Skip to content

Document mail sender allow/block list commands#1744

Open
chumbleyneria wants to merge 3 commits into
larksuite:mainfrom
chumbleyneria:feat/32bbfb2
Open

Document mail sender allow/block list commands#1744
chumbleyneria wants to merge 3 commits into
larksuite:mainfrom
chumbleyneria:feat/32bbfb2

Conversation

@chumbleyneria

@chumbleyneria chumbleyneria commented Jul 3, 2026

Copy link
Copy Markdown

Updates the generated mail CLI documentation for user mailbox sender allow and block list management. The refreshed artifacts describe the sender list operations so the CLI reference matches the available mail API surface.

Summary by CodeRabbit

  • Documentation
    • Added “user-level sender trust/block lists” concepts and clarified separation from tenant-level controls, including supported actions (create/list/remove) and scope/identity rules.
    • Expanded CLI user-level allow/block sender workflows with batch limits, mutual exclusivity, partial-failure handling, keyword listing guidance, and safer messaging for personal actions.
    • Strengthened Feishu/Lark email safety and operations guidance: confirmation before send-like actions, strict “object not found” behavior, improved recall/scheduled send verification, required permissions/scopes.
    • Updated drafting guidance: default HTML handling with lint/auto-fix behavior, template/shortcut precedence, native API command construction, plus collaboration and calendar-invite email constraints.

@github-actions github-actions Bot added domain/mail PR touches the mail domain size/L Large or sensitive change across domains or core paths labels Jul 3, 2026
@coderabbitai

coderabbitai Bot commented Jul 3, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

This PR updates skill-template/domains/mail.md and skills/lark-mail/SKILL.md to add user-level sender list guidance, expand mail workflow and safety rules, and revise HTML lint, templates, shortcuts, and API reference documentation.

Changes

Mail skill documentation

Layer / File(s) Summary
Sender allow/block list management
skill-template/domains/mail.md, skills/lark-mail/SKILL.md
Adds the user-mailbox allow/block list concept, plus batch create/list/remove usage and constraints including mutual exclusivity, limits, partial-failure handling, and identity requirements.
Skill description and onboarding requirements
skills/lark-mail/SKILL.md
Expands the skill description, updates the pre-start instruction, and requires checking -h before first use of shortcuts or native APIs.
Workflow and recipient search guidance
skills/lark-mail/SKILL.md
Revises the typical workflow steps and rewrites recipient search guidance to require candidate confirmation.
Sending, delivery confirmation, and recall flows
skills/lark-mail/SKILL.md
Expands send confirmation rules, delivery status verification, scheduled-send behavior, send-as mailbox usage, recall progress querying, sharing to IM, and calendar-invite email constraints.
HTML lint constraints and templates
skills/lark-mail/SKILL.md
Adds write-path HTML lint behavior, raw EML restrictions, template merge rules across send shortcuts, and native API command construction guidance.
Shortcuts and API resource tables
skills/lark-mail/SKILL.md
Updates the shortcuts table, clarifies the lint-html shortcut, and expands the API resource and permission reference tables.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Possibly related PRs

  • larksuite/cli#157: Both PRs update mail documentation around user-level sender identity and mailbox context.
  • larksuite/cli#449: Both PRs touch scheduled send behavior and follow-up status guidance.
  • larksuite/cli#1527: Both PRs revise skills/lark-mail/SKILL.md guidance around discovery flow and command construction.

Suggested reviewers: chanthuang, infeng

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning The description only includes a summary and omits the required Changes, Test Plan, and Related Issues sections. Add the missing template sections with a change list, test plan, and related issues; include verification details for the CLI doc update.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title is concise and accurately describes the main mail sender allow/block list documentation update.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
skills/lark-mail/SKILL.md (2)

115-117: 📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Clarify the -h bootstrap order.

The new “always run -h first” rule conflicts with the earlier workflow step that starts by calling user_mailboxes profile. Readers can’t tell whether that bootstrap call is exempt, so the onboarding sequence is ambiguous. Please align those two sections.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@skills/lark-mail/SKILL.md` around lines 115 - 117, The onboarding sequence in
the SKILL.md section is ambiguous because the new “always run -h first” rule
conflicts with the earlier bootstrap step that starts with user_mailboxes
profile. Update the workflow wording so it clearly states whether user_mailboxes
profile is the exception or must also be preceded by -h, and make the steps in
the relevant section consistent with that rule. Refer to the bootstrap guidance
around user_mailboxes profile and the “首次使用任何命令前先查 -h” instruction when revising
the sequence.

463-465: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Broaden the duplicate-recipient warning.

The merge table says template recipients are appended without de-duplication for all five template-enabled shortcuts, but this warning only mentions +reply / +reply-all. That leaves +send and +draft-create able to produce silent duplicates with no heads-up. Either expand the warning scope or dedupe earlier.

Suggested wording
-**Warning**:`+reply` / `+reply-all` + 模板且模板自带 tos/ccs/bccs 时,CLI 在 stderr 打印:...
+**Warning**:所有支持 `--template-id` 的发信 shortcut(`+send` / `+draft-create` / `+reply` / `+reply-all` / `+forward`)在模板收件人与用户收件人重叠时都可能产生重复收件人:...
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@skills/lark-mail/SKILL.md` around lines 463 - 465, The duplicate-recipient
warning in SKILL.md is too narrow: it only mentions `+reply` / `+reply-all`, but
the template merge behavior applies to all template-enabled shortcuts. Update
the warning text near the template recipient rules to cover `+send` and
`+draft-create` as well, or adjust the logic/docs around the template handling
section so the warning matches the actual shortcut set and references the same
recipient-appending behavior.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@skills/lark-mail/SKILL.md`:
- Around line 115-117: The onboarding sequence in the SKILL.md section is
ambiguous because the new “always run -h first” rule conflicts with the earlier
bootstrap step that starts with user_mailboxes profile. Update the workflow
wording so it clearly states whether user_mailboxes profile is the exception or
must also be preceded by -h, and make the steps in the relevant section
consistent with that rule. Refer to the bootstrap guidance around user_mailboxes
profile and the “首次使用任何命令前先查 -h” instruction when revising the sequence.
- Around line 463-465: The duplicate-recipient warning in SKILL.md is too
narrow: it only mentions `+reply` / `+reply-all`, but the template merge
behavior applies to all template-enabled shortcuts. Update the warning text near
the template recipient rules to cover `+send` and `+draft-create` as well, or
adjust the logic/docs around the template handling section so the warning
matches the actual shortcut set and references the same recipient-appending
behavior.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 67941e16-a409-4d83-8cf9-ddda42480327

📥 Commits

Reviewing files that changed from the base of the PR and between c8b5589 and 641d8df.

📒 Files selected for processing (2)
  • skill-template/domains/mail.md
  • skills/lark-mail/SKILL.md
🚧 Files skipped from review as they are similar to previous changes (1)
  • skill-template/domains/mail.md

@chumbleyneria chumbleyneria left a comment

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 AI Review | CR 汇总 | 有风险(1 个 P2)

Comment thread skills/lark-mail/SKILL.md
| `user_mailboxes.search` | `mail:user_mailbox.message:readonly` |
| `user_mailbox.allow_senders.batch_create` | `mail:user_mailbox.message:modify` |
| `user_mailbox.allow_senders.batch_remove` | `mail:user_mailbox.message:modify` |
| `user_mailbox.allow_senders.list` | `mail:user_mailbox.message:modify` |

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 AI Review | [P2 正确性] list 命令被误标成写权限

这里把 user_mailbox.allow_senders.list 标成 mail:user_mailbox.message:modify,下一行 blocked_senders 也一样。但 registry 元数据和技术方案都声明 list 同时支持 mail:user_mailbox.message:readonly / :modify,查询名单不应引导用户申请写权限;只具备 readonly 的应用也会被文档误导为不能执行 list。

修复建议: 将两个 list 行改成包含 mail:user_mailbox.message:readonly(可写成 readonly / modify 均可),并确保生成后的 skill 权限表与 registry 元数据一致。

如有疑问或认为判断不准确,欢迎直接回复讨论。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

domain/mail PR touches the mail domain size/L Large or sensitive change across domains or core paths

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant