docs(agent-link): document runtime boundary, events, and upload API

FZR95 · FZR95 · commit 3537fe8960c6 · 2026-03-07T00:52:46.000+08:00
diff --git a/README.md b/README.md
@@ -226,6 +226,7 @@ docker run --rm -p 8000:8000 --env-file .env \
 ## API 概览
 
 - `GET /health` — 健康检查
+- **Agent Links**：`GET /agent-links`，`GET /agent-links/{slug}`，`POST /agent-links/{slug}/session`，`POST /agent-links/{slug}/chat`
 - **Topics**：`GET/POST /topics`，`GET/PATCH /topics/{topic_id}`，`POST /topics/{topic_id}/close`
 - **Posts**：`GET/POST /topics/{topic_id}/posts`，`POST .../posts/mention`，`GET .../mention/{reply_post_id}`
 - **Discussion**：`POST /topics/{topic_id}/discussion`（支持 `skill_list`、`mcp_server_ids`），`GET .../discussion/status`
@@ -236,6 +237,8 @@ docker run --rm -p 8000:8000 --env-file .env \
 - **Experts**：`GET /experts`（支持 `fields=minimal`，列表不加载 skill_content），`GET /experts/{name}/content`，`GET/PUT /experts/{name}`
 - **Libs**：`POST /libs/invalidate-cache` 立即清空库 meta 缓存（热更新）
 
+Agent Links 蓝图目录约定：`libs/agent_links/<blueprint_dir>/agent.json`。
+
 详见 [docs/api-reference.md](docs/api-reference.md)。
 
 ## 贡献
diff --git a/docs/README.md b/docs/README.md
@@ -12,6 +12,7 @@ This directory contains technical implementation details and design docs for Res
 | [mcp-config.md](mcp-config.md) | MCP config API, validation (npm/uvx/remote only, no local) |
 | [testing.md](testing.md) | Test layers (unit/integration), .env setup, CI notes |
 | [api-reference.md](api-reference.md) | API endpoint list and brief descriptions |
+| [agent-links-runtime.md](agent-links-runtime.md) | Agent link runtime lifecycle: per-session workspace, SSE chat, import limits |
 | [skills-generalization.md](skills-generalization.md) | Library design; experts in `libs/experts/`; discussion modes in `libs/moderator_modes/` |
 | [skills-submodule-guide.md](skills-submodule-guide.md) | Add/update skill libraries via submodule; points to Cursor skill |
 | [import-skill-repo.md](import-skill-repo.md) | One-click import script for external skill repos |
diff --git a/docs/agent-links-runtime.md b/docs/agent-links-runtime.md
@@ -0,0 +1,111 @@
+# Agent Links Runtime
+
+This document describes how `agent link` sessions run in the backend.
+
+## Scope
+
+- This runtime applies to `/agent-links/*` endpoints only.
+- It does not change `/profile-helper/*` behavior.
+
+## Runtime Model
+
+`agent link` chat uses Claude Agent SDK and creates an isolated workspace per session.
+
+Flow:
+
+1. Load blueprint metadata from `libs/agent_links/<slug>/agent.json`.
+2. Create or bind an in-memory session (`profile_helper.sessions`).
+3. Create a per-session working directory at:
+   - `WORKSPACE_BASE/agent_links_sessions/<session_id>`
+4. Copy full blueprint content into that directory (first use only).
+5. Build system prompt from blueprint `rule_file_path` content.
+6. Run Claude Agent SDK query stream and return SSE chunks.
+
+Implementation files:
+
+- `app/api/agent_links.py`
+- `app/services/agent_links.py`
+- `app/services/agent_links_runtime.py`
+- `app/services/profile_helper/sessions.py`
+
+## Session Workspace
+
+- Blueprint root in metadata (`agent_workdir`) is a source template path.
+- Actual runtime execution path is session-specific:
+  - `agent_session_workdir` stored in session data.
+- API returns runtime path in:
+  - `POST /agent-links/{slug}/session` response `agent_workdir`
+  - `POST /agent-links/{slug}/chat` header `X-Agent-Workdir`
+
+## Cleanup Behavior
+
+- Session cleanup is still controlled by in-memory session TTL and max-count:
+  - `PROFILE_HELPER_SESSION_TTL_SECONDS`
+  - `PROFILE_HELPER_SESSION_MAX_COUNT`
+- `agent_links_runtime.ensure_session_workspace(...)` performs best-effort orphan directory cleanup:
+  - any directory under `WORKSPACE_BASE/agent_links_sessions/` whose name is not in active session IDs is removed.
+
+## Prompt and Model
+
+- Prompt source:
+  - runtime prefers loading rule content from the copied session workspace path.
+  - fallback reads blueprint `rule_file_path` when session path cannot be resolved.
+  - if missing/unreadable, runtime falls back to `META_SYSTEM_PROMPT`.
+- Runtime always appends a workspace boundary system suffix:
+  - only paths inside current session workspace are allowed
+  - prefer relative paths from workspace root
+  - reject absolute/outside paths and `..` traversal
+- Model priority:
+  1. request body `model`
+  2. blueprint `default_model`
+  3. agent config default (`ANTHROPIC_MODEL`/configured model)
+
+## Tools and Permissions
+
+- Allowed tools are set from `DEFAULT_ALLOWED_TOOLS`.
+- Permission mode is `bypassPermissions` for agent link runtime.
+- Runtime passes `cwd` and `add_dirs` as the session workspace.
+
+## Blueprint Import Limits
+
+`POST /agent-links/import` and `/agent-links/import/preview`:
+
+- only `.zip` uploads are accepted
+- max upload size is `5MB`
+- zip path traversal is blocked (`Invalid zip structure`)
+- preview returns up to 300 file paths plus total file count
+
+## Session Workspace File Upload
+
+`POST /agent-links/{slug}/files/upload`:
+
+- uploads a file into current session workspace
+- supports `target_path` (relative subdirectory; default `uploads`)
+- blocks path escape outside workspace
+- max file size is `30MB`
+
+## SSE Format
+
+`POST /agent-links/{slug}/chat` returns `text/event-stream`.
+
+- structured events:
+  - `data: {"type":"assistant_delta","content":"..."}`
+  - `data: {"type":"thinking","content":"..."}`
+  - `data: {"type":"tool_call", ...}`
+  - `data: {"type":"tool_result", ...}`
+  - `data: {"type":"plan", ...}`
+  - `data: {"type":"system", ...}`
+  - `data: {"type":"result", ...}`
+- error event:
+  - `data: {"error":"..."}`
+- end marker:
+  - `data: [DONE]`
+
+## Agent Link Chat UI Defaults
+
+Current `agent link` chat page is intentionally simplified for end users:
+
+- auto-sends a hidden first user message `"你好"` after session init, so the first assistant reply acts as welcome text
+- by default only renders normal dialogue and `plan` blocks
+- hides low-level runtime events (`thinking`, `tool_call`, `tool_result`, `system`) in this page
+- Enter sends message, but IME composing Enter (Chinese input method candidate selection) does not send
diff --git a/docs/api-reference.md b/docs/api-reference.md
@@ -12,6 +12,100 @@
 |--------|------|-------------|
 | POST | `/libs/invalidate-cache` | Clear meta cache for skills/mcp/moderator_modes (hot-reload) |
 
+## Agent Links (Link as Agent)
+
+| Method | Path | Description |
+|--------|------|-------------|
+| GET | `/agent-links` | List shareable agent blueprints |
+| GET | `/agent-links/{slug}` | Get one blueprint detail |
+| POST | `/agent-links/import/preview` | Preview zip file list before import |
+| POST | `/agent-links/import` | Import a blueprint zip into `libs/agent_links` |
+| POST | `/agent-links/{slug}/session` | Start (or bind) a chat session from a blueprint |
+| POST | `/agent-links/{slug}/chat` | Stream chat via blueprint-defined agent (SSE) |
+| POST | `/agent-links/{slug}/files/upload` | Upload a file to current session workspace |
+
+### Blueprint Directory Convention
+
+Blueprints can be placed under `libs/agent_links/<blueprint_dir>/` with an `agent.json`:
+
+- `rule_file_path` points to the role/task rule file (for example: `.cursor/rules/profile-collector.mdc`)
+- `agent_workdir` in `agent.json` is the blueprint source directory
+- `welcome_message` is returned when a session starts
+
+Example layout:
+
+```text
+libs/agent_links/tashan-profile-helper_demo/
+├── agent.json
+├── .cursor/
+│   ├── rules/profile-collector.mdc
+│   └── skills/**/SKILL.md
+├── doc/*.md
+└── profiles/_template.md
+```
+
+### `POST /agent-links/{slug}/session` response highlights
+
+- `session_id`
+- `agent_link` (full blueprint metadata)
+- `welcome_message`
+- `agent_workdir` (runtime per-session workspace)
+
+### `POST /agent-links/{slug}/chat` behavior
+
+- Uses SSE (`text/event-stream`)
+- Runtime is Claude Agent SDK with per-session workspace copied from the blueprint
+- Response headers include:
+  - `X-Session-Id`
+  - `X-Agent-Link`
+  - `X-Agent-Workdir` (runtime per-session workspace)
+- System prompt is derived from the blueprint `rule_file_path` content
+- Stream payload supports structured events:
+  - `assistant_delta` (`content`)
+  - `thinking`
+  - `tool_call`
+  - `tool_result`
+  - `plan`
+  - `system`
+  - `result`
+- UI consumers may choose a subset (for example: dialogue + `plan`) and hide low-level events.
+
+### `POST /agent-links/import/preview` behavior
+
+- Accepts multipart zip file upload (`.zip` only)
+- Maximum zip size is `5MB`
+- Returns:
+  - `files`: first 300 file paths from zip
+  - `total`: total file count in zip
+
+### `POST /agent-links/import` behavior
+
+- Accepts multipart fields:
+  - `file` (`.zip`, required)
+  - `name` (required)
+  - `rule_file_path` (required)
+  - `welcome_message` (required)
+  - `slug`, `description`, `default_model`, `overwrite` (optional)
+- Maximum zip size is `5MB`
+- Validation:
+  - zip traversal is blocked (`Invalid zip structure`)
+  - `rule_file_path` must resolve to a file inside imported blueprint
+
+For runtime details, see [agent-links-runtime.md](agent-links-runtime.md).
+
+### `POST /agent-links/{slug}/files/upload` behavior
+
+- Accepts multipart fields:
+  - `file` (required)
+  - `session_id` (optional; if empty, backend creates a new bound session)
+  - `target_path` (optional, default `uploads`)
+- Maximum file size is `30MB`
+- `target_path` must be relative and inside session workspace
+- Response:
+  - `session_id`
+  - `path` (relative path in workspace)
+  - `size` (bytes)
+
 ## Topics
 
 | Method | Path | Description |
