feat(base): tighten lark-base auth fallback and local attachment lookup guidance#1699
Conversation
📝 WalkthroughWalkthroughThis PR updates skills/lark-base/SKILL.md to add usage boundary rules: Base commands returning specific auth/scope errors must halt and trigger ChangesBase auth and attachment boundary updates
Estimated code review effort: 1 (Trivial) | ~3 minutes Possibly related PRs
Suggested reviewers: 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
🧹 Nitpick comments (1)
skills/lark-base/SKILL.md (1)
35-35: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueConsider splitting the scope-string warning into its own bullet for discoverability.
The auth-error stop rule and the hand-crafted scope-string warning are two distinct constraints. Combining them into one long bullet reduces scannability. Splitting would make each rule more actionable.
- - 任一 Base 命令返回 `token_missing`、`need_user_authorization` 或 `current command requires scope(s)` 后,停止继续试 Base/Drive/Contact 业务命令;直接走 `lark-cli auth login --domain base --no-wait --json`,生成二维码后结束本轮等待授权。不要手写多个 scope 的空格字符串,容易触发 malformed scopes。 + - 任一 Base 命令返回 `token_missing`、`need_user_authorization` 或 `current command requires scope(s)` 后,停止继续试 Base/Drive/Contact 业务命令;直接走 `lark-cli auth login --domain base --no-wait --json`,生成二维码后结束本轮等待授权。 + - 不要手写多个 scope 的空格字符串,容易触发 malformed scopes。🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@skills/lark-base/SKILL.md` at line 35, Split the auth-error stop rule and the scope-string warning into separate bullets in SKILL.md: one bullet should cover stopping Base/Drive/Contact command retries and immediately running lark-cli auth login --domain base --no-wait --json after token_missing, need_user_authorization, or current command requires scope(s); the other should warn against hand-writing multiple scopes as a space-separated string because it can trigger malformed scopes. Keep the guidance aligned with the existing Base auth workflow text.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@skills/lark-base/SKILL.md`:
- Line 35: Split the auth-error stop rule and the scope-string warning into
separate bullets in SKILL.md: one bullet should cover stopping
Base/Drive/Contact command retries and immediately running lark-cli auth login
--domain base --no-wait --json after token_missing, need_user_authorization, or
current command requires scope(s); the other should warn against hand-writing
multiple scopes as a space-separated string because it can trigger malformed
scopes. Keep the guidance aligned with the existing Base auth workflow text.
🚀 PR Preview Install Guide🧰 CLI updatenpm i -g https://pkg.pr.new/larksuite/cli/@larksuite/cli@c58be096db6c515c54df1545f9b05a7b47d80eca🧩 Skill updatenpx skills add yballul-bytedance/cli#auto-research-sync/01KWE29JZMNK51APJWKJ63ZK68/mr-849-c35a2c44 -y -g |
Summary
Tighten the
lark-baseskill guidance so agents fall back to a singleauth loginflow on token/scope errors and constrain local attachment path lookup to explicit, in-scope candidates.Changes
skills/lark-base/SKILL.md: Under "Usage boundaries", add two rules: (1) once any Base command returnstoken_missing,need_user_authorization, orcurrent command requires scope(s), stop probing more Base/Drive/Contact business commands and runlark-cli auth login --domain base --no-wait --jsonto end the round after the QR code is generated, and avoid hand-crafted space-separated scope strings that trigger malformed scopes; (2) before uploading a local attachment, only check the user-provided relative path or same-name candidates in the current directory, and stop with a not-found report instead of expanding the search to the repository parent, home directory, or the whole disk.skills/lark-base/SKILL.md: Update the attachment-field row in the quick routing table to cross-reference the new local-attachment boundary rule instead of the generic "upload from local file" wording.Test Plan
git diff --check(clean, no whitespace errors).skills/lark-base/SKILL.mdto confirm the new bullets sit under the "Usage boundaries" section and that the quick routing table row for attachment fields still parses.Related Issues
Auto research task: 01KWE29JZMNK51APJWKJ63ZK68
Summary by CodeRabbit