feature(lark-mail): add data integrity and write-confirmation rules

[xzcong0820]

Add a new top-level safety section "数据真实性与操作合规" with 3 hard constraints on agent behavior: empty result is a valid answer, do not fabricate target objects, and explicitly confirm before destructive write operations. Cross-reference the rule from API Resources section to catch agents that jump directly to native API lookup.

Summary

Changes

• Change 1
• Change 2

Test Plan

• Unit tests pass
• Manual local verification confirms the lark xxx command works as expected

Related Issues

• None

Summary by CodeRabbit

• Documentation
  • Added high-priority guidance on data authenticity and operation compliance.
  • Mandates reporting “not found” when referenced mails/drafts/folders/labels/recipients are missing; no fabrication or substitution allowed.
  • Requires user-visible action previews (key fields, affected counts) and confirmation for irreversible or destructive write operations; reversible actions may skip confirmation.
  • Clarifies when prior authorization can be assumed and includes a bulk-delete workflow example.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 357881e5-f7f9-4a53-a657-d7aa62c38154

📥 Commits

Reviewing files that changed from the base of the PR and between 14e7f06 and 1c46250.

📒 Files selected for processing (2)

• skill-template/domains/mail.md
• skills/lark-mail/SKILL.md

✅ Files skipped from review due to trivial changes (1)

• skill-template/domains/mail.md

---

📝 Walkthrough

Walkthrough

Adds a "数据真实性与操作合规" section to mail domain docs that requires truthful reporting when referenced mailbox objects are missing and mandates action previews plus user confirmation for non-send irreversible write operations; includes authorization rules and a bulk-delete example.

Changes

Mail Operations Compliance

Layer / File(s)

Summary

Compliance Requirements and Workflows skill-template/domains/mail.md, skills/lark-mail/SKILL.md

Adds "数据真实性与操作合规" section: (1) must report "未找到" when referenced messages/drafts/folders/labels/recipients are absent and must not fabricate or create placeholders; (2) require action previews (sender, subject, folder, affected counts) and user confirmation before executing irreversible/non-send write ops (delete, soft-delete, cancel scheduled send, create/update/delete rules); reversible ops (label add/remove, mark read/unread, move) do not require forced confirmation; (3) "已授权判定" allowed only when target and action were both explicitly specified in the most recent user turn; (4) includes correct bulk-delete flow example (triage → preview → confirm → *.batch_trash).

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant Assistant
  participant MailService
  User->>Assistant: Request action referencing mailbox objects
  Assistant->>MailService: Query targets
  MailService-->>Assistant: Found / NotFound
  Assistant->>User: Present triage + action preview (key fields, affected count)
  User->>Assistant: Confirm
  Assistant->>MailService: Execute write operation (e.g., *.batch_trash)
  MailService-->>Assistant: Execution result
  Assistant->>User: Report outcome

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• larksuite/cli#701: Related changes touching confirmation behavior for high-risk mail write actions and draft/delete flows.

Suggested labels

documentation, domain/mail

Suggested reviewers

• chanthuang
• infeng

Poem

"I’m a rabbit with a stamp and quill ✉️🐇
I check each mail, make rules that thrill.
No made-up IDs, preview before you toss,
Count the affected, confirm who’s boss.
Safe hops and tidy inboxes — that’s my gloss."

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description includes a brief motivation and scope, but the Changes and Test Plan sections contain only template placeholders rather than actual substantive content.	Replace the placeholder 'Change 1' and 'Change 2' entries with specific, substantive bullet points detailing the actual changes made. Mark completed test plan items with [x].

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: adding data integrity and write-confirmation rules to lark-mail.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 65.40%. Comparing base (7fb71c6) to head (1c46250).
⚠️ Report is 13 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #749      +/-   ##
==========================================
+ Coverage   64.96%   65.40%   +0.43%     
==========================================
  Files         502      508       +6     
  Lines       46224    46795     +571     
==========================================
+ Hits        30030    30605     +575     
+ Misses      13583    13548      -35     
- Partials     2611     2642      +31     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

🚀 PR Preview Install Guide

🧰 CLI update

npm i -g https://pkg.pr.new/larksuite/cli/@larksuite/cli@1c462507cc50aaad2ecfe4a98c7ca8181d112a42

🧩 Skill update

npx skills add xzcong0820/larksuite-cli#feature/lark-mail-data-integrity-rules -y -g

[coderabbitai]

🧹 Nitpick comments (1)

skills/lark-mail/SKILL.md (1)

485-486: ⚡ Quick win

Consider explicitly listing both add and remove label operations for clarity.

Line 486 mentions "加标签" (add label) as exempt but doesn't explicitly list "移除标签" (remove label), even though line 68 shows both *.add_label and *.remove_label are marked as reversible and exempt from confirmation.

While the "等可逆 modify" (etc. reversible modify) phrasing should cover remove labels, explicitly listing both would prevent confusion—especially since a previous review flagged inconsistency in how label operations were documented.

📝 Suggested wording for improved clarity

-> **写操作前回顶部规则**：调用 `*.delete` / `*.trash` / `*.batch_trash` / `*.cancel_scheduled_send` / `rules.*` 删改前，先回顶部 [`## 数据真实性与操作合规`](`#数据真实性与操作合规`) 的"写操作前显式确认"。标记已读、加标签、改文件夹等可逆 `modify` 不需要回顶部。
+> **写操作前回顶部规则**：调用 `*.delete` / `*.trash` / `*.batch_trash` / `*.cancel_scheduled_send` / `rules.*` 删改前，先回顶部 [`## 数据真实性与操作合规`](`#数据真实性与操作合规`) 的"写操作前显式确认"。标记已读、加/移除标签、改文件夹等可逆 `modify` 不需要回顶部。

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@skills/lark-mail/SKILL.md` around lines 485 - 486, The doc line about exempt
reversible "modify" operations is ambiguous for label changes—explicitly mention
both add and remove label operations to match the actual API and avoid
confusion: update the sentence that currently lists "加标签" to list "加标签/移除标签
(e.g., *.add_label, *.remove_label)" and ensure the notation matches other
examples like the documented `*.add_label` and `*.remove_label` entries earlier
so readers clearly see both operations are exempt from the pre-write
confirmation rule.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@skills/lark-mail/SKILL.md`:
- Around line 485-486: The doc line about exempt reversible "modify" operations
is ambiguous for label changes—explicitly mention both add and remove label
operations to match the actual API and avoid confusion: update the sentence that
currently lists "加标签" to list "加标签/移除标签 (e.g., *.add_label, *.remove_label)" and
ensure the notation matches other examples like the documented `*.add_label` and
`*.remove_label` entries earlier so readers clearly see both operations are
exempt from the pre-write confirmation rule.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 6b55a154-830a-49db-8aaf-214e1326ec13

📥 Commits

Reviewing files that changed from the base of the PR and between 6d1b6cc and 30ab418.

📒 Files selected for processing (1)

• skills/lark-mail/SKILL.md

[chanthuang]

LGTM. 规则清晰，表格化的确认/免确认分类比上一版好很多，流程示例也有助于 agent 理解预期行为。

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

skill-template/domains/mail.md (1)

44-60: ⚡ Quick win

Consider clarifying "动作预览" field requirements.

Line 46 states that the action preview must include "操作类型 + 关键字段：发件人 / 主题 / 文件夹 / 受影响数量", but the workflow example at line 67 only shows sender, subject, and count (no folder). While this is likely intentional since not all fields apply to all operations, consider adding "适用时" or "as applicable" to prevent implementers from trying to force all fields into every preview.

📝 Suggested clarification

-下列操作（除发送类外）执行前，必须展示**动作预览**（操作类型 + 关键字段：发件人 / 主题 / 文件夹 / 受影响数量）并取得确认：
+下列操作（除发送类外）执行前，必须展示**动作预览**（操作类型 + 适用的关键字段：发件人 / 主题 / 文件夹 / 受影响数量）并取得确认：

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@skill-template/domains/mail.md` around lines 44 - 60, Clarify that the "动作预览"
requirement applies fields conditionally by adding wording such as "适用时" or
"仅在相关操作适用时展示" next to the listed fields (发件人 / 主题 / 文件夹 / 受影响数量) so implementers
know not all previews must include every field; update the section that defines
动作预览 and the 批量操作说明 to reference this conditional rule and ensure the workflow
example (which currently shows only 发件人 / 主题 / 数量) is annotated or commented as
an "适用时示例".

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@skill-template/domains/mail.md`:
- Around line 29-69: Add a cross-reference at the start of the "原生 API 调用规则"
section that points to and enforces the "数据真实性与操作合规" rules (the section titled
exactly "数据真实性与操作合规"), instructing agents that all native API calls must still
follow those data authenticity and operational compliance requirements (e.g., no
fabricating IDs, explicit confirmation rules for destructive/batch ops); place
this note as the first paragraph under "原生 API 调用规则" so agents invoking native
APIs are explicitly reminded to follow the compliance rules.

---

Nitpick comments:
In `@skill-template/domains/mail.md`:
- Around line 44-60: Clarify that the "动作预览" requirement applies fields
conditionally by adding wording such as "适用时" or "仅在相关操作适用时展示" next to the
listed fields (发件人 / 主题 / 文件夹 / 受影响数量) so implementers know not all previews
must include every field; update the section that defines 动作预览 and the 批量操作说明 to
reference this conditional rule and ensure the workflow example (which currently
shows only 发件人 / 主题 / 数量) is annotated or commented as an "适用时示例".

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: f02814a3-58d4-4386-b3fb-23ada9c44bbe

📥 Commits

Reviewing files that changed from the base of the PR and between 30ab418 and 0536ce2.

📒 Files selected for processing (1)

• skill-template/domains/mail.md