Update config.yaml

config.yaml

@@ -10,7 +10,7 @@
 # ============================================
 
 # 前端显示的版本号（可选，不填则显示默认版本）
-version: "v1.5.12"
+version: "v1.5.14"
 # 服务器配置
 server:
   host: 0.0.0.0 # 监听地址，0.0.0.0 表示监听所有网络接口
@@ -70,7 +70,7 @@ multi_agent:
   robot_use_multi_agent: true # true 时企业微信/钉钉/飞书机器人也走 Eino 多代理（成本更高）
   batch_use_multi_agent: false # true 时「批量任务」队列中每个子任务也走 Eino 多代理（成本更高）
   max_iteration: 0 # 主代理 / plan_execute 执行器最大轮次，0 表示沿用 agent.max_iterations
-  # plan_execute 专用：execute↔replan 外层循环上限，0 表示 Eino 默认 10。Executor 未暴露 Handlers：patch/reduction/plantask 不作用于 PE，但 tool_search 工具列表拆分仍通过共享 ToolsConfig 作用于执行器。
+  # plan_execute 专用：execute↔replan 外层循环上限，0 表示 Eino 默认 10。当前实现下 Executor 会挂载 patch/reduction/tool_search 等前置中间件。
   plan_execute_loop_max_iterations: 0
   sub_agent_max_iterations: 120
   sub_agent_user_context_max_runes: 0 # 子代理 task 描述中自动注入用户原始请求的字符上限；0=默认2000，负数=禁用
@@ -87,15 +87,25 @@ multi_agent:
   # Eino ADK 中间件与 Deep/Supervisor 调参（结构体见 internal/config/config.go → MultiAgentEinoMiddlewareConfig）
   eino_middleware:
     patch_tool_calls: true # true：修补历史中无 tool_result 的悬空 tool_call（流式中断/重试后更稳）；false：关闭；字段省略时默认等同 true
-    tool_search_enable: false # true：工具数 ≥ min 时启用 tool_search，仅前 N 个工具常驻，其余按正则按需解锁，省 token、减误选；false：全量工具进上下文
+    tool_search_enable: true # true：工具数 ≥ min 时启用 tool_search，仅前 N 个工具常驻，其余按正则按需解锁，省 token、减误选；false：全量工具进上下文
     tool_search_min_tools: 20 # 达到该数量才启用 tool_search（避免工具很少时多此一举）；与 always_visible 配合使用
     tool_search_always_visible: 12 # 始终直接暴露给模型的工具个数（顺序与角色工具列表一致）；其余工具进入动态池，需 tool_search 解锁
+    tool_search_always_visible_tools: [read_file, glob, grep, write_file, edit_file, execute, task, transfer_to_agent, exit, write_todos, skill, tool_search, TaskCreate, TaskGet, TaskUpdate, TaskList, record_vulnerability, list_knowledge_risk_types, search_knowledge_base, webshell_exec, webshell_file_list, webshell_file_read, webshell_file_write, manage_webshell_list, manage_webshell_add, manage_webshell_update, manage_webshell_delete, manage_webshell_test, batch_task_list, batch_task_get, batch_task_start, batch_task_rerun, batch_task_pause, batch_task_update_metadata, batch_task_update_schedule, batch_task_schedule_enabled, batch_task_update_task, batch_task_remove_task, batch_task_delete, batch_task_create, batch_task_add_task, http-framework-test] # 后端内置常驻工具白名单（优先于 always_visible 数量策略）
     plantask_enable: false # true：主代理（Deep / Supervisor 主）挂载 TaskCreate/Get/Update/List；需 eino_skills 可用且 skills_dir 存在，否则仅打日志并跳过
     plantask_rel_dir: .eino/plantask # 结构化任务文件相对 skills_dir 的子目录，其下再按会话 ID 分子目录存放
-    reduction_enable: false # true：大工具输出截断/落盘以控上下文；依赖与 plantask 相同的 eino local 写盘后端，无后端时不挂载
+    reduction_enable: true # true：大工具输出截断/落盘以控上下文；依赖与 plantask 相同的 eino local 写盘后端，无后端时不挂载
+    reduction_max_length_for_trunc: 50000 # 单条工具结果超过该字符数（bytes）时截断并落盘（由 reduction 中间件处理）
+    reduction_max_tokens_for_clear: 160000 # 历史工具结果清理阈值（tokens），超阈值时在模型调用前清理旧结果
     reduction_root_dir: "" # 非空：截断/清理内容落盘根路径；空：使用系统临时目录下按会话隔离的默认路径
     reduction_clear_exclude: [] # 不参与「清理阶段」的工具名额外列表（会与 task/transfer/exit 等内置排除项合并）；需要时用 YAML 列表填写
-    reduction_sub_agents: false # true：子代理也挂 reduction；false：仅编排主代理使用 reduction
+    reduction_sub_agents: true # true：子代理也挂 reduction；false：仅编排主代理使用 reduction
+    summarization_trigger_ratio: 0.8 # summarization 触发比例（max_total_tokens * ratio），建议 0.75~0.85
+    summarization_emit_internal_events: true # true：发出 summarization 内部事件（便于诊断）
+    history_input_budget_ratio: 0.35 # 历史入队预算比例（max_total_tokens * ratio）
+    plan_execute_user_input_budget_ratio: 0.35 # plan_execute 中 userInput 预算比例（planner/replanner/executor 共用）
+    plan_execute_executed_steps_budget_ratio: 0.2 # plan_execute 中 executed_steps 预算比例
+    plan_execute_max_step_result_runes: 4000 # plan_execute 每步结果最大字符数（超出截断）
+    plan_execute_keep_last_steps: 8 # plan_execute 仅保留最近 N 步正文，早期步骤折叠为标题
     checkpoint_dir: "" # 非空：为 adk.NewRunner 启用按会话子目录的文件型 CheckPointStore，便于中断恢复持久化；Resume 的 HTTP/前端流程需另行对接
     deep_output_key: "" # 非空：将最终助手输出写入 adk session 的键名（Deep 与 Supervisor 主代理）；空表示不写入
     deep_model_retry_max_retries: 0 # >0：ChatModel 调用失败时的框架级最大重试次数（Deep 与 Supervisor 主）；0：不重试

internal/agent/agent.go

@@ -39,6 +39,7 @@ type Agent struct {
 	toolNameMapping       map[string]string // 工具名称映射：OpenAI格式 -> 原始格式（用于外部MCP工具）
 	currentConversationID string            // 当前对话ID（用于自动传递给工具）
 	promptBaseDir         string            // 解析 system_prompt_path 时相对路径的基准目录（通常为 config.yaml 所在目录）
+	toolDescriptionMode   string            // 工具描述模式: "short" | "full"，默认 short
 }
 
 // ResultStorage 结果存储接口（直接使用 storage 包的类型）
@@ -162,6 +163,7 @@ func NewAgent(cfg *config.OpenAIConfig, agentCfg *config.AgentConfig, mcpServer
 		resultStorage:        resultStorage,
 		largeResultThreshold: largeResultThreshold,
 		toolNameMapping:      make(map[string]string), // 初始化工具名称映射
+		toolDescriptionMode:  "short",
 	}
 }
 
@@ -922,7 +924,7 @@ func (a *Agent) AgentLoopWithProgress(ctx context.Context, userInput string, his
 }
 
 // getAvailableTools 获取可用工具
-// 从MCP服务器动态获取工具列表，使用简短描述以减少token消耗
+// 从MCP服务器动态获取工具列表，描述模式由 tool_description_mode 控制
 // roleTools: 角色配置的工具列表（toolKey格式），如果为空或nil，则使用所有工具（默认角色）
 func (a *Agent) getAvailableTools(roleTools []string) []Tool {
 	// 构建角色工具集合（用于快速查找）
@@ -946,11 +948,7 @@ func (a *Agent) getAvailableTools(roleTools []string) []Tool {
 				continue // 不在角色工具列表中，跳过
 			}
 		}
-		// 使用简短描述（如果存在），否则使用详细描述
-		description := mcpTool.ShortDescription
-		if description == "" {
-			description = mcpTool.Description
-		}
+		description := a.pickToolDescription(mcpTool.ShortDescription, mcpTool.Description)
 
 		// 转换schema中的类型为OpenAI标准类型
 		convertedSchema := a.convertSchemaTypes(mcpTool.InputSchema)
@@ -1024,11 +1022,7 @@ func (a *Agent) getAvailableTools(roleTools []string) []Tool {
 					continue
 				}
 
-				// 使用简短描述（如果存在），否则使用详细描述
-				description := externalTool.ShortDescription
-				if description == "" {
-					description = externalTool.Description
-				}
+				description := a.pickToolDescription(externalTool.ShortDescription, externalTool.Description)
 
 				// 转换schema中的类型为OpenAI标准类型
 				convertedSchema := a.convertSchemaTypes(externalTool.InputSchema)
@@ -1063,6 +1057,19 @@ func (a *Agent) getAvailableTools(roleTools []string) []Tool {
 	return tools
 }
 
+func (a *Agent) pickToolDescription(shortDesc, fullDesc string) string {
+	a.mu.RLock()
+	mode := strings.TrimSpace(strings.ToLower(a.toolDescriptionMode))
+	a.mu.RUnlock()
+	if mode == "full" {
+		return fullDesc
+	}
+	if shortDesc != "" {
+		return shortDesc
+	}
+	return fullDesc
+}
+
 // convertSchemaTypes 递归转换schema中的类型为OpenAI标准类型
 func (a *Agent) convertSchemaTypes(schema map[string]interface{}) map[string]interface{} {
 	if schema == nil {
@@ -1665,6 +1672,18 @@ func (a *Agent) UpdateMaxIterations(maxIterations int) {
 	}
 }
 
+// UpdateToolDescriptionMode 更新工具描述模式（short/full）
+func (a *Agent) UpdateToolDescriptionMode(mode string) {
+	a.mu.Lock()
+	defer a.mu.Unlock()
+	mode = strings.TrimSpace(strings.ToLower(mode))
+	if mode != "full" {
+		mode = "short"
+	}
+	a.toolDescriptionMode = mode
+	a.logger.Info("Agent工具描述模式已更新", zap.String("tool_description_mode", mode))
+}
+
 // formatToolError 格式化工具错误信息，提供更友好的错误描述
 func (a *Agent) formatToolError(toolName string, args map[string]interface{}, err error) string {
 	errorMsg := fmt.Sprintf(`工具执行失败

internal/app/app.go

@@ -133,6 +133,7 @@ func New(cfg *config.Config, log *logger.Logger) (*App, error) {
 		maxIterations = 30 // 默认值
 	}
 	agent := agent.NewAgent(&cfg.OpenAI, &cfg.Agent, mcpServer, externalMCPMgr, log.Logger, maxIterations)
+	agent.UpdateToolDescriptionMode(cfg.Security.ToolDescriptionMode)
 
 	// 设置结果存储到Agent
 	agent.SetResultStorage(resultStorage)
@@ -317,6 +318,7 @@ func New(cfg *config.Config, log *logger.Logger) (*App, error) {
 	}
 	monitorHandler := handler.NewMonitorHandler(mcpServer, executor, db, log.Logger)
 	monitorHandler.SetExternalMCPManager(externalMCPMgr) // 设置外部MCP管理器，以便获取外部MCP执行记录
+	notificationHandler := handler.NewNotificationHandler(db, agentHandler, log.Logger)
 	groupHandler := handler.NewGroupHandler(db, log.Logger)
 	authHandler := handler.NewAuthHandler(authManager, cfg, configPath, log.Logger)
 	attackChainHandler := handler.NewAttackChainHandler(db, &cfg.OpenAI, log.Logger)
@@ -433,6 +435,7 @@ func New(cfg *config.Config, log *logger.Logger) (*App, error) {
 		authHandler,
 		agentHandler,
 		monitorHandler,
+		notificationHandler,
 		conversationHandler,
 		robotHandler,
 		groupHandler,
@@ -599,6 +602,7 @@ func setupRoutes(
 	authHandler *handler.AuthHandler,
 	agentHandler *handler.AgentHandler,
 	monitorHandler *handler.MonitorHandler,
+	notificationHandler *handler.NotificationHandler,
 	conversationHandler *handler.ConversationHandler,
 	robotHandler *handler.RobotHandler,
 	groupHandler *handler.GroupHandler,
@@ -727,6 +731,8 @@ func setupRoutes(
 		protected.DELETE("/monitor/execution/:id", monitorHandler.DeleteExecution)
 		protected.DELETE("/monitor/executions", monitorHandler.DeleteExecutions)
 		protected.GET("/monitor/stats", monitorHandler.GetStats)
+		protected.GET("/notifications/summary", notificationHandler.GetSummary)
+		protected.POST("/notifications/read", notificationHandler.MarkRead)
 
 		// 配置管理
 		protected.GET("/config", configHandler.GetConfig)

internal/config/config.go

@@ -72,6 +72,8 @@ type MultiAgentEinoMiddlewareConfig struct {
 	ToolSearchEnable        bool `yaml:"tool_search_enable,omitempty" json:"tool_search_enable,omitempty"`
 	ToolSearchMinTools      int  `yaml:"tool_search_min_tools,omitempty" json:"tool_search_min_tools,omitempty"`           // default 20; applies when len(tools) >= this
 	ToolSearchAlwaysVisible int  `yaml:"tool_search_always_visible,omitempty" json:"tool_search_always_visible,omitempty"` // default 12; first N tools stay always visible
+	// ToolSearchAlwaysVisibleTools keeps specified tool names always visible (never hidden by tool_search).
+	ToolSearchAlwaysVisibleTools []string `yaml:"tool_search_always_visible_tools,omitempty" json:"tool_search_always_visible_tools,omitempty"`
 	// Plantask adds TaskCreate/Get/Update/List (file-backed under skills dir); requires eino_skills + local backend.
 	PlantaskEnable bool `yaml:"plantask_enable,omitempty" json:"plantask_enable,omitempty"`
 	// PlantaskRelDir relative to skills_dir for per-conversation task boards (default .eino/plantask).
@@ -79,8 +81,24 @@ type MultiAgentEinoMiddlewareConfig struct {
 	// Reduction truncates/offloads large tool outputs (requires eino local backend for Write).
 	ReductionEnable       bool     `yaml:"reduction_enable,omitempty" json:"reduction_enable,omitempty"`
 	ReductionRootDir      string   `yaml:"reduction_root_dir,omitempty" json:"reduction_root_dir,omitempty"` // default: os temp + conversation id
+	ReductionMaxLengthForTrunc int `yaml:"reduction_max_length_for_trunc,omitempty" json:"reduction_max_length_for_trunc,omitempty"` // default 12000
+	ReductionMaxTokensForClear int `yaml:"reduction_max_tokens_for_clear,omitempty" json:"reduction_max_tokens_for_clear,omitempty"` // default 50000
 	ReductionClearExclude []string `yaml:"reduction_clear_exclude,omitempty" json:"reduction_clear_exclude,omitempty"`
 	ReductionSubAgents    bool     `yaml:"reduction_sub_agents,omitempty" json:"reduction_sub_agents,omitempty"` // also attach to sub-agents
+	// SummarizationTriggerRatio controls summarization trigger threshold as max_total_tokens * ratio (default 0.8).
+	SummarizationTriggerRatio float64 `yaml:"summarization_trigger_ratio,omitempty" json:"summarization_trigger_ratio,omitempty"`
+	// SummarizationEmitInternalEvents controls middleware internal event emission (default true).
+	SummarizationEmitInternalEvents *bool `yaml:"summarization_emit_internal_events,omitempty" json:"summarization_emit_internal_events,omitempty"`
+	// HistoryInputBudgetRatio caps pre-agent history tokens as max_total_tokens * ratio (default 0.35).
+	HistoryInputBudgetRatio float64 `yaml:"history_input_budget_ratio,omitempty" json:"history_input_budget_ratio,omitempty"`
+	// PlanExecuteUserInputBudgetRatio caps planner/replanner/executor userInput prompt budget ratio (default 0.35).
+	PlanExecuteUserInputBudgetRatio float64 `yaml:"plan_execute_user_input_budget_ratio,omitempty" json:"plan_execute_user_input_budget_ratio,omitempty"`
+	// PlanExecuteExecutedStepsBudgetRatio caps executed_steps prompt budget ratio (default 0.2).
+	PlanExecuteExecutedStepsBudgetRatio float64 `yaml:"plan_execute_executed_steps_budget_ratio,omitempty" json:"plan_execute_executed_steps_budget_ratio,omitempty"`
+	// PlanExecuteMaxStepResultRunes caps each executed step result length for prompt view (default 4000).
+	PlanExecuteMaxStepResultRunes int `yaml:"plan_execute_max_step_result_runes,omitempty" json:"plan_execute_max_step_result_runes,omitempty"`
+	// PlanExecuteKeepLastSteps keeps only the tail steps in prompt view (default 8).
+	PlanExecuteKeepLastSteps int `yaml:"plan_execute_keep_last_steps,omitempty" json:"plan_execute_keep_last_steps,omitempty"`
 	// CheckpointDir when non-empty enables adk.Runner CheckPointStore (file-backed) for interrupt/resume persistence.
 	CheckpointDir string `yaml:"checkpoint_dir,omitempty" json:"checkpoint_dir,omitempty"`
 	// DeepOutputKey passed to deep.Config OutputKey (session final text); empty = off.
@@ -91,6 +109,97 @@ type MultiAgentEinoMiddlewareConfig struct {
 	TaskToolDescriptionPrefix string `yaml:"task_tool_description_prefix,omitempty" json:"task_tool_description_prefix,omitempty"`
 }
 
+func (c MultiAgentEinoMiddlewareConfig) SummarizationTriggerRatioEffective() float64 {
+	v := c.SummarizationTriggerRatio
+	if v <= 0 {
+		return 0.8
+	}
+	if v < 0.5 {
+		return 0.5
+	}
+	if v > 0.95 {
+		return 0.95
+	}
+	return v
+}
+
+func (c MultiAgentEinoMiddlewareConfig) SummarizationEmitInternalEventsEffective() bool {
+	if c.SummarizationEmitInternalEvents != nil {
+		return *c.SummarizationEmitInternalEvents
+	}
+	return true
+}
+
+func (c MultiAgentEinoMiddlewareConfig) HistoryInputBudgetRatioEffective() float64 {
+	v := c.HistoryInputBudgetRatio
+	if v <= 0 {
+		return 0.35
+	}
+	if v < 0.15 {
+		return 0.15
+	}
+	if v > 0.6 {
+		return 0.6
+	}
+	return v
+}
+
+func (c MultiAgentEinoMiddlewareConfig) PlanExecuteUserInputBudgetRatioEffective() float64 {
+	v := c.PlanExecuteUserInputBudgetRatio
+	if v <= 0 {
+		return 0.35
+	}
+	if v < 0.1 {
+		return 0.1
+	}
+	if v > 0.6 {
+		return 0.6
+	}
+	return v
+}
+
+func (c MultiAgentEinoMiddlewareConfig) PlanExecuteExecutedStepsBudgetRatioEffective() float64 {
+	v := c.PlanExecuteExecutedStepsBudgetRatio
+	if v <= 0 {
+		return 0.2
+	}
+	if v < 0.08 {
+		return 0.08
+	}
+	if v > 0.5 {
+		return 0.5
+	}
+	return v
+}
+
+func (c MultiAgentEinoMiddlewareConfig) PlanExecuteMaxStepResultRunesEffective() int {
+	if c.PlanExecuteMaxStepResultRunes > 0 {
+		return c.PlanExecuteMaxStepResultRunes
+	}
+	return 4000
+}
+
+func (c MultiAgentEinoMiddlewareConfig) PlanExecuteKeepLastStepsEffective() int {
+	if c.PlanExecuteKeepLastSteps > 0 {
+		return c.PlanExecuteKeepLastSteps
+	}
+	return 8
+}
+
+func (c MultiAgentEinoMiddlewareConfig) ReductionMaxLengthForTruncEffective() int {
+	if c.ReductionMaxLengthForTrunc > 0 {
+		return c.ReductionMaxLengthForTrunc
+	}
+	return 12000
+}
+
+func (c MultiAgentEinoMiddlewareConfig) ReductionMaxTokensForClearEffective() int {
+	if c.ReductionMaxTokensForClear > 0 {
+		return c.ReductionMaxTokensForClear
+	}
+	return 50000
+}
+
 // MultiAgentEinoSkillsConfig toggles Eino official skill progressive disclosure and host filesystem tools.
 type MultiAgentEinoSkillsConfig struct {
 	// Disable skips skill middleware (and does not attach local FS tools for Deep).
@@ -137,6 +246,8 @@ type MultiAgentPublic struct {
 	SubAgentCount                int    `json:"sub_agent_count"`
 	Orchestration                string `json:"orchestration,omitempty"`
 	PlanExecuteLoopMaxIterations int    `json:"plan_execute_loop_max_iterations"`
+	ToolSearchAlwaysVisibleTools []string `json:"tool_search_always_visible_tools,omitempty"`
+	ToolSearchAlwaysVisibleEffectiveTools []string `json:"tool_search_always_visible_effective_tools,omitempty"`
 }
 
 // NormalizeMultiAgentOrchestration 返回 deep、plan_execute 或 supervisor。
@@ -158,6 +269,7 @@ type MultiAgentAPIUpdate struct {
 	RobotUseMultiAgent           bool `json:"robot_use_multi_agent"`
 	BatchUseMultiAgent           bool `json:"batch_use_multi_agent"`
 	PlanExecuteLoopMaxIterations *int `json:"plan_execute_loop_max_iterations,omitempty"`
+	ToolSearchAlwaysVisibleTools []string `json:"tool_search_always_visible_tools,omitempty"`
 }
 
 // RobotsConfig 机器人配置（企业微信、钉钉、飞书等）

internal/database/conversation.go

@@ -4,6 +4,8 @@ import (
 	"database/sql"
 	"encoding/json"
 	"fmt"
+	"os"
+	"path/filepath"
 	"strings"
 	"time"
 
@@ -416,6 +418,14 @@ func (db *DB) DeleteConversation(id string) error {
 	if err != nil {
 		return fmt.Errorf("删除对话失败: %w", err)
 	}
+	// Best-effort cleanup for conversation-scoped filesystem artifacts
+	// (e.g., summarization transcript, reduction/checkpoint files under conversation_artifacts/<id>).
+	if base := strings.TrimSpace(db.conversationArtifactsDir); base != "" {
+		artDir := filepath.Join(base, id)
+		if rmErr := os.RemoveAll(artDir); rmErr != nil {
+			db.logger.Warn("删除会话 artifacts 目录失败", zap.String("conversationId", id), zap.String("dir", artDir), zap.Error(rmErr))
+		}
+	}
 
 	db.logger.Info("对话及其所有相关数据已删除", zap.String("conversationId", id))
 	return nil

internal/database/database.go

@@ -3,6 +3,8 @@ package database
 import (
 	"database/sql"
 	"fmt"
+	"os"
+	"path/filepath"
 	"strings"
 	"time"
 
@@ -21,7 +23,8 @@ func configureDBPool(db *sql.DB) {
 // DB 数据库连接
 type DB struct {
 	*sql.DB
-	logger *zap.Logger
+	logger                   *zap.Logger
+	conversationArtifactsDir string
 }
 
 // NewDB 创建数据库连接
@@ -41,6 +44,13 @@ func NewDB(dbPath string, logger *zap.Logger) (*DB, error) {
 		DB:     db,
 		logger: logger,
 	}
+	// Keep conversation-scoped artifacts near database files, so cleanup can follow conversation lifecycle.
+	baseDir := filepath.Join(filepath.Dir(dbPath), "conversation_artifacts")
+	if mkErr := os.MkdirAll(baseDir, 0o755); mkErr == nil {
+		database.conversationArtifactsDir = baseDir
+	} else if logger != nil {
+		logger.Warn("创建 conversation artifacts 目录失败", zap.String("dir", baseDir), zap.Error(mkErr))
+	}
 
 	// 初始化表
 	if err := database.initTables(); err != nil {

internal/handler/config.go

@@ -17,6 +17,7 @@ import (
 	"cyberstrike-ai/internal/config"
 	"cyberstrike-ai/internal/knowledge"
 	"cyberstrike-ai/internal/mcp"
+	"cyberstrike-ai/internal/mcp/builtin"
 	"cyberstrike-ai/internal/openai"
 	"cyberstrike-ai/internal/security"
 
@@ -90,6 +91,7 @@ type AttackChainUpdater interface {
 type AgentUpdater interface {
 	UpdateConfig(cfg *config.OpenAIConfig)
 	UpdateMaxIterations(maxIterations int)
+	UpdateToolDescriptionMode(mode string)
 }
 
 // NewConfigHandler 创建新的配置处理器
@@ -232,13 +234,7 @@ func (h *ConfigHandler) GetConfig(c *gin.Context) {
 			if configToolMap[mcpTool.Name] {
 				continue
 			}
-			description := mcpTool.ShortDescription
-			if description == "" {
-				description = mcpTool.Description
-			}
-			if len(description) > 10000 {
-				description = description[:10000] + "..."
-			}
+			description := h.pickToolDescription(mcpTool.ShortDescription, mcpTool.Description)
 			tools = append(tools, ToolConfigInfo{
 				Name:        mcpTool.Name,
 				Description: description,
@@ -275,6 +271,11 @@ func (h *ConfigHandler) GetConfig(c *gin.Context) {
 		SubAgentCount:                subAgentCount,
 		Orchestration:                config.NormalizeMultiAgentOrchestration(h.config.MultiAgent.Orchestration),
 		PlanExecuteLoopMaxIterations: h.config.MultiAgent.PlanExecuteLoopMaxIterations,
+		ToolSearchAlwaysVisibleTools: append([]string(nil), h.config.MultiAgent.EinoMiddleware.ToolSearchAlwaysVisibleTools...),
+		ToolSearchAlwaysVisibleEffectiveTools: mergeToolNameLists(
+			h.config.MultiAgent.EinoMiddleware.ToolSearchAlwaysVisibleTools,
+			builtin.GetAllBuiltinTools(),
+		),
 	}
 
 	c.JSON(http.StatusOK, GetConfigResponse{
@@ -430,13 +431,7 @@ func (h *ConfigHandler) GetTools(c *gin.Context) {
 				continue
 			}
 
-			description := mcpTool.ShortDescription
-			if description == "" {
-				description = mcpTool.Description
-			}
-			if len(description) > 10000 {
-				description = description[:10000] + "..."
-			}
+			description := h.pickToolDescription(mcpTool.ShortDescription, mcpTool.Description)
 
 			toolInfo := ToolConfigInfo{
 				Name:        mcpTool.Name,
@@ -689,11 +684,13 @@ func (h *ConfigHandler) UpdateConfig(c *gin.Context) {
 		if req.MultiAgent.PlanExecuteLoopMaxIterations != nil {
 			h.config.MultiAgent.PlanExecuteLoopMaxIterations = *req.MultiAgent.PlanExecuteLoopMaxIterations
 		}
+		h.config.MultiAgent.EinoMiddleware.ToolSearchAlwaysVisibleTools = dedupeToolNameList(req.MultiAgent.ToolSearchAlwaysVisibleTools)
 		h.logger.Info("更新多代理配置",
 			zap.Bool("enabled", h.config.MultiAgent.Enabled),
 			zap.Bool("robot_use_multi_agent", h.config.MultiAgent.RobotUseMultiAgent),
 			zap.Bool("batch_use_multi_agent", h.config.MultiAgent.BatchUseMultiAgent),
 			zap.Int("plan_execute_loop_max_iterations", h.config.MultiAgent.PlanExecuteLoopMaxIterations),
+			zap.Int("tool_search_always_visible_tools", len(h.config.MultiAgent.EinoMiddleware.ToolSearchAlwaysVisibleTools)),
 		)
 	}
 
@@ -1061,6 +1058,7 @@ func (h *ConfigHandler) ApplyConfig(c *gin.Context) {
 	if h.agent != nil {
 		h.agent.UpdateConfig(&h.config.OpenAI)
 		h.agent.UpdateMaxIterations(h.config.Agent.MaxIterations)
+		h.agent.UpdateToolDescriptionMode(h.config.Security.ToolDescriptionMode)
 		h.logger.Info("Agent配置已更新")
 	}
 
@@ -1383,6 +1381,33 @@ func updateMultiAgentConfig(doc *yaml.Node, cfg config.MultiAgentConfig) {
 	setBoolInMap(maNode, "robot_use_multi_agent", cfg.RobotUseMultiAgent)
 	setBoolInMap(maNode, "batch_use_multi_agent", cfg.BatchUseMultiAgent)
 	setIntInMap(maNode, "plan_execute_loop_max_iterations", cfg.PlanExecuteLoopMaxIterations)
+	mwNode := ensureMap(maNode, "eino_middleware")
+	setFlowStringSliceInMap(mwNode, "tool_search_always_visible_tools", dedupeToolNameList(cfg.EinoMiddleware.ToolSearchAlwaysVisibleTools))
+}
+
+func dedupeToolNameList(in []string) []string {
+	if len(in) == 0 {
+		return []string{}
+	}
+	seen := make(map[string]struct{}, len(in))
+	out := make([]string, 0, len(in))
+	for _, name := range in {
+		n := strings.TrimSpace(name)
+		if n == "" {
+			continue
+		}
+		key := strings.ToLower(n)
+		if _, ok := seen[key]; ok {
+			continue
+		}
+		seen[key] = struct{}{}
+		out = append(out, n)
+	}
+	return out
+}
+
+func mergeToolNameLists(a, b []string) []string {
+	return dedupeToolNameList(append(append([]string{}, a...), b...))
 }
 
 func ensureMap(parent *yaml.Node, path ...string) *yaml.Node {

internal/handler/hitl.go

@@ -85,7 +85,7 @@ CREATE TABLE IF NOT EXISTS hitl_conversation_configs (
     enabled INTEGER NOT NULL DEFAULT 0,
     mode TEXT NOT NULL DEFAULT 'off',
     sensitive_tools TEXT NOT NULL DEFAULT '[]',
-    timeout_seconds INTEGER NOT NULL DEFAULT 300,
+    timeout_seconds INTEGER NOT NULL DEFAULT 0,
     updated_at DATETIME NOT NULL
 );`)
 	if err != nil {
@@ -133,7 +133,8 @@ func (m *HITLManager) ActivateConversation(conversationID string, req *HITLReque
 			tools[n] = struct{}{}
 		}
 	}
-	timeout := 5 * time.Minute
+	// timeout <= 0 means wait forever (no timeout).
+	timeout := time.Duration(0)
 	if req.TimeoutSeconds > 0 {
 		timeout = time.Duration(req.TimeoutSeconds) * time.Second
 	}
@@ -275,8 +276,8 @@ func (m *HITLManager) ensureConversationHITLModePersisted(conversationID, interr
 	}
 	cfg.Enabled = true
 	cfg.Mode = nm
-	if cfg.TimeoutSeconds <= 0 {
-		cfg.TimeoutSeconds = 300
+	if cfg.TimeoutSeconds < 0 {
+		cfg.TimeoutSeconds = 0
 	}
 	return m.SaveConversationConfig(conversationID, cfg)
 }
@@ -341,7 +342,7 @@ func (m *HITLManager) SaveConversationConfig(conversationID string, req *HITLReq
 		return errors.New("conversationId is required")
 	}
 	if req == nil {
-		req = &HITLRequest{Enabled: false, Mode: "off", TimeoutSeconds: 300}
+		req = &HITLRequest{Enabled: false, Mode: "off", TimeoutSeconds: 0}
 	}
 	mode := normalizeHitlMode(req.Mode)
 	if !req.Enabled {
@@ -349,8 +350,8 @@ func (m *HITLManager) SaveConversationConfig(conversationID string, req *HITLReq
 	}
 	tools, _ := json.Marshal(req.SensitiveTools)
 	timeout := req.TimeoutSeconds
-	if timeout <= 0 {
-		timeout = 300
+	if timeout < 0 {
+		timeout = 0
 	}
 	_, err := m.db.Exec(`INSERT INTO hitl_conversation_configs
 		(conversation_id, enabled, mode, sensitive_tools, timeout_seconds, updated_at)
@@ -368,11 +369,14 @@ func (m *HITLManager) LoadConversationConfig(conversationID string) (*HITLReques
 	err := m.db.QueryRow(`SELECT enabled, mode, sensitive_tools, timeout_seconds FROM hitl_conversation_configs WHERE conversation_id = ?`, conversationID).
 		Scan(&enabledInt, &mode, &toolsJSON, &timeout)
 	if errors.Is(err, sql.ErrNoRows) {
-		return &HITLRequest{Enabled: false, Mode: "off", SensitiveTools: []string{}, TimeoutSeconds: 300}, nil
+		return &HITLRequest{Enabled: false, Mode: "off", SensitiveTools: []string{}, TimeoutSeconds: 0}, nil
 	}
 	if err != nil {
 		return nil, err
 	}
+	if timeout < 0 {
+		timeout = 0
+	}
 	tools := make([]string, 0)
 	_ = json.Unmarshal([]byte(toolsJSON), &tools)
 	return &HITLRequest{
@@ -389,6 +393,12 @@ func (m *HITLManager) waitDecision(ctx context.Context, p *pendingInterrupt, tim
 		delete(m.pending, p.InterruptID)
 		m.mu.Unlock()
 	}()
+	var timeoutCh <-chan time.Time
+	if timeout > 0 {
+		timer := time.NewTimer(timeout)
+		defer timer.Stop()
+		timeoutCh = timer.C
+	}
 	select {
 	case d := <-p.decideCh:
 		// 只有 review_edit 模式允许改参；其他模式一律忽略 edited arguments
@@ -398,7 +408,7 @@ func (m *HITLManager) waitDecision(ctx context.Context, p *pendingInterrupt, tim
 		_, _ = m.db.Exec(`UPDATE hitl_interrupts SET status='decided', decision=?, decision_comment=?, decided_at=? WHERE id=?`,
 			d.Decision, d.Comment, time.Now(), p.InterruptID)
 		return d, nil
-	case <-time.After(timeout):
+	case <-timeoutCh:
 		_, _ = m.db.Exec(`UPDATE hitl_interrupts SET status='timeout', decision='approve', decision_comment='timeout auto approve', decided_at=? WHERE id=?`,
 			time.Now(), p.InterruptID)
 		return hitlDecision{Decision: "approve", Comment: "timeout auto approve"}, nil
@@ -718,8 +728,8 @@ func (h *AgentHandler) GetHITLConversationConfig(c *gin.Context) {
 			cfg2 := *cfg
 			cfg2.Enabled = true
 			cfg2.Mode = normalizeHitlMode(pendMode)
-			if cfg2.TimeoutSeconds <= 0 {
-				cfg2.TimeoutSeconds = 300
+			if cfg2.TimeoutSeconds < 0 {
+				cfg2.TimeoutSeconds = 0
 			}
 			cfg = &cfg2
 		}

internal/handler/notification.go

@@ -0,0 +1,642 @@
+package handler
+
+import (
+	"fmt"
+	"net/http"
+	"sort"
+	"strconv"
+	"strings"
+	"time"
+
+	"cyberstrike-ai/internal/database"
+	"github.com/gin-gonic/gin"
+	"go.uber.org/zap"
+)
+
+// NotificationHandler 聚合通知（Phase 2：服务端统一计算）
+type NotificationHandler struct {
+	db           *database.DB
+	agentHandler *AgentHandler
+	logger       *zap.Logger
+}
+
+const notificationReadMaxRows = 150
+
+// NotificationSummaryItem 通知项
+type NotificationSummaryItem struct {
+	ID         string `json:"id"`
+	Level      string `json:"level"` // p0/p1/p2
+	Type       string `json:"type"`
+	Title      string `json:"title"`
+	Desc       string `json:"desc"`
+	Ts         string `json:"ts"` // RFC3339
+	Count      int    `json:"count,omitempty"`
+	Actionable bool   `json:"actionable"`
+	Read       bool   `json:"read"`
+	// 以下字段用于前端深链跳转（通知即入口）
+	ConversationID  string `json:"conversationId,omitempty"`
+	VulnerabilityID string `json:"vulnerabilityId,omitempty"`
+	ExecutionID     string `json:"executionId,omitempty"`
+	InterruptID     string `json:"interruptId,omitempty"`
+}
+
+// NotificationSummaryResponse 聚合响应
+type NotificationSummaryResponse struct {
+	SinceMs     int64                     `json:"sinceMs"`
+	GeneratedAt string                    `json:"generatedAt"`
+	P0Count     int                       `json:"p0Count"`
+	UnreadCount int                       `json:"unreadCount"`
+	Counts      map[string]int            `json:"counts"`
+	Items       []NotificationSummaryItem `json:"items"`
+}
+
+func NewNotificationHandler(db *database.DB, agentHandler *AgentHandler, logger *zap.Logger) *NotificationHandler {
+	return &NotificationHandler{
+		db:           db,
+		agentHandler: agentHandler,
+		logger:       logger,
+	}
+}
+
+func parseSinceMs(raw string) int64 {
+	v := strings.TrimSpace(raw)
+	if v == "" {
+		return 0
+	}
+	if ms, err := strconv.ParseInt(v, 10, 64); err == nil && ms > 0 {
+		return ms
+	}
+	if t, err := time.Parse(time.RFC3339, v); err == nil {
+		return t.UnixMilli()
+	}
+	return 0
+}
+
+func unixSecToRFC3339(sec int64) string {
+	if sec <= 0 {
+		return time.Now().UTC().Format(time.RFC3339)
+	}
+	return time.Unix(sec, 0).UTC().Format(time.RFC3339)
+}
+
+func normalizedSinceSec(sinceMs int64) int64 {
+	sec := sinceMs / 1000
+	// SQLite 默认时间精度到秒；给 1s 回看窗口，避免“同秒内新增”被漏算。
+	if sec > 0 {
+		return sec - 1
+	}
+	return 0
+}
+
+func normalizeSinceMs(raw int64) int64 {
+	if raw > 0 {
+		return raw
+	}
+	// 默认仅看最近 24 小时，避免首次打开拉全量历史噪音。
+	return time.Now().Add(-24 * time.Hour).UnixMilli()
+}
+
+func levelBySeverity(sev string) string {
+	switch strings.ToLower(strings.TrimSpace(sev)) {
+	case "critical", "high":
+		return "p0"
+	case "medium":
+		return "p1"
+	default:
+		return "p2"
+	}
+}
+
+func requestWantsEnglish(c *gin.Context) bool {
+	if c == nil {
+		return false
+	}
+	lang := strings.ToLower(strings.TrimSpace(c.Query("lang")))
+	if lang == "" {
+		lang = strings.ToLower(strings.TrimSpace(c.GetHeader("Accept-Language")))
+	}
+	return strings.HasPrefix(lang, "en")
+}
+
+func i18nText(english bool, zh string, en string) string {
+	if english {
+		return en
+	}
+	return zh
+}
+
+func (h *NotificationHandler) loadPendingHITLItems(limit int, english bool) ([]NotificationSummaryItem, error) {
+	rows, err := h.db.Query(`
+		SELECT
+			id,
+			conversation_id,
+			tool_name,
+			COALESCE(CAST(strftime('%s', created_at) AS INTEGER), 0)
+		FROM hitl_interrupts
+		WHERE status = 'pending'
+		ORDER BY created_at DESC
+		LIMIT ?
+	`, limit)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	items := make([]NotificationSummaryItem, 0, limit)
+	for rows.Next() {
+		var id, conversationID, toolName string
+		var createdSec int64
+		if err := rows.Scan(&id, &conversationID, &toolName, &createdSec); err != nil {
+			continue
+		}
+		desc := i18nText(english, "会话 "+conversationID+" 的审批中断待处理", "Conversation "+conversationID+" has pending HITL approval")
+		if strings.TrimSpace(toolName) != "" {
+			desc = i18nText(english, "工具 "+toolName+" 等待审批", "Tool "+toolName+" is waiting for approval")
+		}
+		items = append(items, NotificationSummaryItem{
+			ID:             "hitl:" + id,
+			Level:          "p0",
+			Type:           "hitl_pending",
+			Title:          i18nText(english, "HITL 待审批", "HITL Pending Approval"),
+			Desc:           desc,
+			Ts:             unixSecToRFC3339(createdSec),
+			Count:          1,
+			Actionable:     true,
+			Read:           false,
+			ConversationID: conversationID,
+			InterruptID:    id,
+		})
+	}
+	return items, nil
+}
+
+func (h *NotificationHandler) loadVulnerabilityItems(sinceMs int64, limit int, english bool) ([]NotificationSummaryItem, map[string]int, error) {
+	sinceSec := normalizedSinceSec(sinceMs)
+	rows, err := h.db.Query(`
+		SELECT
+			id,
+			title,
+			severity,
+			conversation_id,
+			COALESCE(CAST(strftime('%s', created_at) AS INTEGER), 0)
+		FROM vulnerabilities
+		WHERE CAST(strftime('%s', created_at) AS INTEGER) > ?
+		ORDER BY created_at DESC
+		LIMIT ?
+	`, sinceSec, limit)
+	if err != nil {
+		return nil, nil, err
+	}
+	defer rows.Close()
+	items := make([]NotificationSummaryItem, 0, limit)
+	counts := map[string]int{
+		"newCriticalVulns": 0,
+		"newHighVulns":     0,
+		"newMediumVulns":   0,
+		"newLowVulns":      0,
+		"newInfoVulns":     0,
+	}
+	for rows.Next() {
+		var id, title, severity, conversationID string
+		var createdSec int64
+		if err := rows.Scan(&id, &title, &severity, &conversationID, &createdSec); err != nil {
+			continue
+		}
+		switch strings.ToLower(strings.TrimSpace(severity)) {
+		case "critical":
+			counts["newCriticalVulns"]++
+		case "high":
+			counts["newHighVulns"]++
+		case "medium":
+			counts["newMediumVulns"]++
+		case "low":
+			counts["newLowVulns"]++
+		default:
+			counts["newInfoVulns"]++
+		}
+		sevUpper := strings.ToUpper(strings.TrimSpace(severity))
+		if sevUpper == "" {
+			sevUpper = "INFO"
+		}
+		finalTitle := i18nText(english, "新漏洞（"+sevUpper+"）", "New Vulnerability ("+sevUpper+")")
+		finalDesc := strings.TrimSpace(title)
+		if finalDesc == "" {
+			finalDesc = i18nText(english, "（无标题）", "(Untitled)")
+		}
+		items = append(items, NotificationSummaryItem{
+			ID:              "vuln:" + id,
+			Level:           levelBySeverity(severity),
+			Type:            "vulnerability_created",
+			Title:           finalTitle,
+			Desc:            finalDesc,
+			Ts:              unixSecToRFC3339(createdSec),
+			Count:           1,
+			Actionable:      false,
+			Read:            false,
+			ConversationID:  conversationID,
+			VulnerabilityID: id,
+		})
+	}
+	return items, counts, nil
+}
+
+func (h *NotificationHandler) loadFailedExecutionItems(sinceMs int64, limit int, english bool) ([]NotificationSummaryItem, int, error) {
+	sinceSec := normalizedSinceSec(sinceMs)
+	rows, err := h.db.Query(`
+		SELECT
+			id,
+			tool_name,
+			COALESCE(CAST(strftime('%s', start_time) AS INTEGER), 0)
+		FROM tool_executions
+		WHERE status = 'failed'
+		  AND CAST(strftime('%s', start_time) AS INTEGER) > ?
+		ORDER BY start_time DESC
+		LIMIT ?
+	`, sinceSec, limit)
+	if err != nil {
+		return nil, 0, err
+	}
+	defer rows.Close()
+	items := make([]NotificationSummaryItem, 0, limit)
+	count := 0
+	for rows.Next() {
+		var id, toolName string
+		var startSec int64
+		if err := rows.Scan(&id, &toolName, &startSec); err != nil {
+			continue
+		}
+		count++
+		if strings.TrimSpace(toolName) == "" {
+			toolName = i18nText(english, "未知工具", "unknown")
+		}
+		items = append(items, NotificationSummaryItem{
+			ID:          "exec_failed:" + id,
+			Level:       "p0",
+			Type:        "task_failed",
+			Title:       i18nText(english, "任务执行失败", "Task Execution Failed"),
+			Desc:        i18nText(english, "工具 "+toolName+" 执行失败", "Tool "+toolName+" execution failed"),
+			Ts:          unixSecToRFC3339(startSec),
+			Count:       1,
+			Actionable:  false,
+			Read:        false,
+			ExecutionID: id,
+		})
+	}
+	return items, count, nil
+}
+
+func (h *NotificationHandler) summarizeLongRunningTasks(threshold time.Duration, english bool) ([]NotificationSummaryItem, int) {
+	if h.agentHandler == nil || h.agentHandler.tasks == nil {
+		return nil, 0
+	}
+	tasks := h.agentHandler.tasks.GetActiveTasks()
+	now := time.Now()
+	items := make([]NotificationSummaryItem, 0, len(tasks))
+	for _, t := range tasks {
+		if t == nil {
+			continue
+		}
+		if now.Sub(t.StartedAt) >= threshold {
+			items = append(items, NotificationSummaryItem{
+				ID:             "task_long:" + t.ConversationID,
+				Level:          "p1",
+				Type:           "long_running_tasks",
+				Title:          i18nText(english, "长时间运行任务", "Long Running Task"),
+				Desc:           i18nText(english, "会话 "+t.ConversationID+" 运行超过 15 分钟", "Conversation "+t.ConversationID+" has been running over 15 minutes"),
+				Ts:             t.StartedAt.UTC().Format(time.RFC3339),
+				Count:          1,
+				Actionable:     true,
+				Read:           false,
+				ConversationID: t.ConversationID,
+			})
+		}
+	}
+	return items, len(items)
+}
+
+func (h *NotificationHandler) summarizeCompletedTasksSince(sinceMs int64, limit int, english bool) ([]NotificationSummaryItem, int) {
+	if h.agentHandler == nil || h.agentHandler.tasks == nil {
+		return nil, 0
+	}
+	since := time.UnixMilli(sinceMs)
+	completed := h.agentHandler.tasks.GetCompletedTasks()
+	items := make([]NotificationSummaryItem, 0, limit)
+	for _, t := range completed {
+		if t == nil {
+			continue
+		}
+		if t.CompletedAt.After(since) {
+			items = append(items, NotificationSummaryItem{
+				ID:             "task_completed:" + t.ConversationID + ":" + strconv.FormatInt(t.CompletedAt.Unix(), 10),
+				Level:          "p2",
+				Type:           "task_completed",
+				Title:          i18nText(english, "任务完成", "Task Completed"),
+				Desc:           i18nText(english, "会话 "+t.ConversationID+" 已完成", "Conversation "+t.ConversationID+" completed"),
+				Ts:             t.CompletedAt.UTC().Format(time.RFC3339),
+				Count:          1,
+				Actionable:     false,
+				Read:           false,
+				ConversationID: t.ConversationID,
+			})
+			if len(items) >= limit {
+				break
+			}
+		}
+	}
+	return items, len(items)
+}
+
+func buildPlaceholders(n int) string {
+	if n <= 0 {
+		return ""
+	}
+	out := make([]string, 0, n)
+	for i := 0; i < n; i++ {
+		out = append(out, "?")
+	}
+	return strings.Join(out, ",")
+}
+
+func (h *NotificationHandler) readStatesByIDs(ids []string) (map[string]bool, error) {
+	result := make(map[string]bool, len(ids))
+	if len(ids) == 0 {
+		return result, nil
+	}
+	holders := buildPlaceholders(len(ids))
+	query := "SELECT event_id FROM notification_reads WHERE event_id IN (" + holders + ")"
+	args := make([]interface{}, 0, len(ids))
+	for _, id := range ids {
+		args = append(args, id)
+	}
+	rows, err := h.db.Query(query, args...)
+	if err != nil {
+		return result, err
+	}
+	defer rows.Close()
+	for rows.Next() {
+		var id string
+		if err := rows.Scan(&id); err != nil {
+			continue
+		}
+		result[id] = true
+	}
+	return result, nil
+}
+
+func (h *NotificationHandler) applyReadStates(items []NotificationSummaryItem) ([]NotificationSummaryItem, error) {
+	markableIDs := make([]string, 0, len(items))
+	for _, item := range items {
+		if item.Actionable {
+			continue
+		}
+		markableIDs = append(markableIDs, item.ID)
+	}
+	readMap, err := h.readStatesByIDs(markableIDs)
+	if err != nil {
+		return items, err
+	}
+	for i := range items {
+		if items[i].Actionable {
+			items[i].Read = false
+			continue
+		}
+		items[i].Read = readMap[items[i].ID]
+	}
+	return items, nil
+}
+
+func filterVisibleItems(items []NotificationSummaryItem) []NotificationSummaryItem {
+	out := make([]NotificationSummaryItem, 0, len(items))
+	for _, item := range items {
+		if item.Actionable || !item.Read {
+			out = append(out, item)
+		}
+	}
+	return out
+}
+
+func countP0(items []NotificationSummaryItem) int {
+	total := 0
+	for _, item := range items {
+		if item.Level == "p0" {
+			if item.Count > 0 {
+				total += item.Count
+			} else {
+				total++
+			}
+		}
+	}
+	return total
+}
+
+func countUnread(items []NotificationSummaryItem) int {
+	total := 0
+	for _, item := range items {
+		if item.Actionable || !item.Read {
+			if item.Count > 0 {
+				total += item.Count
+			} else {
+				total++
+			}
+		}
+	}
+	return total
+}
+
+func createNotificationReadTableIfNeeded(db *database.DB) error {
+	if db == nil {
+		return fmt.Errorf("db is nil")
+	}
+	_, err := db.Exec(`
+		CREATE TABLE IF NOT EXISTS notification_reads (
+			event_id TEXT PRIMARY KEY,
+			read_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP
+		);
+	`)
+	if err != nil {
+		return err
+	}
+	_, idxErr := db.Exec(`CREATE INDEX IF NOT EXISTS idx_notification_reads_read_at ON notification_reads(read_at DESC);`)
+	return idxErr
+}
+
+func pruneNotificationReads(db *database.DB, maxRows int) error {
+	if db == nil {
+		return fmt.Errorf("db is nil")
+	}
+	if maxRows <= 0 {
+		return nil
+	}
+	_, err := db.Exec(`
+		DELETE FROM notification_reads
+		WHERE event_id NOT IN (
+			SELECT event_id
+			FROM notification_reads
+			ORDER BY read_at DESC, rowid DESC
+			LIMIT ?
+		)
+	`, maxRows)
+	return err
+}
+
+type markReadRequest struct {
+	EventIDs []string `json:"eventIds"`
+}
+
+func normalizeMarkableEventID(id string) (string, bool) {
+	v := strings.TrimSpace(id)
+	if v == "" {
+		return "", false
+	}
+	// 仅允许“可读后隐藏”的信息类事件；Actionable 事件不参与 read 标记。
+	allowedPrefixes := []string{
+		"vuln:",
+		"exec_failed:",
+		"task_completed:",
+	}
+	for _, prefix := range allowedPrefixes {
+		if strings.HasPrefix(v, prefix) {
+			return v, true
+		}
+	}
+	return "", false
+}
+
+// MarkRead 按事件 ID 标记已读
+func (h *NotificationHandler) MarkRead(c *gin.Context) {
+	if err := createNotificationReadTableIfNeeded(h.db); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to prepare notification read table"})
+		return
+	}
+	var req markReadRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request body"})
+		return
+	}
+	if len(req.EventIDs) == 0 {
+		c.JSON(http.StatusOK, gin.H{"ok": true, "marked": 0})
+		return
+	}
+	tx, err := h.db.Begin()
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to begin transaction"})
+		return
+	}
+	defer func() {
+		_ = tx.Rollback()
+	}()
+	stmt, err := tx.Prepare(`
+		INSERT INTO notification_reads(event_id, read_at)
+		VALUES(?, CURRENT_TIMESTAMP)
+		ON CONFLICT(event_id) DO UPDATE SET read_at = CURRENT_TIMESTAMP
+	`)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to prepare statement"})
+		return
+	}
+	defer stmt.Close()
+	marked := 0
+	for _, raw := range req.EventIDs {
+		id, ok := normalizeMarkableEventID(raw)
+		if !ok {
+			continue
+		}
+		if _, err := stmt.Exec(id); err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to mark read"})
+			return
+		}
+		marked++
+	}
+	if err := tx.Commit(); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to commit read marks"})
+		return
+	}
+	if err := pruneNotificationReads(h.db, notificationReadMaxRows); err != nil {
+		h.logger.Warn("裁剪通知已读记录失败", zap.Error(err))
+	}
+	c.JSON(http.StatusOK, gin.H{"ok": true, "marked": marked})
+}
+
+// GetSummary 返回通知聚合视图（用于头部铃铛）
+func (h *NotificationHandler) GetSummary(c *gin.Context) {
+	if h.db == nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "database unavailable"})
+		return
+	}
+
+	if err := createNotificationReadTableIfNeeded(h.db); err != nil {
+		h.logger.Warn("初始化通知已读表失败", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to initialize notification read table"})
+		return
+	}
+
+	english := requestWantsEnglish(c)
+	sinceMs := normalizeSinceMs(parseSinceMs(c.Query("since")))
+	limit, _ := strconv.Atoi(strings.TrimSpace(c.DefaultQuery("limit", "50")))
+	if limit <= 0 {
+		limit = 50
+	}
+	if limit > 200 {
+		limit = 200
+	}
+
+	hitlItems, err := h.loadPendingHITLItems(limit, english)
+	if err != nil {
+		h.logger.Warn("加载 HITL 通知失败", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to summarize hitl notifications"})
+		return
+	}
+
+	vulnItems, vulnCounts, err := h.loadVulnerabilityItems(sinceMs, limit, english)
+	if err != nil {
+		h.logger.Warn("加载漏洞通知失败", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to summarize vulnerabilities"})
+		return
+	}
+
+	longRunningItems, longRunningCount := h.summarizeLongRunningTasks(15*time.Minute, english)
+	completedItems, completedCount := h.summarizeCompletedTasksSince(sinceMs, limit, english)
+
+	items := make([]NotificationSummaryItem, 0, len(hitlItems)+len(vulnItems)+len(longRunningItems)+len(completedItems))
+	items = append(items, hitlItems...)
+	items = append(items, vulnItems...)
+	items = append(items, longRunningItems...)
+	items = append(items, completedItems...)
+
+	items, err = h.applyReadStates(items)
+	if err != nil {
+		h.logger.Warn("加载通知已读状态失败", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to load notification read states"})
+		return
+	}
+	items = filterVisibleItems(items)
+
+	sort.Slice(items, func(i, j int) bool {
+		ti, errI := time.Parse(time.RFC3339, items[i].Ts)
+		tj, errJ := time.Parse(time.RFC3339, items[j].Ts)
+		if errI != nil || errJ != nil {
+			return i < j
+		}
+		return ti.After(tj)
+	})
+
+	p0Count := countP0(items)
+	unreadCount := countUnread(items)
+	c.JSON(http.StatusOK, NotificationSummaryResponse{
+		SinceMs:     sinceMs,
+		GeneratedAt: time.Now().UTC().Format(time.RFC3339),
+		P0Count:     p0Count,
+		UnreadCount: unreadCount,
+		Counts: map[string]int{
+			"hitlPending":      len(hitlItems),
+			"newCriticalVulns": vulnCounts["newCriticalVulns"],
+			"newHighVulns":     vulnCounts["newHighVulns"],
+			"newMediumVulns":   vulnCounts["newMediumVulns"],
+			"newLowVulns":      vulnCounts["newLowVulns"],
+			"newInfoVulns":     vulnCounts["newInfoVulns"],
+			"failedExecutions": 0,
+			"longRunningTasks": longRunningCount,
+			"completedTasks":   completedCount,
+		},
+		Items: items,
+	})
+}

internal/multiagent/eino_input_telemetry.go

@@ -0,0 +1,133 @@
+package multiagent
+
+import (
+	"context"
+	"strings"
+
+	"cyberstrike-ai/internal/agent"
+
+	"github.com/bytedance/sonic"
+	"github.com/cloudwego/eino/adk"
+	"github.com/cloudwego/eino/schema"
+	"go.uber.org/zap"
+)
+
+type einoModelInputTelemetryMiddleware struct {
+	adk.BaseChatModelAgentMiddleware
+	logger         *zap.Logger
+	modelName      string
+	conversationID string
+	phase          string
+}
+
+func newEinoModelInputTelemetryMiddleware(
+	logger *zap.Logger,
+	modelName string,
+	conversationID string,
+	phase string,
+) adk.ChatModelAgentMiddleware {
+	if logger == nil {
+		return nil
+	}
+	return &einoModelInputTelemetryMiddleware{
+		logger:         logger,
+		modelName:      strings.TrimSpace(modelName),
+		conversationID: strings.TrimSpace(conversationID),
+		phase:          strings.TrimSpace(phase),
+	}
+}
+
+func (m *einoModelInputTelemetryMiddleware) BeforeModelRewriteState(
+	ctx context.Context,
+	state *adk.ChatModelAgentState,
+	mc *adk.ModelContext,
+) (context.Context, *adk.ChatModelAgentState, error) {
+	if m == nil || m.logger == nil || state == nil {
+		return ctx, state, nil
+	}
+	tokens := estimateTokensForMessagesAndTools(ctx, m.modelName, state.Messages, mcTools(mc))
+	m.logger.Info("eino model input estimated",
+		zap.String("phase", m.phase),
+		zap.String("conversation_id", m.conversationID),
+		zap.Int("messages", len(state.Messages)),
+		zap.Int("tools", len(mcTools(mc))),
+		zap.Int("input_tokens_estimated", tokens),
+	)
+	return ctx, state, nil
+}
+
+func mcTools(mc *adk.ModelContext) []*schema.ToolInfo {
+	if mc == nil || len(mc.Tools) == 0 {
+		return nil
+	}
+	return mc.Tools
+}
+
+func estimateTokensForMessagesAndTools(
+	_ context.Context,
+	modelName string,
+	messages []adk.Message,
+	tools []*schema.ToolInfo,
+) int {
+	var sb strings.Builder
+	for _, msg := range messages {
+		if msg == nil {
+			continue
+		}
+		sb.WriteString(string(msg.Role))
+		sb.WriteByte('\n')
+		sb.WriteString(msg.Content)
+		sb.WriteByte('\n')
+		if msg.ReasoningContent != "" {
+			sb.WriteString(msg.ReasoningContent)
+			sb.WriteByte('\n')
+		}
+		if len(msg.ToolCalls) > 0 {
+			if b, err := sonic.Marshal(msg.ToolCalls); err == nil {
+				sb.Write(b)
+				sb.WriteByte('\n')
+			}
+		}
+	}
+	for _, tl := range tools {
+		if tl == nil {
+			continue
+		}
+		cp := *tl
+		cp.Extra = nil
+		if text, err := sonic.MarshalString(cp); err == nil {
+			sb.WriteString(text)
+			sb.WriteByte('\n')
+		}
+	}
+	text := sb.String()
+	if text == "" {
+		return 0
+	}
+	tc := agent.NewTikTokenCounter()
+	if n, err := tc.Count(modelName, text); err == nil {
+		return n
+	}
+	return (len(text) + 3) / 4
+}
+
+func logPlanExecuteModelInputEstimate(
+	logger *zap.Logger,
+	modelName string,
+	conversationID string,
+	phase string,
+	msgs []adk.Message,
+) {
+	if logger == nil {
+		return
+	}
+	tokens := estimateTokensForMessagesAndTools(context.Background(), modelName, msgs, nil)
+	logger.Info("eino model input estimated",
+		zap.String("phase", phase),
+		zap.String("conversation_id", strings.TrimSpace(conversationID)),
+		zap.Int("messages", len(msgs)),
+		zap.Int("tools", 0),
+		zap.Int("input_tokens_estimated", tokens),
+	)
+}
+

internal/multiagent/eino_middleware.go

@@ -8,6 +8,7 @@ import (
 	"strings"
 
 	"cyberstrike-ai/internal/config"
+	"cyberstrike-ai/internal/mcp/builtin"
 
 	localbk "github.com/cloudwego/eino-ext/adk/backend/local"
 	"github.com/cloudwego/eino/adk"
@@ -65,6 +66,66 @@ func splitToolsForToolSearch(all []tool.BaseTool, alwaysVisible int) (static []t
 	return append([]tool.BaseTool(nil), all[:alwaysVisible]...), append([]tool.BaseTool(nil), all[alwaysVisible:]...), true
 }
 
+func splitToolsForToolSearchByNames(all []tool.BaseTool, names []string, fallbackAlwaysVisible int) (static []tool.BaseTool, dynamic []tool.BaseTool, ok bool) {
+	nameSet := make(map[string]struct{}, len(names))
+	for _, n := range names {
+		n = strings.TrimSpace(strings.ToLower(n))
+		if n == "" {
+			continue
+		}
+		nameSet[n] = struct{}{}
+	}
+	if len(nameSet) == 0 {
+		return splitToolsForToolSearch(all, fallbackAlwaysVisible)
+	}
+	static = make([]tool.BaseTool, 0, len(all))
+	dynamic = make([]tool.BaseTool, 0, len(all))
+	for _, t := range all {
+		if t == nil {
+			continue
+		}
+		info, err := t.Info(context.Background())
+		name := ""
+		if err == nil && info != nil {
+			name = strings.TrimSpace(strings.ToLower(info.Name))
+		}
+		if _, keep := nameSet[name]; keep {
+			static = append(static, t)
+			continue
+		}
+		dynamic = append(dynamic, t)
+	}
+	if len(static) == 0 || len(dynamic) == 0 {
+		// fallback: preserve previous behavior when whitelist misses all or includes all.
+		return splitToolsForToolSearch(all, fallbackAlwaysVisible)
+	}
+	return static, dynamic, true
+}
+
+func mergeAlwaysVisibleToolNames(configured []string) []string {
+	merged := make([]string, 0, len(configured)+32)
+	seen := make(map[string]struct{}, len(configured)+32)
+	add := func(name string) {
+		n := strings.TrimSpace(strings.ToLower(name))
+		if n == "" {
+			return
+		}
+		if _, ok := seen[n]; ok {
+			return
+		}
+		seen[n] = struct{}{}
+		merged = append(merged, n)
+	}
+	for _, n := range configured {
+		add(n)
+	}
+	// Always include hardcoded backend builtin MCP tools from constants.
+	for _, n := range builtin.GetAllBuiltinTools() {
+		add(n)
+	}
+	return merged
+}
+
 func buildReductionMiddleware(ctx context.Context, mw config.MultiAgentEinoMiddlewareConfig, convID string, loc *localbk.Local, logger *zap.Logger) (adk.ChatModelAgentMiddleware, error) {
 	if loc == nil {
 		return nil, fmt.Errorf("reduction: local backend nil")
@@ -87,6 +148,8 @@ func buildReductionMiddleware(ctx context.Context, mw config.MultiAgentEinoMiddl
 		RootDir:           root,
 		ReadFileToolName:  "read_file",
 		ClearExcludeTools: excl,
+		MaxLengthForTrunc: mw.ReductionMaxLengthForTruncEffective(),
+		MaxTokensForClear: int64(mw.ReductionMaxTokensForClearEffective()),
 	})
 	if err != nil {
 		return nil, err
@@ -142,7 +205,7 @@ func prependEinoMiddlewares(
 		alwaysVis = 12
 	}
 	if mw.ToolSearchEnable && len(tools) >= minTools {
-		static, dynamic, split := splitToolsForToolSearch(tools, alwaysVis)
+		static, dynamic, split := splitToolsForToolSearchByNames(tools, mergeAlwaysVisibleToolNames(mw.ToolSearchAlwaysVisibleTools), alwaysVis)
 		if split && len(dynamic) > 0 {
 			ts, terr := toolsearch.New(ctx, &toolsearch.Config{DynamicTools: dynamic})
 			if terr != nil {

internal/multiagent/eino_model_rewrite_pipeline.go

@@ -0,0 +1,38 @@
+package multiagent
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/cloudwego/eino/adk"
+)
+
+func applyBeforeModelRewriteHandlers(
+	ctx context.Context,
+	msgs []adk.Message,
+	handlers []adk.ChatModelAgentMiddleware,
+) ([]adk.Message, error) {
+	if len(msgs) == 0 || len(handlers) == 0 {
+		return msgs, nil
+	}
+	state := &adk.ChatModelAgentState{Messages: msgs}
+	modelCtx := &adk.ModelContext{}
+	curCtx := ctx
+	for _, h := range handlers {
+		if h == nil {
+			continue
+		}
+		nextCtx, nextState, err := h.BeforeModelRewriteState(curCtx, state, modelCtx)
+		if err != nil {
+			return nil, fmt.Errorf("before model rewrite: %w", err)
+		}
+		if nextCtx != nil {
+			curCtx = nextCtx
+		}
+		if nextState != nil {
+			state = nextState
+		}
+	}
+	return state.Messages, nil
+}
+

internal/multiagent/eino_orchestration.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"strings"
 
+	"cyberstrike-ai/internal/agent"
 	"cyberstrike-ai/internal/config"
 
 	"github.com/cloudwego/eino-ext/components/model/openai"
@@ -25,7 +26,12 @@ type PlanExecuteRootArgs struct {
 	LoopMaxIter          int
 	// AppCfg / Logger 非空时为 Executor 挂载与 Deep/Supervisor 一致的 Eino summarization 中间件。
 	AppCfg *config.Config
+	MwCfg  *config.MultiAgentEinoMiddlewareConfig
+	// ConversationID is used for transcript/isolation paths in middleware.
+	ConversationID string
 	Logger *zap.Logger
+	// ModelName is used for model input token estimation logs.
+	ModelName string
 	// ExecPreMiddlewares 是由 prependEinoMiddlewares 构建的前置中间件（patchtoolcalls, reduction, toolsearch, plantask），
 	// 与 Deep/Supervisor 主代理的 mainOrchestratorPre 一致。
 	ExecPreMiddlewares []adk.ChatModelAgentMiddleware
@@ -33,6 +39,8 @@ type PlanExecuteRootArgs struct {
 	SkillMiddleware adk.ChatModelAgentMiddleware
 	// FilesystemMiddleware 是 Eino filesystem 中间件，当 eino_skills.filesystem_tools 启用时提供本机文件读写与 Shell 能力（可选）。
 	FilesystemMiddleware adk.ChatModelAgentMiddleware
+	// PlannerReplannerRewriteHandlers applies BeforeModelRewriteState pipeline for planner/replanner input.
+	PlannerReplannerRewriteHandlers []adk.ChatModelAgentMiddleware
 }
 
 // NewPlanExecuteRoot 返回 plan → execute → replan 预置编排根节点（与 Deep / Supervisor 并列）。
@@ -50,7 +58,7 @@ func NewPlanExecuteRoot(ctx context.Context, a *PlanExecuteRootArgs) (adk.Resuma
 	plannerCfg := &planexecute.PlannerConfig{
 		ToolCallingChatModel: tcm,
 	}
-	if fn := planExecutePlannerGenInput(a.OrchInstruction); fn != nil {
+	if fn := planExecutePlannerGenInput(a.OrchInstruction, a.AppCfg, a.MwCfg, a.Logger, a.ModelName, a.ConversationID, a.PlannerReplannerRewriteHandlers); fn != nil {
 		plannerCfg.GenInputFn = fn
 	}
 	planner, err := planexecute.NewPlanner(ctx, plannerCfg)
@@ -59,7 +67,7 @@ func NewPlanExecuteRoot(ctx context.Context, a *PlanExecuteRootArgs) (adk.Resuma
 	}
 	replanner, err := planexecute.NewReplanner(ctx, &planexecute.ReplannerConfig{
 		ChatModel:  tcm,
-		GenInputFn: planExecuteReplannerGenInput(a.OrchInstruction),
+		GenInputFn: planExecuteReplannerGenInput(a.OrchInstruction, a.AppCfg, a.MwCfg, a.Logger, a.ModelName, a.ConversationID, a.PlannerReplannerRewriteHandlers),
 	})
 	if err != nil {
 		return nil, fmt.Errorf("plan_execute replanner: %w", err)
@@ -81,17 +89,20 @@ func NewPlanExecuteRoot(ctx context.Context, a *PlanExecuteRootArgs) (adk.Resuma
 	}
 	// 4. summarization（最后，与 Deep/Supervisor 一致）
 	if a.AppCfg != nil {
-		sumMw, sumErr := newEinoSummarizationMiddleware(ctx, a.ExecModel, a.AppCfg, a.Logger)
+		sumMw, sumErr := newEinoSummarizationMiddleware(ctx, a.ExecModel, a.AppCfg, a.MwCfg, a.ConversationID, a.Logger)
 		if sumErr != nil {
 			return nil, fmt.Errorf("plan_execute executor summarization: %w", sumErr)
 		}
 		execHandlers = append(execHandlers, sumMw)
 	}
+	if teleMw := newEinoModelInputTelemetryMiddleware(a.Logger, a.ModelName, a.ConversationID, "plan_execute_executor"); teleMw != nil {
+		execHandlers = append(execHandlers, teleMw)
+	}
 	executor, err := newPlanExecuteExecutor(ctx, &planexecute.ExecutorConfig{
 		Model:         a.ExecModel,
 		ToolsConfig:   a.ToolsCfg,
 		MaxIterations: a.ExecMaxIter,
-		GenInputFn:    planExecuteExecutorGenInput(a.OrchInstruction),
+		GenInputFn:    planExecuteExecutorGenInput(a.OrchInstruction, a.AppCfg, a.MwCfg, a.Logger, a.ModelName, a.ConversationID),
 	}, execHandlers)
 	if err != nil {
 		return nil, fmt.Errorf("plan_execute executor: %w", err)
@@ -110,20 +121,42 @@ func NewPlanExecuteRoot(ctx context.Context, a *PlanExecuteRootArgs) (adk.Resuma
 
 // planExecutePlannerGenInput 将 orchestrator instruction 作为 SystemMessage 注入 planner 输入。
 // 返回 nil 时 Eino 使用内置默认 planner prompt。
-func planExecutePlannerGenInput(orchInstruction string) planexecute.GenPlannerModelInputFn {
+func planExecutePlannerGenInput(
+	orchInstruction string,
+	appCfg *config.Config,
+	mwCfg *config.MultiAgentEinoMiddlewareConfig,
+	logger *zap.Logger,
+	modelName string,
+	conversationID string,
+	rewriteHandlers []adk.ChatModelAgentMiddleware,
+) planexecute.GenPlannerModelInputFn {
 	oi := strings.TrimSpace(orchInstruction)
-	if oi == "" {
+	if oi == "" && appCfg == nil {
 		return nil
 	}
 	return func(ctx context.Context, userInput []adk.Message) ([]adk.Message, error) {
+		userInput = capPlanExecuteUserInputMessages(userInput, appCfg, mwCfg)
 		msgs := make([]adk.Message, 0, 1+len(userInput))
-		msgs = append(msgs, schema.SystemMessage(oi))
+		if oi != "" {
+			msgs = append(msgs, schema.SystemMessage(oi))
+		}
 		msgs = append(msgs, userInput...)
+		if rewritten, rerr := applyBeforeModelRewriteHandlers(ctx, msgs, rewriteHandlers); rerr == nil && len(rewritten) > 0 {
+			msgs = rewritten
+		}
+		logPlanExecuteModelInputEstimate(logger, modelName, conversationID, "plan_execute_planner", msgs)
 		return msgs, nil
 	}
 }
 
-func planExecuteExecutorGenInput(orchInstruction string) planexecute.GenModelInputFn {
+func planExecuteExecutorGenInput(
+	orchInstruction string,
+	appCfg *config.Config,
+	mwCfg *config.MultiAgentEinoMiddlewareConfig,
+	logger *zap.Logger,
+	modelName string,
+	conversationID string,
+) planexecute.GenModelInputFn {
 	oi := strings.TrimSpace(orchInstruction)
 	return func(ctx context.Context, in *planexecute.ExecutionContext) ([]adk.Message, error) {
 		planContent, err := in.Plan.MarshalJSON()
@@ -131,9 +164,9 @@ func planExecuteExecutorGenInput(orchInstruction string) planexecute.GenModelInp
 			return nil, err
 		}
 		userMsgs, err := planexecute.ExecutorPrompt.Format(ctx, map[string]any{
-			"input":          planExecuteFormatInput(in.UserInput),
+			"input":          planExecuteFormatInput(capPlanExecuteUserInputMessages(in.UserInput, appCfg, mwCfg)),
 			"plan":           string(planContent),
-			"executed_steps": planExecuteFormatExecutedSteps(in.ExecutedSteps),
+			"executed_steps": planExecuteFormatExecutedSteps(in.ExecutedSteps, appCfg, mwCfg),
 			"step":           in.Plan.FirstStep(),
 		})
 		if err != nil {
@@ -142,6 +175,7 @@ func planExecuteExecutorGenInput(orchInstruction string) planexecute.GenModelInp
 		if oi != "" {
 			userMsgs = append([]adk.Message{schema.SystemMessage(oi)}, userMsgs...)
 		}
+		logPlanExecuteModelInputEstimate(logger, modelName, conversationID, "plan_execute_executor_gen_input", userMsgs)
 		return userMsgs, nil
 	}
 }
@@ -155,18 +189,22 @@ func planExecuteFormatInput(input []adk.Message) string {
 	return sb.String()
 }
 
-func planExecuteFormatExecutedSteps(results []planexecute.ExecutedStep) string {
-	capped := capPlanExecuteExecutedSteps(results)
-	var sb strings.Builder
-	for _, result := range capped {
-		sb.WriteString(fmt.Sprintf("Step: %s\nResult: %s\n\n", result.Step, result.Result))
-	}
-	return sb.String()
+func planExecuteFormatExecutedSteps(results []planexecute.ExecutedStep, appCfg *config.Config, mwCfg *config.MultiAgentEinoMiddlewareConfig) string {
+	capped := capPlanExecuteExecutedStepsWithConfig(results, mwCfg)
+	return renderPlanExecuteStepsByBudget(capped, appCfg, mwCfg)
 }
 
 // planExecuteReplannerGenInput 与 Eino 默认 Replanner 输入一致，但 executed_steps 经 cap 后再写入 prompt，
 // 且在 orchInstruction 非空时 prepend SystemMessage 使 replanner 也能接收全局指令。
-func planExecuteReplannerGenInput(orchInstruction string) planexecute.GenModelInputFn {
+func planExecuteReplannerGenInput(
+	orchInstruction string,
+	appCfg *config.Config,
+	mwCfg *config.MultiAgentEinoMiddlewareConfig,
+	logger *zap.Logger,
+	modelName string,
+	conversationID string,
+	rewriteHandlers []adk.ChatModelAgentMiddleware,
+) planexecute.GenModelInputFn {
 	oi := strings.TrimSpace(orchInstruction)
 	return func(ctx context.Context, in *planexecute.ExecutionContext) ([]adk.Message, error) {
 		planContent, err := in.Plan.MarshalJSON()
@@ -175,8 +213,8 @@ func planExecuteReplannerGenInput(orchInstruction string) planexecute.GenModelIn
 		}
 		msgs, err := planexecute.ReplannerPrompt.Format(ctx, map[string]any{
 			"plan":           string(planContent),
-			"input":          planExecuteFormatInput(in.UserInput),
-			"executed_steps": planExecuteFormatExecutedSteps(in.ExecutedSteps),
+			"input":          planExecuteFormatInput(capPlanExecuteUserInputMessages(in.UserInput, appCfg, mwCfg)),
+			"executed_steps": planExecuteFormatExecutedSteps(in.ExecutedSteps, appCfg, mwCfg),
 			"plan_tool":      planexecute.PlanToolInfo.Name,
 			"respond_tool":   planexecute.RespondToolInfo.Name,
 		})
@@ -186,10 +224,120 @@ func planExecuteReplannerGenInput(orchInstruction string) planexecute.GenModelIn
 		if oi != "" {
 			msgs = append([]adk.Message{schema.SystemMessage(oi)}, msgs...)
 		}
+		if rewritten, rerr := applyBeforeModelRewriteHandlers(ctx, msgs, rewriteHandlers); rerr == nil && len(rewritten) > 0 {
+			msgs = rewritten
+		}
+		logPlanExecuteModelInputEstimate(logger, modelName, conversationID, "plan_execute_replanner", msgs)
 		return msgs, nil
 	}
 }
 
+func capPlanExecuteUserInputMessages(input []adk.Message, appCfg *config.Config, mwCfg *config.MultiAgentEinoMiddlewareConfig) []adk.Message {
+	if len(input) == 0 {
+		return input
+	}
+	maxTotal := 120000
+	modelName := "gpt-4o"
+	if appCfg != nil {
+		if appCfg.OpenAI.MaxTotalTokens > 0 {
+			maxTotal = appCfg.OpenAI.MaxTotalTokens
+		}
+		if m := strings.TrimSpace(appCfg.OpenAI.Model); m != "" {
+			modelName = m
+		}
+	}
+	// Reserve most tokens for planner/replanner prompt and tool schema.
+	ratio := 0.35
+	if mwCfg != nil {
+		ratio = mwCfg.PlanExecuteUserInputBudgetRatioEffective()
+	}
+	budget := int(float64(maxTotal) * ratio)
+	if budget < 4096 {
+		budget = 4096
+	}
+	tc := agent.NewTikTokenCounter()
+	out := make([]adk.Message, 0, len(input))
+	used := 0
+	for i := len(input) - 1; i >= 0; i-- {
+		msg := input[i]
+		if msg == nil {
+			continue
+		}
+		n, err := tc.Count(modelName, string(msg.Role)+"\n"+msg.Content)
+		if err != nil {
+			n = (len(msg.Content) + 3) / 4
+		}
+		if n <= 0 {
+			n = 1
+		}
+		if used+n > budget {
+			break
+		}
+		used += n
+		out = append(out, msg)
+	}
+	for i, j := 0, len(out)-1; i < j; i, j = i+1, j-1 {
+		out[i], out[j] = out[j], out[i]
+	}
+	if len(out) == 0 {
+		// Keep the latest user message at least.
+		return []adk.Message{input[len(input)-1]}
+	}
+	return out
+}
+
+func renderPlanExecuteStepsByBudget(steps []planexecute.ExecutedStep, appCfg *config.Config, mwCfg *config.MultiAgentEinoMiddlewareConfig) string {
+	if len(steps) == 0 {
+		return ""
+	}
+	maxTotal := 120000
+	modelName := "gpt-4o"
+	if appCfg != nil {
+		if appCfg.OpenAI.MaxTotalTokens > 0 {
+			maxTotal = appCfg.OpenAI.MaxTotalTokens
+		}
+		if m := strings.TrimSpace(appCfg.OpenAI.Model); m != "" {
+			modelName = m
+		}
+	}
+	ratio := 0.2
+	if mwCfg != nil {
+		ratio = mwCfg.PlanExecuteExecutedStepsBudgetRatioEffective()
+	}
+	budget := int(float64(maxTotal) * ratio)
+	if budget < 3072 {
+		budget = 3072
+	}
+	tc := agent.NewTikTokenCounter()
+	var kept []string
+	used := 0
+	skipped := 0
+	for i := len(steps) - 1; i >= 0; i-- {
+		block := fmt.Sprintf("Step: %s\nResult: %s\n\n", steps[i].Step, steps[i].Result)
+		n, err := tc.Count(modelName, block)
+		if err != nil {
+			n = (len(block) + 3) / 4
+		}
+		if n <= 0 {
+			n = 1
+		}
+		if used+n > budget {
+			skipped = i + 1
+			break
+		}
+		used += n
+		kept = append(kept, block)
+	}
+	var sb strings.Builder
+	if skipped > 0 {
+		sb.WriteString(fmt.Sprintf("Earlier executed steps omitted due to context budget: %d steps.\n\n", skipped))
+	}
+	for i := len(kept) - 1; i >= 0; i-- {
+		sb.WriteString(kept[i])
+	}
+	return sb.String()
+}
+
 // planExecuteStreamsMainAssistant 将规划/执行/重规划各阶段助手流式输出映射到主对话区。
 func planExecuteStreamsMainAssistant(agent string) bool {
 	if agent == "" {

internal/multiagent/eino_single_runner.go

@@ -125,7 +125,7 @@ func RunEinoSingleChatModelAgent(
 		return nil, fmt.Errorf("eino single 模型: %w", err)
 	}
 
-	mainSumMw, err := newEinoSummarizationMiddleware(ctx, mainModel, appCfg, logger)
+	mainSumMw, err := newEinoSummarizationMiddleware(ctx, mainModel, appCfg, &ma.EinoMiddleware, conversationID, logger)
 	if err != nil {
 		return nil, fmt.Errorf("eino single summarization: %w", err)
 	}
@@ -145,6 +145,9 @@ func RunEinoSingleChatModelAgent(
 		handlers = append(handlers, einoSkillMW)
 	}
 	handlers = append(handlers, mainSumMw)
+	if teleMw := newEinoModelInputTelemetryMiddleware(logger, appCfg.OpenAI.Model, conversationID, "eino_single"); teleMw != nil {
+		handlers = append(handlers, teleMw)
+	}
 
 	maxIter := ma.MaxIteration
 	if maxIter <= 0 {
@@ -165,11 +168,29 @@ func RunEinoSingleChatModelAgent(
 		},
 		EmitInternalEvents: true,
 	}
+	ins := injectToolNamesOnlyInstruction(ctx, ag.EinoSingleAgentSystemInstruction(), mainTools)
+	if logger != nil {
+		names := collectToolNames(ctx, mainTools)
+		mountedNames := collectToolNames(ctx, mainToolsForCfg)
+		hasToolSearch := false
+		for _, n := range names {
+			if strings.EqualFold(strings.TrimSpace(n), "tool_search") {
+				hasToolSearch = true
+				break
+			}
+		}
+		logger.Info("eino tool-name injection",
+			zap.String("scope", "eino_single"),
+			zap.Int("tool_names", len(names)),
+			zap.Int("mounted_tool_names", len(mountedNames)),
+			zap.Bool("has_tool_search", hasToolSearch),
+		)
+	}
 
 	chatCfg := &adk.ChatModelAgentConfig{
 		Name:          einoSingleAgentName,
 		Description:   "Eino ADK ChatModelAgent with MCP tools for authorized security testing.",
-		Instruction:   ag.EinoSingleAgentSystemInstruction(),
+		Instruction:   ins,
 		Model:         mainModel,
 		ToolsConfig:   mainToolsCfg,
 		MaxIterations: maxIter,
@@ -188,7 +209,7 @@ func RunEinoSingleChatModelAgent(
 		return nil, fmt.Errorf("eino single NewChatModelAgent: %w", err)
 	}
 
-	baseMsgs := historyToMessages(history)
+	baseMsgs := historyToMessages(history, appCfg, &ma.EinoMiddleware)
 	baseMsgs = append(baseMsgs, schema.UserMessage(userMessage))
 
 	streamsMainAssistant := func(agent string) bool {

internal/multiagent/eino_summarize.go

@@ -3,6 +3,8 @@ package multiagent
 import (
 	"context"
 	"fmt"
+	"os"
+	"path/filepath"
 	"strings"
 
 	"cyberstrike-ai/internal/agent"
@@ -32,6 +34,8 @@ func newEinoSummarizationMiddleware(
 	ctx context.Context,
 	summaryModel model.BaseChatModel,
 	appCfg *config.Config,
+	mwCfg *config.MultiAgentEinoMiddlewareConfig,
+	conversationID string,
 	logger *zap.Logger,
 ) (adk.ChatModelAgentMiddleware, error) {
 	if summaryModel == nil || appCfg == nil {
@@ -41,7 +45,14 @@ func newEinoSummarizationMiddleware(
 	if maxTotal <= 0 {
 		maxTotal = 120000
 	}
-	trigger := int(float64(maxTotal) * 0.9)
+	triggerRatio := 0.8
+	emitInternalEvents := true
+	if mwCfg != nil {
+		triggerRatio = mwCfg.SummarizationTriggerRatioEffective()
+		emitInternalEvents = mwCfg.SummarizationEmitInternalEventsEffective()
+	}
+	// Keep enough safety margin for tokenizer/model-side accounting mismatch.
+	trigger := int(float64(maxTotal) * triggerRatio)
 	if trigger < 4096 {
 		trigger = maxTotal
 		if trigger < 4096 {
@@ -65,6 +76,18 @@ func newEinoSummarizationMiddleware(
 	if recentTrailMax > trigger/2 {
 		recentTrailMax = trigger / 2
 	}
+	transcriptPath := ""
+	if conv := strings.TrimSpace(conversationID); conv != "" {
+		baseRoot := filepath.Join(os.TempDir(), "cyberstrike-summarization")
+		if dbPath := strings.TrimSpace(appCfg.Database.Path); dbPath != "" {
+			// Persist with the same lifecycle as local conversation storage.
+			baseRoot = filepath.Join(filepath.Dir(dbPath), "conversation_artifacts", sanitizeEinoPathSegment(conv), "summarization")
+		}
+		base := baseRoot
+		if mkErr := os.MkdirAll(base, 0o755); mkErr == nil {
+			transcriptPath = filepath.Join(base, "transcript.txt")
+		}
+	}
 
 	mw, err := summarization.New(ctx, &summarization.Config{
 		Model: summaryModel,
@@ -73,7 +96,8 @@ func newEinoSummarizationMiddleware(
 		},
 		TokenCounter:       tokenCounter,
 		UserInstruction:    einoSummarizeUserInstruction,
-		EmitInternalEvents: false,
+		EmitInternalEvents: emitInternalEvents,
+		TranscriptFilePath: transcriptPath,
 		PreserveUserMessages: &summarization.PreserveUserMessages{
 			Enabled:   true,
 			MaxTokens: preserveMax,
@@ -85,11 +109,16 @@ func newEinoSummarizationMiddleware(
 			if logger == nil {
 				return nil
 			}
+			beforeTokens, _ := tokenCounter(ctx, &summarization.TokenCounterInput{Messages: before.Messages})
+			afterTokens, _ := tokenCounter(ctx, &summarization.TokenCounterInput{Messages: after.Messages})
 			logger.Info("eino summarization 已压缩上下文",
 				zap.Int("messages_before", len(before.Messages)),
 				zap.Int("messages_after", len(after.Messages)),
+				zap.Int("tokens_before_estimated", beforeTokens),
+				zap.Int("tokens_after_estimated", afterTokens),
 				zap.Int("max_total_tokens", maxTotal),
 				zap.Int("trigger_context_tokens", trigger),
+				zap.String("transcript_file", transcriptPath),
 			)
 			return nil
 		},

internal/multiagent/eino_tool_name_injection.go

@@ -0,0 +1,73 @@
+package multiagent
+
+import (
+	"context"
+	"strings"
+
+	"github.com/cloudwego/eino/components/tool"
+)
+
+// injectToolNamesOnlyInstruction prepends a compact tool-name-only section into
+// the system instruction so the model can reference current callable names.
+func injectToolNamesOnlyInstruction(ctx context.Context, instruction string, tools []tool.BaseTool) string {
+	names := collectToolNames(ctx, tools)
+	if len(names) == 0 {
+		return strings.TrimSpace(instruction)
+	}
+	hasToolSearch := false
+	for _, n := range names {
+		if strings.EqualFold(strings.TrimSpace(n), "tool_search") {
+			hasToolSearch = true
+			break
+		}
+	}
+
+	var sb strings.Builder
+	sb.WriteString("以下是当前会话中可调用的工具名称列表（仅名称，无参数定义）：\n")
+	for _, name := range names {
+		sb.WriteString("- ")
+		sb.WriteString(name)
+		sb.WriteByte('\n')
+	}
+	sb.WriteString("\n使用规则：\n")
+	sb.WriteString("1) 上述仅为名称列表，不包含参数定义。\n")
+	if hasToolSearch {
+		sb.WriteString("2) 在调用具体工具前，应先使用 tool_search 查看工具详情与参数要求，再发起调用。\n")
+	} else {
+		sb.WriteString("2) 调用具体工具前，请先确认该工具的参数要求；不确定时先澄清再调用。\n")
+	}
+	sb.WriteString("3) 不要臆造不存在的工具名。\n\n")
+	if s := strings.TrimSpace(instruction); s != "" {
+		sb.WriteString(s)
+	}
+	return sb.String()
+}
+
+func collectToolNames(ctx context.Context, tools []tool.BaseTool) []string {
+	if len(tools) == 0 {
+		return nil
+	}
+	seen := make(map[string]struct{}, len(tools))
+	out := make([]string, 0, len(tools))
+	for _, t := range tools {
+		if t == nil {
+			continue
+		}
+		info, err := t.Info(ctx)
+		if err != nil || info == nil {
+			continue
+		}
+		name := strings.TrimSpace(info.Name)
+		if name == "" {
+			continue
+		}
+		key := strings.ToLower(name)
+		if _, ok := seen[key]; ok {
+			continue
+		}
+		seen[key] = struct{}{}
+		out = append(out, name)
+	}
+	return out
+}
+

internal/multiagent/plan_execute_executor.go

@@ -71,7 +71,7 @@ func planExecuteDefaultGenExecutorInput(ctx context.Context, in *planexecute.Exe
 	return planexecute.ExecutorPrompt.Format(ctx, map[string]any{
 		"input":          planExecuteFormatInput(in.UserInput),
 		"plan":           string(planContent),
-		"executed_steps": planExecuteFormatExecutedSteps(in.ExecutedSteps),
+		"executed_steps": planExecuteFormatExecutedSteps(in.ExecutedSteps, nil, nil),
 		"step":           in.Plan.FirstStep(),
 	})
 }

internal/multiagent/plan_execute_steps_cap.go

@@ -5,6 +5,8 @@ import (
 	"strings"
 	"unicode/utf8"
 
+	"cyberstrike-ai/internal/config"
+
 	"github.com/cloudwego/eino/adk/prebuilt/planexecute"
 )
 
@@ -12,8 +14,11 @@ import (
 // 此处仅约束「写入模型 prompt 的视图」，不修改 Eino session 中的原始 ExecutedSteps。
 
 const (
-	planExecuteMaxStepResultRunes = 12000
-	planExecuteKeepLastSteps      = 16
+	defaultPlanExecuteMaxStepResultRunes = 4000
+	defaultPlanExecuteKeepLastSteps      = 8
+	// Backward-compatible aliases for tests and existing references.
+	planExecuteMaxStepResultRunes = defaultPlanExecuteMaxStepResultRunes
+	planExecuteKeepLastSteps      = defaultPlanExecuteKeepLastSteps
 )
 
 func truncateRunesWithSuffix(s string, maxRunes int, suffix string) string {
@@ -29,16 +34,26 @@ func truncateRunesWithSuffix(s string, maxRunes int, suffix string) string {
 
 // capPlanExecuteExecutedSteps 折叠较早步骤、截断单步过长结果，供 prompt 使用。
 func capPlanExecuteExecutedSteps(steps []planexecute.ExecutedStep) []planexecute.ExecutedStep {
+	return capPlanExecuteExecutedStepsWithConfig(steps, nil)
+}
+
+func capPlanExecuteExecutedStepsWithConfig(steps []planexecute.ExecutedStep, mwCfg *config.MultiAgentEinoMiddlewareConfig) []planexecute.ExecutedStep {
 	if len(steps) == 0 {
 		return steps
 	}
+	maxStepResultRunes := defaultPlanExecuteMaxStepResultRunes
+	keepLastSteps := defaultPlanExecuteKeepLastSteps
+	if mwCfg != nil {
+		maxStepResultRunes = mwCfg.PlanExecuteMaxStepResultRunesEffective()
+		keepLastSteps = mwCfg.PlanExecuteKeepLastStepsEffective()
+	}
 	out := make([]planexecute.ExecutedStep, 0, len(steps)+1)
 	start := 0
-	if len(steps) > planExecuteKeepLastSteps {
-		start = len(steps) - planExecuteKeepLastSteps
+	if len(steps) > keepLastSteps {
+		start = len(steps) - keepLastSteps
 		var b strings.Builder
 		b.WriteString(fmt.Sprintf("（上文已完成 %d 步；此处仅保留步骤标题以节省上下文，完整输出已省略。后续 %d 步仍保留正文。）\n",
-			start, planExecuteKeepLastSteps))
+			start, keepLastSteps))
 		for i := 0; i < start; i++ {
 			b.WriteString(fmt.Sprintf("- %s\n", steps[i].Step))
 		}
@@ -50,8 +65,8 @@ func capPlanExecuteExecutedSteps(steps []planexecute.ExecutedStep) []planexecute
 	suffix := "\n…[step result truncated]"
 	for i := start; i < len(steps); i++ {
 		e := steps[i]
-		if utf8.RuneCountInString(e.Result) > planExecuteMaxStepResultRunes {
-			e.Result = truncateRunesWithSuffix(e.Result, planExecuteMaxStepResultRunes, suffix)
+		if utf8.RuneCountInString(e.Result) > maxStepResultRunes {
+			e.Result = truncateRunesWithSuffix(e.Result, maxStepResultRunes, suffix)
 		}
 		out = append(out, e)
 	}

internal/multiagent/runner.go

@@ -237,7 +237,7 @@ func RunDeepAgent(
 				subMax = subDefaultIter
 			}
 
-			subSumMw, err := newEinoSummarizationMiddleware(ctx, subModel, appCfg, logger)
+			subSumMw, err := newEinoSummarizationMiddleware(ctx, subModel, appCfg, &ma.EinoMiddleware, conversationID, logger)
 			if err != nil {
 				return nil, fmt.Errorf("子代理 %q summarization 中间件: %w", id, err)
 			}
@@ -257,11 +257,33 @@ func RunDeepAgent(
 				subHandlers = append(subHandlers, einoSkillMW)
 			}
 			subHandlers = append(subHandlers, subSumMw)
+			if teleMw := newEinoModelInputTelemetryMiddleware(logger, appCfg.OpenAI.Model, conversationID, "sub_agent"); teleMw != nil {
+				subHandlers = append(subHandlers, teleMw)
+			}
 
+			subInstrFinal := injectToolNamesOnlyInstruction(ctx, instr, subTools)
+			if logger != nil {
+				subNames := collectToolNames(ctx, subTools)
+				mountedNames := collectToolNames(ctx, subToolsForCfg)
+				hasToolSearch := false
+				for _, n := range subNames {
+					if strings.EqualFold(strings.TrimSpace(n), "tool_search") {
+						hasToolSearch = true
+						break
+					}
+				}
+				logger.Info("eino tool-name injection",
+					zap.String("scope", "sub_agent"),
+					zap.String("agent", id),
+					zap.Int("tool_names", len(subNames)),
+					zap.Int("mounted_tool_names", len(mountedNames)),
+					zap.Bool("has_tool_search", hasToolSearch),
+				)
+			}
 			sa, err := adk.NewChatModelAgent(ctx, &adk.ChatModelAgentConfig{
 				Name:        id,
 				Description: desc,
-				Instruction: instr,
+				Instruction: subInstrFinal,
 				Model:       subModel,
 				ToolsConfig: adk.ToolsConfig{
 					ToolsNodeConfig: compose.ToolsNodeConfig{
@@ -289,7 +311,7 @@ func RunDeepAgent(
 		return nil, fmt.Errorf("多代理主模型: %w", err)
 	}
 
-	mainSumMw, err := newEinoSummarizationMiddleware(ctx, mainModel, appCfg, logger)
+	mainSumMw, err := newEinoSummarizationMiddleware(ctx, mainModel, appCfg, &ma.EinoMiddleware, conversationID, logger)
 	if err != nil {
 		return nil, fmt.Errorf("多代理主 summarization 中间件: %w", err)
 	}
@@ -313,6 +335,25 @@ func RunDeepAgent(
 			orchDescription = d
 		}
 	}
+	orchInstruction = injectToolNamesOnlyInstruction(ctx, orchInstruction, mainTools)
+	if logger != nil {
+		mainNames := collectToolNames(ctx, mainTools)
+		mountedNames := collectToolNames(ctx, mainToolsForCfg)
+		hasToolSearch := false
+		for _, n := range mainNames {
+			if strings.EqualFold(strings.TrimSpace(n), "tool_search") {
+				hasToolSearch = true
+				break
+			}
+		}
+		logger.Info("eino tool-name injection",
+			zap.String("scope", "orchestrator"),
+			zap.String("orchestration", orchMode),
+			zap.Int("tool_names", len(mainNames)),
+			zap.Int("mounted_tool_names", len(mountedNames)),
+			zap.Bool("has_tool_search", hasToolSearch),
+		)
+	}
 
 	supInstr := strings.TrimSpace(orchInstruction)
 	if orchMode == "supervisor" {
@@ -352,6 +393,9 @@ func RunDeepAgent(
 		deepHandlers = append(deepHandlers, einoSkillMW)
 	}
 	deepHandlers = append(deepHandlers, mainSumMw)
+	if teleMw := newEinoModelInputTelemetryMiddleware(logger, appCfg.OpenAI.Model, conversationID, "deep_orchestrator"); teleMw != nil {
+		deepHandlers = append(deepHandlers, teleMw)
+	}
 
 	supHandlers := []adk.ChatModelAgentMiddleware{}
 	if len(mainOrchestratorPre) > 0 {
@@ -361,6 +405,9 @@ func RunDeepAgent(
 		supHandlers = append(supHandlers, einoSkillMW)
 	}
 	supHandlers = append(supHandlers, mainSumMw)
+	if teleMw := newEinoModelInputTelemetryMiddleware(logger, appCfg.OpenAI.Model, conversationID, "supervisor_orchestrator"); teleMw != nil {
+		supHandlers = append(supHandlers, teleMw)
+	}
 
 	mainToolsCfg := adk.ToolsConfig{
 		ToolsNodeConfig: compose.ToolsNodeConfig{
@@ -399,10 +446,17 @@ func RunDeepAgent(
 			ExecMaxIter:          deepMaxIter,
 			LoopMaxIter:          ma.PlanExecuteLoopMaxIterations,
 			AppCfg:               appCfg,
+			MwCfg:                &ma.EinoMiddleware,
+			ConversationID:       conversationID,
 			Logger:               logger,
+			ModelName:            appCfg.OpenAI.Model,
 			ExecPreMiddlewares:   mainOrchestratorPre,
 			SkillMiddleware:      einoSkillMW,
 			FilesystemMiddleware: peFsMw,
+			PlannerReplannerRewriteHandlers: []adk.ChatModelAgentMiddleware{
+				mainSumMw,
+				newEinoModelInputTelemetryMiddleware(logger, appCfg.OpenAI.Model, conversationID, "plan_execute_planner_replanner_rewrite"),
+			},
 		})
 		if perr != nil {
 			return nil, perr
@@ -468,7 +522,7 @@ func RunDeepAgent(
 		da = dDeep
 	}
 
-	baseMsgs := historyToMessages(history)
+	baseMsgs := historyToMessages(history, appCfg, &ma.EinoMiddleware)
 	baseMsgs = append(baseMsgs, schema.UserMessage(userMessage))
 
 	streamsMainAssistant := func(agent string) bool {
@@ -505,34 +559,77 @@ func RunDeepAgent(
 	}, baseMsgs)
 }
 
-func historyToMessages(history []agent.ChatMessage) []adk.Message {
+func historyToMessages(history []agent.ChatMessage, appCfg *config.Config, mwCfg *config.MultiAgentEinoMiddlewareConfig) []adk.Message {
 	if len(history) == 0 {
 		return nil
 	}
-	// 放宽条数上限：跨轮历史交给 Eino Summarization（阈值对齐 openai.max_total_tokens）在调用模型前压缩，避免在入队前硬截断为 40 条。
-	const maxHistoryMessages = 300
+	// Keep a bounded tail first; then enforce a token budget.
+	const maxHistoryMessages = 200
 	start := 0
 	if len(history) > maxHistoryMessages {
 		start = len(history) - maxHistoryMessages
 	}
-	out := make([]adk.Message, 0, len(history[start:]))
+	raw := make([]adk.Message, 0, len(history[start:]))
 	for _, h := range history[start:] {
 		switch h.Role {
 		case "user":
 			if strings.TrimSpace(h.Content) != "" {
-				out = append(out, schema.UserMessage(h.Content))
+				raw = append(raw, schema.UserMessage(h.Content))
 			}
 		case "assistant":
 			if strings.TrimSpace(h.Content) == "" && len(h.ToolCalls) > 0 {
 				continue
 			}
 			if strings.TrimSpace(h.Content) != "" {
-				out = append(out, schema.AssistantMessage(h.Content, nil))
+				raw = append(raw, schema.AssistantMessage(h.Content, nil))
 			}
 		default:
 			continue
 		}
 	}
+	if len(raw) == 0 {
+		return raw
+	}
+	maxTotal := 120000
+	modelName := "gpt-4o"
+	if appCfg != nil {
+		if appCfg.OpenAI.MaxTotalTokens > 0 {
+			maxTotal = appCfg.OpenAI.MaxTotalTokens
+		}
+		if m := strings.TrimSpace(appCfg.OpenAI.Model); m != "" {
+			modelName = m
+		}
+	}
+	ratio := 0.35
+	if mwCfg != nil {
+		ratio = mwCfg.HistoryInputBudgetRatioEffective()
+	}
+	budget := int(float64(maxTotal) * ratio)
+	if budget < 4096 {
+		budget = 4096
+	}
+	tc := agent.NewTikTokenCounter()
+	outRev := make([]adk.Message, 0, len(raw))
+	used := 0
+	for i := len(raw) - 1; i >= 0; i-- {
+		msg := raw[i]
+		n, err := tc.Count(modelName, string(msg.Role)+"\n"+msg.Content)
+		if err != nil {
+			n = (len(msg.Content) + 3) / 4
+		}
+		if n <= 0 {
+			n = 1
+		}
+		if used+n > budget {
+			break
+		}
+		used += n
+		outRev = append(outRev, msg)
+	}
+	out := make([]adk.Message, 0, len(outRev))
+	for i := len(outRev) - 1; i >= 0; i-- {
+		out = append(out, outRev[i])
+	}
 	return out
 }
 

web/static/css/style.css

@@ -805,6 +805,185 @@ header {
     position: relative;
 }
 
+.notification-menu-container {
+    position: relative;
+}
+
+.notification-btn {
+    position: relative;
+    display: inline-flex;
+    align-items: center;
+    justify-content: center;
+    width: 36px;
+    height: 36px;
+    border-radius: 50%;
+    border: 1px solid var(--border-color);
+    background: var(--bg-primary);
+    color: var(--text-secondary);
+    cursor: pointer;
+    transition: all 0.2s ease;
+    padding: 0;
+}
+
+.notification-btn:hover,
+.notification-btn.active {
+    background: var(--bg-tertiary);
+    border-color: var(--accent-color);
+    color: var(--accent-color);
+}
+
+.notification-btn svg {
+    width: 20px;
+    height: 20px;
+}
+
+.notification-badge {
+    position: absolute;
+    top: 0;
+    right: 0;
+    transform: translate(32%, -32%);
+    min-width: 18px;
+    height: 18px;
+    border-radius: 9999px;
+    padding: 0 4px;
+    background: #ef4444;
+    color: #fff;
+    display: inline-flex;
+    align-items: center;
+    justify-content: center;
+    box-sizing: border-box;
+    font-size: 0.6875rem;
+    font-weight: 500;
+    line-height: 1;
+    text-align: center;
+    font-variant-numeric: tabular-nums;
+    border: 2px solid #fff;
+    box-shadow: 0 1px 2px rgba(15, 23, 42, 0.18);
+    pointer-events: none;
+}
+
+.notification-badge-text {
+    display: inline-block;
+    transform: translateY(1.5px);
+}
+
+.notification-dropdown {
+    position: absolute;
+    top: calc(100% + 8px);
+    right: 0;
+    width: 340px;
+    max-height: 420px;
+    background: var(--bg-primary);
+    border: 1px solid var(--border-color);
+    border-radius: 10px;
+    box-shadow: 0 10px 24px rgba(0, 0, 0, 0.16);
+    z-index: 1000;
+    overflow: hidden;
+}
+
+.notification-dropdown-header {
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    padding: 10px 12px;
+    border-bottom: 1px solid var(--border-color);
+    font-size: 0.875rem;
+    font-weight: 600;
+}
+
+.notification-mark-read-btn {
+    border: none;
+    background: transparent;
+    color: var(--accent-color);
+    cursor: pointer;
+    font-size: 0.75rem;
+    padding: 0;
+}
+
+.notification-list {
+    max-height: 360px;
+    overflow-y: auto;
+    padding: 6px 0;
+}
+
+.notification-item {
+    display: block;
+    padding: 10px 12px;
+    border-left: 2px solid transparent;
+}
+
+.notification-item + .notification-item {
+    border-top: 1px solid var(--border-color);
+}
+
+.notification-item.notification-level-p0 {
+    border-left-color: #ef4444;
+}
+
+.notification-item.notification-level-p1 {
+    border-left-color: #f59e0b;
+}
+
+.notification-item.notification-level-p2 {
+    border-left-color: #3b82f6;
+}
+
+.notification-item-title {
+    font-size: 0.8125rem;
+    font-weight: 600;
+    color: var(--text-primary);
+    margin-bottom: 2px;
+}
+
+.notification-item-header {
+    display: flex;
+    align-items: flex-start;
+    justify-content: space-between;
+    gap: 8px;
+}
+
+.notification-item-actions {
+    display: inline-flex;
+    align-items: center;
+    gap: 6px;
+    flex-shrink: 0;
+}
+
+.notification-item-action-btn {
+    border: 1px solid var(--border-color);
+    background: var(--bg-primary);
+    color: var(--text-secondary);
+    border-radius: 6px;
+    font-size: 0.6875rem;
+    line-height: 1;
+    padding: 4px 6px;
+    cursor: pointer;
+}
+
+.notification-item-action-btn:hover {
+    border-color: var(--accent-color);
+    color: var(--accent-color);
+}
+
+.notification-item-desc {
+    font-size: 0.75rem;
+    color: var(--text-secondary);
+    line-height: 1.35;
+}
+
+.notification-item-time {
+    margin-top: 4px;
+    font-size: 0.6875rem;
+    color: var(--text-muted);
+}
+
+.notification-empty {
+    padding: 16px 12px;
+    color: var(--text-muted);
+    text-align: center;
+    font-size: 0.8125rem;
+}
+
 .user-avatar-btn {
     display: inline-flex;
     align-items: center;
@@ -827,6 +1006,8 @@ header {
 }
 
 .user-avatar-btn svg {
+    width: 22px;
+    height: 22px;
     stroke: currentColor;
 }
 
@@ -3607,6 +3788,17 @@ header {
     box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.03);
 }
 
+.active-task-item-clickable {
+    cursor: pointer;
+    transition: border-color 0.2s ease, box-shadow 0.2s ease, transform 0.12s ease;
+}
+
+.active-task-item-clickable:hover {
+    border-color: rgba(0, 102, 255, 0.45);
+    box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.03), 0 2px 8px rgba(0, 102, 255, 0.12);
+    transform: translateY(-1px);
+}
+
 .active-task-info {
     display: flex;
     align-items: center;
@@ -4472,6 +4664,25 @@ header {
     flex-wrap: wrap;
 }
 
+.tool-resident-toggle {
+    display: inline-flex;
+    align-items: center;
+    gap: 4px;
+    font-size: 0.75rem;
+    color: var(--text-secondary);
+    border: 1px solid var(--border-color);
+    border-radius: 12px;
+    padding: 2px 8px;
+    background: var(--bg-secondary);
+    cursor: pointer;
+}
+
+.tool-resident-toggle input[type="checkbox"] {
+    width: 14px;
+    height: 14px;
+    margin: 0;
+}
+
 .external-tool-badge {
     display: inline-flex;
     align-items: center;
@@ -13406,6 +13617,11 @@ header {
     min-width: 150px;
 }
 
+/* Keep action buttons visually aligned in vulnerability filters */
+.vulnerability-filters .btn-primary {
+    border: 1px solid transparent;
+}
+
 .vulnerabilities-list {
     display: flex;
     flex-direction: column;

web/static/i18n/en-US.json

@@ -33,6 +33,13 @@
     "version": "Current version",
     "toggleSidebar": "Collapse/expand sidebar"
   },
+  "notifications": {
+    "title": "Notifications",
+    "empty": "No new events",
+    "markAllRead": "Mark all read",
+    "markSingleRead": "Read",
+    "itemDefaultTitle": "Notification"
+  },
   "login": {
     "title": "Sign in to CyberStrikeAI",
     "subtitle": "Enter the access password from config",
@@ -239,7 +246,20 @@
   },
   "hitl": {
     "pageTitle": "HITL approvals",
-    "pendingTitle": "Pending approvals"
+    "pendingTitle": "Pending approvals",
+    "loading": "Loading...",
+    "emptyState": "No pending approvals",
+    "dismiss": "Dismiss",
+    "conversationLabel": "Conversation:",
+    "reviewEditHelp": "Review & edit mode: provide a JSON object to override tool arguments. Example: {\"command\":\"ls -la\"}",
+    "approvalHelp": "Approval mode: only approve/reject, argument editing is disabled.",
+    "commentHelp": "Comment (optional): briefly note the approval reason.",
+    "commentPlaceholder": "e.g. allow read-only command",
+    "reject": "Reject",
+    "approve": "Approve",
+    "loadFailed": "Failed to load",
+    "invalidJson": "Invalid JSON arguments",
+    "submitFailedPrefix": "Submit failed:"
   },
   "progress": {
     "callingAI": "Calling AI model...",
@@ -576,6 +596,10 @@
     "addExternal": "Add external MCP",
     "toolConfig": "MCP tool config",
     "saveToolConfig": "Save tool config",
+    "alwaysVisibleLabel": "Pinned",
+    "alwaysVisibleHint": "Always keep visible in Tool Search results",
+    "alwaysVisibleBuiltinLabel": "Builtin default",
+    "alwaysVisibleBuiltinHint": "Backend builtin tool is pinned by default and cannot be disabled",
     "externalConfig": "External MCP config",
     "loadingTools": "Loading tools...",
     "loadToolsTimeout": "Tools load timeout. External MCP may be slow. Click Refresh to retry or check connection.",

web/static/i18n/zh-CN.json

@@ -33,6 +33,13 @@
     "version": "当前版本",
     "toggleSidebar": "折叠/展开侧边栏"
   },
+  "notifications": {
+    "title": "事件通知",
+    "empty": "暂无新事件",
+    "markAllRead": "标记已读",
+    "markSingleRead": "已读",
+    "itemDefaultTitle": "通知"
+  },
   "login": {
     "title": "登录 CyberStrikeAI",
     "subtitle": "请输入配置中的访问密码",
@@ -239,7 +246,20 @@
   },
   "hitl": {
     "pageTitle": "人机协同审批",
-    "pendingTitle": "待处理审批"
+    "pendingTitle": "待处理审批",
+    "loading": "加载中...",
+    "emptyState": "暂无待审批项",
+    "dismiss": "忽略",
+    "conversationLabel": "会话：",
+    "reviewEditHelp": "审查编辑模式：可填写 JSON 对象覆盖参数。示例：{\"command\":\"ls -la\"}",
+    "approvalHelp": "审批模式：仅通过/拒绝，不支持改参。",
+    "commentHelp": "备注（可选）：建议写审批依据。",
+    "commentPlaceholder": "例如：允许只读命令",
+    "reject": "拒绝",
+    "approve": "通过",
+    "loadFailed": "加载失败",
+    "invalidJson": "JSON 参数格式错误",
+    "submitFailedPrefix": "提交失败："
   },
   "progress": {
     "callingAI": "正在调用AI模型...",
@@ -576,6 +596,10 @@
     "addExternal": "添加外部MCP",
     "toolConfig": "MCP 工具配置",
     "saveToolConfig": "保存工具配置",
+    "alwaysVisibleLabel": "常驻",
+    "alwaysVisibleHint": "始终常驻在 Tool Search 可见列表（不被 tool_search 隐藏）",
+    "alwaysVisibleBuiltinLabel": "内置默认",
+    "alwaysVisibleBuiltinHint": "后端内置工具默认常驻，不可关闭",
     "externalConfig": "外部 MCP 配置",
     "loadingTools": "正在加载工具列表...",
     "loadToolsTimeout": "加载工具列表超时，可能是外部MCP连接较慢。请点击\"刷新\"按钮重试，或检查外部MCP连接状态。",

web/static/js/hitl.js

@@ -7,6 +7,19 @@ function hitlModeNormalize(m) {
     return allowed.indexOf(v) >= 0 ? v : 'off';
 }
 
+function hitlT(key, fallback, params) {
+    const fullKey = 'hitl.' + key;
+    try {
+        if (typeof window.t === 'function') {
+            const translated = window.t(fullKey, params || {});
+            if (typeof translated === 'string' && translated && translated !== fullKey) {
+                return translated;
+            }
+        }
+    } catch (e) {}
+    return fallback;
+}
+
 function hitlEffectiveEnabled(cfg) {
     if (!cfg) return false;
     if (cfg.enabled === true) return true;
@@ -36,6 +49,18 @@ function hitlSensitiveToolsToArray(config) {
     return [];
 }
 
+function normalizeHitlTimeoutSeconds(v, fallback) {
+    const n = Number(v);
+    if (Number.isFinite(n)) {
+        return n > 0 ? Math.floor(n) : 0;
+    }
+    const f = Number(fallback);
+    if (Number.isFinite(f)) {
+        return f > 0 ? Math.floor(f) : 0;
+    }
+    return 0;
+}
+
 function getCurrentConversationIdForHitl() {
     if (typeof window.currentConversationId === 'string' && window.currentConversationId) {
         return window.currentConversationId;
@@ -84,6 +109,7 @@ async function saveHitlConversationConfig(conversationId, config) {
     const mode = hitlModeNormalize(config.mode || 'off');
     const enabled = typeof config.enabled === 'boolean' ? config.enabled : (mode !== 'off');
     const sensitiveTools = hitlSensitiveToolsToArray(config);
+    const timeoutSeconds = normalizeHitlTimeoutSeconds(config.timeoutSeconds, 0);
     const resp = await hitlApiFetch('/api/hitl/config', {
         method: 'PUT',
         credentials: 'same-origin',
@@ -93,7 +119,7 @@ async function saveHitlConversationConfig(conversationId, config) {
             enabled: enabled,
             mode: mode,
             sensitiveTools: sensitiveTools,
-            timeoutSeconds: config.timeoutSeconds || 300
+            timeoutSeconds: timeoutSeconds
         })
     });
     if (!resp.ok) {
@@ -126,7 +152,7 @@ async function syncHitlConfigFromServer(conversationId) {
                 enabled: true,
                 mode: localMode,
                 sensitiveTools: localToolsStr.split(/[,\n\r]+/).map(function (s) { return s.trim(); }).filter(Boolean),
-                timeoutSeconds: cfg.timeoutSeconds || 300
+                timeoutSeconds: normalizeHitlTimeoutSeconds(cfg.timeoutSeconds, 0)
             };
             saveHitlConversationConfig(conversationId, {
                 mode: localMode,
@@ -146,7 +172,7 @@ async function syncHitlConfigFromServer(conversationId) {
                     enabled: true,
                     mode: glMode,
                     sensitiveTools: glToolsStr.split(/[,\n\r]+/).map(function (s) { return s.trim(); }).filter(Boolean),
-                    timeoutSeconds: cfg.timeoutSeconds || 300
+                    timeoutSeconds: normalizeHitlTimeoutSeconds(cfg.timeoutSeconds, 0)
                 };
                 saveHitlConversationConfig(conversationId, {
                     mode: glMode,
@@ -265,7 +291,7 @@ async function followAgentRunAfterHitlDecision(conversationId) {
 async function refreshHitlPending() {
     const container = document.getElementById('hitl-pending-list');
     if (!container) return;
-    container.innerHTML = '<div class="loading-spinner">Loading...</div>';
+    container.innerHTML = '<div class="loading-spinner">' + escapeHtml(hitlT('loading', 'Loading...')) + '</div>';
     try {
         const resp = await hitlApiFetch('/api/hitl/pending', { credentials: 'same-origin' });
         if (!resp.ok) {
@@ -274,7 +300,7 @@ async function refreshHitlPending() {
         const data = await resp.json();
         const items = Array.isArray(data.items) ? data.items : [];
         if (!items.length) {
-            container.innerHTML = '<div class="empty-state">暂无待审批项</div>';
+            container.innerHTML = '<div class="empty-state">' + escapeHtml(hitlT('emptyState', 'No pending approvals')) + '</div>';
             return;
         }
         container.innerHTML = items.map(function (item) {
@@ -292,25 +318,25 @@ async function refreshHitlPending() {
                 '<span class="hitl-tool-badge">' + escapeHtml(item.toolName || '-') + '</span>' +
                 '<span class="hitl-mode-tag hitl-mode-tag--' + escapeHtml(mode) + '">' + escapeHtml(item.mode || '-') + '</span>' +
                 '</div>' +
-                '<button class="hitl-dismiss-btn" title="忽略" onclick="dismissHitlItem(' + qId + ')">&times;</button>' +
+                '<button class="hitl-dismiss-btn" title="' + escapeHtml(hitlT('dismiss', 'Dismiss')) + '" onclick="dismissHitlItem(' + qId + ')">&times;</button>' +
                 '</div>' +
-                '<div class="hitl-pending-meta">会话：' + escapeHtml(item.conversationId || '-') + '</div>' +
+                '<div class="hitl-pending-meta">' + escapeHtml(hitlT('conversationLabel', 'Conversation:')) + ' ' + escapeHtml(item.conversationId || '-') + '</div>' +
                 '<pre class="hitl-pending-payload">' + escapeHtml(preview) + '</pre>' +
                 (allowEdit
-                    ? ('<div class="hitl-input-help">审查编辑模式：可填写 JSON 对象覆盖参数。示例：{"command":"ls -la"}</div>' +
+                    ? ('<div class="hitl-input-help">' + escapeHtml(hitlT('reviewEditHelp', 'Review & edit mode: provide a JSON object to override tool arguments. Example: {"command":"ls -la"}')) + '</div>' +
                        '<textarea id="hitl-edit-' + escId + '" class="hitl-edit-args" placeholder=\'{"command":"ls -la"}\'></textarea>')
-                    : '<div class="hitl-input-help">审批模式：仅通过/拒绝，不支持改参。</div>') +
-                '<div class="hitl-input-help">备注（可选）：建议写审批依据。</div>' +
-                '<input id="hitl-comment-' + escId + '" class="hitl-config-input hitl-inline-comment" type="text" placeholder="例如：允许只读命令">' +
+                    : '<div class="hitl-input-help">' + escapeHtml(hitlT('approvalHelp', 'Approval mode: only approve/reject, argument editing is disabled.')) + '</div>') +
+                '<div class="hitl-input-help">' + escapeHtml(hitlT('commentHelp', 'Comment (optional): briefly note the approval reason.')) + '</div>' +
+                '<input id="hitl-comment-' + escId + '" class="hitl-config-input hitl-inline-comment" type="text" placeholder="' + escapeHtml(hitlT('commentPlaceholder', 'e.g. allow read-only command')) + '">' +
                 '<div class="hitl-pending-actions">' +
-                '<button class="btn-secondary" onclick="submitHitlDecision(' + qId + ',&quot;reject&quot;,' + qConv + ')">拒绝</button>' +
-                '<button class="btn-primary" onclick="submitHitlDecision(' + qId + ',&quot;approve&quot;,' + qConv + ')">通过</button>' +
+                '<button class="btn-secondary" onclick="submitHitlDecision(' + qId + ',&quot;reject&quot;,' + qConv + ')">' + escapeHtml(hitlT('reject', 'Reject')) + '</button>' +
+                '<button class="btn-primary" onclick="submitHitlDecision(' + qId + ',&quot;approve&quot;,' + qConv + ')">' + escapeHtml(hitlT('approve', 'Approve')) + '</button>' +
                 '</div>' +
                 '</div>'
             );
         }).join('');
     } catch (e) {
-        container.innerHTML = '<div class="empty-state">加载失败</div>';
+        container.innerHTML = '<div class="empty-state">' + escapeHtml(hitlT('loadFailed', 'Failed to load')) + '</div>';
     }
 }
 
@@ -323,7 +349,7 @@ async function submitHitlDecision(interruptId, decision, conversationIdOpt) {
         try {
             editedArguments = JSON.parse(editBox.value.trim());
         } catch (e) {
-            alert('JSON 参数格式错误');
+            alert(hitlT('invalidJson', 'Invalid JSON arguments'));
             return;
         }
     }
@@ -344,7 +370,7 @@ async function submitHitlDecisionWithPayload(interruptId, decision, comment, edi
             await dismissHitlItem(interruptId, true);
             return true;
         }
-        alert('提交失败：' + errText);
+        alert(hitlT('submitFailedPrefix', 'Submit failed:') + ' ' + errText);
         return false;
     }
     refreshHitlPending();

web/static/js/monitor.js

@@ -2348,9 +2348,28 @@ function renderActiveTasks(tasks) {
     bar.style.display = 'flex';
     bar.innerHTML = '';
 
+    function openActiveTaskConversation(conversationId) {
+        if (!conversationId) return;
+        if (typeof switchPage === 'function') {
+            switchPage('chat');
+        }
+        if (typeof window.loadConversation === 'function') {
+            setTimeout(function () {
+                window.loadConversation(conversationId);
+            }, 120);
+            return;
+        }
+        window.location.hash = 'chat?conversation=' + encodeURIComponent(conversationId);
+    }
+
     normalizedTasks.forEach(task => {
         const item = document.createElement('div');
-        item.className = 'active-task-item';
+        item.className = 'active-task-item active-task-item-clickable';
+        if (task && task.conversationId) {
+            item.title = (typeof window.t === 'function' ? window.t('tasks.viewConversation') : '查看会话');
+            item.setAttribute('role', 'button');
+            item.onclick = () => openActiveTaskConversation(task.conversationId);
+        }
 
         const startedTime = task.startedAt ? new Date(task.startedAt) : null;
         const taskTimeLocale = getCurrentTimeLocale();
@@ -2388,7 +2407,10 @@ function renderActiveTasks(tasks) {
         if (!isFinalStatus) {
             const cancelBtn = item.querySelector('.active-task-cancel');
             if (cancelBtn) {
-                cancelBtn.onclick = () => cancelActiveTask(task.conversationId, cancelBtn);
+                cancelBtn.onclick = (evt) => {
+                    evt.stopPropagation();
+                    cancelActiveTask(task.conversationId, cancelBtn);
+                };
                 if (task.status === 'cancelling') {
                     cancelBtn.disabled = true;
                     cancelBtn.textContent = typeof window.t === 'function' ? window.t('tasks.cancelling') : '取消中...';

web/static/js/notifications.js

@@ -0,0 +1,321 @@
+(function () {
+    const STORAGE_LAST_SEEN_KEY = 'cyberstrike-notification-last-seen-at';
+    const POLL_INTERVAL_ACTIVE_MS = 15000;
+    const POLL_INTERVAL_HIDDEN_MS = 60000;
+    const MAX_RENDER_ITEMS = 20;
+
+    const state = {
+        inFlight: false,
+        timerId: null,
+        dropdownOpen: false,
+        lastSeenAt: readLastSeenAt(),
+        items: [],
+        unreadCount: 0,
+    };
+
+    function readLastSeenAt() {
+        try {
+            const raw = localStorage.getItem(STORAGE_LAST_SEEN_KEY);
+            const n = Number(raw);
+            if (Number.isFinite(n) && n > 0) return n;
+        } catch (e) {
+            console.warn('读取通知已读时间失败:', e);
+        }
+        return 0;
+    }
+
+    function persistLastSeenAt(ts) {
+        try {
+            localStorage.setItem(STORAGE_LAST_SEEN_KEY, String(ts));
+        } catch (e) {
+            console.warn('保存通知已读时间失败:', e);
+        }
+    }
+
+    function getTimeMs(value) {
+        if (!value) return 0;
+        const d = new Date(value);
+        const ms = d.getTime();
+        return Number.isFinite(ms) ? ms : 0;
+    }
+
+    function getLocale() {
+        if (typeof window !== 'undefined') {
+            if (typeof window.__locale === 'string' && window.__locale) {
+                return window.__locale;
+            }
+            if (typeof window.currentLang === 'string' && window.currentLang) {
+                return window.currentLang;
+            }
+        }
+        return 'zh-CN';
+    }
+
+    function formatTime(value) {
+        const ms = getTimeMs(value);
+        if (!ms) return '-';
+        return new Date(ms).toLocaleString(getLocale());
+    }
+
+    function htmlEscape(value) {
+        if (typeof window.escapeHtml === 'function') {
+            return window.escapeHtml(value == null ? '' : String(value));
+        }
+        const div = document.createElement('div');
+        div.textContent = value == null ? '' : String(value);
+        return div.innerHTML;
+    }
+
+    function t(key, fallback, params) {
+        if (typeof window !== 'undefined' && typeof window.t === 'function') {
+            try {
+                const translated = window.t(key, params || {});
+                if (translated && translated !== key) return translated;
+            } catch (_ignored) {}
+        }
+        return fallback;
+    }
+
+    async function apiJson(url, options) {
+        if (typeof window.apiFetch !== 'function') return null;
+        const res = await window.apiFetch(url, options || {});
+        if (!res.ok) return null;
+        return res.json();
+    }
+
+    async function fetchNotificationSummary() {
+        const url = '/api/notifications/summary?since='
+            + encodeURIComponent(String(state.lastSeenAt || 0))
+            + '&limit=80&lang=' + encodeURIComponent(getLocale());
+        try {
+            const summary = await apiJson(url);
+            if (summary && typeof summary === 'object') {
+                return summary;
+            }
+        } catch (_ignored) {}
+        return null;
+    }
+
+    function renderBadge(count) {
+        const badge = document.getElementById('notification-badge');
+        const btn = document.getElementById('notification-bell-btn');
+        if (!badge || !btn) return;
+        if (count <= 0) {
+            badge.style.display = 'none';
+            btn.classList.remove('has-alert');
+            return;
+        }
+        const text = count > 99 ? '99+' : String(count);
+        badge.innerHTML = '<span class="notification-badge-text">' + htmlEscape(text) + '</span>';
+        badge.style.display = 'inline-block';
+        btn.classList.add('has-alert');
+    }
+
+    function countP0(items) {
+        return (Array.isArray(items) ? items : []).reduce((acc, item) => {
+            if (!item || item.level !== 'p0') return acc;
+            if (typeof item.count === 'number' && item.count > 0) return acc + item.count;
+            return acc + 1;
+        }, 0);
+    }
+
+    function markableItems(items) {
+        return (Array.isArray(items) ? items : []).filter(item => item && item.actionable !== true && item.id);
+    }
+
+    function hasAction(item) {
+        if (!item || !item.type) return false;
+        if (item.type === 'vulnerability_created' && item.vulnerabilityId) return true;
+        if ((item.type === 'task_completed' || item.type === 'long_running_tasks') && item.conversationId) return true;
+        if (item.type === 'task_failed' && item.executionId) return true;
+        if (item.type === 'hitl_pending') return true;
+        return false;
+    }
+
+    function openNotificationTarget(item) {
+        if (!item || !item.type) return;
+        if (item.type === 'vulnerability_created' && item.vulnerabilityId) {
+            window.location.hash = 'vulnerabilities?id=' + encodeURIComponent(item.vulnerabilityId);
+            return;
+        }
+        if ((item.type === 'task_completed' || item.type === 'long_running_tasks') && item.conversationId) {
+            window.location.hash = 'chat?conversation=' + encodeURIComponent(item.conversationId);
+            return;
+        }
+        if (item.type === 'task_failed' && item.executionId) {
+            window.location.hash = 'mcp-monitor';
+            setTimeout(function () {
+                if (typeof showMCPDetail === 'function') {
+                    showMCPDetail(item.executionId);
+                }
+            }, 450);
+            return;
+        }
+        if (item.type === 'hitl_pending') {
+            window.location.hash = 'hitl';
+        }
+    }
+
+    async function markItemsRead(eventIds) {
+        if (!Array.isArray(eventIds) || !eventIds.length) return true;
+        const payload = { eventIds: eventIds };
+        try {
+            const result = await apiJson('/api/notifications/read', {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(payload),
+            });
+            return !!result;
+        } catch (_ignored) {
+            return false;
+        }
+    }
+
+    function renderNotificationList(items) {
+        const list = document.getElementById('notification-list');
+        if (!list) return;
+        const renderItems = Array.isArray(items) ? items.slice(0, MAX_RENDER_ITEMS) : [];
+        if (!renderItems.length) {
+            list.innerHTML = '<div class="notification-empty">' + htmlEscape(t('notifications.empty', '暂无新事件')) + '</div>';
+            return;
+        }
+        const html = renderItems.map(item => {
+            const canMarkRead = item.actionable !== true && !!item.id;
+            const canView = hasAction(item);
+            return `
+                <div class="notification-item notification-level-${htmlEscape(item.level || 'p2')}">
+                    <div class="notification-item-header">
+                        <div class="notification-item-title">${htmlEscape(item.title || t('notifications.itemDefaultTitle', '通知'))}</div>
+                        <div class="notification-item-actions">
+                            ${canView ? `<button class="notification-item-action-btn notification-item-view-btn" type="button" data-action-id="${htmlEscape(item.id || '')}">${htmlEscape(t('common.view', '查看'))}</button>` : ''}
+                            ${canMarkRead ? `<button class="notification-item-action-btn notification-item-read-btn" type="button" data-notification-id="${htmlEscape(item.id)}">${htmlEscape(t('notifications.markSingleRead', '已读'))}</button>` : ''}
+                        </div>
+                    </div>
+                    <div class="notification-item-desc">${htmlEscape(item.desc || '')}</div>
+                    <div class="notification-item-time">${htmlEscape(formatTime(item.ts))}</div>
+                </div>
+            `;
+        }).join('');
+        list.innerHTML = html;
+        const viewButtons = list.querySelectorAll('.notification-item-view-btn');
+        viewButtons.forEach(btn => {
+            btn.addEventListener('click', function (event) {
+                event.preventDefault();
+                event.stopPropagation();
+                const eventID = btn.getAttribute('data-action-id') || '';
+                if (!eventID) return;
+                const item = state.items.find(it => it && it.id === eventID);
+                if (!item) return;
+                openNotificationTarget(item);
+                closeDropdown();
+            });
+        });
+        const readButtons = list.querySelectorAll('.notification-item-read-btn');
+        readButtons.forEach(btn => {
+            btn.addEventListener('click', async function (event) {
+                event.preventDefault();
+                event.stopPropagation();
+                const eventID = btn.getAttribute('data-notification-id') || '';
+                if (!eventID) return;
+                const ok = await markItemsRead([eventID]);
+                if (ok) {
+                    await refreshNotifications();
+                }
+            });
+        });
+    }
+
+    function closeDropdown() {
+        const dropdown = document.getElementById('notification-dropdown');
+        const bellBtn = document.getElementById('notification-bell-btn');
+        if (dropdown) dropdown.style.display = 'none';
+        if (bellBtn) bellBtn.classList.remove('active');
+        state.dropdownOpen = false;
+    }
+
+    function markSeenNow() {
+        state.lastSeenAt = Date.now();
+        persistLastSeenAt(state.lastSeenAt);
+    }
+
+    async function refreshNotifications() {
+        if (state.inFlight) return;
+        state.inFlight = true;
+        try {
+            const summary = await fetchNotificationSummary();
+            const items = summary && Array.isArray(summary.items) ? summary.items : [];
+            state.items = items;
+            const unreadCount = summary && Number.isFinite(Number(summary.unreadCount))
+                ? Number(summary.unreadCount)
+                : countP0(items);
+            state.unreadCount = Math.max(0, unreadCount);
+            renderBadge(state.unreadCount);
+            renderNotificationList(items);
+        } catch (e) {
+            console.warn('刷新通知失败:', e);
+        } finally {
+            state.inFlight = false;
+        }
+    }
+
+    function scheduleNextPoll() {
+        if (state.timerId) {
+            window.clearTimeout(state.timerId);
+            state.timerId = null;
+        }
+        const interval = document.hidden ? POLL_INTERVAL_HIDDEN_MS : POLL_INTERVAL_ACTIVE_MS;
+        state.timerId = window.setTimeout(async function () {
+            await refreshNotifications();
+            scheduleNextPoll();
+        }, interval);
+    }
+
+    function handleDocumentClick(event) {
+        const container = document.querySelector('.notification-menu-container');
+        if (!container) return;
+        if (!container.contains(event.target)) {
+            closeDropdown();
+        }
+    }
+
+    async function toggleDropdown() {
+        const dropdown = document.getElementById('notification-dropdown');
+        const bellBtn = document.getElementById('notification-bell-btn');
+        if (!dropdown || !bellBtn) return;
+        const isOpen = dropdown.style.display !== 'none';
+        if (isOpen) {
+            closeDropdown();
+            return;
+        }
+        dropdown.style.display = 'block';
+        bellBtn.classList.add('active');
+        state.dropdownOpen = true;
+        await refreshNotifications();
+    }
+
+    async function markAllSeen() {
+        const ids = markableItems(state.items).map(item => item.id);
+        const ok = await markItemsRead(ids);
+        if (ok) {
+            markSeenNow();
+            await refreshNotifications();
+        }
+    }
+
+    function initNotifications() {
+        const bellBtn = document.getElementById('notification-bell-btn');
+        if (!bellBtn) return;
+        document.addEventListener('click', handleDocumentClick);
+        document.addEventListener('visibilitychange', scheduleNextPoll);
+        document.addEventListener('languagechange', function () {
+            refreshNotifications();
+        });
+        refreshNotifications();
+        scheduleNextPoll();
+    }
+
+    window.toggleNotificationDropdown = toggleDropdown;
+    window.markAllNotificationsSeen = markAllSeen;
+
+    document.addEventListener('DOMContentLoaded', initNotifications);
+})();

web/static/js/router.js

@@ -301,26 +301,38 @@ async function initPage(pageId) {
             break;
         case 'mcp-management':
             // 初始化MCP管理
+            const startLoadMcpTools = () => {
+                // 加载工具列表（MCP工具配置已移到MCP管理页面）
+                // 使用异步加载，避免阻塞页面渲染
+                if (typeof loadToolsList === 'function') {
+                    // 确保工具分页设置已初始化
+                    if (typeof getToolsPageSize === 'function' && typeof toolsPagination !== 'undefined') {
+                        toolsPagination.pageSize = getToolsPageSize();
+                    }
+                    // 延迟加载，让页面先渲染
+                    setTimeout(() => {
+                        loadToolsList(1, '').catch(err => {
+                            console.error('加载工具列表失败:', err);
+                        });
+                    }, 100);
+                }
+            };
+            // 先拉取全局配置，确保 tool_search 常驻状态按后端生效集合展示
+            if (typeof loadConfig === 'function') {
+                loadConfig(false)
+                    .catch(err => {
+                        console.warn('加载配置失败（将继续加载工具列表）:', err);
+                    })
+                    .finally(startLoadMcpTools);
+            } else {
+                startLoadMcpTools();
+            }
             // 先加载外部MCP列表（快速），然后加载工具列表
             if (typeof loadExternalMCPs === 'function') {
                 loadExternalMCPs().catch(err => {
                     console.warn('加载外部MCP列表失败:', err);
                 });
             }
-            // 加载工具列表（MCP工具配置已移到MCP管理页面）
-            // 使用异步加载，避免阻塞页面渲染
-            if (typeof loadToolsList === 'function') {
-                // 确保工具分页设置已初始化
-                if (typeof getToolsPageSize === 'function' && typeof toolsPagination !== 'undefined') {
-                    toolsPagination.pageSize = getToolsPageSize();
-                }
-                // 延迟加载，让页面先渲染
-                setTimeout(() => {
-                    loadToolsList(1, '').catch(err => {
-                        console.error('加载工具列表失败:', err);
-                    });
-                }, 100);
-            }
             break;
         case 'vulnerabilities':
             // 初始化漏洞管理页面

web/static/js/settings.js

@@ -1,6 +1,8 @@
 // 设置相关功能
 let currentConfig = null;
 let allTools = [];
+let alwaysVisibleToolNames = new Set();
+let alwaysVisibleBuiltinToolNames = new Set();
 // 全局工具状态映射，用于保存用户在所有页面的修改
 // key: 唯一工具标识符（toolKey），value: { enabled: boolean, is_external: boolean, external_mcp: string }
 let toolStateMap = new Map();
@@ -100,6 +102,14 @@ async function loadConfig(loadTools = true) {
         }
         
         currentConfig = await response.json();
+        const alwaysVisibleList = currentConfig?.multi_agent?.tool_search_always_visible_effective_tools;
+        const alwaysVisibleConfigured = currentConfig?.multi_agent?.tool_search_always_visible_tools;
+        alwaysVisibleToolNames = new Set(Array.isArray(alwaysVisibleList) ? alwaysVisibleList.filter(Boolean) : []);
+        alwaysVisibleBuiltinToolNames = new Set(
+            alwaysVisibleToolNames.size > 0 && Array.isArray(alwaysVisibleConfigured)
+                ? Array.from(alwaysVisibleToolNames).filter(name => !alwaysVisibleConfigured.includes(name))
+                : []
+        );
         
         // 填充OpenAI配置
         const providerEl = document.getElementById('openai-provider');
@@ -498,6 +508,8 @@ function renderToolsList() {
             is_external: tool.is_external || false,
             external_mcp: tool.external_mcp || ''
         };
+        const alwaysVisibleChecked = alwaysVisibleToolNames.has(tool.name);
+        const alwaysVisibleLocked = alwaysVisibleBuiltinToolNames.has(tool.name);
         
         // 外部工具标签，显示来源信息（可点击跳转到对应 MCP 卡片）
         let externalBadge = '';
@@ -521,6 +533,11 @@ function renderToolsList() {
                 <div class="tool-item-name">
                     ${escapeHtml(tool.name)}
                     ${externalBadge}
+                    <label class="tool-resident-toggle" title="${typeof window.t === 'function' ? window.t('mcp.alwaysVisibleHint') : '始终常驻在 Tool Search 可见列表'}" onclick="event.stopPropagation()">
+                        <input type="checkbox" ${alwaysVisibleChecked ? 'checked' : ''} ${alwaysVisibleLocked ? 'disabled' : ''} onchange="handleToolAlwaysVisibleChange('${escapeHtml(tool.name)}', this.checked)" />
+                        <span>${typeof window.t === 'function' ? window.t('mcp.alwaysVisibleLabel') : '常驻'}</span>
+                    </label>
+                    ${alwaysVisibleLocked ? `<span class="external-tool-badge" title="${typeof window.t === 'function' ? window.t('mcp.alwaysVisibleBuiltinHint') : '后端内置工具默认常驻，不可关闭'}">${typeof window.t === 'function' ? window.t('mcp.alwaysVisibleBuiltinLabel') : '内置默认'}</span>` : ''}
                     <span class="tool-expand-icon">▶</span>
                 </div>
                 <div class="tool-item-desc">${escapeHtml(tool.description || (typeof window.t === 'function' ? window.t('mcp.noDescription') : '无描述'))}</div>
@@ -716,6 +733,16 @@ function handleToolCheckboxChange(toolKey, enabled) {
     updateToolsStats();
 }
 
+function handleToolAlwaysVisibleChange(toolName, alwaysVisible) {
+    const name = (toolName || '').trim();
+    if (!name) return;
+    if (alwaysVisible) {
+        alwaysVisibleToolNames.add(name);
+    } else {
+        alwaysVisibleToolNames.delete(name);
+    }
+}
+
 // 全选工具
 function selectAllTools() {
     document.querySelectorAll('#tools-list input[type="checkbox"]').forEach(checkbox => {
@@ -886,9 +913,11 @@ async function updateToolsStats() {
     }
     
     const tStats = typeof window.t === 'function' ? window.t : (k) => k;
+    const pinnedCount = alwaysVisibleToolNames.size;
     statsEl.innerHTML = `
         <span title="${tStats('mcp.currentPageEnabled')}">✅ ${tStats('mcp.currentPageEnabled')}: <strong>${currentPageEnabled}</strong> / ${currentPageTotal}</span>
         <span title="${tStats('mcp.totalEnabled')}">📊 ${tStats('mcp.totalEnabled')}: <strong>${totalEnabled}</strong> / ${totalTools}</span>
+        <span title="${tStats('mcp.alwaysVisibleHint')}">📌 ${tStats('mcp.alwaysVisibleLabel')}: <strong>${pinnedCount}</strong></span>
     `;
 }
 
@@ -1230,6 +1259,13 @@ async function saveToolsConfig() {
         const config = {
             openai: currentConfig.openai || {},
             agent: currentConfig.agent || {},
+            multi_agent: {
+                enabled: currentConfig?.multi_agent?.enabled === true,
+                robot_use_multi_agent: currentConfig?.multi_agent?.robot_use_multi_agent === true,
+                batch_use_multi_agent: currentConfig?.multi_agent?.batch_use_multi_agent === true,
+                plan_execute_loop_max_iterations: Number(currentConfig?.multi_agent?.plan_execute_loop_max_iterations || 0),
+                tool_search_always_visible_tools: Array.from(alwaysVisibleToolNames).filter(name => !alwaysVisibleBuiltinToolNames.has(name))
+            },
             tools: []
         };
         

web/static/js/vulnerability.js

@@ -61,7 +61,7 @@ let vulnerabilityPagination = {
     totalPages: 1
 };
 
-// 从地址栏 #vulnerabilities?conversation_id= / ?task_id= 同步筛选（对话菜单、任务管理联动）
+// 从地址栏 #vulnerabilities?conversation_id= / ?task_id= / ?id= 同步筛选（通知/对话菜单/任务管理联动）
 function syncVulnerabilityFiltersFromLocationHash() {
     const hash = window.location.hash.slice(1);
     const hashParts = hash.split('?');
@@ -69,19 +69,27 @@ function syncVulnerabilityFiltersFromLocationHash() {
         return;
     }
     const params = new URLSearchParams(hashParts.slice(1).join('?'));
+    const vid = (params.get('id') || '').trim();
     const cid = (params.get('conversation_id') || '').trim();
     const tid = (params.get('task_id') || '').trim();
-    if (!cid && !tid) {
+    if (!vid && !cid && !tid) {
         return;
     }
 
+    vulnerabilityFilters.id = '';
     vulnerabilityFilters.conversation_id = '';
     vulnerabilityFilters.task_id = '';
+    const idEl = document.getElementById('vulnerability-id-filter');
     const convEl = document.getElementById('vulnerability-conversation-filter');
     const taskEl = document.getElementById('vulnerability-task-filter');
+    if (idEl) idEl.value = '';
     if (convEl) convEl.value = '';
     if (taskEl) taskEl.value = '';
 
+    if (vid) {
+        vulnerabilityFilters.id = vid;
+        if (idEl) idEl.value = vid;
+    }
     if (cid) {
         vulnerabilityFilters.conversation_id = cid;
         if (convEl) convEl.value = cid;
@@ -334,6 +342,13 @@ function renderVulnerabilities(vulnerabilities) {
     if (typeof window.applyTranslations === 'function') {
         window.applyTranslations(listContainer);
     }
+
+    // 如果通过漏洞ID筛选且只返回一条记录，自动展开详情（提升“点击查看”的用户体验）
+    if (vulnerabilities.length === 1 && vulnerabilityFilters.id && vulnerabilityFilters.id === vulnerabilities[0].id) {
+        setTimeout(() => {
+            toggleVulnerabilityDetails(vulnerabilities[0].id);
+        }, 300);
+    }
 }
 
 // 渲染分页控件

web/templates/index.html

@@ -63,6 +63,24 @@
                                 <div class="lang-option" data-lang="en-US" onclick="onLanguageSelect('en-US')">English</div>
                             </div>
                         </div>
+                        <div class="notification-menu-container">
+                            <button class="notification-btn" id="notification-bell-btn" onclick="toggleNotificationDropdown()" data-i18n="notifications.title" data-i18n-attr="title" data-i18n-skip-text="true" title="事件通知">
+                                <svg width="18" height="18" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
+                                    <path d="M18 8a6 6 0 0 0-12 0c0 7-3 9-3 9h18s-3-2-3-9" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+                                    <path d="M13.73 21a2 2 0 0 1-3.46 0" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+                                </svg>
+                                <span class="notification-badge" id="notification-badge" style="display: none;">0</span>
+                            </button>
+                            <div id="notification-dropdown" class="notification-dropdown" style="display: none;">
+                                <div class="notification-dropdown-header">
+                                    <span id="notification-dropdown-title" data-i18n="notifications.title">事件通知</span>
+                                    <button class="notification-mark-read-btn" id="notification-mark-all-read-btn" type="button" onclick="markAllNotificationsSeen()" data-i18n="notifications.markAllRead">标记已读</button>
+                                </div>
+                                <div id="notification-list" class="notification-list">
+                                    <div class="notification-empty" data-i18n="notifications.empty">暂无新事件</div>
+                                </div>
+                            </div>
+                        </div>
                         <div class="user-menu-container">
                             <button class="user-avatar-btn" onclick="toggleUserMenu()" data-i18n="header.userMenu" data-i18n-attr="title" data-i18n-skip-text="true" title="用户菜单">
                                 <svg width="20" height="20" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
@@ -2832,6 +2850,7 @@
     <script src="/static/js/i18n.js"></script>
     <script src="/static/js/builtin-tools.js"></script>
     <script src="/static/js/auth.js"></script>
+    <script src="/static/js/notifications.js"></script>
     <script src="/static/js/info-collect.js"></script>
     <script src="/static/js/router.js"></script>
     <script src="/static/js/agents.js"></script>