Summary

• Problem: In Feishu group chats, mention-prefixed slash commands (especially compact forms like @bot/model) could fail command-auth probing and be forwarded to the agent as normal text.
• Why it matters: Gateway-level commands like /model, /reset, and /new should be intercepted reliably instead of silently falling through.
• What changed: Added Feishu-only command-probe normalization that strips mention wrappers (<at ...>...</at> and leading @name mention tokens) before shouldComputeCommandAuthorized runs.
• What did NOT change (scope boundary): Did not change user message body passed to agent, mention-forward behavior, or group routing/session logic.

Change Type (select all)

• Bug fix
• Feature
• Refactor
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

• Closes [Bug]: Feishu group chat slash commands still not recognized in 2026.3.2 (regression from #10965) #35994
• Related Bug: Feishu channel text commands (/reset, /status) not recognized #10965

User-visible / Behavior Changes

• Feishu group messages with mention-prefixed slash commands now reliably enter command handling instead of being treated as ordinary chat content in the command-auth probe phase.

Security Impact (required)

• New permissions/capabilities? (No)
• Secrets/tokens handling changed? (No)
• New/changed network calls? (No)
• Command/tool execution surface changed? (No)
• Data access scope changed? (No)
• If any Yes, explain risk + mitigation:

Repro + Verification

Environment

• OS: macOS
• Runtime/container: Node 22 + Vitest
• Model/provider: N/A
• Integration/channel (if any): Feishu
• Relevant config (redacted): channels.feishu.groups.<group>.requireMention=false

Steps

1. Send a Feishu group message with mention-prefixed slash text (e.g. @_user_1/model via mention token normalization path).
2. Let handleFeishuMessage compute command authorization.
3. Observe the argument passed to shouldComputeCommandAuthorized.

Expected

• Probe input is normalized to /model.

Actual

• Verified by regression test and local run.

Evidence

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)

Human Verification (required)

• Verified scenarios:
  • pnpm vitest run extensions/feishu/src/bot.test.ts
  • New test: normalizes group mention-prefixed slash commands before command-auth probing
• Edge cases checked:
  • Mention wrapper stripping keeps this change scoped to command-probe normalization only.
• What you did not verify:
  • Live Feishu end-to-end against real tenant traffic.

Compatibility / Migration

• Backward compatible? (Yes)
• Config/env changes? (No)
• Migration needed? (No)
• If yes, exact upgrade steps:

Failure Recovery (if this breaks)

• How to disable/revert this change quickly: revert this PR commit.
• Files/config to restore: extensions/feishu/src/bot.ts and extensions/feishu/src/bot.test.ts.
• Known bad symptoms reviewers should watch for: unexpected command-auth probing mismatches in Feishu group messages.

Risks and Mitigations

• Risk: Over-normalizing mention text in probe path could over-trigger command probing.
  • Mitigation: normalization is Feishu-only and only used for command-auth probing (not for final message body or routing).