feat: 新增管理后台前端项目及安全加固
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
refactor(saas): 重构认证中间件与限流策略
- 登录限流调整为5次/分钟/IP
- 注册限流调整为3次/小时/IP
- GET请求不计入限流
fix(saas): 修复调度器时间戳处理
- 使用NOW()替代文本时间戳
- 兼容TEXT和TIMESTAMPTZ列类型
feat(saas): 实现环境变量插值
- 支持${ENV_VAR}语法解析
- 数据库密码支持环境变量注入
chore: 新增前端管理界面
- 基于React+Ant Design Pro
- 包含路由守卫/错误边界
- 对接58个API端点
docs: 更新安全加固文档
- 新增密钥管理规范
- 记录P0安全项审计结果
- 补充TLS终止说明
test: 完善配置解析单元测试
- 新增环境变量插值测试用例
This commit is contained in:
iven
@@ -957,29 +957,19 @@ export class KernelClient {
|
||||
}
|
||||
|
||||
/**
|
||||
* Execute a skill by ID with optional input parameters.
|
||||
* Checks autonomy level before execution.
|
||||
*/
|
||||
async executeSkill(id: string, input?: Record<string, unknown>): Promise<{
|
||||
success: boolean;
|
||||
output?: unknown;
|
||||
error?: string;
|
||||
durationMs?: number;
|
||||
}> {
|
||||
// Autonomy check before executing skill
|
||||
const { canAutoExecute, getAutonomyManager } = await import('./autonomy-manager');
|
||||
const { canProceed, decision } = canAutoExecute('skill_install', 5);
|
||||
if (!canProceed) {
|
||||
return {
|
||||
success: false,
|
||||
error: `自主授权拒绝: ${decision.reason}`,
|
||||
};
|
||||
}
|
||||
|
||||
const autonomyLevel = getAutonomyManager().getConfig().level;
|
||||
|
||||
return invoke('skill_execute', {
|
||||
id,
|
||||
context: {},
|
||||
input: input || {},
|
||||
autonomyLevel,
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user