- Extend TenantStore with traceId + traceStartTime in AsyncLocalStorage
- Generate traceId (UUID-12) at WebSocket gateway entry point
- Propagate traceId through AgentLoopParams → agentLoop → specialists
- Add [trace:xxx] prefix to all logger calls in agent-loop, coordinator, and specialists
- Replace console.log with NestJS Logger in ConversationGateway
- Include traceId in stream_start event for frontend correlation
- Add traceId to AgentExecutionRecord and BaseStreamEvent
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Prevent AI from revealing underlying model name (Claude/GPT/etc.) under any
circumstance including jailbreak attempts. Two defense layers:
- Prompt: anti-jailbreak rules + "小艾引擎" branding in coordinator system prompt
- Code: sanitizeModelLeaks() regex filter in agent-loop.ts streaming output
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1. ClaudeModule missing ConversationORM in TypeOrmModule.forFeature —
ImmigrationToolsService now depends on ConversationORMRepository
(added in query_user_profile), but ClaudeModule only had TokenUsageORM.
Fix: add ConversationORM to ClaudeModule's TypeORM imports.
2. Historical messages show "支付创建失败" for payment QR codes —
toolCall.result is stored as JSON string in DB metadata JSONB.
Live streaming (useChat.ts) parses it correctly, but REST API
load (chatStore.ts → MessageBubble.tsx) does not.
Fix: normalize toolCall.result in ToolCallResult component —
JSON.parse if string, pass through if already object.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Alipay/WeChat adapters now return the source payment URL alongside the
QR base64. The generate_payment tool only returns paymentUrl (short text)
to Claude API — base64 qrCodeUrl is stripped to prevent AI from dumping
raw data:image into text responses. Frontend QRCodeSVG renders from
paymentUrl instead of base64.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
payment-service uses setGlobalPrefix('api/v1'), so all routes are
under /api/v1/orders, /api/v1/payments, etc. PaymentClientService
was calling /orders directly, resulting in 404:
Cannot POST /orders → 创建订单失败
Fixed all 7 endpoint URLs to include the /api/v1 prefix.
Same pattern as file-service fix (FILE_SERVICE_URL).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
## Problem
User asks "我适合哪种移民方式?" as their first message → AI immediately
mentions 99元 paid assessment. This is aggressive and off-putting for new
users who are just exploring.
## Root Cause
Intent table classified "适合什么" as assessment_request with instruction
to immediately mention 99元. This conflicts with the conversion philosophy
section that says "免费问答建立信任 → 付费评估".
## Fix (3 changes in coordinator-system-prompt.ts)
1. **Intent table**: assessment_request no longer says "immediately mention
99元". Instead references new handling rules below the table.
2. **New "评估请求处理规则" section** (after intent table):
- Early conversation + no user info → exploratory question, NOT
assessment request. Collect info first, give initial direction.
- User shared info + explicitly asks "做个评估" → real assessment
request, mention 99元.
- User shared info but didn't ask → give free initial direction,
don't proactively mention payment.
3. **Assessment suggestion timing** (section 5.6):
- Added 3 prerequisites before mentioning 99元:
a. At least 3 key info items collected
b. Already gave free initial direction (user felt value)
c. Conversation has gone 3-4+ rounds
- Added absolute prohibition: never mention 99元 in first response.
4. **Conversion boundary example**: Changed misleading "我适合走高才通吗
→ 需要评估" to nuanced guidance that distinguishes exploration from
genuine assessment requests.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
## Problem
SDK's Zod validation for `output_config` occasionally fails with:
"Failed to parse structured output: invalid_value at path [intent]"
This crashes the entire response — user sees nothing despite model
generating a valid answer.
## Root Cause
The Anthropic SDK validates streamed structured output against the Zod
schema (CoordinatorResponseSchema) after streaming completes. When the
model returns an intent value not in the z.enum() (rare but happens),
the SDK throws during stream iteration or finalMessage().
## Fix
1. Catch "Failed to parse structured output" errors in both:
- Stream iteration catch block (for-await loop)
- stream.finalMessage() catch block
2. Recover by extracting accumulated text from assistantBlocks
3. Manual JSON.parse (skips Zod validation — intent enum mismatch
doesn't affect user-facing content)
4. Yield parsed.answer + parsed.followUp normally
## Also Included (from previous commit)
- Removed INTENT_MAX_ANSWER_LENGTH hard truncation (弊大于利)
- Only 2000-char safety net remains for extreme edge cases
- followUp: non-question content always appended (prevents content loss)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Hard-coded INTENT_MAX_ANSWER_LENGTH limits caused mid-sentence truncation and
content loss. Length control now relies on prompt + schema description + LLM-Judge
(3 layers). Only a 2000-char safety net remains for extreme edge cases.
Also simplified followUp: non-question followUp is now always appended (prevents
model content split from silently dropping text).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
INTENT_MAX_ANSWER_LENGTH was too tight (objection_expression 200 chars truncated
good responses). Bumped all limits ~25-50%. Also fixed followUp filter that silently
dropped content when model split answer across answer+followUp fields — now appends
followUp as continuation when answer ends mid-sentence.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
P0: Enrich Chapter 10 with detailed policy facts (QMAS scoring, GEP A/B/C
conditions, FAQ quick answers) so Claude can answer common questions directly
without tool calls. Replace absolute rule "never answer from memory" with
3-tier system: Tier 1 (direct from Ch10), Tier 2 (search_knowledge), Tier 3
(invoke_policy_expert).
P1: Context injector now always returns a kb_coverage_hint block — when KB has
results it tells Claude to prefer KB over web_search; when KB has no results
it suggests considering web_search. Web_search tool description updated to
reference the hint.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Short follow-up answers like "计算机,信息技术" were being classified as
OFF_TOPIC (0.85) because the InputGate has no conversation context. Now the
gate only runs when there are no previous messages (first message in conversation).
Mid-conversation topic management is handled by the Coordinator prompt.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add section 5.6 "隐性转化引导" with trust-first conversion philosophy:
- Free facts vs paid analysis boundary
- "Taste-then-sell" strategy with positive but vague hints
- Assessment suggestion limited to max once per conversation
- Natural urgency only when fact-supported
- Post-assessment → full service transition only when user asks
- Anti-annoyance red line: never make user feel pushed to pay
Recalibrate info exchange (4.3): warm acknowledgment without deep analysis.
Add value framing (4.4) and post-assessment guidance (4.5).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Update coordinator system prompt to enforce pricing rules:
- All assessments cost 99 RMB (one-time per user), no free assessments
- Must collect payment before calling assessment expert
- Add fee inquiry intent type to response strategy table
- Update generate_payment tool description with fixed pricing
- Replace "免费初步咨询" with tiered service model
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fix auto-scroll by adding missing dependencies (currentConversationId, isStreaming,
completedAgents). Completed agent badges now show for 2.5s then smoothly fade out
instead of accumulating, keeping the status area clean.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Instead of showing agent status in a separate panel below the chat,
display it inline beneath the typing dots ("...") in the message flow.
The dots remain the primary waiting indicator; agent status appears
below as supplementary context during specialist agent invocations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Haiku sometimes returns JSON wrapped in ```json ... ``` code blocks,
causing JSON.parse to fail. Strip markdown fences before parsing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
injectIntoMessages() was JSON.stringify-ing array content (with image blocks),
turning base64 data into text tokens (~170K) instead of image tokens (~1,600).
Fix: append context as a new text block in the array, preserving image block format.
Also fixes token estimation to count images at ~1,600 tokens instead of base64 char length,
and adds debug logging for API call token composition.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
80K was too aggressive and caused premature context loss. Now triggers
at 160K tokens with a target of 80K after compaction.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The auto-compaction logic (threshold 80K tokens, summarize older
messages via Haiku) existed but was never called in sendMessage flow.
Now called after context injection, before agent loop.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Historical images/PDFs were being re-downloaded and base64-encoded for
every API call, causing 200K+ token requests. Now only the current
message includes full attachment blocks; historical ones use text
placeholders like "[用户上传了图片: photo.png]".
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The conversations table has no FK on user_id, but files had one, causing
500 errors on file upload when the anonymous user wasn't registered.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
ChatPage only set currentConversationId but never fetched messages from
the API, causing historical conversations to show the welcome screen.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Build preloads models to /root/.cache/huggingface (HF default).
Volume must mount there too, not a separate /models path.
Remove HF_HOME env override to keep paths consistent.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add docling_models volume mounted at /models in container
- Set HF_HOME=/models/huggingface at runtime (via docker-compose env)
- Models download once → persist in volume → survive container rebuilds
- Build-time preload uses || to not block build if network unavailable
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Inline Python one-liner had syntax errors (try/except/finally can't be
single-line). Move to scripts/preload_models.py for reliable execution.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
DocumentConverter() constructor only sets up config, models are lazily
downloaded on first convert(). Fix by running an actual PDF conversion
during build to trigger HuggingFace model download and cache.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add docling (Python document parsing service) to all deploy.sh operations:
- SERVICE_PORTS, DOCKER_SERVICES maps
- build, rebuild, start, stop, restart commands
- start_all_backend (ordered before knowledge-service, which depends on it)
- Help text and examples updated
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add IBM Docling as a Python FastAPI microservice for high-quality document
parsing with table structure recognition (TableFormer ~94% accuracy) and
OCR support, replacing pdf-parse/mammoth as the primary text extractor.
Architecture:
- New docling-service (Python FastAPI, port 3007) in Docker network
- knowledge-service calls docling-service via HTTP POST multipart/form-data
- Graceful fallback: if Docling fails, falls back to pdf-parse/mammoth
- Text/Markdown files skip Docling (no benefit for plain text)
Changes:
- New: packages/services/docling-service/ (main.py, Dockerfile, requirements.txt)
- docker-compose.yml: add docling-service, wire DOCLING_SERVICE_URL to
knowledge-service, add missing FILE_SERVICE_URL to conversation-service
- text-extraction.service.ts: inject ConfigService, add extractViaDocling()
with automatic fallback to legacy extractors
- .env.example: add FILE_SERVICE_PORT/URL and DOCLING_SERVICE_PORT/URL
Inter-service communication map:
conversation-service → file-service (FILE_SERVICE_URL, attachments)
conversation-service → knowledge-service (KNOWLEDGE_SERVICE_URL, RAG)
knowledge-service → docling-service (DOCLING_SERVICE_URL, document parsing)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Enforce Claude API file size limits at upload time with user-friendly
error messages:
- Images: max 5MB (Claude API hard limit)
- PDF: max 25MB (32MB request limit minus headroom)
- Other documents: max 50MB (general upload limit)
Replaced duplicate ALLOWED_TYPES/MAX_FILE_SIZE in InputArea with shared
validateFile() from fileService, showing alert() on rejection.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Claude API enforces a hard 5MB limit per image (not 20MB as previously
set). PDFs have a 32MB total request limit; set individual PDF cap to
25MB to leave room for prompt/messages. The downloadAsBase64 method now
accepts a per-type maxSize parameter.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
MinIO presigned URLs use Docker-internal hostname (minio:9000), making
them inaccessible from both Claude API servers and user browsers.
Changes:
- file-service: add /files/:id/content and /files/:id/thumbnail proxy
endpoints that stream file data from MinIO
- file-service: toResponseDto now returns API proxy paths instead of
MinIO presigned URLs
- coordinator: buildAttachmentBlocks now downloads files via file-service
internal API (http://file-service:3006) and converts to base64 for
Claude API (images, PDFs) or embeds text content directly
- Configurable FILE_SERVICE_URL env var for service-to-service calls
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Claude API cannot fetch arbitrary URLs. Text-based attachments (txt, csv,
json, md) are now downloaded via their presigned MinIO URL and embedded
directly as text blocks. PDF uses Claude's native document block. Added
50KB size limit with truncation for large text files.
buildMessages() is now async to support text content fetching.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1. Coordinator now sends all attachment types to Claude:
- Images → native image blocks (existing)
- PDF → native document blocks (Claude PDF support)
- Text files (txt, csv, json, md) → text blocks with filename
Extracted common buildAttachmentBlocks() helper.
2. File-service generates thumbnails on image upload:
- Uses sharp to resize to 400x400 max (inside fit, no upscale)
- Output as WebP at 80% quality for smaller file size
- Stored in MinIO under thumbnails/ prefix
- Generated for both direct upload and presigned URL confirm
- Non-blocking: thumbnail failure doesn't break upload
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
FileORM had tenant_id column but FileEntity domain class was missing it,
causing "column FileORM.tenant_id does not exist" errors on production.
- Add tenantId to FileEntity (constructor, create, fromPersistence)
- Pass tenantId in repository toEntity() mapping
- Add idempotent migration script for files.tenant_id + indexes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The model was putting internal notes like "引导回移民话题" in the followUp
field instead of actual user-facing questions. Two fixes:
1. Schema: describe followUp as "必须以?结尾,禁止填写内部策略备注"
2. agent-loop: only yield followUp if it contains ?or ? (question mark)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
claude-sonnet-4-20250514 does not support output_config (structured outputs).
Changed coordinator model to claude-sonnet-4-5-20250929 which supports it.
Specialist agents remain on their original models (no output_config needed).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
hailin