if pipeline is None:
+                    return self.http_status(404, -1, 'pipeline not found')
+
+                plugins = await self.ap.plugin_connector.list_plugins()
+                mcp_servers = await self.ap.mcp_service.get_mcp_servers(contain_runtime_info=True)
+
+                return self.success(
+                    data={
+                        'bound_plugins': pipeline.get('extensions_preferences', {}).get('plugins', []),
+                        'available_plugins': plugins,
+                        'bound_mcp_servers': pipeline.get('extensions_preferences', {}).get('mcp_servers', []),
+                        'available_mcp_servers': mcp_servers,
+                    }
+                )
+            elif quart.request.method == 'PUT':
+                # Update bound plugins and MCP servers for this pipeline
+                json_data = await quart.request.json
+                bound_plugins = json_data.get('bound_plugins', [])
+                bound_mcp_servers = json_data.get('bound_mcp_servers', [])
+
+                await self.ap.pipeline_service.update_pipeline_extensions(
+                    pipeline_uuid, bound_plugins, bound_mcp_servers
+                )
+
+                return self.success()
--- a/pkg/api/http/controller/groups/pipelines/webchat.py
+++ b/pkg/api/http/controller/groups/pipelines/webchat.py
@@ -44,9 +44,9 @@ class WebChatDebugRouterGroup(group.RouterGroup):
                        'Content-Type': 'text/event-stream',
                        'Transfer-Encoding': 'chunked',
                        'Cache-Control': 'no-cache',
-                        'Connection': 'keep-alive'
+                        'Connection': 'keep-alive',
                    }
-                    return quart.Response(stream_generator(generator), mimetype='text/event-stream',headers=headers)
+                    return quart.Response(stream_generator(generator), mimetype='text/event-stream', headers=headers)

                else:  # non-stream
                    result = None
--- a/pkg/api/http/controller/groups/platform/bots.py
+++ b/pkg/api/http/controller/groups/platform/bots.py
@@ -6,7 +6,7 @@ from ... import group
@group.group_class('bots', '/api/v1/platform/bots')
 class BotsRouterGroup(group.RouterGroup):
    async def initialize(self) -> None:
-        @self.route('', methods=['GET', 'POST'])
+        @self.route('', methods=['GET', 'POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _() -> str:
            if quart.request.method == 'GET':
                return self.success(data={'bots': await self.ap.bot_service.get_bots()})
@@ -15,7 +15,7 @@ class BotsRouterGroup(group.RouterGroup):
                bot_uuid = await self.ap.bot_service.create_bot(json_data)
                return self.success(data={'uuid': bot_uuid})

-        @self.route('/<bot_uuid>', methods=['GET', 'PUT', 'DELETE'])
+        @self.route('/<bot_uuid>', methods=['GET', 'PUT', 'DELETE'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _(bot_uuid: str) -> str:
            if quart.request.method == 'GET':
                bot = await self.ap.bot_service.get_bot(bot_uuid)
@@ -30,7 +30,7 @@ class BotsRouterGroup(group.RouterGroup):
                await self.ap.bot_service.delete_bot(bot_uuid)
                return self.success()

-        @self.route('/<bot_uuid>/logs', methods=['POST'])
+        @self.route('/<bot_uuid>/logs', methods=['POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _(bot_uuid: str) -> str:
            json_data = await quart.request.json
            from_index = json_data.get('from_index', -1)
--- a/pkg/api/http/controller/groups/plugins.py
+++ b/pkg/api/http/controller/groups/plugins.py
@@ -1,10 +1,15 @@
 from __future__ import annotations

-
+import base64
 import quart
+import re
+import httpx
+import uuid
+import os

 from .....core import taskmgr
 from .. import group
+from langbot_plugin.runtime.plugin.mgr import PluginInstallSource


@group.group_class('plugins', '/api/v1/plugins')
@@ -12,35 +17,22 @@ class PluginsRouterGroup(group.RouterGroup):
    async def initialize(self) -> None:
        @self.route('', methods=['GET'], auth_type=group.AuthType.USER_TOKEN)
        async def _() -> str:
-            plugins = self.ap.plugin_mgr.plugins()
+            plugins = await self.ap.plugin_connector.list_plugins()

-            plugins_data = [plugin.model_dump() for plugin in plugins]
-
-            return self.success(data={'plugins': plugins_data})
+            return self.success(data={'plugins': plugins})

        @self.route(
-            '/<author>/<plugin_name>/toggle',
-            methods=['PUT'],
-            auth_type=group.AuthType.USER_TOKEN,
-        )
-        async def _(author: str, plugin_name: str) -> str:
-            data = await quart.request.json
-            target_enabled = data.get('target_enabled')
-            await self.ap.plugin_mgr.update_plugin_switch(plugin_name, target_enabled)
-            return self.success()
-
-        @self.route(
-            '/<author>/<plugin_name>/update',
+            '/<author>/<plugin_name>/upgrade',
            methods=['POST'],
            auth_type=group.AuthType.USER_TOKEN,
        )
        async def _(author: str, plugin_name: str) -> str:
            ctx = taskmgr.TaskContext.new()
            wrapper = self.ap.task_mgr.create_user_task(
-                self.ap.plugin_mgr.update_plugin(plugin_name, task_context=ctx),
+                self.ap.plugin_connector.upgrade_plugin(author, plugin_name, task_context=ctx),
                kind='plugin-operation',
-                name=f'plugin-update-{plugin_name}',
-                label=f'Updating plugin {plugin_name}',
+                name=f'plugin-upgrade-{plugin_name}',
+                label=f'Upgrading plugin {plugin_name}',
                context=ctx,
            )
            return self.success(data={'task_id': wrapper.id})
@@ -52,14 +44,17 @@ class PluginsRouterGroup(group.RouterGroup):
        )
        async def _(author: str, plugin_name: str) -> str:
            if quart.request.method == 'GET':
-                plugin = self.ap.plugin_mgr.get_plugin(author, plugin_name)
+                plugin = await self.ap.plugin_connector.get_plugin_info(author, plugin_name)
                if plugin is None:
                    return self.http_status(404, -1, 'plugin not found')
-                return self.success(data={'plugin': plugin.model_dump()})
+                return self.success(data={'plugin': plugin})
            elif quart.request.method == 'DELETE':
+                delete_data = quart.request.args.get('delete_data', 'false').lower() == 'true'
                ctx = taskmgr.TaskContext.new()
                wrapper = self.ap.task_mgr.create_user_task(
-                    self.ap.plugin_mgr.uninstall_plugin(plugin_name, task_context=ctx),
+                    self.ap.plugin_connector.delete_plugin(
+                        author, plugin_name, delete_data=delete_data, task_context=ctx
+                    ),
                    kind='plugin-operation',
                    name=f'plugin-remove-{plugin_name}',
                    label=f'Removing plugin {plugin_name}',
@@ -74,36 +69,241 @@ class PluginsRouterGroup(group.RouterGroup):
            auth_type=group.AuthType.USER_TOKEN,
        )
        async def _(author: str, plugin_name: str) -> quart.Response:
-            plugin = self.ap.plugin_mgr.get_plugin(author, plugin_name)
+            plugin = await self.ap.plugin_connector.get_plugin_info(author, plugin_name)
            if plugin is None:
                return self.http_status(404, -1, 'plugin not found')
+
            if quart.request.method == 'GET':
-                return self.success(data={'config': plugin.plugin_config})
+                return self.success(data={'config': plugin['plugin_config']})
            elif quart.request.method == 'PUT':
                data = await quart.request.json

-                await self.ap.plugin_mgr.set_plugin_config(plugin, data)
+                await self.ap.plugin_connector.set_plugin_config(author, plugin_name, data)

                return self.success(data={})

-        @self.route('/reorder', methods=['PUT'], auth_type=group.AuthType.USER_TOKEN)
+        @self.route(
+            '/<author>/<plugin_name>/icon',
+            methods=['GET'],
+            auth_type=group.AuthType.NONE,
+        )
+        async def _(author: str, plugin_name: str) -> quart.Response:
+            icon_data = await self.ap.plugin_connector.get_plugin_icon(author, plugin_name)
+            icon_base64 = icon_data['plugin_icon_base64']
+            mime_type = icon_data['mime_type']
+
+            icon_data = base64.b64decode(icon_base64)
+
+            return quart.Response(icon_data, mimetype=mime_type)
+
+        @self.route('/github/releases', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
        async def _() -> str:
+            """Get releases from a GitHub repository URL"""
            data = await quart.request.json
-            await self.ap.plugin_mgr.reorder_plugins(data.get('plugins'))
-            return self.success()
+            repo_url = data.get('repo_url', '')
+
+            # Parse GitHub repository URL to extract owner and repo
+            # Supports: https://github.com/owner/repo or github.com/owner/repo
+            pattern = r'github\.com/([^/]+)/([^/]+?)(?:\.git)?(?:/.*)?$'
+            match = re.search(pattern, repo_url)
+
+            if not match:
+                return self.http_status(400, -1, 'Invalid GitHub repository URL')
+
+            owner, repo = match.groups()
+
+            try:
+                # Fetch releases from GitHub API
+                url = f'https://api.github.com/repos/{owner}/{repo}/releases'
+                async with httpx.AsyncClient(
+                    trust_env=True,
+                    follow_redirects=True,
+                    timeout=10,
+                ) as client:
+                    response = await client.get(url)
+                    response.raise_for_status()
+                    releases = response.json()
+
+                # Format releases data for frontend
+                formatted_releases = []
+                for release in releases:
+                    formatted_releases.append(
+                        {
+                            'id': release['id'],
+                            'tag_name': release['tag_name'],
+                            'name': release['name'],
+                            'published_at': release['published_at'],
+                            'prerelease': release['prerelease'],
+                            'draft': release['draft'],
+                        }
+                    )
+
+                return self.success(data={'releases': formatted_releases, 'owner': owner, 'repo': repo})
+            except httpx.RequestError as e:
+                return self.http_status(500, -1, f'Failed to fetch releases: {str(e)}')
+
+        @self.route(
+            '/github/release-assets',
+            methods=['POST'],
+            auth_type=group.AuthType.USER_TOKEN,
+        )
+        async def _() -> str:
+            """Get assets from a specific GitHub release"""
+            data = await quart.request.json
+            owner = data.get('owner', '')
+            repo = data.get('repo', '')
+            release_id = data.get('release_id', '')
+
+            if not all([owner, repo, release_id]):
+                return self.http_status(400, -1, 'Missing required parameters')
+
+            try:
+                # Fetch release assets from GitHub API
+                url = f'https://api.github.com/repos/{owner}/{repo}/releases/{release_id}'
+                async with httpx.AsyncClient(
+                    trust_env=True,
+                    follow_redirects=True,
+                    timeout=10,
+                ) as client:
+                    response = await client.get(
+                        url,
+                    )
+                    response.raise_for_status()
+                    release = response.json()
+
+                # Format assets data for frontend
+                formatted_assets = []
+                for asset in release.get('assets', []):
+                    formatted_assets.append(
+                        {
+                            'id': asset['id'],
+                            'name': asset['name'],
+                            'size': asset['size'],
+                            'download_url': asset['browser_download_url'],
+                            'content_type': asset['content_type'],
+                        }
+                    )
+
+                # add zipball as a downloadable asset
+                # formatted_assets.append(
+                #     {
+                #         "id": 0,
+                #         "name": "Source code (zip)",
+                #         "size": -1,
+                #         "download_url": release["zipball_url"],
+                #         "content_type": "application/zip",
+                #     }
+                # )
+
+                return self.success(data={'assets': formatted_assets})
+            except httpx.RequestError as e:
+                return self.http_status(500, -1, f'Failed to fetch release assets: {str(e)}')

        @self.route('/install/github', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
        async def _() -> str:
+            """Install plugin from GitHub release asset"""
            data = await quart.request.json
+            asset_url = data.get('asset_url', '')
+            owner = data.get('owner', '')
+            repo = data.get('repo', '')
+            release_tag = data.get('release_tag', '')
+
+            if not asset_url:
+                return self.http_status(400, -1, 'Missing asset_url parameter')

            ctx = taskmgr.TaskContext.new()
-            short_source_str = data['source'][-8:]
+            install_info = {
+                'asset_url': asset_url,
+                'owner': owner,
+                'repo': repo,
+                'release_tag': release_tag,
+                'github_url': f'https://github.com/{owner}/{repo}',
+            }
+
            wrapper = self.ap.task_mgr.create_user_task(
-                self.ap.plugin_mgr.install_plugin(data['source'], task_context=ctx),
+                self.ap.plugin_connector.install_plugin(PluginInstallSource.GITHUB, install_info, task_context=ctx),
                kind='plugin-operation',
                name='plugin-install-github',
-                label=f'Installing plugin ...{short_source_str}',
+                label=f'Installing plugin from GitHub {owner}/{repo}@{release_tag}',
                context=ctx,
            )

            return self.success(data={'task_id': wrapper.id})
+
+        @self.route(
+            '/install/marketplace',
+            methods=['POST'],
+            auth_type=group.AuthType.USER_TOKEN,
+        )
+        async def _() -> str:
+            data = await quart.request.json
+
+            ctx = taskmgr.TaskContext.new()
+            wrapper = self.ap.task_mgr.create_user_task(
+                self.ap.plugin_connector.install_plugin(PluginInstallSource.MARKETPLACE, data, task_context=ctx),
+                kind='plugin-operation',
+                name='plugin-install-marketplace',
+                label=f'Installing plugin from marketplace ...{data}',
+                context=ctx,
+            )
+
+            return self.success(data={'task_id': wrapper.id})
+
+        @self.route('/install/local', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
+        async def _() -> str:
+            file = (await quart.request.files).get('file')
+            if file is None:
+                return self.http_status(400, -1, 'file is required')
+
+            file_bytes = file.read()
+
+            data = {
+                'plugin_file': file_bytes,
+            }
+
+            ctx = taskmgr.TaskContext.new()
+            wrapper = self.ap.task_mgr.create_user_task(
+                self.ap.plugin_connector.install_plugin(PluginInstallSource.LOCAL, data, task_context=ctx),
+                kind='plugin-operation',
+                name='plugin-install-local',
+                label=f'Installing plugin from local ...{file.filename}',
+                context=ctx,
+            )
+
+            return self.success(data={'task_id': wrapper.id})
+
+        @self.route('/config-files', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
+        async def _() -> str:
+            """Upload a file for plugin configuration"""
+            file = (await quart.request.files).get('file')
+            if file is None:
+                return self.http_status(400, -1, 'file is required')
+
+            # Check file size (10MB limit)
+            MAX_FILE_SIZE = 10 * 1024 * 1024  # 10MB
+            file_bytes = file.read()
+            if len(file_bytes) > MAX_FILE_SIZE:
+                return self.http_status(400, -1, 'file size exceeds 10MB limit')
+
+            # Generate unique file key with original extension
+            original_filename = file.filename
+            _, ext = os.path.splitext(original_filename)
+            file_key = f'plugin_config_{uuid.uuid4().hex}{ext}'
+
+            # Save file using storage manager
+            await self.ap.storage_mgr.storage_provider.save(file_key, file_bytes)
+
+            return self.success(data={'file_key': file_key})
+
+        @self.route('/config-files/<file_key>', methods=['DELETE'], auth_type=group.AuthType.USER_TOKEN)
+        async def _(file_key: str) -> str:
+            """Delete a plugin configuration file"""
+            # Only allow deletion of files with plugin_config_ prefix for security
+            if not file_key.startswith('plugin_config_'):
+                return self.http_status(400, -1, 'invalid file key')
+
+            try:
+                await self.ap.storage_mgr.storage_provider.delete(file_key)
+                return self.success(data={'deleted': True})
+            except Exception as e:
+                return self.http_status(500, -1, f'failed to delete file: {str(e)}')
--- a/pkg/api/http/controller/groups/provider/models.py
+++ b/pkg/api/http/controller/groups/provider/models.py
@@ -6,7 +6,7 @@ from ... import group
@group.group_class('models/llm', '/api/v1/provider/models/llm')
 class LLMModelsRouterGroup(group.RouterGroup):
    async def initialize(self) -> None:
-        @self.route('', methods=['GET', 'POST'])
+        @self.route('', methods=['GET', 'POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _() -> str:
            if quart.request.method == 'GET':
                return self.success(data={'models': await self.ap.llm_model_service.get_llm_models()})
@@ -17,7 +17,7 @@ class LLMModelsRouterGroup(group.RouterGroup):

                return self.success(data={'uuid': model_uuid})

-        @self.route('/<model_uuid>', methods=['GET', 'PUT', 'DELETE'])
+        @self.route('/<model_uuid>', methods=['GET', 'PUT', 'DELETE'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _(model_uuid: str) -> str:
            if quart.request.method == 'GET':
                model = await self.ap.llm_model_service.get_llm_model(model_uuid)
@@ -37,7 +37,7 @@ class LLMModelsRouterGroup(group.RouterGroup):

                return self.success()

-        @self.route('/<model_uuid>/test', methods=['POST'])
+        @self.route('/<model_uuid>/test', methods=['POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _(model_uuid: str) -> str:
            json_data = await quart.request.json

@@ -49,7 +49,7 @@ class LLMModelsRouterGroup(group.RouterGroup):
@group.group_class('models/embedding', '/api/v1/provider/models/embedding')
 class EmbeddingModelsRouterGroup(group.RouterGroup):
    async def initialize(self) -> None:
-        @self.route('', methods=['GET', 'POST'])
+        @self.route('', methods=['GET', 'POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _() -> str:
            if quart.request.method == 'GET':
                return self.success(data={'models': await self.ap.embedding_models_service.get_embedding_models()})
@@ -60,7 +60,7 @@ class EmbeddingModelsRouterGroup(group.RouterGroup):

                return self.success(data={'uuid': model_uuid})

-        @self.route('/<model_uuid>', methods=['GET', 'PUT', 'DELETE'])
+        @self.route('/<model_uuid>', methods=['GET', 'PUT', 'DELETE'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _(model_uuid: str) -> str:
            if quart.request.method == 'GET':
                model = await self.ap.embedding_models_service.get_embedding_model(model_uuid)
@@ -80,7 +80,7 @@ class EmbeddingModelsRouterGroup(group.RouterGroup):

                return self.success()

-        @self.route('/<model_uuid>/test', methods=['POST'])
+        @self.route('/<model_uuid>/test', methods=['POST'], auth_type=group.AuthType.USER_TOKEN_OR_API_KEY)
        async def _(model_uuid: str) -> str:
            json_data = await quart.request.json

--- a/pkg/api/http/controller/groups/resources/init.py
+++ b/pkg/api/http/controller/groups/resources/init.py
--- a/pkg/api/http/controller/groups/resources/mcp.py
+++ b/pkg/api/http/controller/groups/resources/mcp.py
@@ -0,0 +1,62 @@
+from __future__ import annotations
+
+import quart
+import traceback
+
+
+from ... import group
+
+
+@group.group_class('mcp', '/api/v1/mcp')
+class MCPRouterGroup(group.RouterGroup):
+    async def initialize(self) -> None:
+        @self.route('/servers', methods=['GET', 'POST'], auth_type=group.AuthType.USER_TOKEN)
+        async def _() -> str:
+            """获取MCP服务器列表"""
+            if quart.request.method == 'GET':
+                servers = await self.ap.mcp_service.get_mcp_servers(contain_runtime_info=True)
+
+                return self.success(data={'servers': servers})
+
+            elif quart.request.method == 'POST':
+                data = await quart.request.json
+
+                try:
+                    uuid = await self.ap.mcp_service.create_mcp_server(data)
+                    return self.success(data={'uuid': uuid})
+                except Exception as e:
+                    traceback.print_exc()
+                    return self.http_status(500, -1, f'Failed to create MCP server: {str(e)}')
+
+        @self.route('/servers/<server_name>', methods=['GET', 'PUT', 'DELETE'], auth_type=group.AuthType.USER_TOKEN)
+        async def _(server_name: str) -> str:
+            """获取、更新或删除MCP服务器配置"""
+
+            server_data = await self.ap.mcp_service.get_mcp_server_by_name(server_name)
+            if server_data is None:
+                return self.http_status(404, -1, 'Server not found')
+
+            if quart.request.method == 'GET':
+                return self.success(data={'server': server_data})
+
+            elif quart.request.method == 'PUT':
+                data = await quart.request.json
+                try:
+                    await self.ap.mcp_service.update_mcp_server(server_data['uuid'], data)
+                    return self.success()
+                except Exception as e:
+                    return self.http_status(500, -1, f'Failed to update MCP server: {str(e)}')
+
+            elif quart.request.method == 'DELETE':
+                try:
+                    await self.ap.mcp_service.delete_mcp_server(server_data['uuid'])
+                    return self.success()
+                except Exception as e:
+                    return self.http_status(500, -1, f'Failed to delete MCP server: {str(e)}')
+
+        @self.route('/servers/<server_name>/test', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
+        async def _(server_name: str) -> str:
+            """测试MCP服务器连接"""
+            server_data = await quart.request.json
+            task_id = await self.ap.mcp_service.test_mcp_server(server_name=server_name, server_data=server_data)
+            return self.success(data={'task_id': task_id})
--- a/pkg/api/http/controller/groups/system.py
+++ b/pkg/api/http/controller/groups/system.py
@@ -13,7 +13,16 @@ class SystemRouterGroup(group.RouterGroup):
                data={
                    'version': constants.semantic_version,
                    'debug': constants.debug_mode,
-                    'enabled_platform_count': len(self.ap.platform_mgr.get_running_adapters()),
+                    'enable_marketplace': self.ap.instance_config.data.get('plugin', {}).get(
+                        'enable_marketplace', True
+                    ),
+                    'cloud_service_url': (
+                        self.ap.instance_config.data.get('plugin', {}).get(
+                            'cloud_service_url', 'https://space.langbot.app'
+                        )
+                        if 'cloud_service_url' in self.ap.instance_config.data.get('plugin', {})
+                        else 'https://space.langbot.app'
+                    ),
                }
            )

@@ -35,16 +44,7 @@ class SystemRouterGroup(group.RouterGroup):

            return self.success(data=task.to_dict())

-        @self.route('/reload', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
-        async def _() -> str:
-            json_data = await quart.request.json
-
-            scope = json_data.get('scope')
-
-            await self.ap.reload(scope=scope)
-            return self.success()
-
-        @self.route('/_debug/exec', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
+        @self.route('/debug/exec', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
        async def _() -> str:
            if not constants.debug_mode:
                return self.http_status(403, 403, 'Forbidden')
@@ -54,3 +54,62 @@ class SystemRouterGroup(group.RouterGroup):
            ap = self.ap

            return self.success(data=exec(py_code, {'ap': ap}))
+
+        @self.route('/debug/tools/call', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
+        async def _() -> str:
+            if not constants.debug_mode:
+                return self.http_status(403, 403, 'Forbidden')
+
+            data = await quart.request.json
+
+            return self.success(
+                data=await self.ap.tool_mgr.execute_func_call(data['tool_name'], data['tool_parameters'])
+            )
+
+        @self.route(
+            '/debug/plugin/action',
+            methods=['POST'],
+            auth_type=group.AuthType.USER_TOKEN,
+        )
+        async def _() -> str:
+            if not constants.debug_mode:
+                return self.http_status(403, 403, 'Forbidden')
+
+            data = await quart.request.json
+
+            class AnoymousAction:
+                value = 'anonymous_action'
+
+                def __init__(self, value: str):
+                    self.value = value
+
+            resp = await self.ap.plugin_connector.handler.call_action(
+                AnoymousAction(data['action']),
+                data['data'],
+                timeout=data.get('timeout', 10),
+            )
+
+            return self.success(data=resp)
+
+        @self.route(
+            '/status/plugin-system',
+            methods=['GET'],
+            auth_type=group.AuthType.USER_TOKEN,
+        )
+        async def _() -> str:
+            plugin_connector_error = 'ok'
+            is_connected = True
+
+            try:
+                await self.ap.plugin_connector.ping_plugin_runtime()
+            except Exception as e:
+                plugin_connector_error = str(e)
+                is_connected = False
+
+            return self.success(
+                data={
+                    'is_enable': self.ap.plugin_connector.is_enable_plugin,
+                    'is_connected': is_connected,
+                    'plugin_connector_error': plugin_connector_error,
+                }
+            )
--- a/pkg/api/http/controller/groups/user.py
+++ b/pkg/api/http/controller/groups/user.py
@@ -71,15 +71,15 @@ class UserRouterGroup(group.RouterGroup):
        @self.route('/change-password', methods=['POST'], auth_type=group.AuthType.USER_TOKEN)
        async def _(user_email: str) -> str:
            json_data = await quart.request.json
-            
+
            current_password = json_data['current_password']
            new_password = json_data['new_password']
-            
+
            try:
                await self.ap.user_service.change_password(user_email, current_password, new_password)
            except argon2.exceptions.VerifyMismatchError:
                return self.http_status(400, -1, 'Current password is incorrect')
            except ValueError as e:
                return self.http_status(400, -1, str(e))
-            
+
            return self.success(data={'user': user_email})
--- a/pkg/api/http/controller/groups/webhooks.py
+++ b/pkg/api/http/controller/groups/webhooks.py
@@ -0,0 +1,49 @@
+import quart
+
+from .. import group
+
+
+@group.group_class('webhooks', '/api/v1/webhooks')
+class WebhooksRouterGroup(group.RouterGroup):
+    async def initialize(self) -> None:
+        @self.route('', methods=['GET', 'POST'])
+        async def _() -> str:
+            if quart.request.method == 'GET':
+                webhooks = await self.ap.webhook_service.get_webhooks()
+                return self.success(data={'webhooks': webhooks})
+            elif quart.request.method == 'POST':
+                json_data = await quart.request.json
+                name = json_data.get('name', '')
+                url = json_data.get('url', '')
+                description = json_data.get('description', '')
+                enabled = json_data.get('enabled', True)
+
+                if not name:
+                    return self.http_status(400, -1, 'Name is required')
+                if not url:
+                    return self.http_status(400, -1, 'URL is required')
+
+                webhook = await self.ap.webhook_service.create_webhook(name, url, description, enabled)
+                return self.success(data={'webhook': webhook})
+
+        @self.route('/<int:webhook_id>', methods=['GET', 'PUT', 'DELETE'])
+        async def _(webhook_id: int) -> str:
+            if quart.request.method == 'GET':
+                webhook = await self.ap.webhook_service.get_webhook(webhook_id)
+                if webhook is None:
+                    return self.http_status(404, -1, 'Webhook not found')
+                return self.success(data={'webhook': webhook})
+
+            elif quart.request.method == 'PUT':
+                json_data = await quart.request.json
+                name = json_data.get('name')
+                url = json_data.get('url')
+                description = json_data.get('description')
+                enabled = json_data.get('enabled')
+
+                await self.ap.webhook_service.update_webhook(webhook_id, name, url, description, enabled)
+                return self.success()
+
+            elif quart.request.method == 'DELETE':
+                await self.ap.webhook_service.delete_webhook(webhook_id)
+                return self.success()
--- a/pkg/api/http/controller/main.py
+++ b/pkg/api/http/controller/main.py
@@ -5,6 +5,7 @@ import os

 import quart
 import quart_cors
+from werkzeug.exceptions import RequestEntityTooLarge

 from ....core import app, entities as core_entities
 from ....utils import importutil
@@ -15,12 +16,14 @@ from .groups import provider as groups_provider
 from .groups import platform as groups_platform
 from .groups import pipelines as groups_pipelines
 from .groups import knowledge as groups_knowledge
+from .groups import resources as groups_resources

 importutil.import_modules_in_pkg(groups)
 importutil.import_modules_in_pkg(groups_provider)
 importutil.import_modules_in_pkg(groups_platform)
 importutil.import_modules_in_pkg(groups_pipelines)
 importutil.import_modules_in_pkg(groups_knowledge)
+importutil.import_modules_in_pkg(groups_resources)


 class HTTPController:
@@ -33,7 +36,20 @@ class HTTPController:
        self.quart_app = quart.Quart(__name__)
        quart_cors.cors(self.quart_app, allow_origin='*')

+        # Set maximum content length to prevent large file uploads
+        self.quart_app.config['MAX_CONTENT_LENGTH'] = group.MAX_FILE_SIZE
+
    async def initialize(self) -> None:
+        # Register custom error handler for file size limit
+        @self.quart_app.errorhandler(RequestEntityTooLarge)
+        async def handle_request_entity_too_large(e):
+            return quart.jsonify(
+                {
+                    'code': 400,
+                    'msg': 'File size exceeds 10MB limit. Please split large files into smaller parts.',
+                }
+            ), 400
+
        await self.register_routes()

    async def run(self) -> None:
--- a/pkg/api/http/service/apikey.py
+++ b/pkg/api/http/service/apikey.py
@@ -0,0 +1,79 @@
+from __future__ import annotations
+
+import secrets
+import sqlalchemy
+
+from ....core import app
+from ....entity.persistence import apikey
+
+
+class ApiKeyService:
+    ap: app.Application
+
+    def __init__(self, ap: app.Application) -> None:
+        self.ap = ap
+
+    async def get_api_keys(self) -> list[dict]:
+        """Get all API keys"""
+        result = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(apikey.ApiKey))
+
+        keys = result.all()
+        return [self.ap.persistence_mgr.serialize_model(apikey.ApiKey, key) for key in keys]
+
+    async def create_api_key(self, name: str, description: str = '') -> dict:
+        """Create a new API key"""
+        # Generate a secure random API key
+        key = f'lbk_{secrets.token_urlsafe(32)}'
+
+        key_data = {'name': name, 'key': key, 'description': description}
+
+        await self.ap.persistence_mgr.execute_async(sqlalchemy.insert(apikey.ApiKey).values(**key_data))
+
+        # Retrieve the created key
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(apikey.ApiKey).where(apikey.ApiKey.key == key)
+        )
+        created_key = result.first()
+
+        return self.ap.persistence_mgr.serialize_model(apikey.ApiKey, created_key)
+
+    async def get_api_key(self, key_id: int) -> dict | None:
+        """Get a specific API key by ID"""
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(apikey.ApiKey).where(apikey.ApiKey.id == key_id)
+        )
+
+        key = result.first()
+
+        if key is None:
+            return None
+
+        return self.ap.persistence_mgr.serialize_model(apikey.ApiKey, key)
+
+    async def verify_api_key(self, key: str) -> bool:
+        """Verify if an API key is valid"""
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(apikey.ApiKey).where(apikey.ApiKey.key == key)
+        )
+
+        key_obj = result.first()
+        return key_obj is not None
+
+    async def delete_api_key(self, key_id: int) -> None:
+        """Delete an API key"""
+        await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.delete(apikey.ApiKey).where(apikey.ApiKey.id == key_id)
+        )
+
+    async def update_api_key(self, key_id: int, name: str = None, description: str = None) -> None:
+        """Update an API key's metadata (name, description)"""
+        update_data = {}
+        if name is not None:
+            update_data['name'] = name
+        if description is not None:
+            update_data['description'] = description
+
+        if update_data:
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.update(apikey.ApiKey).where(apikey.ApiKey.id == key_id).values(**update_data)
+            )
--- a/pkg/api/http/service/bot.py
+++ b/pkg/api/http/service/bot.py
@@ -17,16 +17,20 @@ class BotService:
    def __init__(self, ap: app.Application) -> None:
        self.ap = ap

-    async def get_bots(self) -> list[dict]:
-        """Get all bots"""
+    async def get_bots(self, include_secret: bool = True) -> list[dict]:
+        """获取所有机器人"""
        result = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(persistence_bot.Bot))

        bots = result.all()

-        return [self.ap.persistence_mgr.serialize_model(persistence_bot.Bot, bot) for bot in bots]
+        masked_columns = []
+        if not include_secret:
+            masked_columns = ['adapter_config']

-    async def get_bot(self, bot_uuid: str) -> dict | None:
-        """Get bot"""
+        return [self.ap.persistence_mgr.serialize_model(persistence_bot.Bot, bot, masked_columns) for bot in bots]
+
+    async def get_bot(self, bot_uuid: str, include_secret: bool = True) -> dict | None:
+        """获取机器人"""
        result = await self.ap.persistence_mgr.execute_async(
            sqlalchemy.select(persistence_bot.Bot).where(persistence_bot.Bot.uuid == bot_uuid)
        )
@@ -36,7 +40,27 @@ class BotService:
        if bot is None:
            return None

-        return self.ap.persistence_mgr.serialize_model(persistence_bot.Bot, bot)
+        masked_columns = []
+        if not include_secret:
+            masked_columns = ['adapter_config']
+
+        return self.ap.persistence_mgr.serialize_model(persistence_bot.Bot, bot, masked_columns)
+
+    async def get_runtime_bot_info(self, bot_uuid: str, include_secret: bool = True) -> dict:
+        """获取机器人运行时信息"""
+        persistence_bot = await self.get_bot(bot_uuid, include_secret)
+        if persistence_bot is None:
+            raise Exception('Bot not found')
+
+        adapter_runtime_values = {}
+
+        runtime_bot = await self.ap.platform_mgr.get_bot_by_uuid(bot_uuid)
+        if runtime_bot is not None:
+            adapter_runtime_values['bot_account_id'] = runtime_bot.adapter.bot_account_id
+
+        persistence_bot['adapter_runtime_values'] = adapter_runtime_values
+
+        return persistence_bot

    async def create_bot(self, bot_data: dict) -> str:
        """Create bot"""
--- a/pkg/api/http/service/mcp.py
+++ b/pkg/api/http/service/mcp.py
@@ -0,0 +1,158 @@
+from __future__ import annotations
+
+import sqlalchemy
+import uuid
+import asyncio
+
+from ....core import app
+from ....entity.persistence import mcp as persistence_mcp
+from ....core import taskmgr
+from ....provider.tools.loaders.mcp import RuntimeMCPSession, MCPSessionStatus
+
+
+class MCPService:
+    ap: app.Application
+
+    def __init__(self, ap: app.Application) -> None:
+        self.ap = ap
+
+    async def get_runtime_info(self, server_name: str) -> dict | None:
+        session = self.ap.tool_mgr.mcp_tool_loader.get_session(server_name)
+        if session:
+            return session.get_runtime_info_dict()
+        return None
+
+    async def get_mcp_servers(self, contain_runtime_info: bool = False) -> list[dict]:
+        result = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(persistence_mcp.MCPServer))
+
+        servers = result.all()
+        serialized_servers = [
+            self.ap.persistence_mgr.serialize_model(persistence_mcp.MCPServer, server) for server in servers
+        ]
+        if contain_runtime_info:
+            for server in serialized_servers:
+                runtime_info = await self.get_runtime_info(server['name'])
+
+                server['runtime_info'] = runtime_info if runtime_info else None
+
+        return serialized_servers
+
+    async def create_mcp_server(self, server_data: dict) -> str:
+        server_data['uuid'] = str(uuid.uuid4())
+        await self.ap.persistence_mgr.execute_async(sqlalchemy.insert(persistence_mcp.MCPServer).values(server_data))
+
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_mcp.MCPServer).where(persistence_mcp.MCPServer.uuid == server_data['uuid'])
+        )
+        server_entity = result.first()
+        if server_entity:
+            server_config = self.ap.persistence_mgr.serialize_model(persistence_mcp.MCPServer, server_entity)
+            if self.ap.tool_mgr.mcp_tool_loader:
+                task = asyncio.create_task(self.ap.tool_mgr.mcp_tool_loader.host_mcp_server(server_config))
+                self.ap.tool_mgr.mcp_tool_loader._hosted_mcp_tasks.append(task)
+
+        return server_data['uuid']
+
+    async def get_mcp_server_by_name(self, server_name: str) -> dict | None:
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_mcp.MCPServer).where(persistence_mcp.MCPServer.name == server_name)
+        )
+        server = result.first()
+        if server is None:
+            return None
+
+        runtime_info = await self.get_runtime_info(server.name)
+        server_data = self.ap.persistence_mgr.serialize_model(persistence_mcp.MCPServer, server)
+        server_data['runtime_info'] = runtime_info if runtime_info else None
+        return server_data
+
+    async def update_mcp_server(self, server_uuid: str, server_data: dict) -> None:
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_mcp.MCPServer).where(persistence_mcp.MCPServer.uuid == server_uuid)
+        )
+        old_server = result.first()
+        old_server_name = old_server.name if old_server else None
+        old_enable = old_server.enable if old_server else False
+
+        await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.update(persistence_mcp.MCPServer)
+            .where(persistence_mcp.MCPServer.uuid == server_uuid)
+            .values(server_data)
+        )
+
+        if self.ap.tool_mgr.mcp_tool_loader:
+            new_enable = server_data.get('enable', False)
+
+            need_remove = old_server_name and old_server_name in self.ap.tool_mgr.mcp_tool_loader.sessions
+            need_start = new_enable
+
+            
+            if old_enable and not new_enable:
+                if need_remove:
+                    await self.ap.tool_mgr.mcp_tool_loader.remove_mcp_server(old_server_name)
+            
+            elif not old_enable and new_enable:
+                result = await self.ap.persistence_mgr.execute_async(
+                    sqlalchemy.select(persistence_mcp.MCPServer).where(persistence_mcp.MCPServer.uuid == server_uuid)
+                )
+                updated_server = result.first()
+                if updated_server:
+                    server_config = self.ap.persistence_mgr.serialize_model(persistence_mcp.MCPServer, updated_server)
+                    task = asyncio.create_task(self.ap.tool_mgr.mcp_tool_loader.host_mcp_server(server_config))
+                    self.ap.tool_mgr.mcp_tool_loader._hosted_mcp_tasks.append(task)
+            
+            elif old_enable and new_enable:
+                if need_remove:
+                    await self.ap.tool_mgr.mcp_tool_loader.remove_mcp_server(old_server_name)
+                result = await self.ap.persistence_mgr.execute_async(
+                    sqlalchemy.select(persistence_mcp.MCPServer).where(persistence_mcp.MCPServer.uuid == server_uuid)
+                )
+                updated_server = result.first()
+                if updated_server:
+                    server_config = self.ap.persistence_mgr.serialize_model(persistence_mcp.MCPServer, updated_server)
+                    task = asyncio.create_task(self.ap.tool_mgr.mcp_tool_loader.host_mcp_server(server_config))
+                    self.ap.tool_mgr.mcp_tool_loader._hosted_mcp_tasks.append(task)
+            
+
+    async def delete_mcp_server(self, server_uuid: str) -> None:
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_mcp.MCPServer).where(persistence_mcp.MCPServer.uuid == server_uuid)
+        )
+        server = result.first()
+        server_name = server.name if server else None
+
+        await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.delete(persistence_mcp.MCPServer).where(persistence_mcp.MCPServer.uuid == server_uuid)
+        )
+
+        if server_name and self.ap.tool_mgr.mcp_tool_loader:
+            if server_name in self.ap.tool_mgr.mcp_tool_loader.sessions:
+                await self.ap.tool_mgr.mcp_tool_loader.remove_mcp_server(server_name)
+
+    async def test_mcp_server(self, server_name: str, server_data: dict) -> int:
+        """测试 MCP 服务器连接并返回任务 ID"""
+
+        runtime_mcp_session: RuntimeMCPSession | None = None
+
+        if server_name != '_':
+            runtime_mcp_session = self.ap.tool_mgr.mcp_tool_loader.get_session(server_name)
+            if runtime_mcp_session is None:
+                raise ValueError(f'Server not found: {server_name}')
+
+            if runtime_mcp_session.status == MCPSessionStatus.ERROR:
+                coroutine = runtime_mcp_session.start()
+            else:
+                coroutine = runtime_mcp_session.refresh()
+        else:
+            runtime_mcp_session = await self.ap.tool_mgr.mcp_tool_loader.load_mcp_server(server_config=server_data)
+            coroutine = runtime_mcp_session.start()
+
+        ctx = taskmgr.TaskContext.new()
+        wrapper = self.ap.task_mgr.create_user_task(
+            coroutine,
+            kind='mcp-operation',
+            name=f'mcp-test-{server_name}',
+            label=f'Testing MCP server {server_name}',
+            context=ctx,
+        )
+        return wrapper.id
--- a/pkg/api/http/service/model.py
+++ b/pkg/api/http/service/model.py
@@ -1,13 +1,14 @@
 from __future__ import annotations

 import uuid
+
 import sqlalchemy
+from langbot_plugin.api.entities.builtin.provider import message as provider_message

 from ....core import app
 from ....entity.persistence import model as persistence_model
 from ....entity.persistence import pipeline as persistence_pipeline
 from ....provider.modelmgr import requester as model_requester
-from ....provider import entities as llm_entities


 class LLMModelsService:
@@ -16,11 +17,19 @@ class LLMModelsService:
    def __init__(self, ap: app.Application) -> None:
        self.ap = ap

-    async def get_llm_models(self) -> list[dict]:
+    async def get_llm_models(self, include_secret: bool = True) -> list[dict]:
        result = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(persistence_model.LLMModel))

        models = result.all()
-        return [self.ap.persistence_mgr.serialize_model(persistence_model.LLMModel, model) for model in models]
+
+        masked_columns = []
+        if not include_secret:
+            masked_columns = ['api_keys']
+
+        return [
+            self.ap.persistence_mgr.serialize_model(persistence_model.LLMModel, model, masked_columns)
+            for model in models
+        ]

    async def create_llm_model(self, model_data: dict) -> str:
        model_data['uuid'] = str(uuid.uuid4())
@@ -96,12 +105,18 @@ class LLMModelsService:
        else:
            runtime_llm_model = await self.ap.model_mgr.init_runtime_llm_model(model_data)

+        # Mon Nov 10 2025: Commented for some providers may not support thinking parameter
+        # # 有些模型厂商默认开启了思考功能，测试容易延迟
+        # extra_args = model_data.get('extra_args', {})
+        # if not extra_args or 'thinking' not in extra_args:
+        #     extra_args['thinking'] = {'type': 'disabled'}
+
        await runtime_llm_model.requester.invoke_llm(
            query=None,
            model=runtime_llm_model,
-            messages=[llm_entities.Message(role='user', content='Hello, world!')],
+            messages=[provider_message.Message(role='user', content='Hello, world! Please just reply a "Hello".')],
            funcs=[],
-            extra_args=model_data.get('extra_args', {}),
+            # extra_args=extra_args,
        )


--- a/pkg/api/http/service/pipeline.py
+++ b/pkg/api/http/service/pipeline.py
@@ -136,3 +136,33 @@ class PipelineService:
            )
        )
        await self.ap.pipeline_mgr.remove_pipeline(pipeline_uuid)
+
+    async def update_pipeline_extensions(self, pipeline_uuid: str, bound_plugins: list[dict], bound_mcp_servers: list[str] = None) -> None:
+        """Update the bound plugins and MCP servers for a pipeline"""
+        # Get current pipeline
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(persistence_pipeline.LegacyPipeline).where(
+                persistence_pipeline.LegacyPipeline.uuid == pipeline_uuid
+            )
+        )
+        
+        pipeline = result.first()
+        if pipeline is None:
+            raise ValueError(f'Pipeline {pipeline_uuid} not found')
+        
+        # Update extensions_preferences
+        extensions_preferences = pipeline.extensions_preferences or {}
+        extensions_preferences['plugins'] = bound_plugins
+        if bound_mcp_servers is not None:
+            extensions_preferences['mcp_servers'] = bound_mcp_servers
+        
+        await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.update(persistence_pipeline.LegacyPipeline)
+            .where(persistence_pipeline.LegacyPipeline.uuid == pipeline_uuid)
+            .values(extensions_preferences=extensions_preferences)
+        )
+        
+        # Reload pipeline to apply changes
+        await self.ap.pipeline_mgr.remove_pipeline(pipeline_uuid)
+        pipeline = await self.get_pipeline(pipeline_uuid)
+        await self.ap.pipeline_mgr.load_pipeline(pipeline)
--- a/pkg/api/http/service/user.py
+++ b/pkg/api/http/service/user.py
@@ -85,15 +85,15 @@ class UserService:

    async def change_password(self, user_email: str, current_password: str, new_password: str) -> None:
        ph = argon2.PasswordHasher()
-        
+
        user_obj = await self.get_user_by_email(user_email)
        if user_obj is None:
            raise ValueError('User not found')
-        
+
        ph.verify(user_obj.password, current_password)
-        
+
        hashed_password = ph.hash(new_password)
-        
+
        await self.ap.persistence_mgr.execute_async(
            sqlalchemy.update(user.User).where(user.User.user == user_email).values(password=hashed_password)
        )
--- a/pkg/api/http/service/webhook.py
+++ b/pkg/api/http/service/webhook.py
@@ -0,0 +1,81 @@
+from __future__ import annotations
+
+import sqlalchemy
+
+from ....core import app
+from ....entity.persistence import webhook
+
+
+class WebhookService:
+    ap: app.Application
+
+    def __init__(self, ap: app.Application) -> None:
+        self.ap = ap
+
+    async def get_webhooks(self) -> list[dict]:
+        """Get all webhooks"""
+        result = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(webhook.Webhook))
+
+        webhooks = result.all()
+        return [self.ap.persistence_mgr.serialize_model(webhook.Webhook, wh) for wh in webhooks]
+
+    async def create_webhook(self, name: str, url: str, description: str = '', enabled: bool = True) -> dict:
+        """Create a new webhook"""
+        webhook_data = {'name': name, 'url': url, 'description': description, 'enabled': enabled}
+
+        await self.ap.persistence_mgr.execute_async(sqlalchemy.insert(webhook.Webhook).values(**webhook_data))
+
+        # Retrieve the created webhook
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(webhook.Webhook).where(webhook.Webhook.url == url).order_by(webhook.Webhook.id.desc())
+        )
+        created_webhook = result.first()
+
+        return self.ap.persistence_mgr.serialize_model(webhook.Webhook, created_webhook)
+
+    async def get_webhook(self, webhook_id: int) -> dict | None:
+        """Get a specific webhook by ID"""
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(webhook.Webhook).where(webhook.Webhook.id == webhook_id)
+        )
+
+        wh = result.first()
+
+        if wh is None:
+            return None
+
+        return self.ap.persistence_mgr.serialize_model(webhook.Webhook, wh)
+
+    async def update_webhook(
+        self, webhook_id: int, name: str = None, url: str = None, description: str = None, enabled: bool = None
+    ) -> None:
+        """Update a webhook's metadata"""
+        update_data = {}
+        if name is not None:
+            update_data['name'] = name
+        if url is not None:
+            update_data['url'] = url
+        if description is not None:
+            update_data['description'] = description
+        if enabled is not None:
+            update_data['enabled'] = enabled
+
+        if update_data:
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.update(webhook.Webhook).where(webhook.Webhook.id == webhook_id).values(**update_data)
+            )
+
+    async def delete_webhook(self, webhook_id: int) -> None:
+        """Delete a webhook"""
+        await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.delete(webhook.Webhook).where(webhook.Webhook.id == webhook_id)
+        )
+
+    async def get_enabled_webhooks(self) -> list[dict]:
+        """Get all enabled webhooks"""
+        result = await self.ap.persistence_mgr.execute_async(
+            sqlalchemy.select(webhook.Webhook).where(webhook.Webhook.enabled == True)
+        )
+
+        webhooks = result.all()
+        return [self.ap.persistence_mgr.serialize_model(webhook.Webhook, wh) for wh in webhooks]
--- a/pkg/command/cmdmgr.py
+++ b/pkg/command/cmdmgr.py
@@ -2,9 +2,12 @@ from __future__ import annotations

 import typing

-from ..core import app, entities as core_entities
-from . import entities, operator, errors
+from ..core import app
+from . import operator
 from ..utils import importutil
+import langbot_plugin.api.entities.builtin.provider.session as provider_session
+import langbot_plugin.api.entities.builtin.pipeline.query as pipeline_query
+from langbot_plugin.api.entities.builtin.command import context as command_context, errors as command_errors

 # 引入所有算子以便注册
 from . import operators
@@ -13,13 +16,11 @@ importutil.import_modules_in_pkg(operators)


 class CommandManager:
-    """命令管理器"""
-
    ap: app.Application

    cmd_list: list[operator.CommandOperator]
    """
-    运行时命令列表，扁平存储，各个对象包含对应的子节点引用
+    Runtime command list, flat storage, each object contains a reference to the corresponding child node
    """

    def __init__(self, ap: app.Application):
@@ -38,9 +39,9 @@ class CommandManager:
                set_path(cls, [])

        # 应用命令权限配置
-        for cls in operator.preregistered_operators:
-            if cls.path in self.ap.instance_config.data['command']['privilege']:
-                cls.lowest_privilege = self.ap.instance_config.data['command']['privilege'][cls.path]
+        # for cls in operator.preregistered_operators:
+        #     if cls.path in self.ap.instance_config.data['command']['privilege']:
+        #         cls.lowest_privilege = self.ap.instance_config.data['command']['privilege'][cls.path]

        # 实例化所有类
        self.cmd_list = [cls(self.ap) for cls in operator.preregistered_operators]
@@ -55,43 +56,30 @@ class CommandManager:

    async def _execute(
        self,
-        context: entities.ExecuteContext,
+        context: command_context.ExecuteContext,
        operator_list: list[operator.CommandOperator],
        operator: operator.CommandOperator = None,
-    ) -> typing.AsyncGenerator[entities.CommandReturn, None]:
+        bound_plugins: list[str] | None = None,
+    ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
        """执行命令"""

-        found = False
-        if len(context.crt_params) > 0:  # 查找下一个参数是否对应此节点的某个子节点名
-            for oper in operator_list:
-                if (context.crt_params[0] == oper.name or context.crt_params[0] in oper.alias) and (
-                    oper.parent_class is None or oper.parent_class == operator.__class__
-                ):
-                    found = True
+        command_list = await self.ap.plugin_connector.list_commands(bound_plugins)

-                    context.crt_command = context.crt_params[0]
-                    context.crt_params = context.crt_params[1:]
-
-                    async for ret in self._execute(context, oper.children, oper):
-                        yield ret
-                    break
-
-        if not found:  # 如果下一个参数未在此节点的子节点中找到，则执行此节点或者报错
-            if operator is None:
-                yield entities.CommandReturn(error=errors.CommandNotFoundError(context.crt_params[0]))
-            else:
-                if operator.lowest_privilege > context.privilege:
-                    yield entities.CommandReturn(error=errors.CommandPrivilegeError(operator.name))
-                else:
-                    async for ret in operator.execute(context):
-                        yield ret
+        for command in command_list:
+            if command.metadata.name == context.command:
+                async for ret in self.ap.plugin_connector.execute_command(context, bound_plugins):
+                    yield ret
+                break
+        else:
+            yield command_context.CommandReturn(error=command_errors.CommandNotFoundError(context.command))

    async def execute(
        self,
        command_text: str,
-        query: core_entities.Query,
-        session: core_entities.Session,
-    ) -> typing.AsyncGenerator[entities.CommandReturn, None]:
+        full_command_text: str,
+        query: pipeline_query.Query,
+        session: provider_session.Session,
+    ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
        """执行命令"""

        privilege = 1
@@ -99,10 +87,11 @@ class CommandManager:
        if f'{query.launcher_type.value}_{query.launcher_id}' in self.ap.instance_config.data['admins']:
            privilege = 2

-        ctx = entities.ExecuteContext(
-            query=query,
+        ctx = command_context.ExecuteContext(
+            query_id=query.query_id,
            session=session,
            command_text=command_text,
+            full_command_text=full_command_text,
            command='',
            crt_command='',
            params=command_text.split(' '),
@@ -110,5 +99,12 @@ class CommandManager:
            privilege=privilege,
        )

-        async for ret in self._execute(ctx, self.cmd_list):
+        ctx.command = ctx.params[0]
+
+        ctx.shift()
+
+        # Get bound plugins from query
+        bound_plugins = query.variables.get('_pipeline_bound_plugins', None)
+
+        async for ret in self._execute(ctx, self.cmd_list, bound_plugins=bound_plugins):
            yield ret
--- a/pkg/command/entities.py
+++ b/pkg/command/entities.py
@@ -1,74 +0,0 @@
-from __future__ import annotations
-
-import typing
-
-import pydantic.v1 as pydantic
-
-from ..core import entities as core_entities
-from . import errors
-from ..platform.types import message as platform_message
-
-
-class CommandReturn(pydantic.BaseModel):
-    """命令返回值"""
-
-    text: typing.Optional[str] = None
-    """文本
-    """
-
-    image: typing.Optional[platform_message.Image] = None
-    """弃用"""
-
-    image_url: typing.Optional[str] = None
-    """图片链接
-    """
-
-    error: typing.Optional[errors.CommandError] = None
-    """错误
-    """
-
-    class Config:
-        arbitrary_types_allowed = True
-
-
-class ExecuteContext(pydantic.BaseModel):
-    """单次命令执行上下文"""
-
-    query: core_entities.Query
-    """本次消息的请求对象"""
-
-    session: core_entities.Session
-    """本次消息所属的会话对象"""
-
-    command_text: str
-    """命令完整文本"""
-
-    command: str
-    """命令名称"""
-
-    crt_command: str
-    """当前命令
-    
-    多级命令中crt_command为当前命令，command为根命令。
-    例如：!plugin on Webwlkr
-    处理到plugin时，command为plugin，crt_command为plugin
-    处理到on时，command为plugin，crt_command为on
-    """
-
-    params: list[str]
-    """命令参数
-    
-    整个命令以空格分割后的参数列表
-    """
-
-    crt_params: list[str]
-    """当前命令参数
-
-    多级命令中crt_params为当前命令参数，params为根命令参数。
-    例如：!plugin on Webwlkr
-    处理到plugin时，params为['on', 'Webwlkr']，crt_params为['on', 'Webwlkr']
-    处理到on时，params为['on', 'Webwlkr']，crt_params为['Webwlkr']
-    """
-
-    privilege: int
-    """发起人权限"""
--- a/pkg/command/errors.py
+++ b/pkg/command/errors.py
@@ -1,26 +0,0 @@
-class CommandError(Exception):
-    def __init__(self, message: str = None):
-        self.message = message
-
-    def __str__(self):
-        return self.message
-
-
-class CommandNotFoundError(CommandError):
-    def __init__(self, message: str = None):
-        super().__init__('未知命令: ' + message)
-
-
-class CommandPrivilegeError(CommandError):
-    def __init__(self, message: str = None):
-        super().__init__('权限不足: ' + message)
-
-
-class ParamNotEnoughError(CommandError):
-    def __init__(self, message: str = None):
-        super().__init__('参数不足: ' + message)
-
-
-class CommandOperationError(CommandError):
-    def __init__(self, message: str = None):
-        super().__init__('操作失败: ' + message)
--- a/pkg/command/operator.py
+++ b/pkg/command/operator.py
@@ -4,7 +4,7 @@ import typing
 import abc

 from ..core import app
-from . import entities
+from langbot_plugin.api.entities.builtin.command import context as command_context


 preregistered_operators: list[typing.Type[CommandOperator]] = []
@@ -95,16 +95,18 @@ class CommandOperator(metaclass=abc.ABCMeta):
        pass

    @abc.abstractmethod
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
+    async def execute(
+        self, context: command_context.ExecuteContext
+    ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
        """实现此方法以执行命令

        支持多次yield以返回多个结果。
        例如：一个安装插件的命令，可能会有下载、解压、安装等多个步骤，每个步骤都可以返回一个结果。

        Args:
-            context (entities.ExecuteContext): 命令执行上下文
+            context (command_context.ExecuteContext): 命令执行上下文

        Yields:
-            entities.CommandReturn: 命令返回封装
+            command_context.CommandReturn: 命令返回封装
        """
        pass
--- a/pkg/command/operators/cmd.py
+++ b/pkg/command/operators/cmd.py
@@ -1,41 +0,0 @@
-from __future__ import annotations
-
-import typing
-
-from .. import operator, entities, errors
-
-
-@operator.operator_class(name='cmd', help='显示命令列表', usage='!cmd\n!cmd <命令名称>')
-class CmdOperator(operator.CommandOperator):
-    """命令列表"""
-
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        """执行"""
-        if len(context.crt_params) == 0:
-            reply_str = '当前所有命令: \n\n'
-
-            for cmd in self.ap.cmd_mgr.cmd_list:
-                if cmd.parent_class is None:
-                    reply_str += f'{cmd.name}: {cmd.help}\n'
-
-            reply_str += '\n使用 !cmd <命令名称> 查看命令的详细帮助'
-
-            yield entities.CommandReturn(text=reply_str.strip())
-
-        else:
-            cmd_name = context.crt_params[0]
-
-            cmd = None
-
-            for _cmd in self.ap.cmd_mgr.cmd_list:
-                if (cmd_name == _cmd.name or cmd_name in _cmd.alias) and (_cmd.parent_class is None):
-                    cmd = _cmd
-                    break
-
-            if cmd is None:
-                yield entities.CommandReturn(error=errors.CommandNotFoundError(cmd_name))
-            else:
-                reply_str = f'{cmd.name}: {cmd.help}\n\n'
-                reply_str += f'使用方法: \n{cmd.usage}'
-
-                yield entities.CommandReturn(text=reply_str.strip())
--- a/pkg/command/operators/delc.py
+++ b/pkg/command/operators/delc.py
@@ -1,43 +1,48 @@
-from __future__ import annotations
+# from __future__ import annotations

-import typing
+# import typing

-from .. import operator, entities, errors
+# from .. import operator
+# from langbot_plugin.api.entities.builtin.command import context as command_context, errors as command_errors


-@operator.operator_class(name='del', help='删除当前会话的历史记录', usage='!del <序号>\n!del all')
-class DelOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        if context.session.conversations:
-            delete_index = 0
-            if len(context.crt_params) > 0:
-                try:
-                    delete_index = int(context.crt_params[0])
-                except Exception:
-                    yield entities.CommandReturn(error=errors.CommandOperationError('索引必须是整数'))
-                    return
+# @operator.operator_class(name='del', help='删除当前会话的历史记录', usage='!del <序号>\n!del all')
+# class DelOperator(operator.CommandOperator):
+#     async def execute(
+#         self, context: command_context.ExecuteContext
+#     ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
+#         if context.session.conversations:
+#             delete_index = 0
+#             if len(context.crt_params) > 0:
+#                 try:
+#                     delete_index = int(context.crt_params[0])
+#                 except Exception:
+#                     yield command_context.CommandReturn(error=command_errors.CommandOperationError('索引必须是整数'))
+#                     return

-            if delete_index < 0 or delete_index >= len(context.session.conversations):
-                yield entities.CommandReturn(error=errors.CommandOperationError('索引超出范围'))
-                return
+#             if delete_index < 0 or delete_index >= len(context.session.conversations):
+#                 yield command_context.CommandReturn(error=command_errors.CommandOperationError('索引超出范围'))
+#                 return

-            # 倒序
-            to_delete_index = len(context.session.conversations) - 1 - delete_index
+#             # 倒序
+#             to_delete_index = len(context.session.conversations) - 1 - delete_index

-            if context.session.conversations[to_delete_index] == context.session.using_conversation:
-                context.session.using_conversation = None
+#             if context.session.conversations[to_delete_index] == context.session.using_conversation:
+#                 context.session.using_conversation = None

-            del context.session.conversations[to_delete_index]
+#             del context.session.conversations[to_delete_index]

-            yield entities.CommandReturn(text=f'已删除对话: {delete_index}')
-        else:
-            yield entities.CommandReturn(error=errors.CommandOperationError('当前没有对话'))
+#             yield command_context.CommandReturn(text=f'已删除对话: {delete_index}')
+#         else:
+#             yield command_context.CommandReturn(error=command_errors.CommandOperationError('当前没有对话'))


-@operator.operator_class(name='all', help='删除此会话的所有历史记录', parent_class=DelOperator)
-class DelAllOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        context.session.conversations = []
-        context.session.using_conversation = None
+# @operator.operator_class(name='all', help='删除此会话的所有历史记录', parent_class=DelOperator)
+# class DelAllOperator(operator.CommandOperator):
+#     async def execute(
+#         self, context: command_context.ExecuteContext
+#     ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
+#         context.session.conversations = []
+#         context.session.using_conversation = None

-        yield entities.CommandReturn(text='已删除所有对话')
+#         yield command_context.CommandReturn(text='已删除所有对话')
--- a/pkg/command/operators/func.py
+++ b/pkg/command/operators/func.py
@@ -1,26 +0,0 @@
-from __future__ import annotations
-from typing import AsyncGenerator
-
-from .. import operator, entities
-
-
-@operator.operator_class(name='func', help='查看所有已注册的内容函数', usage='!func')
-class FuncOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> AsyncGenerator[entities.CommandReturn, None]:
-        reply_str = '当前已启用的内容函数: \n\n'
-
-        index = 1
-
-        all_functions = await self.ap.tool_mgr.get_all_functions(
-            plugin_enabled=True,
-        )
-
-        for func in all_functions:
-            reply_str += '{}. {}:\n{}\n\n'.format(
-                index,
-                func.name,
-                func.description,
-            )
-            index += 1
-
-        yield entities.CommandReturn(text=reply_str)
--- a/pkg/command/operators/help.py
+++ b/pkg/command/operators/help.py
@@ -1,15 +0,0 @@
-from __future__ import annotations
-
-import typing
-
-from .. import operator, entities
-
-
-@operator.operator_class(name='help', help='显示帮助', usage='!help\n!help <命令名称>')
-class HelpOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        help = 'LangBot - 大语言模型原生即时通信机器人平台\n链接：https://langbot.app'
-
-        help += '\n发送命令 !cmd 可查看命令列表'
-
-        yield entities.CommandReturn(text=help)
--- a/pkg/command/operators/last.py
+++ b/pkg/command/operators/last.py
@@ -1,28 +1,33 @@
-from __future__ import annotations
+# from __future__ import annotations

-import typing
+# import typing


-from .. import operator, entities, errors
+# from .. import operator
+# from langbot_plugin.api.entities.builtin.command import context as command_context, errors as command_errors


-@operator.operator_class(name='last', help='切换到前一个对话', usage='!last')
-class LastOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        if context.session.conversations:
-            # 找到当前会话的上一个会话
-            for index in range(len(context.session.conversations) - 1, -1, -1):
-                if context.session.conversations[index] == context.session.using_conversation:
-                    if index == 0:
-                        yield entities.CommandReturn(error=errors.CommandOperationError('已经是第一个对话了'))
-                        return
-                    else:
-                        context.session.using_conversation = context.session.conversations[index - 1]
-                        time_str = context.session.using_conversation.create_time.strftime('%Y-%m-%d %H:%M:%S')
+# @operator.operator_class(name='last', help='切换到前一个对话', usage='!last')
+# class LastOperator(operator.CommandOperator):
+#     async def execute(
+#         self, context: command_context.ExecuteContext
+#     ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
+#         if context.session.conversations:
+#             # 找到当前会话的上一个会话
+#             for index in range(len(context.session.conversations) - 1, -1, -1):
+#                 if context.session.conversations[index] == context.session.using_conversation:
+#                     if index == 0:
+#                         yield command_context.CommandReturn(
+#                             error=command_errors.CommandOperationError('已经是第一个对话了')
+#                         )
+#                         return
+#                     else:
+#                         context.session.using_conversation = context.session.conversations[index - 1]
+#                         time_str = context.session.using_conversation.create_time.strftime('%Y-%m-%d %H:%M:%S')

-                        yield entities.CommandReturn(
-                            text=f'已切换到上一个对话: {index} {time_str}: {context.session.using_conversation.messages[0].readable_str()}'
-                        )
-                        return
-        else:
-            yield entities.CommandReturn(error=errors.CommandOperationError('当前没有对话'))
+#                         yield command_context.CommandReturn(
+#                             text=f'已切换到上一个对话: {index} {time_str}: {context.session.using_conversation.messages[0].readable_str()}'
+#                         )
+#                         return
+#         else:
+#             yield command_context.CommandReturn(error=command_errors.CommandOperationError('当前没有对话'))
--- a/pkg/command/operators/list.py
+++ b/pkg/command/operators/list.py
@@ -1,48 +1,51 @@
-from __future__ import annotations
+# from __future__ import annotations

-import typing
+# import typing

-from .. import operator, entities, errors
+# from .. import operator
+# from langbot_plugin.api.entities.builtin.command import context as command_context, errors as command_errors


-@operator.operator_class(name='list', help='列出此会话中的所有历史对话', usage='!list\n!list <页码>')
-class ListOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        page = 0
+# @operator.operator_class(name='list', help='列出此会话中的所有历史对话', usage='!list\n!list <页码>')
+# class ListOperator(operator.CommandOperator):
+#     async def execute(
+#         self, context: command_context.ExecuteContext
+#     ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
+#         page = 0

-        if len(context.crt_params) > 0:
-            try:
-                page = int(context.crt_params[0] - 1)
-            except Exception:
-                yield entities.CommandReturn(error=errors.CommandOperationError('页码应为整数'))
-                return
+#         if len(context.crt_params) > 0:
+#             try:
+#                 page = int(context.crt_params[0] - 1)
+#             except Exception:
+#                 yield command_context.CommandReturn(error=command_errors.CommandOperationError('页码应为整数'))
+#                 return

-        record_per_page = 10
+#         record_per_page = 10

-        content = ''
+#         content = ''

-        index = 0
+#         index = 0

-        using_conv_index = 0
+#         using_conv_index = 0

-        for conv in context.session.conversations[::-1]:
-            time_str = conv.create_time.strftime('%Y-%m-%d %H:%M:%S')
+#         for conv in context.session.conversations[::-1]:
+#             time_str = conv.create_time.strftime('%Y-%m-%d %H:%M:%S')

-            if conv == context.session.using_conversation:
-                using_conv_index = index
+#             if conv == context.session.using_conversation:
+#                 using_conv_index = index

-            if index >= page * record_per_page and index < (page + 1) * record_per_page:
-                content += (
-                    f'{index} {time_str}: {conv.messages[0].readable_str() if len(conv.messages) > 0 else "无内容"}\n'
-                )
-            index += 1
+#             if index >= page * record_per_page and index < (page + 1) * record_per_page:
+#                 content += (
+#                     f'{index} {time_str}: {conv.messages[0].readable_str() if len(conv.messages) > 0 else "无内容"}\n'
+#                 )
+#             index += 1

-        if content == '':
-            content = '无'
-        else:
-            if context.session.using_conversation is None:
-                content += '\n当前处于新会话'
-            else:
-                content += f'\n当前会话: {using_conv_index} {context.session.using_conversation.create_time.strftime("%Y-%m-%d %H:%M:%S")}: {context.session.using_conversation.messages[0].readable_str() if len(context.session.using_conversation.messages) > 0 else "无内容"}'
+#         if content == '':
+#             content = '无'
+#         else:
+#             if context.session.using_conversation is None:
+#                 content += '\n当前处于新会话'
+#             else:
+#                 content += f'\n当前会话: {using_conv_index} {context.session.using_conversation.create_time.strftime("%Y-%m-%d %H:%M:%S")}: {context.session.using_conversation.messages[0].readable_str() if len(context.session.using_conversation.messages) > 0 else "无内容"}'

-        yield entities.CommandReturn(text=f'第 {page + 1} 页 (时间倒序):\n{content}')
+#         yield command_context.CommandReturn(text=f'第 {page + 1} 页 (时间倒序):\n{content}')
--- a/pkg/command/operators/next.py
+++ b/pkg/command/operators/next.py
@@ -1,27 +1,32 @@
-from __future__ import annotations
+# from __future__ import annotations

-import typing
+# import typing

-from .. import operator, entities, errors
+# from .. import operator
+# from langbot_plugin.api.entities.builtin.command import context as command_context, errors as command_errors


-@operator.operator_class(name='next', help='切换到后一个对话', usage='!next')
-class NextOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        if context.session.conversations:
-            # 找到当前会话的下一个会话
-            for index in range(len(context.session.conversations)):
-                if context.session.conversations[index] == context.session.using_conversation:
-                    if index == len(context.session.conversations) - 1:
-                        yield entities.CommandReturn(error=errors.CommandOperationError('已经是最后一个对话了'))
-                        return
-                    else:
-                        context.session.using_conversation = context.session.conversations[index + 1]
-                        time_str = context.session.using_conversation.create_time.strftime('%Y-%m-%d %H:%M:%S')
+# @operator.operator_class(name='next', help='切换到后一个对话', usage='!next')
+# class NextOperator(operator.CommandOperator):
+#     async def execute(
+#         self, context: command_context.ExecuteContext
+#     ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
+#         if context.session.conversations:
+#             # 找到当前会话的下一个会话
+#             for index in range(len(context.session.conversations)):
+#                 if context.session.conversations[index] == context.session.using_conversation:
+#                     if index == len(context.session.conversations) - 1:
+#                         yield command_context.CommandReturn(
+#                             error=command_errors.CommandOperationError('已经是最后一个对话了')
+#                         )
+#                         return
+#                     else:
+#                         context.session.using_conversation = context.session.conversations[index + 1]
+#                         time_str = context.session.using_conversation.create_time.strftime('%Y-%m-%d %H:%M:%S')

-                        yield entities.CommandReturn(
-                            text=f'已切换到后一个对话: {index} {time_str}: {context.session.using_conversation.messages[0].content}'
-                        )
-                        return
-        else:
-            yield entities.CommandReturn(error=errors.CommandOperationError('当前没有对话'))
+#                         yield command_context.CommandReturn(
+#                             text=f'已切换到后一个对话: {index} {time_str}: {context.session.using_conversation.messages[0].content}'
+#                         )
+#                         return
+#         else:
+#             yield command_context.CommandReturn(error=command_errors.CommandOperationError('当前没有对话'))
--- a/pkg/command/operators/plugin.py
+++ b/pkg/command/operators/plugin.py
@@ -1,156 +0,0 @@
-from __future__ import annotations
-import typing
-import traceback
-
-from .. import operator, entities, errors
-
-
-@operator.operator_class(
-    name='plugin',
-    help='插件操作',
-    usage='!plugin\n!plugin get <插件仓库地址>\n!plugin update\n!plugin del <插件名>\n!plugin on <插件名>\n!plugin off <插件名>',
-)
-class PluginOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        plugin_list = self.ap.plugin_mgr.plugins()
-        reply_str = '所有插件({}):\n'.format(len(plugin_list))
-        idx = 0
-        for plugin in plugin_list:
-            reply_str += '\n#{} {} {}\n{}\nv{}\n作者: {}\n'.format(
-                (idx + 1),
-                plugin.plugin_name,
-                '[已禁用]' if not plugin.enabled else '',
-                plugin.plugin_description,
-                plugin.plugin_version,
-                plugin.plugin_author,
-            )
-
-            idx += 1
-
-        yield entities.CommandReturn(text=reply_str)
-
-
-@operator.operator_class(name='get', help='安装插件', privilege=2, parent_class=PluginOperator)
-class PluginGetOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        if len(context.crt_params) == 0:
-            yield entities.CommandReturn(error=errors.ParamNotEnoughError('请提供插件仓库地址'))
-        else:
-            repo = context.crt_params[0]
-
-            yield entities.CommandReturn(text='正在安装插件...')
-
-            try:
-                await self.ap.plugin_mgr.install_plugin(repo)
-                yield entities.CommandReturn(text='插件安装成功，请重启程序以加载插件')
-            except Exception as e:
-                traceback.print_exc()
-                yield entities.CommandReturn(error=errors.CommandError('插件安装失败: ' + str(e)))
-
-
-@operator.operator_class(name='update', help='更新插件', privilege=2, parent_class=PluginOperator)
-class PluginUpdateOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        if len(context.crt_params) == 0:
-            yield entities.CommandReturn(error=errors.ParamNotEnoughError('请提供插件名称'))
-        else:
-            plugin_name = context.crt_params[0]
-
-            try:
-                plugin_container = self.ap.plugin_mgr.get_plugin_by_name(plugin_name)
-
-                if plugin_container is not None:
-                    yield entities.CommandReturn(text='正在更新插件...')
-                    await self.ap.plugin_mgr.update_plugin(plugin_name)
-                    yield entities.CommandReturn(text='插件更新成功，请重启程序以加载插件')
-                else:
-                    yield entities.CommandReturn(error=errors.CommandError('插件更新失败: 未找到插件'))
-            except Exception as e:
-                traceback.print_exc()
-                yield entities.CommandReturn(error=errors.CommandError('插件更新失败: ' + str(e)))
-
-
-@operator.operator_class(name='all', help='更新所有插件', privilege=2, parent_class=PluginUpdateOperator)
-class PluginUpdateAllOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        try:
-            plugins = [p.plugin_name for p in self.ap.plugin_mgr.plugins()]
-
-            if plugins:
-                yield entities.CommandReturn(text='正在更新插件...')
-                updated = []
-                try:
-                    for plugin_name in plugins:
-                        await self.ap.plugin_mgr.update_plugin(plugin_name)
-                        updated.append(plugin_name)
-                except Exception as e:
-                    traceback.print_exc()
-                    yield entities.CommandReturn(error=errors.CommandError('插件更新失败: ' + str(e)))
-                yield entities.CommandReturn(text='已更新插件: {}'.format(', '.join(updated)))
-            else:
-                yield entities.CommandReturn(text='没有可更新的插件')
-        except Exception as e:
-            traceback.print_exc()
-            yield entities.CommandReturn(error=errors.CommandError('插件更新失败: ' + str(e)))
-
-
-@operator.operator_class(name='del', help='删除插件', privilege=2, parent_class=PluginOperator)
-class PluginDelOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        if len(context.crt_params) == 0:
-            yield entities.CommandReturn(error=errors.ParamNotEnoughError('请提供插件名称'))
-        else:
-            plugin_name = context.crt_params[0]
-
-            try:
-                plugin_container = self.ap.plugin_mgr.get_plugin_by_name(plugin_name)
-
-                if plugin_container is not None:
-                    yield entities.CommandReturn(text='正在删除插件...')
-                    await self.ap.plugin_mgr.uninstall_plugin(plugin_name)
-                    yield entities.CommandReturn(text='插件删除成功，请重启程序以加载插件')
-                else:
-                    yield entities.CommandReturn(error=errors.CommandError('插件删除失败: 未找到插件'))
-            except Exception as e:
-                traceback.print_exc()
-                yield entities.CommandReturn(error=errors.CommandError('插件删除失败: ' + str(e)))
-
-
-@operator.operator_class(name='on', help='启用插件', privilege=2, parent_class=PluginOperator)
-class PluginEnableOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        if len(context.crt_params) == 0:
-            yield entities.CommandReturn(error=errors.ParamNotEnoughError('请提供插件名称'))
-        else:
-            plugin_name = context.crt_params[0]
-
-            try:
-                if await self.ap.plugin_mgr.update_plugin_switch(plugin_name, True):
-                    yield entities.CommandReturn(text='已启用插件: {}'.format(plugin_name))
-                else:
-                    yield entities.CommandReturn(
-                        error=errors.CommandError('插件状态修改失败: 未找到插件 {}'.format(plugin_name))
-                    )
-            except Exception as e:
-                traceback.print_exc()
-                yield entities.CommandReturn(error=errors.CommandError('插件状态修改失败: ' + str(e)))
-
-
-@operator.operator_class(name='off', help='禁用插件', privilege=2, parent_class=PluginOperator)
-class PluginDisableOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        if len(context.crt_params) == 0:
-            yield entities.CommandReturn(error=errors.ParamNotEnoughError('请提供插件名称'))
-        else:
-            plugin_name = context.crt_params[0]
-
-            try:
-                if await self.ap.plugin_mgr.update_plugin_switch(plugin_name, False):
-                    yield entities.CommandReturn(text='已禁用插件: {}'.format(plugin_name))
-                else:
-                    yield entities.CommandReturn(
-                        error=errors.CommandError('插件状态修改失败: 未找到插件 {}'.format(plugin_name))
-                    )
-            except Exception as e:
-                traceback.print_exc()
-                yield entities.CommandReturn(error=errors.CommandError('插件状态修改失败: ' + str(e)))
--- a/pkg/command/operators/prompt.py
+++ b/pkg/command/operators/prompt.py
@@ -1,20 +1,23 @@
-from __future__ import annotations
+# from __future__ import annotations

-import typing
+# import typing

-from .. import operator, entities, errors
+# from .. import operator
+# from langbot_plugin.api.entities.builtin.command import context as command_context, errors as command_errors


-@operator.operator_class(name='prompt', help='查看当前对话的前文', usage='!prompt')
-class PromptOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        """执行"""
-        if context.session.using_conversation is None:
-            yield entities.CommandReturn(error=errors.CommandOperationError('当前没有对话'))
-        else:
-            reply_str = '当前对话所有内容:\n\n'
+# @operator.operator_class(name='prompt', help='查看当前对话的前文', usage='!prompt')
+# class PromptOperator(operator.CommandOperator):
+#     async def execute(
+#         self, context: command_context.ExecuteContext
+#     ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
+#         """执行"""
+#         if context.session.using_conversation is None:
+#             yield command_context.CommandReturn(error=command_errors.CommandOperationError('当前没有对话'))
+#         else:
+#             reply_str = '当前对话所有内容:\n\n'

-            for msg in context.session.using_conversation.messages:
-                reply_str += f'{msg.role}: {msg.content}\n'
+#             for msg in context.session.using_conversation.messages:
+#                 reply_str += f'{msg.role}: {msg.content}\n'

-            yield entities.CommandReturn(text=reply_str)
+#             yield command_context.CommandReturn(text=reply_str)
--- a/pkg/command/operators/resend.py
+++ b/pkg/command/operators/resend.py
@@ -1,26 +1,29 @@
-from __future__ import annotations
+# from __future__ import annotations

-import typing
+# import typing

-from .. import operator, entities, errors
+# from .. import operator
+# from langbot_plugin.api.entities.builtin.command import context as command_context, errors as command_errors


-@operator.operator_class(name='resend', help='重发当前会话的最后一条消息', usage='!resend')
-class ResendOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        # 回滚到最后一条用户message前
-        if context.session.using_conversation is None:
-            yield entities.CommandReturn(error=errors.CommandError('当前没有对话'))
-        else:
-            conv_msg = context.session.using_conversation.messages
+# @operator.operator_class(name='resend', help='重发当前会话的最后一条消息', usage='!resend')
+# class ResendOperator(operator.CommandOperator):
+#     async def execute(
+#         self, context: command_context.ExecuteContext
+#     ) -> typing.AsyncGenerator[command_context.CommandReturn, None]:
+#         # 回滚到最后一条用户message前
+#         if context.session.using_conversation is None:
+#             yield command_context.CommandReturn(error=command_errors.CommandError('当前没有对话'))
+#         else:
+#             conv_msg = context.session.using_conversation.messages

-            # 倒序一直删到最后一条用户message
-            while len(conv_msg) > 0 and conv_msg[-1].role != 'user':
-                conv_msg.pop()
+#             # 倒序一直删到最后一条用户message
+#             while len(conv_msg) > 0 and conv_msg[-1].role != 'user':
+#                 conv_msg.pop()

-            if len(conv_msg) > 0:
-                # 删除最后一条用户message
-                conv_msg.pop()
+#             if len(conv_msg) > 0:
+#                 # 删除最后一条用户message
+#                 conv_msg.pop()

-            # 不重发了，提示用户已删除就行了
-            yield entities.CommandReturn(text='已删除最后一次请求记录')
+#             # 不重发了，提示用户已删除就行了
+#             yield command_context.CommandReturn(text='已删除最后一次请求记录')
--- a/pkg/command/operators/reset.py
+++ b/pkg/command/operators/reset.py
@@ -1,14 +0,0 @@
-from __future__ import annotations
-
-import typing
-
-from .. import operator, entities
-
-
-@operator.operator_class(name='reset', help='重置当前会话', usage='!reset')
-class ResetOperator(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        """执行"""
-        context.session.using_conversation = None
-
-        yield entities.CommandReturn(text='已重置当前会话')
--- a/pkg/command/operators/update.py
+++ b/pkg/command/operators/update.py
@@ -1,11 +0,0 @@
-from __future__ import annotations
-
-import typing
-
-from .. import operator, entities
-
-
-@operator.operator_class(name='update', help='更新程序', usage='!update', privilege=2)
-class UpdateCommand(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        yield entities.CommandReturn(text='不再支持通过命令更新，请查看 LangBot 文档。')
--- a/pkg/command/operators/version.py
+++ b/pkg/command/operators/version.py
@@ -1,19 +0,0 @@
-from __future__ import annotations
-
-import typing
-
-from .. import operator, entities
-
-
-@operator.operator_class(name='version', help='显示版本信息', usage='!version')
-class VersionCommand(operator.CommandOperator):
-    async def execute(self, context: entities.ExecuteContext) -> typing.AsyncGenerator[entities.CommandReturn, None]:
-        reply_str = f'当前版本: \n{self.ap.ver_mgr.get_current_version()}'
-
-        try:
-            if await self.ap.ver_mgr.is_new_version_available():
-                reply_str += '\n\n有新版本可用。'
-        except Exception:
-            pass
-
-        yield entities.CommandReturn(text=reply_str.strip())
--- a/pkg/core/app.py
+++ b/pkg/core/app.py
@@ -3,16 +3,16 @@ from __future__ import annotations
 import logging
 import asyncio
 import traceback
-import sys
 import os

 from ..platform import botmgr as im_mgr
+from ..platform.webhook_pusher import WebhookPusher
 from ..provider.session import sessionmgr as llm_session_mgr
 from ..provider.modelmgr import modelmgr as llm_model_mgr
 from ..provider.tools import toolmgr as llm_tool_mgr
 from ..config import manager as config_mgr
 from ..command import cmdmgr
-from ..plugin import manager as plugin_mgr
+from ..plugin import connector as plugin_connector
 from ..pipeline import pool
 from ..pipeline import controller, pipelinemgr
 from ..utils import version as version_mgr, proxy as proxy_mgr, announce as announce_mgr
@@ -23,6 +23,9 @@ from ..api.http.service import model as model_service
 from ..api.http.service import pipeline as pipeline_service
 from ..api.http.service import bot as bot_service
 from ..api.http.service import knowledge as knowledge_service
+from ..api.http.service import mcp as mcp_service
+from ..api.http.service import apikey as apikey_service
+from ..api.http.service import webhook as webhook_service
 from ..discover import engine as discover_engine
 from ..storage import mgr as storagemgr
 from ..utils import logcache
@@ -44,6 +47,8 @@ class Application:

    platform_mgr: im_mgr.PlatformManager = None

+    webhook_pusher: WebhookPusher = None
+
    cmd_mgr: cmdmgr.CommandManager = None

    sess_mgr: llm_session_mgr.SessionManager = None
@@ -80,7 +85,7 @@ class Application:

    # =========================

-    plugin_mgr: plugin_mgr.PluginManager = None
+    plugin_connector: plugin_connector.PluginRuntimeConnector = None

    query_pool: pool.QueryPool = None

@@ -120,6 +125,12 @@ class Application:

    knowledge_service: knowledge_service.KnowledgeService = None

+    mcp_service: mcp_service.MCPService = None
+
+    apikey_service: apikey_service.ApiKeyService = None
+
+    webhook_service: webhook_service.WebhookService = None
+
    def __init__(self):
        pass

@@ -128,7 +139,7 @@ class Application:

    async def run(self):
        try:
-            await self.plugin_mgr.initialize_plugins()
+            await self.plugin_connector.initialize_plugins()

            # 后续可能会允许动态重启其他任务
            # 故为了防止程序在非 Ctrl-C 情况下退出，这里创建一个不会结束的协程
@@ -169,6 +180,9 @@ class Application:
            self.logger.error(f'Application runtime fatal exception: {e}')
            self.logger.debug(f'Traceback: {traceback.format_exc()}')

+    def dispose(self):
+        self.plugin_connector.dispose()
+
    async def print_web_access_info(self):
        """Print access webui tips"""

@@ -195,59 +209,3 @@ class Application:
 """.strip()
        for line in tips.split('\n'):
            self.logger.info(line)
-
-    async def reload(
-        self,
-        scope: core_entities.LifecycleControlScope,
-    ):
-        match scope:
-            case core_entities.LifecycleControlScope.PLATFORM.value:
-                self.logger.info('Hot reload scope=' + scope)
-                await self.platform_mgr.shutdown()
-
-                self.platform_mgr = im_mgr.PlatformManager(self)
-
-                await self.platform_mgr.initialize()
-
-                self.task_mgr.create_task(
-                    self.platform_mgr.run(),
-                    name='platform-manager',
-                    scopes=[
-                        core_entities.LifecycleControlScope.APPLICATION,
-                        core_entities.LifecycleControlScope.PLATFORM,
-                    ],
-                )
-            case core_entities.LifecycleControlScope.PLUGIN.value:
-                self.logger.info('Hot reload scope=' + scope)
-                await self.plugin_mgr.destroy_plugins()
-
-                # 删除 sys.module 中所有的 plugins/* 下的模块
-                for mod in list(sys.modules.keys()):
-                    if mod.startswith('plugins.'):
-                        del sys.modules[mod]
-
-                self.plugin_mgr = plugin_mgr.PluginManager(self)
-                await self.plugin_mgr.initialize()
-
-                await self.plugin_mgr.initialize_plugins()
-
-                await self.plugin_mgr.load_plugins()
-                await self.plugin_mgr.initialize_plugins()
-            case core_entities.LifecycleControlScope.PROVIDER.value:
-                self.logger.info('Hot reload scope=' + scope)
-
-                await self.tool_mgr.shutdown()
-
-                llm_model_mgr_inst = llm_model_mgr.ModelManager(self)
-                await llm_model_mgr_inst.initialize()
-                self.model_mgr = llm_model_mgr_inst
-
-                llm_session_mgr_inst = llm_session_mgr.SessionManager(self)
-                await llm_session_mgr_inst.initialize()
-                self.sess_mgr = llm_session_mgr_inst
-
-                llm_tool_mgr_inst = llm_tool_mgr.ToolManager(self)
-                await llm_tool_mgr_inst.initialize()
-                self.tool_mgr = llm_tool_mgr_inst
-            case _:
-                pass
--- a/pkg/core/boot.py
+++ b/pkg/core/boot.py
@@ -51,8 +51,8 @@ async def main(loop: asyncio.AbstractEventLoop):
        import signal

        def signal_handler(sig, frame):
+            app_inst.dispose()
            print('[Signal] Program exit.')
-            # ap.shutdown()
            os._exit(0)

        signal.signal(signal.SIGINT, signal_handler)
--- a/pkg/core/bootutils/deps.py
+++ b/pkg/core/bootutils/deps.py
@@ -40,6 +40,7 @@ required_deps = {
    'sqlmodel': 'sqlmodel',
    'telegramify_markdown': 'telegramify-markdown',
    'slack_sdk': 'slack_sdk',
+    'asyncpg': 'asyncpg',
 }


--- a/pkg/core/bootutils/files.py
+++ b/pkg/core/bootutils/files.py
@@ -5,7 +5,6 @@ import shutil


 required_files = {
-    'plugins/__init__.py': 'templates/__init__.py',
    'data/config.yaml': 'templates/config.yaml',
 }

@@ -15,7 +14,6 @@ required_paths = [
    'data/metadata',
    'data/logs',
    'data/labels',
-    'plugins',
 ]


--- a/pkg/core/entities.py
+++ b/pkg/core/entities.py
@@ -1,18 +1,6 @@
 from __future__ import annotations

 import enum
-import typing
-import datetime
-import asyncio
-
-import pydantic.v1 as pydantic
-
-from ..provider import entities as llm_entities
-from ..provider.modelmgr import requester
-from ..provider.tools import entities as tools_entities
-from ..platform import adapter as msadapter
-from ..platform.types import message as platform_message
-from ..platform.types import events as platform_events


 class LifecycleControlScope(enum.Enum):
@@ -20,159 +8,3 @@ class LifecycleControlScope(enum.Enum):
    PLATFORM = 'platform'
    PLUGIN = 'plugin'
    PROVIDER = 'provider'
-
-
-class LauncherTypes(enum.Enum):
-    """一个请求的发起者类型"""
-
-    PERSON = 'person'
-    """私聊"""
-
-    GROUP = 'group'
-    """群聊"""
-
-
-class Query(pydantic.BaseModel):
-    """一次请求的信息封装"""
-
-    query_id: int
-    """请求ID，添加进请求池时生成"""
-
-    launcher_type: LauncherTypes
-    """会话类型，platform处理阶段设置"""
-
-    launcher_id: typing.Union[int, str]
-    """会话ID，platform处理阶段设置"""
-
-    sender_id: typing.Union[int, str]
-    """发送者ID，platform处理阶段设置"""
-
-    message_event: platform_events.MessageEvent
-    """事件，platform收到的原始事件"""
-
-    message_chain: platform_message.MessageChain
-    """消息链，platform收到的原始消息链"""
-
-    bot_uuid: typing.Optional[str] = None
-    """机器人UUID。"""
-
-    pipeline_uuid: typing.Optional[str] = None
-    """流水线UUID。"""
-
-    pipeline_config: typing.Optional[dict[str, typing.Any]] = None
-    """流水线配置，由 Pipeline 在运行开始时设置。"""
-
-    adapter: msadapter.MessagePlatformAdapter
-    """消息平台适配器对象，单个app中可能启用了多个消息平台适配器，此对象表明发起此query的适配器"""
-
-    session: typing.Optional[Session] = None
-    """会话对象，由前置处理器阶段设置"""
-
-    messages: typing.Optional[list[llm_entities.Message]] = []
-    """历史消息列表，由前置处理器阶段设置"""
-
-    prompt: typing.Optional[llm_entities.Prompt] = None
-    """情景预设内容，由前置处理器阶段设置"""
-
-    user_message: typing.Optional[llm_entities.Message] = None
-    """此次请求的用户消息对象，由前置处理器阶段设置"""
-
-    variables: typing.Optional[dict[str, typing.Any]] = None
-    """变量，由前置处理器阶段设置。在prompt中嵌入或由 Runner 传递到 LLMOps 平台。"""
-
-    use_llm_model: typing.Optional[requester.RuntimeLLMModel] = None
-    """使用的对话模型，由前置处理器阶段设置"""
-
-    use_funcs: typing.Optional[list[tools_entities.LLMFunction]] = None
-    """使用的函数，由前置处理器阶段设置"""
-
-    resp_messages: (
-        typing.Optional[list[llm_entities.Message]]
-        | typing.Optional[list[platform_message.MessageChain]]
-        | typing.Optional[list[llm_entities.MessageChunk]]
-    ) = []
-    """由Process阶段生成的回复消息对象列表"""
-
-    resp_message_chain: typing.Optional[list[platform_message.MessageChain]] = None
-    """回复消息链，从resp_messages包装而得"""
-
-    # ======= 内部保留 =======
-    current_stage: typing.Optional['pkg.pipeline.pipelinemgr.StageInstContainer'] = None
-    """当前所处阶段"""
-
-    class Config:
-        arbitrary_types_allowed = True
-
-    # ========== 插件可调用的 API（请求 API） ==========
-
-    def set_variable(self, key: str, value: typing.Any):
-        """设置变量"""
-        if self.variables is None:
-            self.variables = {}
-        self.variables[key] = value
-
-    def get_variable(self, key: str) -> typing.Any:
-        """获取变量"""
-        if self.variables is None:
-            return None
-        return self.variables.get(key)
-
-    def get_variables(self) -> dict[str, typing.Any]:
-        """获取所有变量"""
-        if self.variables is None:
-            return {}
-        return self.variables
-
-
-class Conversation(pydantic.BaseModel):
-    """对话，包含于 Session 中，一个 Session 可以有多个历史 Conversation，但只有一个当前使用的 Conversation"""
-
-    prompt: llm_entities.Prompt
-
-    messages: list[llm_entities.Message]
-
-    create_time: typing.Optional[datetime.datetime] = pydantic.Field(default_factory=datetime.datetime.now)
-
-    update_time: typing.Optional[datetime.datetime] = pydantic.Field(default_factory=datetime.datetime.now)
-
-    use_llm_model: typing.Optional[requester.RuntimeLLMModel] = None
-
-    use_funcs: typing.Optional[list[tools_entities.LLMFunction]]
-
-    pipeline_uuid: str
-    """流水线UUID。"""
-
-    bot_uuid: str
-    """机器人UUID。"""
-
-    uuid: typing.Optional[str] = None
-    """该对话的 uuid，在创建时不会自动生成。而是当使用 Dify API 等由外部管理对话信息的服务时，用于绑定外部的会话。具体如何使用，取决于 Runner。"""
-
-    class Config:
-        arbitrary_types_allowed = True
-
-
-class Session(pydantic.BaseModel):
-    """会话，一个 Session 对应一个 {launcher_type.value}_{launcher_id}"""
-
-    launcher_type: LauncherTypes
-
-    launcher_id: typing.Union[int, str]
-
-    sender_id: typing.Optional[typing.Union[int, str]] = 0
-
-    use_prompt_name: typing.Optional[str] = 'default'
-
-    using_conversation: typing.Optional[Conversation] = None
-
-    conversations: typing.Optional[list[Conversation]] = pydantic.Field(default_factory=list)
-
-    create_time: typing.Optional[datetime.datetime] = pydantic.Field(default_factory=datetime.datetime.now)
-
-    update_time: typing.Optional[datetime.datetime] = pydantic.Field(default_factory=datetime.datetime.now)
-
-    semaphore: typing.Optional[asyncio.Semaphore] = None
-    """当前会话的信号量，用于限制并发"""
-
-    class Config:
-        arbitrary_types_allowed = True
--- a/pkg/core/stages/build_app.py
+++ b/pkg/core/stages/build_app.py
@@ -1,16 +1,18 @@
 from __future__ import annotations

+import asyncio

 from .. import stage, app
 from ...utils import version, proxy, announce
 from ...pipeline import pool, controller, pipelinemgr
-from ...plugin import manager as plugin_mgr
+from ...plugin import connector as plugin_connector
 from ...command import cmdmgr
 from ...provider.session import sessionmgr as llm_session_mgr
 from ...provider.modelmgr import modelmgr as llm_model_mgr
 from ...provider.tools import toolmgr as llm_tool_mgr
 from ...rag.knowledge import kbmgr as rag_mgr
 from ...platform import botmgr as im_mgr
+from ...platform.webhook_pusher import WebhookPusher
 from ...persistence import mgr as persistencemgr
 from ...api.http.controller import main as http_controller
 from ...api.http.service import user as user_service
@@ -18,6 +20,9 @@ from ...api.http.service import model as model_service
 from ...api.http.service import pipeline as pipeline_service
 from ...api.http.service import bot as bot_service
 from ...api.http.service import knowledge as knowledge_service
+from ...api.http.service import mcp as mcp_service
+from ...api.http.service import apikey as apikey_service
+from ...api.http.service import webhook as webhook_service
 from ...discover import engine as discover_engine
 from ...storage import mgr as storagemgr
 from ...utils import logcache
@@ -62,10 +67,13 @@ class BuildAppStage(stage.BootingStage):
        ap.persistence_mgr = persistence_mgr_inst
        await persistence_mgr_inst.initialize()

-        plugin_mgr_inst = plugin_mgr.PluginManager(ap)
-        await plugin_mgr_inst.initialize()
-        ap.plugin_mgr = plugin_mgr_inst
-        await plugin_mgr_inst.load_plugins()
+        async def runtime_disconnect_callback(connector: plugin_connector.PluginRuntimeConnector) -> None:
+            await asyncio.sleep(3)
+            await plugin_connector_inst.initialize()
+
+        plugin_connector_inst = plugin_connector.PluginRuntimeConnector(ap, runtime_disconnect_callback)
+        await plugin_connector_inst.initialize()
+        ap.plugin_connector = plugin_connector_inst

        cmd_mgr_inst = cmdmgr.CommandManager(ap)
        await cmd_mgr_inst.initialize()
@@ -87,6 +95,10 @@ class BuildAppStage(stage.BootingStage):
        await im_mgr_inst.initialize()
        ap.platform_mgr = im_mgr_inst

+        # Initialize webhook pusher
+        webhook_pusher_inst = WebhookPusher(ap)
+        ap.webhook_pusher = webhook_pusher_inst
+
        pipeline_mgr = pipelinemgr.PipelineManager(ap)
        await pipeline_mgr.initialize()
        ap.pipeline_mgr = pipeline_mgr
@@ -122,5 +134,14 @@ class BuildAppStage(stage.BootingStage):
        knowledge_service_inst = knowledge_service.KnowledgeService(ap)
        ap.knowledge_service = knowledge_service_inst

+        mcp_service_inst = mcp_service.MCPService(ap)
+        ap.mcp_service = mcp_service_inst
+
+        apikey_service_inst = apikey_service.ApiKeyService(ap)
+        ap.apikey_service = apikey_service_inst
+
+        webhook_service_inst = webhook_service.WebhookService(ap)
+        ap.webhook_service = webhook_service_inst
+
        ctrl = controller.Controller(ap)
        ap.ctrl = ctrl
--- a/pkg/core/stages/load_config.py
+++ b/pkg/core/stages/load_config.py
@@ -1,11 +1,93 @@
 from __future__ import annotations

 import os
+from typing import Any

 from .. import stage, app
 from ..bootutils import config


+def _apply_env_overrides_to_config(cfg: dict) -> dict:
+    """Apply environment variable overrides to data/config.yaml
+
+    Environment variables should be uppercase and use __ (double underscore)
+    to represent nested keys. For example:
+    - CONCURRENCY__PIPELINE overrides concurrency.pipeline
+    - PLUGIN__RUNTIME_WS_URL overrides plugin.runtime_ws_url
+
+    Arrays and dict types are ignored.
+
+    Args:
+        cfg: Configuration dictionary
+
+    Returns:
+        Updated configuration dictionary
+    """
+
+    def convert_value(value: str, original_value: Any) -> Any:
+        """Convert string value to appropriate type based on original value
+
+        Args:
+            value: String value from environment variable
+            original_value: Original value to infer type from
+
+        Returns:
+            Converted value (falls back to string if conversion fails)
+        """
+        if isinstance(original_value, bool):
+            return value.lower() in ('true', '1', 'yes', 'on')
+        elif isinstance(original_value, int):
+            try:
+                return int(value)
+            except ValueError:
+                # If conversion fails, keep as string (user error, but non-breaking)
+                return value
+        elif isinstance(original_value, float):
+            try:
+                return float(value)
+            except ValueError:
+                # If conversion fails, keep as string (user error, but non-breaking)
+                return value
+        else:
+            return value
+
+    # Process environment variables
+    for env_key, env_value in os.environ.items():
+        # Check if the environment variable is uppercase and contains __
+        if not env_key.isupper():
+            continue
+        if '__' not in env_key:
+            continue
+
+        print(f'apply env overrides to config: env_key: {env_key}, env_value: {env_value}')
+
+        # Convert environment variable name to config path
+        # e.g., CONCURRENCY__PIPELINE -> ['concurrency', 'pipeline']
+        keys = [key.lower() for key in env_key.split('__')]
+
+        # Navigate to the target value and validate the path
+        current = cfg
+
+        for i, key in enumerate(keys):
+            if not isinstance(current, dict) or key not in current:
+                break
+
+            if i == len(keys) - 1:
+                # At the final key - check if it's a scalar value
+                if isinstance(current[key], (dict, list)):
+                    # Skip dict and list types
+                    pass
+                else:
+                    # Valid scalar value - convert and set it
+                    converted_value = convert_value(env_value, current[key])
+                    current[key] = converted_value
+            else:
+                # Navigate deeper
+                current = current[key]
+
+    return cfg
+
+
@stage.stage_class('LoadConfigStage')
 class LoadConfigStage(stage.BootingStage):
    """Load config file stage"""
@@ -54,6 +136,10 @@ class LoadConfigStage(stage.BootingStage):
        ap.instance_config = await config.load_yaml_config(
            'data/config.yaml', 'templates/config.yaml', completion=False
        )
+
+        # Apply environment variable overrides to data/config.yaml
+        ap.instance_config.data = _apply_env_overrides_to_config(ap.instance_config.data)
+
        await ap.instance_config.dump_config()

        ap.sensitive_meta = await config.load_json_config(
--- a/pkg/core/taskmgr.py
+++ b/pkg/core/taskmgr.py
@@ -156,7 +156,7 @@ class TaskWrapper:
                'state': self.task._state,
                'exception': self.assume_exception().__str__() if self.assume_exception() is not None else None,
                'exception_traceback': exception_traceback,
-                'result': self.assume_result().__str__() if self.assume_result() is not None else None,
+                'result': self.assume_result() if self.assume_result() is not None else None,
            },
        }

--- a/pkg/entity/persistence/apikey.py
+++ b/pkg/entity/persistence/apikey.py
@@ -0,0 +1,21 @@
+import sqlalchemy
+
+from .base import Base
+
+
+class ApiKey(Base):
+    """API Key for external service authentication"""
+
+    __tablename__ = 'api_keys'
+
+    id = sqlalchemy.Column(sqlalchemy.Integer, primary_key=True, autoincrement=True)
+    name = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)
+    key = sqlalchemy.Column(sqlalchemy.String(255), nullable=False, unique=True)
+    description = sqlalchemy.Column(sqlalchemy.String(512), nullable=True, default='')
+    created_at = sqlalchemy.Column(sqlalchemy.DateTime, nullable=False, server_default=sqlalchemy.func.now())
+    updated_at = sqlalchemy.Column(
+        sqlalchemy.DateTime,
+        nullable=False,
+        server_default=sqlalchemy.func.now(),
+        onupdate=sqlalchemy.func.now(),
+    )
--- a/pkg/entity/persistence/bstorage.py
+++ b/pkg/entity/persistence/bstorage.py
@@ -0,0 +1,22 @@
+import sqlalchemy
+
+from .base import Base
+
+
+class BinaryStorage(Base):
+    """Current for plugin use only"""
+
+    __tablename__ = 'binary_storages'
+
+    unique_key = sqlalchemy.Column(sqlalchemy.String(255), primary_key=True)
+    key = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)
+    owner_type = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)
+    owner = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)
+    value = sqlalchemy.Column(sqlalchemy.LargeBinary, nullable=False)
+    created_at = sqlalchemy.Column(sqlalchemy.DateTime, nullable=False, server_default=sqlalchemy.func.now())
+    updated_at = sqlalchemy.Column(
+        sqlalchemy.DateTime,
+        nullable=False,
+        server_default=sqlalchemy.func.now(),
+        onupdate=sqlalchemy.func.now(),
+    )
--- a/pkg/entity/persistence/mcp.py
+++ b/pkg/entity/persistence/mcp.py
@@ -0,0 +1,20 @@
+import sqlalchemy
+
+from .base import Base
+
+
+class MCPServer(Base):
+    __tablename__ = 'mcp_servers'
+
+    uuid = sqlalchemy.Column(sqlalchemy.String(255), primary_key=True, unique=True)
+    name = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)
+    enable = sqlalchemy.Column(sqlalchemy.Boolean, nullable=False, default=False)
+    mode = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)  # stdio, sse
+    extra_args = sqlalchemy.Column(sqlalchemy.JSON, nullable=False, default={})
+    created_at = sqlalchemy.Column(sqlalchemy.DateTime, nullable=False, server_default=sqlalchemy.func.now())
+    updated_at = sqlalchemy.Column(
+        sqlalchemy.DateTime,
+        nullable=False,
+        server_default=sqlalchemy.func.now(),
+        onupdate=sqlalchemy.func.now(),
+    )
--- a/pkg/entity/persistence/metadata.py
+++ b/pkg/entity/persistence/metadata.py
@@ -1,12 +1,13 @@
 import sqlalchemy

 from .base import Base
+from ...utils import constants


 initial_metadata = [
    {
        'key': 'database_version',
-        'value': '0',
+        'value': str(constants.required_database_version),
    },
 ]

--- a/pkg/entity/persistence/pipeline.py
+++ b/pkg/entity/persistence/pipeline.py
@@ -22,6 +22,7 @@ class LegacyPipeline(Base):
    is_default = sqlalchemy.Column(sqlalchemy.Boolean, nullable=False, default=False)
    stages = sqlalchemy.Column(sqlalchemy.JSON, nullable=False)
    config = sqlalchemy.Column(sqlalchemy.JSON, nullable=False)
+    extensions_preferences = sqlalchemy.Column(sqlalchemy.JSON, nullable=False, default={})


 class PipelineRunRecord(Base):
--- a/pkg/entity/persistence/plugin.py
+++ b/pkg/entity/persistence/plugin.py
@@ -13,6 +13,8 @@ class PluginSetting(Base):
    enabled = sqlalchemy.Column(sqlalchemy.Boolean, nullable=False, default=True)
    priority = sqlalchemy.Column(sqlalchemy.Integer, nullable=False, default=0)
    config = sqlalchemy.Column(sqlalchemy.JSON, nullable=False, default=dict)
+    install_source = sqlalchemy.Column(sqlalchemy.String(255), nullable=False, default='github')
+    install_info = sqlalchemy.Column(sqlalchemy.JSON, nullable=False, default=dict)
    created_at = sqlalchemy.Column(sqlalchemy.DateTime, nullable=False, server_default=sqlalchemy.func.now())
    updated_at = sqlalchemy.Column(
        sqlalchemy.DateTime,
--- a/pkg/entity/persistence/webhook.py
+++ b/pkg/entity/persistence/webhook.py
@@ -0,0 +1,22 @@
+import sqlalchemy
+
+from .base import Base
+
+
+class Webhook(Base):
+    """Webhook for pushing bot events to external systems"""
+
+    __tablename__ = 'webhooks'
+
+    id = sqlalchemy.Column(sqlalchemy.Integer, primary_key=True, autoincrement=True)
+    name = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)
+    url = sqlalchemy.Column(sqlalchemy.String(1024), nullable=False)
+    description = sqlalchemy.Column(sqlalchemy.String(512), nullable=True, default='')
+    enabled = sqlalchemy.Column(sqlalchemy.Boolean, nullable=False, default=True)
+    created_at = sqlalchemy.Column(sqlalchemy.DateTime, nullable=False, server_default=sqlalchemy.func.now())
+    updated_at = sqlalchemy.Column(
+        sqlalchemy.DateTime,
+        nullable=False,
+        server_default=sqlalchemy.func.now(),
+        onupdate=sqlalchemy.func.now(),
+    )
--- a/pkg/persistence/databases/postgresql.py
+++ b/pkg/persistence/databases/postgresql.py
@@ -0,0 +1,21 @@
+from __future__ import annotations
+
+import sqlalchemy.ext.asyncio as sqlalchemy_asyncio
+
+from .. import database
+
+
+@database.manager_class('postgresql')
+class PostgreSQLDatabaseManager(database.BaseDatabaseManager):
+    """PostgreSQL database manager"""
+
+    async def initialize(self) -> None:
+        postgresql_config = self.ap.instance_config.data.get('database', {}).get('postgresql', {})
+
+        host = postgresql_config.get('host', '127.0.0.1')
+        port = postgresql_config.get('port', 5432)
+        user = postgresql_config.get('user', 'postgres')
+        password = postgresql_config.get('password', 'postgres')
+        database = postgresql_config.get('database', 'postgres')
+        engine_url = f'postgresql+asyncpg://{user}:{password}@{host}:{port}/{database}'
+        self.engine = sqlalchemy_asyncio.create_async_engine(engine_url)
--- a/pkg/persistence/databases/sqlite.py
+++ b/pkg/persistence/databases/sqlite.py
@@ -10,5 +10,6 @@ class SQLiteDatabaseManager(database.BaseDatabaseManager):
    """SQLite database manager"""

    async def initialize(self) -> None:
-        sqlite_path = 'data/langbot.db'
-        self.engine = sqlalchemy_asyncio.create_async_engine(f'sqlite+aiosqlite:///{sqlite_path}')
+        db_file_path = self.ap.instance_config.data.get('database', {}).get('sqlite', {}).get('path', 'data/langbot.db')
+        engine_url = f'sqlite+aiosqlite:///{db_file_path}'
+        self.engine = sqlalchemy_asyncio.create_async_engine(engine_url)
--- a/pkg/persistence/mgr.py
+++ b/pkg/persistence/mgr.py
@@ -36,57 +36,16 @@ class PersistenceManager:
        self.meta = base.Base.metadata

    async def initialize(self):
-        self.ap.logger.info('Initializing database...')
-
+        database_type = self.ap.instance_config.data.get('database', {}).get('use', 'sqlite')
+        self.ap.logger.info(f'Initializing database type: {database_type}...')
        for manager in database.preregistered_managers:
-            self.db = manager(self.ap)
-            await self.db.initialize()
+            if manager.name == database_type:
+                self.db = manager(self.ap)
+                await self.db.initialize()
+                break

        await self.create_tables()

-    async def create_tables(self):
-        # create tables
-        async with self.get_db_engine().connect() as conn:
-            await conn.run_sync(self.meta.create_all)
-
-            await conn.commit()
-
-        # ======= write initial data =======
-
-        # write initial metadata
-        self.ap.logger.info('Creating initial metadata...')
-        for item in metadata.initial_metadata:
-            # check if the item exists
-            result = await self.execute_async(
-                sqlalchemy.select(metadata.Metadata).where(metadata.Metadata.key == item['key'])
-            )
-            row = result.first()
-            if row is None:
-                await self.execute_async(sqlalchemy.insert(metadata.Metadata).values(item))
-
-        # write default pipeline
-        result = await self.execute_async(sqlalchemy.select(pipeline.LegacyPipeline))
-        default_pipeline_uuid = None
-        if result.first() is None:
-            self.ap.logger.info('Creating default pipeline...')
-
-            pipeline_config = json.load(open('templates/default-pipeline-config.json', 'r', encoding='utf-8'))
-
-            default_pipeline_uuid = str(uuid.uuid4())
-            pipeline_data = {
-                'uuid': default_pipeline_uuid,
-                'for_version': self.ap.ver_mgr.get_current_version(),
-                'stages': pipeline_service.default_stage_order,
-                'is_default': True,
-                'name': 'ChatPipeline',
-                'description': 'Default pipeline, new bots will be bound to this pipeline | 默认提供的流水线，您配置的机器人将自动绑定到此流水线',
-                'config': pipeline_config,
-            }
-
-            await self.execute_async(sqlalchemy.insert(pipeline.LegacyPipeline).values(pipeline_data))
-
-        # =================================
-
        # run migrations
        database_version = await self.execute_async(
            sqlalchemy.select(metadata.Metadata).where(metadata.Metadata.key == 'database_version')
@@ -119,6 +78,53 @@ class PersistenceManager:

            self.ap.logger.info(f'Successfully upgraded database to version {last_migration_number}.')

+        await self.write_default_pipeline()
+
+    async def create_tables(self):
+        # create tables
+        async with self.get_db_engine().connect() as conn:
+            await conn.run_sync(self.meta.create_all)
+
+            await conn.commit()
+
+        # ======= write initial data =======
+
+        # write initial metadata
+        self.ap.logger.info('Creating initial metadata...')
+        for item in metadata.initial_metadata:
+            # check if the item exists
+            result = await self.execute_async(
+                sqlalchemy.select(metadata.Metadata).where(metadata.Metadata.key == item['key'])
+            )
+            row = result.first()
+            if row is None:
+                await self.execute_async(sqlalchemy.insert(metadata.Metadata).values(item))
+
+    async def write_default_pipeline(self):
+        # write default pipeline
+        result = await self.execute_async(sqlalchemy.select(pipeline.LegacyPipeline))
+        default_pipeline_uuid = None
+        if result.first() is None:
+            self.ap.logger.info('Creating default pipeline...')
+
+            pipeline_config = json.load(open('templates/default-pipeline-config.json', 'r', encoding='utf-8'))
+
+            default_pipeline_uuid = str(uuid.uuid4())
+            pipeline_data = {
+                'uuid': default_pipeline_uuid,
+                'for_version': self.ap.ver_mgr.get_current_version(),
+                'stages': pipeline_service.default_stage_order,
+                'is_default': True,
+                'name': 'ChatPipeline',
+                'description': 'Default pipeline, new bots will be bound to this pipeline | 默认提供的流水线，您配置的机器人将自动绑定到此流水线',
+                'config': pipeline_config,
+                'extensions_preferences': {},
+            }
+
+            await self.execute_async(sqlalchemy.insert(pipeline.LegacyPipeline).values(pipeline_data))
+
+        # =================================
+
    async def execute_async(self, *args, **kwargs) -> sqlalchemy.engine.cursor.CursorResult:
        async with self.get_db_engine().connect() as conn:
            result = await conn.execute(*args, **kwargs)
@@ -128,10 +134,13 @@ class PersistenceManager:
    def get_db_engine(self) -> sqlalchemy_asyncio.AsyncEngine:
        return self.db.get_engine()

-    def serialize_model(self, model: typing.Type[sqlalchemy.Base], data: sqlalchemy.Base) -> dict:
+    def serialize_model(
+        self, model: typing.Type[sqlalchemy.Base], data: sqlalchemy.Base, masked_columns: list[str] = []
+    ) -> dict:
        return {
            column.name: getattr(data, column.name)
            if not isinstance(getattr(data, column.name), (datetime.datetime))
            else getattr(data, column.name).isoformat()
            for column in model.__table__.columns
+            if column.name not in masked_columns
        }
--- a/pkg/persistence/migrations/dbm001_migrate_v3_config.py
+++ b/pkg/persistence/migrations/dbm001_migrate_v3_config.py
@@ -212,6 +212,7 @@ class DBMigrateV3Config(migration.DBMigration):
        self.ap.instance_config.data['api']['port'] = self.ap.system_cfg.data['http-api']['port']
        self.ap.instance_config.data['command'] = {
            'prefix': self.ap.command_cfg.data['command-prefix'],
+            'enable': self.ap.command_cfg.data['command-enable'] if 'command-enable' in self.ap.command_cfg.data else True,
            'privilege': self.ap.command_cfg.data['privilege'],
        }
        self.ap.instance_config.data['concurrency']['pipeline'] = self.ap.system_cfg.data['pipeline-concurrency']
--- a/pkg/persistence/migrations/dbm006_langflow_api_config.py
+++ b/pkg/persistence/migrations/dbm006_langflow_api_config.py
@@ -0,0 +1,45 @@
+from .. import migration
+
+import sqlalchemy
+
+from ...entity.persistence import pipeline as persistence_pipeline
+
+
+@migration.migration_class(6)
+class DBMigrateLangflowApiConfig(migration.DBMigration):
+    """Langflow API config"""
+
+    async def upgrade(self):
+        """Upgrade"""
+        # read all pipelines
+        pipelines = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(persistence_pipeline.LegacyPipeline))
+
+        for pipeline in pipelines:
+            serialized_pipeline = self.ap.persistence_mgr.serialize_model(persistence_pipeline.LegacyPipeline, pipeline)
+
+            config = serialized_pipeline['config']
+
+            if 'langflow-api' not in config['ai']:
+                config['ai']['langflow-api'] = {
+                    'base-url': 'http://localhost:7860',
+                    'api-key': 'your-api-key',
+                    'flow-id': 'your-flow-id',
+                    'input-type': 'chat',
+                    'output-type': 'chat',
+                    'tweaks': '{}',
+                }
+
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.update(persistence_pipeline.LegacyPipeline)
+                .where(persistence_pipeline.LegacyPipeline.uuid == serialized_pipeline['uuid'])
+                .values(
+                    {
+                        'config': config,
+                        'for_version': self.ap.ver_mgr.get_current_version(),
+                    }
+                )
+            )
+
+    async def downgrade(self):
+        """Downgrade"""
+        pass
--- a/pkg/persistence/migrations/dbm007_plugin_install_source.py
+++ b/pkg/persistence/migrations/dbm007_plugin_install_source.py
@@ -0,0 +1,44 @@
+import sqlalchemy
+from .. import migration
+
+
+@migration.migration_class(7)
+class DBMigratePluginInstallSource(migration.DBMigration):
+    """插件安装来源"""
+
+    async def upgrade(self):
+        """升级"""
+        # 查询表结构获取所有列名（异步执行 SQL）
+
+        columns = []
+
+        if self.ap.persistence_mgr.db.name == 'postgresql':
+            result = await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.text(
+                    "SELECT column_name FROM information_schema.columns WHERE table_name = 'plugin_settings';"
+                )
+            )
+            all_result = result.fetchall()
+            columns = [row[0] for row in all_result]
+        else:
+            result = await self.ap.persistence_mgr.execute_async(sqlalchemy.text('PRAGMA table_info(plugin_settings);'))
+            all_result = result.fetchall()
+            columns = [row[1] for row in all_result]
+
+        # 检查并添加 install_source 列
+        if 'install_source' not in columns:
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.text(
+                    "ALTER TABLE plugin_settings ADD COLUMN install_source VARCHAR(255) NOT NULL DEFAULT 'github'"
+                )
+            )
+
+        # 检查并添加 install_info 列
+        if 'install_info' not in columns:
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.text("ALTER TABLE plugin_settings ADD COLUMN install_info JSON NOT NULL DEFAULT '{}'")
+            )
+
+    async def downgrade(self):
+        """降级"""
+        pass
--- a/pkg/persistence/migrations/dbm008_plugin_config.py
+++ b/pkg/persistence/migrations/dbm008_plugin_config.py
@@ -0,0 +1,22 @@
+from .. import migration
+
+
+@migration.migration_class(8)
+class DBMigratePluginConfig(migration.DBMigration):
+    """插件配置"""
+
+    async def upgrade(self):
+        """升级"""
+
+        if 'plugin' not in self.ap.instance_config.data:
+            self.ap.instance_config.data['plugin'] = {
+                'runtime_ws_url': 'ws://langbot_plugin_runtime:5400/control/ws',
+                'enable_marketplace': True,
+                'cloud_service_url': 'https://space.langbot.app',
+            }
+
+            await self.ap.instance_config.dump_config()
+
+    async def downgrade(self):
+        """降级"""
+        pass
--- a/pkg/persistence/migrations/dbm009_pipeline_extension_preferences.py
+++ b/pkg/persistence/migrations/dbm009_pipeline_extension_preferences.py
@@ -0,0 +1,20 @@
+import sqlalchemy
+from .. import migration
+
+
+@migration.migration_class(9)
+class DBMigratePipelineExtensionPreferences(migration.DBMigration):
+    """Pipeline extension preferences"""
+
+    async def upgrade(self):
+        """Upgrade"""
+
+        sql_text = sqlalchemy.text(
+            "ALTER TABLE legacy_pipelines ADD COLUMN extensions_preferences JSON NOT NULL DEFAULT '{}'"
+        )
+        await self.ap.persistence_mgr.execute_async(sql_text)
+
+    async def downgrade(self):
+        """Downgrade"""
+        sql_text = sqlalchemy.text('ALTER TABLE legacy_pipelines DROP COLUMN extensions_preferences')
+        await self.ap.persistence_mgr.execute_async(sql_text)
--- a/pkg/persistence/migrations/dbm010_pipeline_multi_knowledge_base.py
+++ b/pkg/persistence/migrations/dbm010_pipeline_multi_knowledge_base.py
@@ -0,0 +1,88 @@
+from .. import migration
+
+import sqlalchemy
+
+from ...entity.persistence import pipeline as persistence_pipeline
+
+
+@migration.migration_class(10)
+class DBMigratePipelineMultiKnowledgeBase(migration.DBMigration):
+    """Pipeline support multiple knowledge base binding"""
+
+    async def upgrade(self):
+        """Upgrade"""
+        # read all pipelines
+        pipelines = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(persistence_pipeline.LegacyPipeline))
+
+        for pipeline in pipelines:
+            serialized_pipeline = self.ap.persistence_mgr.serialize_model(persistence_pipeline.LegacyPipeline, pipeline)
+
+            config = serialized_pipeline['config']
+
+            # Convert knowledge-base from string to array
+            if 'local-agent' in config['ai']:
+                current_kb = config['ai']['local-agent'].get('knowledge-base', '')
+                
+                # If it's already a list, skip
+                if isinstance(current_kb, list):
+                    continue
+                
+                # Convert string to list
+                if current_kb and current_kb != '__none__':
+                    config['ai']['local-agent']['knowledge-bases'] = [current_kb]
+                else:
+                    config['ai']['local-agent']['knowledge-bases'] = []
+                
+                # Remove old field
+                if 'knowledge-base' in config['ai']['local-agent']:
+                    del config['ai']['local-agent']['knowledge-base']
+
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.update(persistence_pipeline.LegacyPipeline)
+                .where(persistence_pipeline.LegacyPipeline.uuid == serialized_pipeline['uuid'])
+                .values(
+                    {
+                        'config': config,
+                        'for_version': self.ap.ver_mgr.get_current_version(),
+                    }
+                )
+            )
+
+    async def downgrade(self):
+        """Downgrade"""
+        # read all pipelines
+        pipelines = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(persistence_pipeline.LegacyPipeline))
+
+        for pipeline in pipelines:
+            serialized_pipeline = self.ap.persistence_mgr.serialize_model(persistence_pipeline.LegacyPipeline, pipeline)
+
+            config = serialized_pipeline['config']
+
+            # Convert knowledge-bases from array back to string
+            if 'local-agent' in config['ai']:
+                current_kbs = config['ai']['local-agent'].get('knowledge-bases', [])
+                
+                # If it's already a string, skip
+                if isinstance(current_kbs, str):
+                    continue
+                
+                # Convert list to string (take first one or empty)
+                if current_kbs and len(current_kbs) > 0:
+                    config['ai']['local-agent']['knowledge-base'] = current_kbs[0]
+                else:
+                    config['ai']['local-agent']['knowledge-base'] = ''
+                
+                # Remove new field
+                if 'knowledge-bases' in config['ai']['local-agent']:
+                    del config['ai']['local-agent']['knowledge-bases']
+
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.update(persistence_pipeline.LegacyPipeline)
+                .where(persistence_pipeline.LegacyPipeline.uuid == serialized_pipeline['uuid'])
+                .values(
+                    {
+                        'config': config,
+                        'for_version': self.ap.ver_mgr.get_current_version(),
+                    }
+                )
+            )
--- a/pkg/persistence/migrations/dbm011_dify_base_prompt_config.py
+++ b/pkg/persistence/migrations/dbm011_dify_base_prompt_config.py
@@ -0,0 +1,40 @@
+from .. import migration
+
+import sqlalchemy
+
+from ...entity.persistence import pipeline as persistence_pipeline
+
+
+@migration.migration_class(11)
+class DBMigrateDifyApiConfig(migration.DBMigration):
+    """Langflow API config"""
+
+    async def upgrade(self):
+        """Upgrade"""
+        # read all pipelines
+        pipelines = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(persistence_pipeline.LegacyPipeline))
+
+        for pipeline in pipelines:
+            serialized_pipeline = self.ap.persistence_mgr.serialize_model(persistence_pipeline.LegacyPipeline, pipeline)
+
+            config = serialized_pipeline['config']
+
+            if 'base-prompt' not in config['ai']['dify-service-api']:
+                config['ai']['dify-service-api']['base-prompt'] = (
+                    'When the file content is readable, please read the content of this file. When the file is an image, describe the content of this image.',
+                )
+
+            await self.ap.persistence_mgr.execute_async(
+                sqlalchemy.update(persistence_pipeline.LegacyPipeline)
+                .where(persistence_pipeline.LegacyPipeline.uuid == serialized_pipeline['uuid'])
+                .values(
+                    {
+                        'config': config,
+                        'for_version': self.ap.ver_mgr.get_current_version(),
+                    }
+                )
+            )
+
+    async def downgrade(self):
+        """Downgrade"""
+        pass
--- a/pkg/pipeline/bansess/bansess.py
+++ b/pkg/pipeline/bansess/bansess.py
@@ -1,7 +1,7 @@
 from __future__ import annotations

 from .. import stage, entities
-from ...core import entities as core_entities
+import langbot_plugin.api.entities.builtin.pipeline.query as pipeline_query


@stage.stage_class('BanSessionCheckStage')
@@ -14,7 +14,7 @@ class BanSessionCheckStage(stage.PipelineStage):
    async def initialize(self, pipeline_config: dict):
        pass

-    async def process(self, query: core_entities.Query, stage_inst_name: str) -> entities.StageProcessResult:
+    async def process(self, query: pipeline_query.Query, stage_inst_name: str) -> entities.StageProcessResult:
        found = False

        mode = query.pipeline_config['trigger']['access-control']['mode']
@@ -30,6 +30,10 @@ class BanSessionCheckStage(stage.PipelineStage):
                if sess == f'{query.launcher_type.value}_{query.launcher_id}':
                    found = True
                    break
+                # 使用 *_id 来表示加白/拉黑某用户的私聊和群聊场景
+                if sess.startswith('*_') and (sess[2:] == query.launcher_id or sess[2:] == query.sender_id):
+                    found = True
+                    break

        ctn = False

--- a/pkg/pipeline/cntfilter/cntfilter.py
+++ b/pkg/pipeline/cntfilter/cntfilter.py
@@ -3,12 +3,11 @@ from __future__ import annotations
 from ...core import app

 from .. import stage, entities
-from ...core import entities as core_entities
 from . import filter as filter_model, entities as filter_entities
-from ...provider import entities as llm_entities
-from ...platform.types import message as platform_message
+from langbot_plugin.api.entities.builtin.provider import message as provider_message
+import langbot_plugin.api.entities.builtin.platform.message as platform_message
 from ...utils import importutil
-
+import langbot_plugin.api.entities.builtin.pipeline.query as pipeline_query
 from . import filters

 importutil.import_modules_in_pkg(filters)
@@ -58,7 +57,7 @@ class ContentFilterStage(stage.PipelineStage):
    async def _pre_process(
        self,
        message: str,
-        query: core_entities.Query,
+        query: pipeline_query.Query,
    ) -> entities.StageProcessResult:
        """请求llm前处理消息
        只要有一个不通过就不放行，只放行 PASS 的消息
@@ -86,14 +85,14 @@ class ContentFilterStage(stage.PipelineStage):
                    elif result.level == filter_entities.ResultLevel.PASS:  # 传到下一个
                        message = result.replacement

-            query.message_chain = platform_message.MessageChain(platform_message.Plain(message))
+            query.message_chain = platform_message.MessageChain([platform_message.Plain(text=message)])

            return entities.StageProcessResult(result_type=entities.ResultType.CONTINUE, new_query=query)

    async def _post_process(
        self,
        message: str,
-        query: core_entities.Query,
+        query: pipeline_query.Query,
    ) -> entities.StageProcessResult:
        """请求llm后处理响应
        只要是 PASS 或者 MASKED 的就通过此 filter，将其 replacement 设置为message，进入下一个 filter
@@ -123,7 +122,7 @@ class ContentFilterStage(stage.PipelineStage):

            return entities.StageProcessResult(result_type=entities.ResultType.CONTINUE, new_query=query)

-    async def process(self, query: core_entities.Query, stage_inst_name: str) -> entities.StageProcessResult:
+    async def process(self, query: pipeline_query.Query, stage_inst_name: str) -> entities.StageProcessResult:
        """处理"""
        if stage_inst_name == 'PreContentFilterStage':
            contain_non_text = False
@@ -142,7 +141,7 @@ class ContentFilterStage(stage.PipelineStage):
            return await self._pre_process(str(query.message_chain).strip(), query)
        elif stage_inst_name == 'PostContentFilterStage':
            # 仅处理 query.resp_messages[-1].content 是 str 的情况
-            if isinstance(query.resp_messages[-1], llm_entities.Message) and isinstance(
+            if isinstance(query.resp_messages[-1], provider_message.Message) and isinstance(
                query.resp_messages[-1].content, str
            ):
                return await self._post_process(query.resp_messages[-1].content, query)
--- a/pkg/pipeline/cntfilter/entities.py
+++ b/pkg/pipeline/cntfilter/entities.py
@@ -1,6 +1,6 @@
 import enum

-import pydantic.v1 as pydantic
+import pydantic


 class ResultLevel(enum.Enum):
--- a/pkg/pipeline/cntfilter/filter.py
+++ b/pkg/pipeline/cntfilter/filter.py
@@ -3,9 +3,9 @@ from __future__ import annotations
 import abc
 import typing

-from ...core import app, entities as core_entities
+from ...core import app
 from . import entities
-
+import langbot_plugin.api.entities.builtin.pipeline.query as pipeline_query

 preregistered_filters: list[typing.Type[ContentFilter]] = []

@@ -60,8 +60,8 @@ class ContentFilter(metaclass=abc.ABCMeta):
        pass

    @abc.abstractmethod
-    async def process(self, query: core_entities.Query, message: str = None, image_url=None) -> entities.FilterResult:
-        """Process message
+    async def process(self, query: pipeline_query.Query, message: str = None, image_url=None) -> entities.FilterResult:
+        """处理消息

        It is divided into two stages, depending on the value of enable_stages.
        For content filters, you do not need to consider the stage of the message, you only need to check the message content.
--- a/pkg/pipeline/cntfilter/filters/baiduexamine.py
+++ b/pkg/pipeline/cntfilter/filters/baiduexamine.py
@@ -4,8 +4,7 @@ import aiohttp

 from .. import entities
 from .. import filter as filter_model
-from ....core import entities as core_entities
-
+import langbot_plugin.api.entities.builtin.pipeline.query as pipeline_query

 BAIDU_EXAMINE_URL = 'https://aip.baidubce.com/rest/2.0/solution/v1/text_censor/v2/user_defined?access_token={}'
 BAIDU_EXAMINE_TOKEN_URL = 'https://aip.baidubce.com/oauth/2.0/token'
@@ -27,7 +26,7 @@ class BaiduCloudExamine(filter_model.ContentFilter):
            ) as resp:
                return (await resp.json())['access_token']

-    async def process(self, query: core_entities.Query, message: str) -> entities.FilterResult:
+    async def process(self, query: pipeline_query.Query, message: str) -> entities.FilterResult:
        async with aiohttp.ClientSession() as session:
            async with session.post(
                BAIDU_EXAMINE_URL.format(await self._get_token()),
--- a/Show More
+++ b/Show More