Update config.yaml

Add files via upload
2026-05-16 21:23:29 +02:00 · 2026-05-07 17:04:39 +08:00 · 2026-05-07 17:04:14 +08:00 · 2026-05-07 17:02:26 +08:00 · 2026-05-07 17:01:15 +08:00 · 2026-05-07 16:58:54 +08:00
41 changed files with 2621 additions and 573 deletions
@@ -27,7 +27,7 @@ If CyberStrikeAI helps you, you can support the project via **WeChat Pay** or **

 </details>

-CyberStrikeAI is an **AI-native security testing platform** built in Go. It integrates 100+ security tools, an intelligent orchestration engine, role-based testing with predefined security roles, a skills system with specialized testing skills, and comprehensive lifecycle management capabilities. Through native MCP protocol and AI agents, it enables end-to-end automation from conversational commands to vulnerability discovery, attack-chain analysis, knowledge retrieval, and result visualization—delivering an auditable, traceable, and collaborative testing environment for security teams.
+CyberStrikeAI is an **AI-native security testing platform** built in Go. It integrates 100+ security tools, an intelligent orchestration engine, role-based testing with predefined security roles, a skills system with specialized testing skills, comprehensive lifecycle management capabilities, and a **built-in lightweight C2 (Command & Control) framework** for **authorized** engagements (listeners, encrypted implants, sessions, tasks, real-time events, REST and MCP). Through native MCP protocol and AI agents, it enables end-to-end automation from conversational commands to vulnerability discovery, attack-chain analysis, knowledge retrieval, and result visualization—delivering an auditable, traceable, and collaborative testing environment for security teams.


 ## Interface & Integration Preview
@@ -121,6 +121,7 @@ CyberStrikeAI is an **AI-native security testing platform** built in Go. It inte
 - 📱 **Chatbot**: DingTalk and Lark (Feishu) long-lived connections so you can talk to CyberStrikeAI from mobile (see [Robot / Chatbot guide](docs/robot_en.md) for setup and commands)
 - 🧑‍⚖️ **Human-in-the-loop (HITL)**: Chat sidebar to set approval mode and tool allowlists (listed tools skip approval); global list in `config.yaml` under `hitl.tool_whitelist`; **Apply** can merge new tools into the file and update the running server without restart; dedicated **HITL** page for pending approvals
 - 🐚 **WebShell management**: Add and manage WebShell connections (e.g. IceSword/AntSword compatible), use a virtual terminal for command execution, a built-in file manager for file operations, and an AI assistant tab that orchestrates tests and keeps per-connection conversation history; supports PHP, ASP, ASPX, JSP and custom shell types with configurable request method and command parameter.
+- 📡 **Built-in C2**: AI-oriented lightweight command-and-control—**listeners** (TCP reverse, HTTP/HTTPS beacon, WebSocket), **encrypted** beacon channel, **session** and **task** queues with persistence, **payload** helpers (one-liner / build / download), **SSE** live events, REST under `/api/c2/*`, plus unified MCP tools (`c2_listener`, `c2_session`, **`c2_task`**, `c2_task_manage`, `c2_payload`, `c2_event`, `c2_profile`, `c2_file`); optional **HITL** approval for sensitive operations and OPSEC-style controls (e.g. command deny rules). **Authorized testing only.**

 ## Plugins

@@ -237,6 +238,7 @@ Requirements / tips:
 - **Vulnerability management** – Create, update, and track vulnerabilities discovered during testing. Filter by severity (critical/high/medium/low/info), status (open/confirmed/fixed/false_positive), and conversation. View statistics and export findings.
 - **Batch task management** – Create task queues with multiple tasks, add or edit tasks before execution, and run them sequentially. Each task executes as a separate conversation, with status tracking (pending/running/completed/failed/cancelled) and full execution history.
 - **WebShell management** – Add and manage WebShell connections (PHP/ASP/ASPX/JSP or custom). Use the virtual terminal to run commands, the file manager to list, read, edit, upload, and delete files, and the AI assistant tab to drive scripted tests with per-connection conversation history. Connections are stored in SQLite; supports GET/POST and configurable command parameter (e.g. IceSword/AntSword style).
+- **Built-in C2** – Create/start **listeners**, generate **payloads**, track **sessions**, enqueue **tasks**, and subscribe to **events** (SSE) from the Web UI or `/api/c2/*`. Agents and external clients use the C2 MCP tool family (including **`c2_task`**); when HITL is enabled, high-risk tasks can require human approval. Intended **only** for systems you are explicitly authorized to test.
 - **Settings** – Tweak provider keys, MCP enablement, tool toggles, and agent iteration limits.
 - **Human-in-the-loop (HITL)** – Sidebar sets mode and allowlisted tools (comma- or newline-separated); global list lives in `config.yaml` under `hitl.tool_whitelist`. **Apply** updates browser/server and can merge new tools into the file (**no restart**). **New chat** keeps sidebar choices; **HITL** nav shows pending approvals. Removing a tool in the sidebar does not remove it from the global list in `config.yaml`—edit the file if needed.

@@ -320,6 +322,12 @@ Requirements / tips:
 - **Connectivity test** – Use **Test connectivity** to verify that the shell URL, password, and command parameter are correct before running commands (sends a lightweight `echo 1` check).
 - **Persistence** – All WebShell connections and AI conversations are stored in SQLite (same database as conversations), so they persist across restarts.

+### Built-in C2 (Command & Control)
+- **What it is** – A first-party, **AI-native** C2 stack: listeners accept implants (beacons), the server stores **sessions** and **tasks** in SQLite, pushes updates over an **event bus** (including **SSE**), and exposes everything through authenticated **REST** plus MCP.
+- **Listeners & transports** – `tcp_reverse`, `http_beacon`, `https_beacon`, and `websocket`; per-listener crypto keys; running listeners can be **restored after restart** when marked running in the database.
+- **Agent integration** – MCP exposes a small **C2 tool family** (listeners, sessions, **`c2_task`**, task management, payloads, events, profiles, files) so the same agent loop can orchestrate C2 alongside other tools; dangerous task types can go through the existing **HITL** bridge when your session policy requires it.
+- **Safety** – Use **only** in lab or **fully authorized** engagements; combine network isolation, strong auth, and HITL/allowlists as your policy demands.
+
 ### MCP Everywhere
 - **Web mode** – ships with HTTP MCP server automatically consumed by the UI.
 - **MCP stdio mode** – `go run cmd/mcp-stdio/main.go` exposes the agent to Cursor/CLI.
@@ -476,6 +484,7 @@ A test SSE MCP server is available at `cmd/test-sse-mcp-server/` for validation
 - **Vulnerability APIs** – manage vulnerabilities via `/api/vulnerabilities` endpoints: `GET /api/vulnerabilities` (list with filters), `POST /api/vulnerabilities` (create), `GET /api/vulnerabilities/:id` (get), `PUT /api/vulnerabilities/:id` (update), `DELETE /api/vulnerabilities/:id` (delete), `GET /api/vulnerabilities/stats` (statistics).
 - **Batch Task APIs** – manage batch task queues via `/api/batch-tasks` endpoints: `POST /api/batch-tasks` (create queue), `GET /api/batch-tasks` (list queues), `GET /api/batch-tasks/:queueId` (get queue), `POST /api/batch-tasks/:queueId/start` (start execution), `POST /api/batch-tasks/:queueId/cancel` (cancel), `DELETE /api/batch-tasks/:queueId` (delete), `POST /api/batch-tasks/:queueId/tasks` (add task), `PUT /api/batch-tasks/:queueId/tasks/:taskId` (update task), `DELETE /api/batch-tasks/:queueId/tasks/:taskId` (delete task). Tasks execute sequentially, each creating a separate conversation with full status tracking.
 - **WebShell APIs** – manage WebShell connections and execute commands via `/api/webshell/connections` (GET list, POST create, PUT update, DELETE delete) and `/api/webshell/exec` (command execution), `/api/webshell/fileop` (list/read/write/delete files).
+- **C2 APIs** – manage listeners, sessions, tasks, payloads, files, and events under `/api/c2/*` (e.g. listeners CRUD/start/stop, session sleep, task create/cancel/wait, payload build/download, event stream).
 - **Task control** – pause/resume/stop long scans, re-run steps with new params, or stream transcripts.
 - **Audit & security** – rotate passwords via `/api/auth/change-password`, enforce short-lived sessions, and restrict MCP ports at the network layer when exposing the service.

@@ -581,7 +590,7 @@ enabled: true
 ```
 CyberStrikeAI/
 ├── cmd/                 # Server, MCP stdio entrypoints, tooling
-├── internal/            # Agent, MCP core, handlers, security executor
+├── internal/            # Agent, MCP core, handlers, C2 (`internal/c2`), security executor
 ├── web/                 # Static SPA + templates
 ├── tools/               # YAML tool recipes (100+ examples provided)
 ├── roles/               # Role configurations (12+ predefined security testing roles)
@@ -26,7 +26,7 @@

 </details>

-CyberStrikeAI 是一款 **AI 原生安全测试平台**，基于 Go 构建，集成了 100+ 安全工具、智能编排引擎、角色化测试与预设安全测试角色、Skills 技能系统与专业测试技能，以及完整的测试生命周期管理能力。通过原生 MCP 协议与 AI 智能体，支持从对话指令到漏洞发现、攻击链分析、知识检索与结果可视化的全流程自动化，为安全团队提供可审计、可追溯、可协作的专业测试环境。
+CyberStrikeAI 是一款 **AI 原生安全测试平台**，基于 Go 构建，集成了 100+ 安全工具、智能编排引擎、角色化测试与预设安全测试角色、Skills 技能系统与专业测试技能、完整的测试生命周期管理能力，以及面向 **授权场景** 的 **内置轻量 C2（Command & Control，指挥与控制）** 能力（监听器、加密通信、会话与任务、实时事件、REST 与 MCP 协同）。通过原生 MCP 协议与 AI 智能体，支持从对话指令到漏洞发现、攻击链分析、知识检索与结果可视化的全流程自动化，为安全团队提供可审计、可追溯、可协作的专业测试环境。


 ## 界面与集成预览
@@ -120,6 +120,7 @@ CyberStrikeAI 是一款 **AI 原生安全测试平台**，基于 Go 构建，集
 - 📱 **机器人**：支持钉钉、飞书长连接，在手机端与 CyberStrikeAI 对话（配置与命令详见 [机器人使用说明](docs/robot.md)）
 - 🧑‍⚖️ **人机协同（HITL）**：对话页侧栏配置协同模式与免审批工具白名单；全局列表在 `config.yaml` 的 `hitl.tool_whitelist`；点「应用」可将新增工具合并写入配置文件且**无需重启**即可生效；导航 **人机协同** 页处理待审批工具调用
 - 🐚 **WebShell 管理**：添加与管理 WebShell 连接（兼容冰蝎/蚁剑等），通过虚拟终端执行命令、内置文件管理进行文件操作，并提供按连接维度保存历史的 AI 助手标签页；支持 PHP/ASP/ASPX/JSP 及自定义类型，可配置请求方法与命令参数。
+- 📡 **内置 C2**：面向 AI 协同的轻量 **C2**——**多种监听器**（TCP 反向、HTTP/HTTPS Beacon、WebSocket）、**加密** Beacon 信道、**会话与任务**队列及持久化、**Payload** 辅助（一键命令 / 构建 / 下载）、**SSE** 实时事件、REST（`/api/c2/*`）及智能体侧 **一组 C2 MCP 工具**（如 `c2_listener`、`c2_session`、**`c2_task`**、`c2_task_manage`、`c2_payload`、`c2_event`、`c2_profile`、`c2_file`）；敏感操作可对接 **人机协同（HITL）**，并支持 OPSEC 类规则（如命令拒绝正则）。**仅限授权测试。**

 ## 插件（Plugins）

@@ -235,6 +236,7 @@ go build -o cyberstrike-ai cmd/server/main.go
 - **漏洞管理**：在测试过程中创建、更新和跟踪发现的漏洞。支持按严重程度（严重/高/中/低/信息）、状态（待确认/已确认/已修复/误报）和对话进行过滤，查看统计信息并导出发现。
 - **批量任务管理**：创建任务队列，批量添加多个任务，执行前可编辑或删除任务，然后依次顺序执行。每个任务会作为独立对话执行，支持完整的状态跟踪（待执行/执行中/已完成/失败/已取消）和执行历史。
 - **WebShell 管理**：添加并管理 WebShell 连接（PHP/ASP/ASPX/JSP 或自定义类型）。使用虚拟终端执行命令（带命令历史与快捷命令），使用文件管理浏览、读取、编辑、上传与删除目标文件，并支持按路径导航和名称过滤。连接信息持久化存储于 SQLite，支持 GET/POST 及可配置命令参数（兼容冰蝎/蚁剑等）。
+- **内置 C2**：在 Web 界面或 `/api/c2/*` 创建/启动 **监听器**、生成 **Payload**、查看 **会话**、下发 **任务** 并订阅 **事件（SSE）**。智能体与外部客户端通过 **C2 MCP 工具族**（含 **`c2_task`** 等）编排；开启人机协同时，高风险任务可走审批。**仅用于已获明确授权的目标。**
 - **可视化配置**：在界面中切换模型、启停工具、设置迭代次数等。
 - **人机协同（HITL）**：侧栏设置协同模式与免审批工具（逗号或换行）；全局白名单见 `config.yaml` 的 `hitl.tool_whitelist`。点「**应用**」可写浏览器/服务端并合并新增工具进配置（**无需重启**）。**新对话**保留侧栏选择；导航 **人机协同** 处理待审批。从侧栏删掉工具不会自动从配置文件移除全局项，需手改 `config.yaml`。

@@ -317,6 +319,12 @@ go build -o cyberstrike-ai cmd/server/main.go
 - **连通性测试**：使用 **测试连通性** 可在执行命令前通过一次 `echo 1` 调用校验 Shell 地址、密码与命令参数是否正确。
 - **持久化**：所有 WebShell 连接与相关 AI 会话均保存在 SQLite（与对话共用数据库），服务重启后仍可继续使用。

+### 内置 C2（Command & Control）
+- **定位**：平台内置的 **AI 原生** C2 能力栈——监听器接入植入体（Beacon），服务端以 SQLite 持久化 **会话** 与 **任务**，通过 **事件总线** 推送变更（含 **SSE**），并由鉴权后的 **REST** 与 MCP 统一对外。
+- **监听器与传输**：支持 `tcp_reverse`、`http_beacon`、`https_beacon`、`websocket`；按监听器独立密钥；数据库中标记为运行中的监听器可在 **服务重启后尝试恢复**。
+- **与智能体联动**：通过 **`c2_task` 等 C2 MCP 工具** 与现有对话/多代理工具链协同；在会话策略需要时，危险任务类型可走既有 **人机协同（HITL）** 审批流。
+- **安全提示**：**仅**在实验环境或 **已获完整书面授权** 的对抗演练中使用；结合网络隔离、强鉴权及 HITL/白名单等策略管控风险。
+
 ### MCP 全场景
 - **Web 模式**：自带 HTTP MCP 服务供前端调用。
 - **MCP stdio 模式**：`go run cmd/mcp-stdio/main.go` 可接入 Cursor/命令行。
@@ -474,6 +482,7 @@ CyberStrikeAI 支持通过三种传输模式连接外部 MCP 服务器：
 - **漏洞管理 API**：通过 `/api/vulnerabilities` 端点管理漏洞：`GET /api/vulnerabilities`（列表，支持过滤）、`POST /api/vulnerabilities`（创建）、`GET /api/vulnerabilities/:id`（获取）、`PUT /api/vulnerabilities/:id`（更新）、`DELETE /api/vulnerabilities/:id`（删除）、`GET /api/vulnerabilities/stats`（统计）。
 - **批量任务 API**：通过 `/api/batch-tasks` 端点管理批量任务队列：`POST /api/batch-tasks`（创建队列）、`GET /api/batch-tasks`（列表）、`GET /api/batch-tasks/:queueId`（获取队列）、`POST /api/batch-tasks/:queueId/start`（开始执行）、`POST /api/batch-tasks/:queueId/cancel`（取消）、`DELETE /api/batch-tasks/:queueId`（删除队列）、`POST /api/batch-tasks/:queueId/tasks`（添加任务）、`PUT /api/batch-tasks/:queueId/tasks/:taskId`（更新任务）、`DELETE /api/batch-tasks/:queueId/tasks/:taskId`（删除任务）。任务依次顺序执行，每个任务创建独立对话，支持完整状态跟踪。
 - **WebShell API**：通过 `/api/webshell/connections`（GET 列表、POST 创建、PUT 更新、DELETE 删除）及 `/api/webshell/exec`（执行命令）、`/api/webshell/fileop`（列出/读取/写入/删除文件）管理 WebShell 连接与执行操作。
+- **C2 API**：在 `/api/c2/*` 管理监听器、会话、任务、Payload、文件与事件（如监听器增删改查/启停、会话休眠、任务创建/取消/等待、Payload 构建/下载、事件流等）。
 - **任务控制**：支持暂停/终止长任务、修改参数后重跑、流式获取日志。
 - **安全管理**：`/api/auth/change-password` 可即时轮换口令；建议在暴露 MCP 端口时配合网络层 ACL。

@@ -579,7 +588,7 @@ enabled: true
 ```
 CyberStrikeAI/
 ├── cmd/                 # Web 服务、MCP stdio 入口及辅助工具
-├── internal/            # Agent、MCP 核心、路由与执行器
+├── internal/            # Agent、MCP 核心、路由、C2（`internal/c2`）与执行器
 ├── web/                 # 前端静态资源与模板
 ├── tools/               # YAML 工具目录（含 100+ 示例）
 ├── roles/               # 角色配置文件目录（含 12+ 预设安全测试角色）
@@ -10,7 +10,7 @@
 # ============================================

 # 前端显示的版本号（可选，不填则显示默认版本）
-version: "v1.6.0"
+version: "v1.6.4"
 # 服务器配置
 server:
  host: 0.0.0.0 # 监听地址，0.0.0.0 表示监听所有网络接口
@@ -147,6 +147,9 @@ mcp:
 # 外部 MCP 配置
 external_mcp:
  servers: {}
+# 内置 C2：本机仅做对话/知识库时可设为 false，不启动监听器、不注册 C2 MCP 工具；省略本段时默认启用
+c2:
+  enabled: true
 # ============================================
 # 知识库相关配置
 # ============================================
@@ -9,13 +9,13 @@ toolchain go1.24.4

 require (
 	github.com/bytedance/sonic v1.15.0
-	github.com/cloudwego/eino v0.8.8
+	github.com/cloudwego/eino v0.8.13
 	github.com/cloudwego/eino-ext/adk/backend/local v0.0.0-20260416081055-0ebab92e14f2
-	github.com/cloudwego/eino-ext/components/document/loader/file v0.0.0-20260416081055-0ebab92e14f2
-	github.com/cloudwego/eino-ext/components/document/transformer/splitter/markdown v0.0.0-20260416081055-0ebab92e14f2
-	github.com/cloudwego/eino-ext/components/document/transformer/splitter/recursive v0.0.0-20260416081055-0ebab92e14f2
-	github.com/cloudwego/eino-ext/components/embedding/openai v0.0.0-20260416081055-0ebab92e14f2
-	github.com/cloudwego/eino-ext/components/model/openai v0.1.12
+	github.com/cloudwego/eino-ext/components/document/loader/file v0.0.0-20260427010451-749e3706378b
+	github.com/cloudwego/eino-ext/components/document/transformer/splitter/markdown v0.0.0-20260427010451-749e3706378b
+	github.com/cloudwego/eino-ext/components/document/transformer/splitter/recursive v0.0.0-20260427010451-749e3706378b
+	github.com/cloudwego/eino-ext/components/embedding/openai v0.0.0-20260427010451-749e3706378b
+	github.com/cloudwego/eino-ext/components/model/openai v0.1.13
 	github.com/creack/pty v1.1.24
 	github.com/eino-contrib/jsonschema v1.0.3
 	github.com/gin-gonic/gin v1.9.1
@@ -28,6 +28,7 @@ require (
 	github.com/pkoukk/tiktoken-go v0.1.8
 	github.com/robfig/cron/v3 v3.0.1
 	go.uber.org/zap v1.26.0
+	golang.org/x/text v0.26.0
 	golang.org/x/time v0.14.0
 	gopkg.in/yaml.v3 v3.0.1
 )
@@ -39,7 +40,7 @@ require (
 	github.com/bytedance/gopkg v0.1.3 // indirect
 	github.com/bytedance/sonic/loader v0.5.0 // indirect
 	github.com/cloudwego/base64x v0.1.6 // indirect
-	github.com/cloudwego/eino-ext/libs/acl/openai v0.1.16 // indirect
+	github.com/cloudwego/eino-ext/libs/acl/openai v0.1.17 // indirect
 	github.com/dlclark/regexp2 v1.10.0 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/evanphx/json-patch v0.5.2 // indirect
@@ -77,7 +78,6 @@ require (
 	golang.org/x/net v0.24.0 // indirect
 	golang.org/x/oauth2 v0.30.0 // indirect
 	golang.org/x/sys v0.33.0 // indirect
-	golang.org/x/text v0.26.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
 )

@@ -20,22 +20,22 @@ github.com/bytedance/sonic/loader v0.5.0/go.mod h1:AR4NYCk5DdzZizZ5djGqQ92eEhCCc
 github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4=
 github.com/cloudwego/base64x v0.1.6 h1:t11wG9AECkCDk5fMSoxmufanudBtJ+/HemLstXDLI2M=
 github.com/cloudwego/base64x v0.1.6/go.mod h1:OFcloc187FXDaYHvrNIjxSe8ncn0OOM8gEHfghB2IPU=
-github.com/cloudwego/eino v0.8.8 h1:64NuheQBmxOXe/28Tm85rkBkxXMB5ZhjSu/j0RDFyZU=
-github.com/cloudwego/eino v0.8.8/go.mod h1:+2N4nsMPxA6kGBHpH+75JuTfEcGprAMTdsZESrShKpU=
+github.com/cloudwego/eino v0.8.13 h1:z5dhaZNN8TWZbP/lgKxGmF26Ii8fPeUlQCGV/NTtms0=
+github.com/cloudwego/eino v0.8.13/go.mod h1:+2N4nsMPxA6kGBHpH+75JuTfEcGprAMTdsZESrShKpU=
 github.com/cloudwego/eino-ext/adk/backend/local v0.0.0-20260416081055-0ebab92e14f2 h1:v2w9TyLAmNsMWo8NwntCc76uvNf6isTFkHB+oZZ8NqI=
 github.com/cloudwego/eino-ext/adk/backend/local v0.0.0-20260416081055-0ebab92e14f2/go.mod h1:os5Tq5FuSoz/MLqAdZER3ip49Oef9prc0kVsKsPYO48=
-github.com/cloudwego/eino-ext/components/document/loader/file v0.0.0-20260416081055-0ebab92e14f2 h1:H5Ohr3OWSjiTOe7y9pOPyVCKCNjAVj9YMaWmvZNTYPg=
-github.com/cloudwego/eino-ext/components/document/loader/file v0.0.0-20260416081055-0ebab92e14f2/go.mod h1:HnxTQxmhuev6zaBl92EHUy/vEDWCuoE/OE4cTiF5JCg=
-github.com/cloudwego/eino-ext/components/document/transformer/splitter/markdown v0.0.0-20260416081055-0ebab92e14f2 h1:PRli0CmPfgUhwMGWGEAwg8nxde8hInC2OWv0vcIuwMk=
-github.com/cloudwego/eino-ext/components/document/transformer/splitter/markdown v0.0.0-20260416081055-0ebab92e14f2/go.mod h1:KVOVct4e2BQ7epDONW2QE1qU5+ccoh91FzJTs9vIJj0=
-github.com/cloudwego/eino-ext/components/document/transformer/splitter/recursive v0.0.0-20260416081055-0ebab92e14f2 h1:8sOFcDf9MtMVDQyozZtuhrmt+mLQRHEaf6dYC20Vxhs=
-github.com/cloudwego/eino-ext/components/document/transformer/splitter/recursive v0.0.0-20260416081055-0ebab92e14f2/go.mod h1:9R0RQrQSpg1JaNnRtw7+RfRAAv0HgdE348YnrlZ6coo=
-github.com/cloudwego/eino-ext/components/embedding/openai v0.0.0-20260416081055-0ebab92e14f2 h1:OzKPBfGCJhjbtO+WfIMNSSnXxsj6/hUiyYOTaG2LUf4=
-github.com/cloudwego/eino-ext/components/embedding/openai v0.0.0-20260416081055-0ebab92e14f2/go.mod h1:zyPrZT2bO6LyRJgVksQowR18jVgyLSvqK93hnO53/Lc=
-github.com/cloudwego/eino-ext/components/model/openai v0.1.12 h1:vcwNXeT7bpaXMNwUhtcHZwMYY8II2jAihuooyivmEZ0=
-github.com/cloudwego/eino-ext/components/model/openai v0.1.12/go.mod h1:ve/+/hLZMvxD5AieQ355xHIFhAZVlsG4rdwTnE16aQU=
-github.com/cloudwego/eino-ext/libs/acl/openai v0.1.16 h1:q242n5P5Tx3a2QLaBmkfEpfRs/o17Ac6u3EAgItEEOc=
-github.com/cloudwego/eino-ext/libs/acl/openai v0.1.16/go.mod h1:p+l0zBB0GjjX8HTlbTs3g3KfUFwZC11bsCGZOXW/3L0=
+github.com/cloudwego/eino-ext/components/document/loader/file v0.0.0-20260427010451-749e3706378b h1:GIOC/VnXuSQx79mnQ3HgMvECjtyqvpJipmSUTFFfVsc=
+github.com/cloudwego/eino-ext/components/document/loader/file v0.0.0-20260427010451-749e3706378b/go.mod h1:HnxTQxmhuev6zaBl92EHUy/vEDWCuoE/OE4cTiF5JCg=
+github.com/cloudwego/eino-ext/components/document/transformer/splitter/markdown v0.0.0-20260427010451-749e3706378b h1:3owjV4nv+XRplavTeqFlCeAV4v7EHR2tIXDqLEmPc38=
+github.com/cloudwego/eino-ext/components/document/transformer/splitter/markdown v0.0.0-20260427010451-749e3706378b/go.mod h1:KVOVct4e2BQ7epDONW2QE1qU5+ccoh91FzJTs9vIJj0=
+github.com/cloudwego/eino-ext/components/document/transformer/splitter/recursive v0.0.0-20260427010451-749e3706378b h1:j8sj/5QiooV3LWphFDsJvyD/csWwupz+UKXeG+nqiNg=
+github.com/cloudwego/eino-ext/components/document/transformer/splitter/recursive v0.0.0-20260427010451-749e3706378b/go.mod h1:9R0RQrQSpg1JaNnRtw7+RfRAAv0HgdE348YnrlZ6coo=
+github.com/cloudwego/eino-ext/components/embedding/openai v0.0.0-20260427010451-749e3706378b h1:pOqupZQyc46rw2Z0HeybtTmSMTwqfTrbRuGDuDsNf2A=
+github.com/cloudwego/eino-ext/components/embedding/openai v0.0.0-20260427010451-749e3706378b/go.mod h1:zyPrZT2bO6LyRJgVksQowR18jVgyLSvqK93hnO53/Lc=
+github.com/cloudwego/eino-ext/components/model/openai v0.1.13 h1:5XHRTiTD5bt9KQrMHcfvuWNklEC3tpm3XHejdozt9vM=
+github.com/cloudwego/eino-ext/components/model/openai v0.1.13/go.mod h1:mgIoqYYOc0eECCqvLbEYpOJrQNTNxkwXzSJzFU+v5sQ=
+github.com/cloudwego/eino-ext/libs/acl/openai v0.1.17 h1:EeVcR1TslRA2IdNW1h/2LaGbPlffwGhQm99jM3zWZiI=
+github.com/cloudwego/eino-ext/libs/acl/openai v0.1.17/go.mod h1:Zkcx6DPTR2NfWmtSXbhItswGw6hqUezNPhNcke0pOG8=
 github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s=
 github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -1514,7 +1514,9 @@ func (a *Agent) executeToolViaMCP(ctx context.Context, toolName string, args map
 	// 如果调用失败（如工具不存在、超时），返回友好的错误信息而不是抛出异常
 	if err != nil {
 		detail := err.Error()
-		if errors.Is(err, context.DeadlineExceeded) {
+		if errors.Is(err, context.Canceled) {
+			detail = "工具调用已被手动终止（MCP 监控页）。智能体将携带此结果继续后续步骤，整条任务不会因此被停止。"
+		} else if errors.Is(err, context.DeadlineExceeded) {
 			min := 10
 			if a.agentConfig != nil && a.agentConfig.ToolTimeoutMinutes > 0 {
 				min = a.agentConfig.ToolTimeoutMinutes
@@ -52,9 +52,10 @@ type App struct {
 	robotMu            sync.Mutex                // 保护钉钉/飞书长连接的 cancel
 	dingCancel         context.CancelFunc        // 钉钉 Stream 取消函数，用于配置变更时重启
 	larkCancel         context.CancelFunc        // 飞书长连接取消函数，用于配置变更时重启
-	c2Manager          *c2.Manager               // C2 管理器
+	c2Manager          *c2.Manager               // C2 管理器（未启用 C2 时为 nil）
 	c2Watchdog         *c2.SessionWatchdog       // C2 会话看门狗
 	c2WatchdogCancel   context.CancelFunc        // 看门狗取消函数
+	c2Handler          *handler.C2Handler        // C2 REST（与 Manager 生命周期同步）
 }

 // New 创建新应用
@@ -343,50 +344,13 @@ func New(cfg *config.Config, log *logger.Logger) (*App, error) {
 	}

 	// ============================================================================
-	// 初始化 C2 模块
+	// 初始化 C2 模块（可按配置关闭，节省本机部署资源）
 	// ============================================================================
-	c2Manager := c2.NewManager(db, log.Logger, "tmp/c2")
-	// 注册 Listener 工厂
-	c2Manager.Registry().Register(string(c2.ListenerTypeTCPReverse), c2.NewTCPReverseListener)
-	c2Manager.Registry().Register(string(c2.ListenerTypeHTTPBeacon), c2.NewHTTPBeaconListener)
-	c2Manager.Registry().Register(string(c2.ListenerTypeHTTPSBeacon), c2.NewHTTPSBeaconListener)
-	c2Manager.Registry().Register(string(c2.ListenerTypeWebSocket), c2.NewWebSocketListener)
-	// 设置 HITL 桥（仅当会话开启人机协同且 c2_task 不在免审批白名单时，危险任务才走桥）
-	c2HITLBridge := NewC2HITLBridge(db, log.Logger)
-	c2Manager.SetHITLBridge(c2HITLBridge)
-	c2Manager.SetHITLDangerousGate(func(conversationID, toolName string) bool {
-		return agentHandler.HITLNeedsToolApproval(conversationID, toolName)
-	})
-	// 设置业务钩子
-	c2Hooks := SetupC2Hooks(&C2HooksConfig{
-		DB:     db,
-		Logger: log.Logger,
-		AttackChainRecord: func(session *database.C2Session, phase string, description string) {
-			// 通过攻击链处理器记录（简化版，实际需要完整实现）
-			log.Logger.Info("C2 Attack Chain",
-				zap.String("session_id", session.ID),
-				zap.String("phase", phase),
-				zap.String("desc", description),
-			)
-		},
-		VulnRecord: func(session *database.C2Session, title string, severity string) {
-			// 记录漏洞（简化版）
-			log.Logger.Info("C2 Vulnerability",
-				zap.String("session_id", session.ID),
-				zap.String("title", title),
-				zap.String("severity", severity),
-			)
-		},
-	})
-	c2Manager.SetHooks(c2Hooks)
-	// 恢复运行中的监听器
-	c2Manager.RestoreRunningListeners()
-	// 启动会话看门狗
-	c2Watchdog := c2.NewSessionWatchdog(c2Manager)
-	watchdogCtx, watchdogCancel := context.WithCancel(context.Background())
-	go c2Watchdog.Run(watchdogCtx)
-	// 注册 C2 MCP 工具
-	registerC2Tools(mcpServer, c2Manager, log.Logger, cfg.Server.Port)
+	c2Manager, c2Watchdog, watchdogCancel := setupC2Runtime(cfg, db, agentHandler, log.Logger)
+	if c2Manager != nil {
+		registerC2Tools(mcpServer, c2Manager, log.Logger, cfg.Server.Port)
+	}
+	c2Handler := handler.NewC2Handler(c2Manager, log.Logger)

 	// 创建OpenAPI处理器
 	conversationHandler := handler.NewConversationHandler(db, log.Logger)
@@ -414,6 +378,7 @@ func New(cfg *config.Config, log *logger.Logger) (*App, error) {
 		c2Manager:          c2Manager,
 		c2Watchdog:         c2Watchdog,
 		c2WatchdogCancel:   watchdogCancel,
+		c2Handler:          c2Handler,
 	}
 	// 飞书/钉钉长连接（无需公网），启用时在后台启动；后续前端应用配置时会通过 RestartRobotConnections 重启
 	app.startRobotConnections()
@@ -482,8 +447,13 @@ func New(cfg *config.Config, log *logger.Logger) (*App, error) {
 	// 设置机器人连接重启器，前端应用配置后无需重启服务即可使钉钉/飞书新配置生效
 	configHandler.SetRobotRestarter(app)

-	// 创建 C2 Handler
-	c2Handler := handler.NewC2Handler(c2Manager, log.Logger)
+	configHandler.SetC2Runtime(app)
+	configHandler.SetC2ToolRegistrar(func() error {
+		if app.config.C2.EnabledEffective() && app.c2Manager != nil {
+			registerC2Tools(mcpServer, app.c2Manager, log.Logger, app.config.Server.Port)
+		}
+		return nil
+	})

 	// 设置路由（使用 App 实例以便动态获取 handler）
 	setupRoutes(
@@ -507,7 +477,7 @@ func New(cfg *config.Config, log *logger.Logger) (*App, error) {
 		markdownAgentsHandler,
 		fofaHandler,
 		terminalHandler,
-		c2Handler,
+		app.c2Handler,
 		mcpServer,
 		authManager,
 		openAPIHandler,
@@ -599,14 +569,7 @@ func (a *App) Shutdown() {
 	}
 	a.robotMu.Unlock()

-	// 停止 C2 看门狗
-	if a.c2WatchdogCancel != nil {
-		a.c2WatchdogCancel()
-	}
-	// 关闭 C2 Manager（停止所有监听器）
-	if a.c2Manager != nil {
-		a.c2Manager.Close()
-	}
+	a.shutdownC2()

 	// 停止所有外部MCP客户端
 	if a.externalMCPMgr != nil {
@@ -636,12 +599,12 @@ func (a *App) startRobotConnections() {
 	if cfg.Robots.Lark.Enabled && cfg.Robots.Lark.AppID != "" && cfg.Robots.Lark.AppSecret != "" {
 		ctx, cancel := context.WithCancel(context.Background())
 		a.larkCancel = cancel
-		go robot.StartLark(ctx, cfg.Robots.Lark, a.robotHandler, a.logger.Logger)
+		go robot.StartLark(ctx, cfg.Robots, a.robotHandler, a.logger.Logger)
 	}
 	if cfg.Robots.Dingtalk.Enabled && cfg.Robots.Dingtalk.ClientID != "" && cfg.Robots.Dingtalk.ClientSecret != "" {
 		ctx, cancel := context.WithCancel(context.Background())
 		a.dingCancel = cancel
-		go robot.StartDing(ctx, cfg.Robots.Dingtalk, a.robotHandler, a.logger.Logger)
+		go robot.StartDing(ctx, cfg.Robots, a.robotHandler, a.logger.Logger)
 	}
 }

@@ -794,6 +757,7 @@ func setupRoutes(
 		// 监控
 		protected.GET("/monitor", monitorHandler.Monitor)
 		protected.GET("/monitor/execution/:id", monitorHandler.GetExecution)
+		protected.POST("/monitor/execution/:id/cancel", monitorHandler.CancelExecution)
 		protected.POST("/monitor/executions/names", monitorHandler.BatchGetToolNames)
 		protected.DELETE("/monitor/execution/:id", monitorHandler.DeleteExecution)
 		protected.DELETE("/monitor/executions", monitorHandler.DeleteExecutions)
@@ -994,46 +958,51 @@ func setupRoutes(
 		protected.POST("/webshell/exec", webshellHandler.Exec)
 		protected.POST("/webshell/file", webshellHandler.FileOp)

-		// C2 管理（AI-Native 轻量级 C2 框架）
-		// 监听器
-		protected.GET("/c2/listeners", c2Handler.ListListeners)
-		protected.POST("/c2/listeners", c2Handler.CreateListener)
-		protected.GET("/c2/listeners/:id", c2Handler.GetListener)
-		protected.PUT("/c2/listeners/:id", c2Handler.UpdateListener)
-		protected.DELETE("/c2/listeners/:id", c2Handler.DeleteListener)
-		protected.POST("/c2/listeners/:id/start", c2Handler.StartListener)
-		protected.POST("/c2/listeners/:id/stop", c2Handler.StopListener)
-		// 会话
-		protected.GET("/c2/sessions", c2Handler.ListSessions)
-		protected.GET("/c2/sessions/:id", c2Handler.GetSession)
-		protected.DELETE("/c2/sessions/:id", c2Handler.DeleteSession)
-		protected.PUT("/c2/sessions/:id/sleep", c2Handler.SetSessionSleep)
-		// 任务
-		protected.GET("/c2/tasks", c2Handler.ListTasks)
-		protected.DELETE("/c2/tasks", c2Handler.DeleteTasks)
-		protected.GET("/c2/tasks/:id", c2Handler.GetTask)
-		protected.POST("/c2/tasks", c2Handler.CreateTask)
-		protected.POST("/c2/tasks/:id/cancel", c2Handler.CancelTask)
-		protected.GET("/c2/tasks/:id/wait", c2Handler.WaitTask)
-		protected.POST("/c2/sessions/:id/tasks", c2Handler.CreateTask) // 快捷方式：直接对会话下发任务
-		// Payload
-		protected.POST("/c2/payloads/oneliner", c2Handler.PayloadOneliner)
-		protected.POST("/c2/payloads/build", c2Handler.PayloadBuild)
-		protected.GET("/c2/payloads/:id/download", c2Handler.PayloadDownload)
-		// 事件 & SSE
-		protected.GET("/c2/events", c2Handler.ListEvents)
-		protected.DELETE("/c2/events", c2Handler.DeleteEvents)
-		protected.GET("/c2/events/stream", c2Handler.EventStream)
-		// 文件管理
-		protected.POST("/c2/files/upload", c2Handler.UploadFileForImplant)
-		protected.GET("/c2/files", c2Handler.ListFiles)
-		protected.GET("/c2/tasks/:id/result-file", c2Handler.DownloadResultFile)
-		// Malleable Profile
-		protected.GET("/c2/profiles", c2Handler.ListProfiles)
-		protected.GET("/c2/profiles/:id", c2Handler.GetProfile)
-		protected.POST("/c2/profiles", c2Handler.CreateProfile)
-		protected.PUT("/c2/profiles/:id", c2Handler.UpdateProfile)
-		protected.DELETE("/c2/profiles/:id", c2Handler.DeleteProfile)
+		// C2 管理（未启用时返回 503，避免 Handler 空指针）
+		c2Routes := protected.Group("/c2")
+		c2Routes.Use(func(c *gin.Context) {
+			if app.c2Manager == nil {
+				c.AbortWithStatusJSON(http.StatusServiceUnavailable, gin.H{
+					"error":   "c2_disabled",
+					"message": "C2 功能已在系统设置中关闭",
+					"enabled": false,
+				})
+				return
+			}
+			c.Next()
+		})
+		c2Routes.GET("/listeners", c2Handler.ListListeners)
+		c2Routes.POST("/listeners", c2Handler.CreateListener)
+		c2Routes.GET("/listeners/:id", c2Handler.GetListener)
+		c2Routes.PUT("/listeners/:id", c2Handler.UpdateListener)
+		c2Routes.DELETE("/listeners/:id", c2Handler.DeleteListener)
+		c2Routes.POST("/listeners/:id/start", c2Handler.StartListener)
+		c2Routes.POST("/listeners/:id/stop", c2Handler.StopListener)
+		c2Routes.GET("/sessions", c2Handler.ListSessions)
+		c2Routes.GET("/sessions/:id", c2Handler.GetSession)
+		c2Routes.DELETE("/sessions/:id", c2Handler.DeleteSession)
+		c2Routes.PUT("/sessions/:id/sleep", c2Handler.SetSessionSleep)
+		c2Routes.GET("/tasks", c2Handler.ListTasks)
+		c2Routes.DELETE("/tasks", c2Handler.DeleteTasks)
+		c2Routes.GET("/tasks/:id", c2Handler.GetTask)
+		c2Routes.POST("/tasks", c2Handler.CreateTask)
+		c2Routes.POST("/tasks/:id/cancel", c2Handler.CancelTask)
+		c2Routes.GET("/tasks/:id/wait", c2Handler.WaitTask)
+		c2Routes.POST("/sessions/:id/tasks", c2Handler.CreateTask)
+		c2Routes.POST("/payloads/oneliner", c2Handler.PayloadOneliner)
+		c2Routes.POST("/payloads/build", c2Handler.PayloadBuild)
+		c2Routes.GET("/payloads/:id/download", c2Handler.PayloadDownload)
+		c2Routes.GET("/events", c2Handler.ListEvents)
+		c2Routes.DELETE("/events", c2Handler.DeleteEvents)
+		c2Routes.GET("/events/stream", c2Handler.EventStream)
+		c2Routes.POST("/files/upload", c2Handler.UploadFileForImplant)
+		c2Routes.GET("/files", c2Handler.ListFiles)
+		c2Routes.GET("/tasks/:id/result-file", c2Handler.DownloadResultFile)
+		c2Routes.GET("/profiles", c2Handler.ListProfiles)
+		c2Routes.GET("/profiles/:id", c2Handler.GetProfile)
+		c2Routes.POST("/profiles", c2Handler.CreateProfile)
+		c2Routes.PUT("/profiles/:id", c2Handler.UpdateProfile)
+		c2Routes.DELETE("/profiles/:id", c2Handler.DeleteProfile)

 		// 对话附件（chat_uploads）管理
 		protected.GET("/chat-uploads", chatUploadsHandler.List)
@@ -0,0 +1,104 @@
+package app
+
+import (
+	"context"
+
+	"cyberstrike-ai/internal/c2"
+	"cyberstrike-ai/internal/config"
+	"cyberstrike-ai/internal/database"
+	"cyberstrike-ai/internal/handler"
+
+	"go.uber.org/zap"
+)
+
+// setupC2Runtime 创建 C2 Manager、看门狗与取消函数；不注册 MCP 工具（由 Apply 统一 ClearTools 后注册）。
+func setupC2Runtime(
+	cfg *config.Config,
+	db *database.DB,
+	agentHandler *handler.AgentHandler,
+	logger *zap.Logger,
+) (*c2.Manager, *c2.SessionWatchdog, context.CancelFunc) {
+	if !cfg.C2.EnabledEffective() {
+		return nil, nil, nil
+	}
+	c2Manager := c2.NewManager(db, logger, "tmp/c2")
+	c2Manager.Registry().Register(string(c2.ListenerTypeTCPReverse), c2.NewTCPReverseListener)
+	c2Manager.Registry().Register(string(c2.ListenerTypeHTTPBeacon), c2.NewHTTPBeaconListener)
+	c2Manager.Registry().Register(string(c2.ListenerTypeHTTPSBeacon), c2.NewHTTPSBeaconListener)
+	c2Manager.Registry().Register(string(c2.ListenerTypeWebSocket), c2.NewWebSocketListener)
+	c2HITLBridge := NewC2HITLBridge(db, logger)
+	c2Manager.SetHITLBridge(c2HITLBridge)
+	c2Manager.SetHITLDangerousGate(func(conversationID, toolName string) bool {
+		return agentHandler.HITLNeedsToolApproval(conversationID, toolName)
+	})
+	c2Hooks := SetupC2Hooks(&C2HooksConfig{
+		DB:     db,
+		Logger: logger,
+		AttackChainRecord: func(session *database.C2Session, phase string, description string) {
+			logger.Info("C2 Attack Chain",
+				zap.String("session_id", session.ID),
+				zap.String("phase", phase),
+				zap.String("desc", description),
+			)
+		},
+		VulnRecord: func(session *database.C2Session, title string, severity string) {
+			logger.Info("C2 Vulnerability",
+				zap.String("session_id", session.ID),
+				zap.String("title", title),
+				zap.String("severity", severity),
+			)
+		},
+	})
+	c2Manager.SetHooks(c2Hooks)
+	c2Manager.RestoreRunningListeners()
+	c2Watchdog := c2.NewSessionWatchdog(c2Manager)
+	watchdogCtx, watchdogCancel := context.WithCancel(context.Background())
+	go c2Watchdog.Run(watchdogCtx)
+	return c2Manager, c2Watchdog, watchdogCancel
+}
+
+// ReconcileC2AfterConfigApply 根据当前内存配置启停 C2（不写盘；在 Apply 中 ClearTools 之前调用）。
+func (a *App) ReconcileC2AfterConfigApply() error {
+	if !a.config.C2.EnabledEffective() {
+		a.shutdownC2()
+		return nil
+	}
+	if a.c2Manager != nil {
+		return nil
+	}
+	if a.db == nil || a.agentHandler == nil {
+		return nil
+	}
+	m, wd, cancel := setupC2Runtime(a.config, a.db, a.agentHandler, a.logger.Logger)
+	if m == nil {
+		return nil
+	}
+	a.c2Manager = m
+	a.c2Watchdog = wd
+	a.c2WatchdogCancel = cancel
+	if a.c2Handler != nil {
+		a.c2Handler.SetManager(m)
+	}
+	a.logger.Info("C2 子系统已按配置启动")
+	return nil
+}
+
+// shutdownC2 停止看门狗与所有监听器，并断开 Handler 引用。
+func (a *App) shutdownC2() {
+	had := a.c2WatchdogCancel != nil || a.c2Manager != nil
+	if a.c2WatchdogCancel != nil {
+		a.c2WatchdogCancel()
+		a.c2WatchdogCancel = nil
+	}
+	a.c2Watchdog = nil
+	if a.c2Manager != nil {
+		a.c2Manager.Close()
+		a.c2Manager = nil
+	}
+	if a.c2Handler != nil {
+		a.c2Handler.SetManager(nil)
+	}
+	if had {
+		a.logger.Info("C2 子系统已关闭")
+	}
+}
@@ -811,8 +811,8 @@ func (b *Builder) callAIForChainGeneration(ctx context.Context, prompt string) (
 				"content": prompt,
 			},
 		},
-		"temperature": 0.3,
-		"max_tokens":  8000,
+		"temperature":           0.3,
+		"max_completion_tokens": 80000,
 	}

 	var apiResponse struct {
@@ -28,6 +28,7 @@ type Config struct {
 	Auth        AuthConfig            `yaml:"auth"`
 	ExternalMCP ExternalMCPConfig     `yaml:"external_mcp,omitempty"`
 	Knowledge   KnowledgeConfig       `yaml:"knowledge,omitempty"`
+	C2          C2Config              `yaml:"c2,omitempty" json:"c2,omitempty"` // 内置 C2 总开关；未配置时默认启用
 	Robots      RobotsConfig          `yaml:"robots,omitempty" json:"robots,omitempty"`         // 企业微信/钉钉/飞书等机器人配置
 	RolesDir    string                `yaml:"roles_dir,omitempty" json:"roles_dir,omitempty"`   // 角色配置文件目录（新方式）
 	Roles       map[string]RoleConfig `yaml:"roles,omitempty" json:"roles,omitempty"`           // 向后兼容：支持在主配置文件中定义角色
@@ -274,11 +275,25 @@ type MultiAgentAPIUpdate struct {

 // RobotsConfig 机器人配置（企业微信、钉钉、飞书等）
 type RobotsConfig struct {
+	Session  RobotSessionConfig  `yaml:"session,omitempty" json:"session,omitempty"`   // 机器人会话隔离策略
 	Wecom    RobotWecomConfig    `yaml:"wecom,omitempty" json:"wecom,omitempty"`       // 企业微信
 	Dingtalk RobotDingtalkConfig `yaml:"dingtalk,omitempty" json:"dingtalk,omitempty"` // 钉钉
 	Lark     RobotLarkConfig     `yaml:"lark,omitempty" json:"lark,omitempty"`         // 飞书
 }

+// RobotSessionConfig 机器人会话隔离策略
+type RobotSessionConfig struct {
+	StrictUserIdentity *bool `yaml:"strict_user_identity,omitempty" json:"strict_user_identity,omitempty"` // true 时只允许真实用户标识，不允许会话/群 ID 兜底
+}
+
+// StrictUserIdentityEnabled 返回是否启用严格用户身份模式；未配置时默认 true。
+func (c RobotSessionConfig) StrictUserIdentityEnabled() bool {
+	if c.StrictUserIdentity == nil {
+		return true
+	}
+	return *c.StrictUserIdentity
+}
+
 // RobotWecomConfig 企业微信机器人配置
 type RobotWecomConfig struct {
 	Enabled        bool   `yaml:"enabled" json:"enabled"`
@@ -291,17 +306,19 @@ type RobotWecomConfig struct {

 // RobotDingtalkConfig 钉钉机器人配置
 type RobotDingtalkConfig struct {
-	Enabled      bool   `yaml:"enabled" json:"enabled"`
-	ClientID     string `yaml:"client_id" json:"client_id"`         // 应用 Key (AppKey)
-	ClientSecret string `yaml:"client_secret" json:"client_secret"` // 应用 Secret
+	Enabled                    bool   `yaml:"enabled" json:"enabled"`
+	ClientID                   string `yaml:"client_id" json:"client_id"`                                       // 应用 Key (AppKey)
+	ClientSecret               string `yaml:"client_secret" json:"client_secret"`                               // 应用 Secret
+	AllowConversationIDFallback bool   `yaml:"allow_conversation_id_fallback" json:"allow_conversation_id_fallback"` // sender_id 缺失时是否允许回退到会话 ID
 }

 // RobotLarkConfig 飞书机器人配置
 type RobotLarkConfig struct {
-	Enabled     bool   `yaml:"enabled" json:"enabled"`
-	AppID       string `yaml:"app_id" json:"app_id"`             // 应用 App ID
-	AppSecret   string `yaml:"app_secret" json:"app_secret"`     // 应用 App Secret
-	VerifyToken string `yaml:"verify_token" json:"verify_token"` // 事件订阅 Verification Token（可选）
+	Enabled                 bool   `yaml:"enabled" json:"enabled"`
+	AppID                   string `yaml:"app_id" json:"app_id"`                                 // 应用 App ID
+	AppSecret               string `yaml:"app_secret" json:"app_secret"`                         // 应用 App Secret
+	VerifyToken             string `yaml:"verify_token" json:"verify_token"`                     // 事件订阅 Verification Token（可选）
+	AllowChatIDFallback     bool   `yaml:"allow_chat_id_fallback" json:"allow_chat_id_fallback"` // 用户 ID 缺失时是否允许回退到 chat_id
 }

 type ServerConfig struct {
@@ -464,7 +481,6 @@ func Load(path string) (*Config, error) {
 	if cfg.Auth.SessionDurationHours <= 0 {
 		cfg.Auth.SessionDurationHours = 12
 	}
-
 	if strings.TrimSpace(cfg.Auth.Password) == "" {
 		password, err := generateStrongPassword(24)
 		if err != nil {
@@ -933,6 +949,7 @@ func LoadRoleFromFile(path string) (*RoleConfig, error) {
 }

 func Default() *Config {
+	strictRobotIdentity := true
 	return &Config{
 		Server: ServerConfig{
 			Host: "0.0.0.0",
@@ -967,6 +984,11 @@ func Default() *Config {
 		Auth: AuthConfig{
 			SessionDurationHours: 12,
 		},
+		Robots: RobotsConfig{
+			Session: RobotSessionConfig{
+				StrictUserIdentity: &strictRobotIdentity,
+			},
+		},
 		Knowledge: KnowledgeConfig{
 			Enabled:  true,
 			BasePath: "knowledge_base",
@@ -997,6 +1019,35 @@ func Default() *Config {
 	}
 }

+// C2Config 内置 C2 模块开关（与知识库 enabled 语义一致：关闭后不初始化监听器、不注册 C2 MCP 工具）。
+type C2Config struct {
+	// Enabled 为 nil 表示未写配置，按 true 处理（兼容旧 config.yaml）
+	Enabled *bool `yaml:"enabled,omitempty" json:"enabled,omitempty"`
+}
+
+// EnabledEffective 返回是否启用 C2；未显式配置时默认启用。
+func (c C2Config) EnabledEffective() bool {
+	if c.Enabled == nil {
+		return true
+	}
+	return *c.Enabled
+}
+
+// C2Public 返回给前端的 C2 状态（仅标量）。
+type C2Public struct {
+	Enabled bool `json:"enabled"`
+}
+
+// Public 将内部配置转为 API 响应。
+func (c C2Config) Public() C2Public {
+	return C2Public{Enabled: c.EnabledEffective()}
+}
+
+// C2APIUpdate 设置页/API 更新 C2 开关。
+type C2APIUpdate struct {
+	Enabled bool `json:"enabled"`
+}
+
 // KnowledgeConfig 知识库配置
 type KnowledgeConfig struct {
 	Enabled   bool            `yaml:"enabled" json:"enabled"`     // 是否启用知识检索
@@ -32,6 +32,7 @@ type Message struct {
 	MCPExecutionIDs []string                 `json:"mcpExecutionIds,omitempty"`
 	ProcessDetails  []map[string]interface{} `json:"processDetails,omitempty"`
 	CreatedAt       time.Time                `json:"createdAt"`
+	UpdatedAt       time.Time                `json:"updatedAt"`
 }

 // CreateConversation 创建新对话
@@ -484,6 +485,7 @@ func (db *DB) ConversationHasToolProcessDetails(conversationID string) (bool, er
 // AddMessage 添加消息
 func (db *DB) AddMessage(conversationID, role, content string, mcpExecutionIDs []string) (*Message, error) {
 	id := uuid.New().String()
+	now := time.Now()

 	var mcpIDsJSON string
 	if len(mcpExecutionIDs) > 0 {
@@ -496,8 +498,8 @@ func (db *DB) AddMessage(conversationID, role, content string, mcpExecutionIDs [
 	}

 	_, err := db.Exec(
-		"INSERT INTO messages (id, conversation_id, role, content, mcp_execution_ids, created_at) VALUES (?, ?, ?, ?, ?, ?)",
-		id, conversationID, role, content, mcpIDsJSON, time.Now(),
+		"INSERT INTO messages (id, conversation_id, role, content, mcp_execution_ids, created_at, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?)",
+		id, conversationID, role, content, mcpIDsJSON, now, now,
 	)
 	if err != nil {
 		return nil, fmt.Errorf("添加消息失败: %w", err)
@@ -514,7 +516,8 @@ func (db *DB) AddMessage(conversationID, role, content string, mcpExecutionIDs [
 		Role:            role,
 		Content:         content,
 		MCPExecutionIDs: mcpExecutionIDs,
-		CreatedAt:       time.Now(),
+		CreatedAt:       now,
+		UpdatedAt:       now,
 	}

 	return message, nil
@@ -523,7 +526,7 @@ func (db *DB) AddMessage(conversationID, role, content string, mcpExecutionIDs [
 // GetMessages 获取对话的所有消息
 func (db *DB) GetMessages(conversationID string) ([]Message, error) {
 	rows, err := db.Query(
-		"SELECT id, conversation_id, role, content, mcp_execution_ids, created_at FROM messages WHERE conversation_id = ? ORDER BY created_at ASC",
+		"SELECT id, conversation_id, role, content, mcp_execution_ids, created_at, updated_at FROM messages WHERE conversation_id = ? ORDER BY created_at ASC",
 		conversationID,
 	)
 	if err != nil {
@@ -536,8 +539,9 @@ func (db *DB) GetMessages(conversationID string) ([]Message, error) {
 		var msg Message
 		var mcpIDsJSON sql.NullString
 		var createdAt string
+		var updatedAt sql.NullString

-		if err := rows.Scan(&msg.ID, &msg.ConversationID, &msg.Role, &msg.Content, &mcpIDsJSON, &createdAt); err != nil {
+		if err := rows.Scan(&msg.ID, &msg.ConversationID, &msg.Role, &msg.Content, &mcpIDsJSON, &createdAt, &updatedAt); err != nil {
 			return nil, fmt.Errorf("扫描消息失败: %w", err)
 		}

@@ -551,6 +555,20 @@ func (db *DB) GetMessages(conversationID string) ([]Message, error) {
 			msg.CreatedAt, _ = time.Parse(time.RFC3339, createdAt)
 		}

+		// updated_at 兼容老库：字段不存在/为空时回退为 created_at
+		if updatedAt.Valid && strings.TrimSpace(updatedAt.String) != "" {
+			msg.UpdatedAt, err = time.Parse("2006-01-02 15:04:05.999999999-07:00", updatedAt.String)
+			if err != nil {
+				msg.UpdatedAt, err = time.Parse("2006-01-02 15:04:05", updatedAt.String)
+			}
+			if err != nil {
+				msg.UpdatedAt, _ = time.Parse(time.RFC3339, updatedAt.String)
+			}
+		}
+		if msg.UpdatedAt.IsZero() {
+			msg.UpdatedAt = msg.CreatedAt
+		}
+
 		// 解析MCP执行ID
 		if mcpIDsJSON.Valid && mcpIDsJSON.String != "" {
 			if err := json.Unmarshal([]byte(mcpIDsJSON.String), &msg.MCPExecutionIDs); err != nil {
@@ -82,6 +82,7 @@ func (db *DB) initTables() error {
 		content TEXT NOT NULL,
 		mcp_execution_ids TEXT,
 		created_at DATETIME NOT NULL,
+		updated_at DATETIME NOT NULL,
 		FOREIGN KEY (conversation_id) REFERENCES conversations(id) ON DELETE CASCADE
 	);`

@@ -202,6 +203,16 @@ func (db *DB) initTables() error {
 		UNIQUE(conversation_id, group_id)
 	);`

+	// 机器人会话绑定表（用于跨重启保持「平台+租户+用户」到 conversation 的映射）
+	createRobotUserSessionsTable := `
+	CREATE TABLE IF NOT EXISTS robot_user_sessions (
+		session_key TEXT PRIMARY KEY,
+		conversation_id TEXT NOT NULL,
+		role_name TEXT NOT NULL DEFAULT '默认',
+		updated_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+		FOREIGN KEY (conversation_id) REFERENCES conversations(id) ON DELETE CASCADE
+	);`
+
 	// 创建漏洞表
 	createVulnerabilitiesTable := `
 	CREATE TABLE IF NOT EXISTS vulnerabilities (
@@ -408,6 +419,7 @@ func (db *DB) initTables() error {
 	CREATE INDEX IF NOT EXISTS idx_knowledge_retrieval_logs_created_at ON knowledge_retrieval_logs(created_at);
 	CREATE INDEX IF NOT EXISTS idx_conversation_group_mappings_conversation ON conversation_group_mappings(conversation_id);
 	CREATE INDEX IF NOT EXISTS idx_conversation_group_mappings_group ON conversation_group_mappings(group_id);
+	CREATE INDEX IF NOT EXISTS idx_robot_user_sessions_updated_at ON robot_user_sessions(updated_at);
 	CREATE INDEX IF NOT EXISTS idx_conversations_pinned ON conversations(pinned);
 	CREATE INDEX IF NOT EXISTS idx_vulnerabilities_conversation_id ON vulnerabilities(conversation_id);
 	CREATE INDEX IF NOT EXISTS idx_vulnerabilities_conversation_tag ON vulnerabilities(conversation_tag);
@@ -478,6 +490,9 @@ func (db *DB) initTables() error {
 	if _, err := db.Exec(createConversationGroupMappingsTable); err != nil {
 		return fmt.Errorf("创建conversation_group_mappings表失败: %w", err)
 	}
+	if _, err := db.Exec(createRobotUserSessionsTable); err != nil {
+		return fmt.Errorf("创建robot_user_sessions表失败: %w", err)
+	}

 	if _, err := db.Exec(createVulnerabilitiesTable); err != nil {
 		return fmt.Errorf("创建vulnerabilities表失败: %w", err)
@@ -518,6 +533,11 @@ func (db *DB) initTables() error {
 		// 不返回错误，允许继续运行
 	}

+	if err := db.migrateMessagesTable(); err != nil {
+		db.logger.Warn("迁移messages表失败", zap.Error(err))
+		// 不返回错误，允许继续运行
+	}
+
 	if err := db.migrateConversationGroupsTable(); err != nil {
 		db.logger.Warn("迁移conversation_groups表失败", zap.Error(err))
 		// 不返回错误，允许继续运行
@@ -550,6 +570,33 @@ func (db *DB) initTables() error {
 	return nil
 }

+// migrateMessagesTable 迁移 messages 表，补充 updated_at 字段。
+// 语义：updated_at 表示该条消息最后一次被写入/更新的时间（例如助手占位消息在任务结束时更新正文）。
+func (db *DB) migrateMessagesTable() error {
+	var count int
+	err := db.QueryRow("SELECT COUNT(*) FROM pragma_table_info('messages') WHERE name='updated_at'").Scan(&count)
+	if err != nil {
+		// 如果查询失败，尝试添加字段
+		if _, addErr := db.Exec("ALTER TABLE messages ADD COLUMN updated_at DATETIME"); addErr != nil {
+			errMsg := strings.ToLower(addErr.Error())
+			if !strings.Contains(errMsg, "duplicate column") && !strings.Contains(errMsg, "already exists") {
+				return fmt.Errorf("添加 messages.updated_at 字段失败: %w", addErr)
+			}
+		}
+	} else if count == 0 {
+		if _, err := db.Exec("ALTER TABLE messages ADD COLUMN updated_at DATETIME"); err != nil {
+			errMsg := strings.ToLower(err.Error())
+			if !strings.Contains(errMsg, "duplicate column") && !strings.Contains(errMsg, "already exists") {
+				return fmt.Errorf("添加 messages.updated_at 字段失败: %w", err)
+			}
+		}
+	}
+
+	// 回填已有数据：让 updated_at 至少等于 created_at，避免前端出现空/当前时间回退。
+	_, _ = db.Exec("UPDATE messages SET updated_at = created_at WHERE updated_at IS NULL OR updated_at = ''")
+	return nil
+}
+
 // migrateConversationsTable 迁移conversations表，添加新字段
 func (db *DB) migrateConversationsTable() error {
 	// 检查last_react_input字段是否存在
@@ -0,0 +1,84 @@
+package database
+
+import (
+	"database/sql"
+	"fmt"
+	"strings"
+	"time"
+)
+
+// RobotSessionBinding 机器人会话绑定信息。
+type RobotSessionBinding struct {
+	SessionKey     string
+	ConversationID string
+	RoleName       string
+	UpdatedAt      time.Time
+}
+
+// GetRobotSessionBinding 按 session_key 获取机器人会话绑定。
+func (db *DB) GetRobotSessionBinding(sessionKey string) (*RobotSessionBinding, error) {
+	sessionKey = strings.TrimSpace(sessionKey)
+	if sessionKey == "" {
+		return nil, nil
+	}
+	var b RobotSessionBinding
+	var updatedAt string
+	err := db.QueryRow(
+		"SELECT session_key, conversation_id, role_name, updated_at FROM robot_user_sessions WHERE session_key = ?",
+		sessionKey,
+	).Scan(&b.SessionKey, &b.ConversationID, &b.RoleName, &updatedAt)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, nil
+		}
+		return nil, fmt.Errorf("查询机器人会话绑定失败: %w", err)
+	}
+	if t, e := time.Parse("2006-01-02 15:04:05.999999999-07:00", updatedAt); e == nil {
+		b.UpdatedAt = t
+	} else if t, e := time.Parse("2006-01-02 15:04:05", updatedAt); e == nil {
+		b.UpdatedAt = t
+	} else {
+		b.UpdatedAt, _ = time.Parse(time.RFC3339, updatedAt)
+	}
+	if strings.TrimSpace(b.RoleName) == "" {
+		b.RoleName = "默认"
+	}
+	return &b, nil
+}
+
+// UpsertRobotSessionBinding 写入或更新机器人会话绑定（包含角色）。
+func (db *DB) UpsertRobotSessionBinding(sessionKey, conversationID, roleName string) error {
+	sessionKey = strings.TrimSpace(sessionKey)
+	conversationID = strings.TrimSpace(conversationID)
+	roleName = strings.TrimSpace(roleName)
+	if sessionKey == "" || conversationID == "" {
+		return nil
+	}
+	if roleName == "" {
+		roleName = "默认"
+	}
+	_, err := db.Exec(`
+		INSERT INTO robot_user_sessions (session_key, conversation_id, role_name, updated_at)
+		VALUES (?, ?, ?, ?)
+		ON CONFLICT(session_key) DO UPDATE SET
+			conversation_id = excluded.conversation_id,
+			role_name = excluded.role_name,
+			updated_at = excluded.updated_at
+	`, sessionKey, conversationID, roleName, time.Now())
+	if err != nil {
+		return fmt.Errorf("写入机器人会话绑定失败: %w", err)
+	}
+	return nil
+}
+
+// DeleteRobotSessionBinding 删除机器人会话绑定。
+func (db *DB) DeleteRobotSessionBinding(sessionKey string) error {
+	sessionKey = strings.TrimSpace(sessionKey)
+	if sessionKey == "" {
+		return nil
+	}
+	if _, err := db.Exec("DELETE FROM robot_user_sessions WHERE session_key = ?", sessionKey); err != nil {
+		return fmt.Errorf("删除机器人会话绑定失败: %w", err)
+	}
+	return nil
+}
@@ -728,7 +728,7 @@ func (h *AgentHandler) ProcessMessageForRobot(ctx context.Context, conversationI
 			h.persistEinoAgentTraceForResume(conversationID, resultMA)
 			errMsg := "执行失败: " + errMA.Error()
 			if assistantMessageID != "" {
-				_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", errMsg, assistantMessageID)
+				_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", errMsg, time.Now(), assistantMessageID)
 				_ = h.db.AddProcessDetail(assistantMessageID, conversationID, "error", errMsg, nil)
 			}
 			return "", conversationID, errMA
@@ -740,8 +740,8 @@ func (h *AgentHandler) ProcessMessageForRobot(ctx context.Context, conversationI
 				mcpIDsJSON = string(jsonData)
 			}
 			_, err = h.db.Exec(
-				"UPDATE messages SET content = ?, mcp_execution_ids = ? WHERE id = ?",
-				resultMA.Response, mcpIDsJSON, assistantMessageID,
+				"UPDATE messages SET content = ?, mcp_execution_ids = ?, updated_at = ? WHERE id = ?",
+				resultMA.Response, mcpIDsJSON, time.Now(), assistantMessageID,
 			)
 			if err != nil {
 				h.logger.Warn("机器人：更新助手消息失败", zap.Error(err))
@@ -761,7 +761,7 @@ func (h *AgentHandler) ProcessMessageForRobot(ctx context.Context, conversationI
 	if err != nil {
 		errMsg := "执行失败: " + err.Error()
 		if assistantMessageID != "" {
-			_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", errMsg, assistantMessageID)
+			_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", errMsg, time.Now(), assistantMessageID)
 			_ = h.db.AddProcessDetail(assistantMessageID, conversationID, "error", errMsg, nil)
 		}
 		return "", conversationID, err
@@ -775,8 +775,8 @@ func (h *AgentHandler) ProcessMessageForRobot(ctx context.Context, conversationI
 			mcpIDsJSON = string(jsonData)
 		}
 		_, err = h.db.Exec(
-			"UPDATE messages SET content = ?, mcp_execution_ids = ? WHERE id = ?",
-			result.Response, mcpIDsJSON, assistantMessageID,
+		"UPDATE messages SET content = ?, mcp_execution_ids = ?, updated_at = ? WHERE id = ?",
+		result.Response, mcpIDsJSON, time.Now(), assistantMessageID,
 		)
 		if err != nil {
 			h.logger.Warn("机器人：更新助手消息失败", zap.Error(err))
@@ -1515,9 +1515,9 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {
 		// 更新助手消息内容并保存错误详情到数据库
 		if assistantMessageID != "" {
 			if _, updateErr := h.db.Exec(
-				"UPDATE messages SET content = ? WHERE id = ?",
+				"UPDATE messages SET content = ?, updated_at = ? WHERE id = ?",
 				errorMsg,
-				assistantMessageID,
+				time.Now(), assistantMessageID,
 			); updateErr != nil {
 				h.logger.Warn("更新错误后的助手消息失败", zap.Error(updateErr))
 			}
@@ -1569,9 +1569,9 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {

 			if assistantMessageID != "" {
 				if _, updateErr := h.db.Exec(
-					"UPDATE messages SET content = ? WHERE id = ?",
+					"UPDATE messages SET content = ?, updated_at = ? WHERE id = ?",
 					cancelMsg,
-					assistantMessageID,
+					time.Now(), assistantMessageID,
 				); updateErr != nil {
 					h.logger.Warn("更新取消后的助手消息失败", zap.Error(updateErr))
 				}
@@ -1604,9 +1604,9 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {

 			if assistantMessageID != "" {
 				if _, updateErr := h.db.Exec(
-					"UPDATE messages SET content = ? WHERE id = ?",
+					"UPDATE messages SET content = ?, updated_at = ? WHERE id = ?",
 					timeoutMsg,
-					assistantMessageID,
+					time.Now(), assistantMessageID,
 				); updateErr != nil {
 					h.logger.Warn("更新超时后的助手消息失败", zap.Error(updateErr))
 				}
@@ -1639,9 +1639,9 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {

 			if assistantMessageID != "" {
 				if _, updateErr := h.db.Exec(
-					"UPDATE messages SET content = ? WHERE id = ?",
+					"UPDATE messages SET content = ?, updated_at = ? WHERE id = ?",
 					errorMsg,
-					assistantMessageID,
+					time.Now(), assistantMessageID,
 				); updateErr != nil {
 					h.logger.Warn("更新失败后的助手消息失败", zap.Error(updateErr))
 				}
@@ -1671,7 +1671,7 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {
 	// 更新助手消息内容
 	if assistantMsg != nil {
 		_, err = h.db.Exec(
-			"UPDATE messages SET content = ?, mcp_execution_ids = ? WHERE id = ?",
+			"UPDATE messages SET content = ?, mcp_execution_ids = ?, updated_at = ? WHERE id = ?",
 			result.Response,
 			func() string {
 				if len(result.MCPExecutionIDs) > 0 {
@@ -1680,7 +1680,7 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {
 				}
 				return ""
 			}(),
-			assistantMessageID,
+			time.Now(), assistantMessageID,
 		)
 		if err != nil {
 			h.logger.Error("更新助手消息失败", zap.Error(err))
@@ -1717,6 +1717,8 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {
 func (h *AgentHandler) CancelAgentLoop(c *gin.Context) {
 	var req struct {
 		ConversationID string `json:"conversationId" binding:"required"`
+		Reason         string `json:"reason,omitempty"`
+		ContinueAfter  bool   `json:"continueAfter,omitempty"`
 	}

 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -1724,7 +1726,23 @@ func (h *AgentHandler) CancelAgentLoop(c *gin.Context) {
 		return
 	}

-	ok, err := h.tasks.CancelTask(req.ConversationID, ErrTaskCancelled)
+	if req.ContinueAfter && strings.TrimSpace(req.Reason) == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "continueAfter 为 true 时必须提供非空的 reason（中断说明）"})
+		return
+	}
+
+	var cause error = ErrTaskCancelled
+	msg := "已提交取消请求，任务将在当前步骤完成后停止。"
+	if req.ContinueAfter {
+		if !h.tasks.SetInterruptContinueReason(req.ConversationID, req.Reason) {
+			c.JSON(http.StatusNotFound, gin.H{"error": "未找到正在执行的任务，无法提交中断说明"})
+			return
+		}
+		cause = ErrUserInterruptContinue
+		msg = "已提交中断说明，当前步骤结束后将写入对话并继续迭代。"
+	}
+
+	ok, err := h.tasks.CancelTask(req.ConversationID, cause)
 	if err != nil {
 		h.logger.Error("取消任务失败", zap.Error(err))
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
@@ -1737,9 +1755,11 @@ func (h *AgentHandler) CancelAgentLoop(c *gin.Context) {
 	}

 	c.JSON(http.StatusOK, gin.H{
-		"status":         "cancelling",
-		"conversationId": req.ConversationID,
-		"message":        "已提交取消请求，任务将在当前步骤完成后停止。",
+		"status":           "cancelling",
+		"conversationId":   req.ConversationID,
+		"message":          msg,
+		"continueAfter":    req.ContinueAfter,
+		"interruptWithNote": req.ContinueAfter,
 	})
 }

@@ -2448,76 +2468,144 @@ func (h *AgentHandler) executeBatchQueue(queueID string) {
 		if assistantMsg != nil {
 			assistantMessageID = assistantMsg.ID
 		}
-		progressCallback := h.createProgressCallback(context.Background(), nil, conversationID, assistantMessageID, nil)
+		// 注意：批量任务没有前端直连的 POST /stream，因此若要支持「刷新后补流」，
+		// 需要把进度事件镜像到 TaskEventBus（GET /api/agent-loop/task-events 会订阅这里）。
+		// progressCallback 将在子任务的 IIFE 内创建，以便拿到 taskCtx/cancelWithCause 与 sendEvent。
+		var progressCallback func(eventType, message string, data interface{})

 		// 执行任务（使用包含角色提示词的finalMessage和角色工具列表）
 		h.logger.Info("执行批量任务", zap.String("queueId", queueID), zap.String("taskId", task.ID), zap.String("message", task.Message), zap.String("role", queue.Role), zap.String("conversationId", conversationID))

-		// 单个子任务超时时间：从30分钟调整为6小时，适配长时间渗透/扫描任务
-		ctx, cancel := context.WithTimeout(context.Background(), 6*time.Hour)
-		// 存储取消函数，以便在取消队列时能够取消当前任务
-		h.batchTaskManager.SetTaskCancel(queueID, cancel)
-		// 使用队列配置的角色工具列表（如果为空，表示使用所有工具）
-		useBatchMulti := false
-		useEinoSingle := false
-		batchOrch := "deep"
-		am := strings.TrimSpace(strings.ToLower(queue.AgentMode))
-		if am == "multi" {
-			am = "deep"
-		}
-		if am == "eino_single" {
-			useEinoSingle = true
-		} else if batchQueueWantsEino(queue.AgentMode) && h.config != nil && h.config.MultiAgent.Enabled {
-			useBatchMulti = true
-			batchOrch = config.NormalizeMultiAgentOrchestration(am)
-		} else if queue.AgentMode == "" {
-			// 兼容历史数据：未配置队列代理模式时，沿用旧的系统级开关
-			if h.config != nil && h.config.MultiAgent.Enabled && h.config.MultiAgent.BatchUseMultiAgent {
+		func() {
+			// 与对话流式接口一致：同 conversationId 仅允许一个运行中任务，并支持 /api/agent-loop/cancel 与会话锁对齐。
+			baseCtx, cancelWithCause := context.WithCancelCause(context.Background())
+			// 单个子任务超时：6 小时（与原先 WithTimeout(Background) 一致）
+			taskCtx, timeoutCancel := context.WithTimeout(baseCtx, 6*time.Hour)
+
+			registered := false
+			finishStatus := "completed"
+
+			defer func() {
+				h.batchTaskManager.SetTaskCancel(queueID, nil)
+				timeoutCancel()
+				if registered {
+					// 与流式接口保持一致：结束前补一个 done，便于前端 task-events 侧及时收口 UI。
+					if h.taskEventBus != nil {
+						ev := StreamEvent{Type: "done", Message: "", Data: map[string]interface{}{"conversationId": conversationID}}
+						if b, err := json.Marshal(ev); err == nil {
+							h.taskEventBus.Publish(conversationID, append(append([]byte("data: "), b...), '\n', '\n'))
+						}
+					}
+					h.tasks.FinishTask(conversationID, finishStatus)
+				}
+				cancelWithCause(nil)
+			}()
+
+			// 事件镜像：只发布到 TaskEventBus，不直接写 HTTP Response（用于刷新后的补流）。
+			sendEvent := func(eventType, message string, data interface{}) {
+				if h.taskEventBus == nil {
+					return
+				}
+				ev := StreamEvent{Type: eventType, Message: message, Data: data}
+				b, err := json.Marshal(ev)
+				if err != nil {
+					b = []byte(`{"type":"error","message":"marshal failed"}`)
+				}
+				line := make([]byte, 0, len(b)+8)
+				line = append(line, []byte("data: ")...)
+				line = append(line, b...)
+				line = append(line, '\n', '\n')
+				h.taskEventBus.Publish(conversationID, line)
+			}
+
+			if _, err := h.tasks.StartTask(conversationID, task.Message, cancelWithCause); err != nil {
+				h.logger.Warn("批量队列子任务注册会话运行状态失败",
+					zap.String("queueId", queueID),
+					zap.String("taskId", task.ID),
+					zap.String("conversationId", conversationID),
+					zap.Error(err))
+				failMsg := err.Error()
+				if errors.Is(err, ErrTaskAlreadyRunning) {
+					failMsg = "会话已有任务正在执行，无法在该会话上并行启动批量子任务"
+				}
+				h.batchTaskManager.UpdateTaskStatus(queueID, task.ID, "failed", "", failMsg)
+				return
+			}
+			registered = true
+			// 存储取消函数：暂停队列时取消子任务 context（与原先语义一致）
+			h.batchTaskManager.SetTaskCancel(queueID, timeoutCancel)
+
+			// 创建进度回调函数：写 DB + 镜像到 task-events，支持刷新后继续流式展示。
+			progressCallback = h.createProgressCallback(taskCtx, cancelWithCause, conversationID, assistantMessageID, sendEvent)
+
+			// 使用队列配置的角色工具列表（如果为空，表示使用所有工具）
+			useBatchMulti := false
+			useEinoSingle := false
+			batchOrch := "deep"
+			am := strings.TrimSpace(strings.ToLower(queue.AgentMode))
+			if am == "multi" {
+				am = "deep"
+			}
+			if am == "eino_single" {
+				useEinoSingle = true
+			} else if batchQueueWantsEino(queue.AgentMode) && h.config != nil && h.config.MultiAgent.Enabled {
 				useBatchMulti = true
-				batchOrch = "deep"
+				batchOrch = config.NormalizeMultiAgentOrchestration(am)
+			} else if queue.AgentMode == "" {
+				// 兼容历史数据：未配置队列代理模式时，沿用旧的系统级开关
+				if h.config != nil && h.config.MultiAgent.Enabled && h.config.MultiAgent.BatchUseMultiAgent {
+					useBatchMulti = true
+					batchOrch = "deep"
+				}
 			}
-		}
-		useRunResult := useBatchMulti || useEinoSingle
-		var result *agent.AgentLoopResult
-		var resultMA *multiagent.RunResult
-		var runErr error
-		switch {
-		case useBatchMulti:
-			resultMA, runErr = multiagent.RunDeepAgent(ctx, h.config, &h.config.MultiAgent, h.agent, h.logger, conversationID, finalMessage, []agent.ChatMessage{}, roleTools, progressCallback, h.agentsMarkdownDir, batchOrch)
-		case useEinoSingle:
-			if h.config == nil {
-				runErr = fmt.Errorf("服务器配置未加载")
-			} else {
-				resultMA, runErr = multiagent.RunEinoSingleChatModelAgent(ctx, h.config, &h.config.MultiAgent, h.agent, h.logger, conversationID, finalMessage, []agent.ChatMessage{}, roleTools, progressCallback)
+			useRunResult := useBatchMulti || useEinoSingle
+			var result *agent.AgentLoopResult
+			var resultMA *multiagent.RunResult
+			var runErr error
+			switch {
+			case useBatchMulti:
+				resultMA, runErr = multiagent.RunDeepAgent(taskCtx, h.config, &h.config.MultiAgent, h.agent, h.logger, conversationID, finalMessage, []agent.ChatMessage{}, roleTools, progressCallback, h.agentsMarkdownDir, batchOrch)
+			case useEinoSingle:
+				if h.config == nil {
+					runErr = fmt.Errorf("服务器配置未加载")
+				} else {
+					resultMA, runErr = multiagent.RunEinoSingleChatModelAgent(taskCtx, h.config, &h.config.MultiAgent, h.agent, h.logger, conversationID, finalMessage, []agent.ChatMessage{}, roleTools, progressCallback)
+				}
+			default:
+				result, runErr = h.agent.AgentLoopWithProgress(taskCtx, finalMessage, []agent.ChatMessage{}, conversationID, progressCallback, roleTools)
 			}
-		default:
-			result, runErr = h.agent.AgentLoopWithProgress(ctx, finalMessage, []agent.ChatMessage{}, conversationID, progressCallback, roleTools)
-		}
-		// 任务执行完成，清理取消函数
-		h.batchTaskManager.SetTaskCancel(queueID, nil)
-		cancel()

-		if runErr != nil {
-			if useRunResult {
-				h.persistEinoAgentTraceForResume(conversationID, resultMA)
-			}
-			// 检查是否是取消错误
-			// 1. 直接检查是否是 context.Canceled（包括包装后的错误）
-			// 2. 检查错误消息中是否包含"context canceled"或"cancelled"关键字
-			// 3. 检查 result.Response 中是否包含取消相关的消息
-			errStr := runErr.Error()
-			partialResp := ""
-			if useRunResult && resultMA != nil {
-				partialResp = resultMA.Response
-			} else if result != nil {
-				partialResp = result.Response
-			}
-			isCancelled := errors.Is(runErr, context.Canceled) ||
-				strings.Contains(strings.ToLower(errStr), "context canceled") ||
-				strings.Contains(strings.ToLower(errStr), "context cancelled") ||
-				(partialResp != "" && (strings.Contains(partialResp, "任务已被取消") || strings.Contains(partialResp, "任务执行中断")))
+			if runErr != nil {
+				if useRunResult {
+					h.persistEinoAgentTraceForResume(conversationID, resultMA)
+				}
+				// 检查是否是取消错误
+				// 1. 直接检查是否是 context.Canceled（包括包装后的错误）
+				// 2. 检查错误消息中是否包含"context canceled"或"cancelled"关键字
+				// 3. 检查 result.Response 中是否包含取消相关的消息
+				errStr := runErr.Error()
+				partialResp := ""
+				if useRunResult && resultMA != nil {
+					partialResp = resultMA.Response
+				} else if result != nil {
+					partialResp = result.Response
+				}
+				isCancelled := errors.Is(context.Cause(baseCtx), ErrTaskCancelled) ||
+					errors.Is(runErr, context.Canceled) ||
+					strings.Contains(strings.ToLower(errStr), "context canceled") ||
+					strings.Contains(strings.ToLower(errStr), "context cancelled") ||
+					(partialResp != "" && (strings.Contains(partialResp, "任务已被取消") || strings.Contains(partialResp, "任务执行中断")))
+				isTimeout := errors.Is(runErr, context.DeadlineExceeded) || errors.Is(context.Cause(taskCtx), context.DeadlineExceeded)

-			if isCancelled {
+				if isTimeout {
+					finishStatus = "timeout"
+				} else if isCancelled {
+					finishStatus = "cancelled"
+				} else {
+					finishStatus = "failed"
+				}
+
+				if isCancelled {
 				h.logger.Info("批量任务被取消", zap.String("queueId", queueID), zap.String("taskId", task.ID), zap.String("conversationId", conversationID))
 				cancelMsg := "任务已被用户取消，后续操作已停止。"
 				// 如果执行结果中有更具体的取消消息，使用它
@@ -2527,9 +2615,9 @@ func (h *AgentHandler) executeBatchQueue(queueID string) {
 				// 更新助手消息内容
 				if assistantMessageID != "" {
 					if _, updateErr := h.db.Exec(
-						"UPDATE messages SET content = ? WHERE id = ?",
+						"UPDATE messages SET content = ?, updated_at = ? WHERE id = ?",
 						cancelMsg,
-						assistantMessageID,
+						time.Now(), assistantMessageID,
 					); updateErr != nil {
 						h.logger.Warn("更新取消后的助手消息失败", zap.String("queueId", queueID), zap.String("taskId", task.ID), zap.Error(updateErr))
 					}
@@ -2561,9 +2649,9 @@ func (h *AgentHandler) executeBatchQueue(queueID string) {
 				// 更新助手消息内容
 				if assistantMessageID != "" {
 					if _, updateErr := h.db.Exec(
-						"UPDATE messages SET content = ? WHERE id = ?",
+						"UPDATE messages SET content = ?, updated_at = ? WHERE id = ?",
 						errorMsg,
-						assistantMessageID,
+						time.Now(), assistantMessageID,
 					); updateErr != nil {
 						h.logger.Warn("更新失败后的助手消息失败", zap.String("queueId", queueID), zap.String("taskId", task.ID), zap.Error(updateErr))
 					}
@@ -2600,10 +2688,10 @@ func (h *AgentHandler) executeBatchQueue(queueID string) {
 					mcpIDsJSON = string(jsonData)
 				}
 				if _, updateErr := h.db.Exec(
-					"UPDATE messages SET content = ?, mcp_execution_ids = ? WHERE id = ?",
+					"UPDATE messages SET content = ?, mcp_execution_ids = ?, updated_at = ? WHERE id = ?",
 					resText,
 					mcpIDsJSON,
-					assistantMessageID,
+					time.Now(), assistantMessageID,
 				); updateErr != nil {
 					h.logger.Warn("更新助手消息失败", zap.String("queueId", queueID), zap.String("taskId", task.ID), zap.Error(updateErr))
 					// 如果更新失败，尝试创建新消息
@@ -2632,6 +2720,7 @@ func (h *AgentHandler) executeBatchQueue(queueID string) {
 			// 保存结果
 			h.batchTaskManager.UpdateTaskStatusWithConversationID(queueID, task.ID, "completed", resText, "", conversationID)
 		}
+		}()

 		// 移动到下一个任务
 		h.batchTaskManager.MoveToNextTask(queueID)
@@ -10,6 +10,7 @@ import (
 	"path/filepath"
 	"strconv"
 	"strings"
+	"sync/atomic"
 	"time"

 	"cyberstrike-ai/internal/c2"
@@ -20,18 +21,28 @@ import (
 	"go.uber.org/zap"
 )

-// C2Handler 处理 C2 相关的 REST API
+// C2Handler 处理 C2 相关的 REST API（manager 可在运行时置 nil 以关闭 C2）
 type C2Handler struct {
-	manager *c2.Manager
-	logger  *zap.Logger
+	mgrPtr atomic.Pointer[c2.Manager]
+	logger *zap.Logger
 }

-// NewC2Handler 创建 C2 处理器
+// NewC2Handler 创建 C2 处理器；manager 可为 nil（功能关闭时）
 func NewC2Handler(manager *c2.Manager, logger *zap.Logger) *C2Handler {
-	return &C2Handler{
-		manager: manager,
-		logger:  logger,
+	h := &C2Handler{logger: logger}
+	if manager != nil {
+		h.mgrPtr.Store(manager)
 	}
+	return h
+}
+
+func (h *C2Handler) mgr() *c2.Manager {
+	return h.mgrPtr.Load()
+}
+
+// SetManager 运行时切换或清空 C2 Manager（与 App 启停同步）
+func (h *C2Handler) SetManager(m *c2.Manager) {
+	h.mgrPtr.Store(m)
 }

 // ============================================================================
@@ -40,7 +51,7 @@ func NewC2Handler(manager *c2.Manager, logger *zap.Logger) *C2Handler {

 // ListListeners 获取监听器列表
 func (h *C2Handler) ListListeners(c *gin.Context) {
-	listeners, err := h.manager.DB().ListC2Listeners()
+	listeners, err := h.mgr().DB().ListC2Listeners()
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -81,7 +92,7 @@ func (h *C2Handler) CreateListener(c *gin.Context) {
 		CallbackHost: strings.TrimSpace(req.CallbackHost),
 	}

-	listener, err := h.manager.CreateListener(input)
+	listener, err := h.mgr().CreateListener(input)
 	if err != nil {
 		code := http.StatusInternalServerError
 		if e, ok := err.(*c2.CommonError); ok {
@@ -99,7 +110,7 @@ func (h *C2Handler) CreateListener(c *gin.Context) {
 // GetListener 获取单个监听器
 func (h *C2Handler) GetListener(c *gin.Context) {
 	id := c.Param("id")
-	listener, err := h.manager.DB().GetC2Listener(id)
+	listener, err := h.mgr().DB().GetC2Listener(id)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -116,7 +127,7 @@ func (h *C2Handler) GetListener(c *gin.Context) {
 // UpdateListener 更新监听器
 func (h *C2Handler) UpdateListener(c *gin.Context) {
 	id := c.Param("id")
-	listener, err := h.manager.DB().GetC2Listener(id)
+	listener, err := h.mgr().DB().GetC2Listener(id)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -141,7 +152,7 @@ func (h *C2Handler) UpdateListener(c *gin.Context) {
 	}

 	// 若监听器在运行，不能修改关键字段
-	if h.manager.IsListenerRunning(id) {
+	if h.mgr().IsListenerRunning(id) {
 		if req.BindHost != listener.BindHost || req.BindPort != listener.BindPort {
 			c.JSON(http.StatusConflict, gin.H{"error": "cannot modify bind address while listener is running"})
 			return
@@ -174,7 +185,7 @@ func (h *C2Handler) UpdateListener(c *gin.Context) {
 		listener.ConfigJSON = string(cfgJSON)
 	}

-	if err := h.manager.DB().UpdateC2Listener(listener); err != nil {
+	if err := h.mgr().DB().UpdateC2Listener(listener); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
@@ -186,7 +197,7 @@ func (h *C2Handler) UpdateListener(c *gin.Context) {
 // DeleteListener 删除监听器
 func (h *C2Handler) DeleteListener(c *gin.Context) {
 	id := c.Param("id")
-	if err := h.manager.DeleteListener(id); err != nil {
+	if err := h.mgr().DeleteListener(id); err != nil {
 		code := http.StatusInternalServerError
 		if e, ok := err.(*c2.CommonError); ok {
 			code = e.HTTP
@@ -200,7 +211,7 @@ func (h *C2Handler) DeleteListener(c *gin.Context) {
 // StartListener 启动监听器
 func (h *C2Handler) StartListener(c *gin.Context) {
 	id := c.Param("id")
-	listener, err := h.manager.StartListener(id)
+	listener, err := h.mgr().StartListener(id)
 	if err != nil {
 		code := http.StatusInternalServerError
 		if e, ok := err.(*c2.CommonError); ok {
@@ -217,7 +228,7 @@ func (h *C2Handler) StartListener(c *gin.Context) {
 // StopListener 停止监听器
 func (h *C2Handler) StopListener(c *gin.Context) {
 	id := c.Param("id")
-	if err := h.manager.StopListener(id); err != nil {
+	if err := h.mgr().StopListener(id); err != nil {
 		code := http.StatusInternalServerError
 		if e, ok := err.(*c2.CommonError); ok {
 			code = e.HTTP
@@ -246,7 +257,7 @@ func (h *C2Handler) ListSessions(c *gin.Context) {
 		}
 	}

-	sessions, err := h.manager.DB().ListC2Sessions(filter)
+	sessions, err := h.mgr().DB().ListC2Sessions(filter)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -257,7 +268,7 @@ func (h *C2Handler) ListSessions(c *gin.Context) {
 // GetSession 获取单个会话
 func (h *C2Handler) GetSession(c *gin.Context) {
 	id := c.Param("id")
-	session, err := h.manager.DB().GetC2Session(id)
+	session, err := h.mgr().DB().GetC2Session(id)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -268,7 +279,7 @@ func (h *C2Handler) GetSession(c *gin.Context) {
 	}

 	// 获取最近任务
-	tasks, _ := h.manager.DB().ListC2Tasks(database.ListC2TasksFilter{
+	tasks, _ := h.mgr().DB().ListC2Tasks(database.ListC2TasksFilter{
 		SessionID: id,
 		Limit:     20,
 	})
@@ -282,7 +293,7 @@ func (h *C2Handler) GetSession(c *gin.Context) {
 // DeleteSession 删除会话
 func (h *C2Handler) DeleteSession(c *gin.Context) {
 	id := c.Param("id")
-	if err := h.manager.DB().DeleteC2Session(id); err != nil {
+	if err := h.mgr().DB().DeleteC2Session(id); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
@@ -301,7 +312,7 @@ func (h *C2Handler) SetSessionSleep(c *gin.Context) {
 		return
 	}

-	if err := h.manager.DB().SetC2SessionSleep(id, req.SleepSeconds, req.JitterPercent); err != nil {
+	if err := h.mgr().DB().SetC2SessionSleep(id, req.SleepSeconds, req.JitterPercent); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
@@ -343,14 +354,14 @@ func (h *C2Handler) ListTasks(c *gin.Context) {
 		}
 	}

-	tasks, err := h.manager.DB().ListC2Tasks(filter)
+	tasks, err := h.mgr().DB().ListC2Tasks(filter)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}

 	// 仪表盘「待审任务」为全局 queued/pending 数量，与列表 session 过滤无关
-	pendingN, _ := h.manager.DB().CountC2TasksQueuedOrPending("")
+	pendingN, _ := h.mgr().DB().CountC2TasksQueuedOrPending("")

 	if !paginated {
 		c.JSON(http.StatusOK, gin.H{
@@ -360,7 +371,7 @@ func (h *C2Handler) ListTasks(c *gin.Context) {
 		return
 	}

-	total, err := h.manager.DB().CountC2Tasks(filter)
+	total, err := h.mgr().DB().CountC2Tasks(filter)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -387,7 +398,7 @@ func (h *C2Handler) DeleteTasks(c *gin.Context) {
 		c.JSON(http.StatusBadRequest, gin.H{"error": "ids is required"})
 		return
 	}
-	n, err := h.manager.DB().DeleteC2TasksByIDs(req.IDs)
+	n, err := h.mgr().DB().DeleteC2TasksByIDs(req.IDs)
 	if err != nil {
 		if errors.Is(err, database.ErrNoValidC2TaskIDs) {
 			c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
@@ -402,7 +413,7 @@ func (h *C2Handler) DeleteTasks(c *gin.Context) {
 // GetTask 获取单个任务
 func (h *C2Handler) GetTask(c *gin.Context) {
 	id := c.Param("id")
-	task, err := h.manager.DB().GetC2Task(id)
+	task, err := h.mgr().DB().GetC2Task(id)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -437,7 +448,7 @@ func (h *C2Handler) CreateTask(c *gin.Context) {
 		UserCtx:        c.Request.Context(),
 	}

-	task, err := h.manager.EnqueueTask(input)
+	task, err := h.mgr().EnqueueTask(input)
 	if err != nil {
 		code := http.StatusInternalServerError
 		if e, ok := err.(*c2.CommonError); ok {
@@ -452,7 +463,7 @@ func (h *C2Handler) CreateTask(c *gin.Context) {
 // CancelTask 取消任务
 func (h *C2Handler) CancelTask(c *gin.Context) {
 	id := c.Param("id")
-	if err := h.manager.CancelTask(id); err != nil {
+	if err := h.mgr().CancelTask(id); err != nil {
 		code := http.StatusInternalServerError
 		if e, ok := err.(*c2.CommonError); ok {
 			code = e.HTTP
@@ -475,7 +486,7 @@ func (h *C2Handler) WaitTask(c *gin.Context) {

 	deadline := time.Now().Add(timeout)
 	for time.Now().Before(deadline) {
-		task, err := h.manager.DB().GetC2Task(id)
+		task, err := h.mgr().DB().GetC2Task(id)
 		if err != nil {
 			c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 			return
@@ -509,7 +520,7 @@ func (h *C2Handler) PayloadOneliner(c *gin.Context) {
 		return
 	}

-	listener, err := h.manager.DB().GetC2Listener(req.ListenerID)
+	listener, err := h.mgr().DB().GetC2Listener(req.ListenerID)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -572,7 +583,7 @@ func (h *C2Handler) PayloadBuild(c *gin.Context) {
 		return
 	}

-	listener, err := h.manager.DB().GetC2Listener(req.ListenerID)
+	listener, err := h.mgr().DB().GetC2Listener(req.ListenerID)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -582,7 +593,7 @@ func (h *C2Handler) PayloadBuild(c *gin.Context) {
 		return
 	}

-	builder := c2.NewPayloadBuilder(h.manager, h.logger, "", "")
+	builder := c2.NewPayloadBuilder(h.mgr(), h.logger, "", "")
 	input := c2.PayloadBuilderInput{
 		ListenerID:    req.ListenerID,
 		OS:            req.OS,
@@ -616,7 +627,7 @@ func (h *C2Handler) PayloadDownload(c *gin.Context) {
 		return
 	}

-	builder := c2.NewPayloadBuilder(h.manager, h.logger, "", "")
+	builder := c2.NewPayloadBuilder(h.mgr(), h.logger, "", "")
 	storageDir := builder.GetPayloadStoragePath()
 	targetPath := filepath.Join(storageDir, filename)

@@ -676,7 +687,7 @@ func (h *C2Handler) ListEvents(c *gin.Context) {
 		}
 	}

-	events, err := h.manager.DB().ListC2Events(filter)
+	events, err := h.mgr().DB().ListC2Events(filter)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -685,7 +696,7 @@ func (h *C2Handler) ListEvents(c *gin.Context) {
 		c.JSON(http.StatusOK, gin.H{"events": events})
 		return
 	}
-	total, err := h.manager.DB().CountC2Events(filter)
+	total, err := h.mgr().DB().CountC2Events(filter)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -711,7 +722,7 @@ func (h *C2Handler) DeleteEvents(c *gin.Context) {
 		c.JSON(http.StatusBadRequest, gin.H{"error": "ids is required"})
 		return
 	}
-	n, err := h.manager.DB().DeleteC2EventsByIDs(req.IDs)
+	n, err := h.mgr().DB().DeleteC2EventsByIDs(req.IDs)
 	if err != nil {
 		if errors.Is(err, database.ErrNoValidC2EventIDs) {
 			c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
@@ -733,14 +744,14 @@ func (h *C2Handler) EventStream(c *gin.Context) {
 	categoryFilter := c.Query("category")
 	levels := c.QueryArray("level")

-	sub := h.manager.EventBus().Subscribe(
+	sub := h.mgr().EventBus().Subscribe(
 		"sse-"+uuid.New().String(),
 		128,
 		sessionFilter,
 		categoryFilter,
 		levels,
 	)
-	defer h.manager.EventBus().Unsubscribe(sub.ID)
+	defer h.mgr().EventBus().Unsubscribe(sub.ID)

 	c.Stream(func(w io.Writer) bool {
 		select {
@@ -763,7 +774,7 @@ func (h *C2Handler) EventStream(c *gin.Context) {

 // ListProfiles 获取 Malleable Profile 列表
 func (h *C2Handler) ListProfiles(c *gin.Context) {
-	profiles, err := h.manager.DB().ListC2Profiles()
+	profiles, err := h.mgr().DB().ListC2Profiles()
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -774,7 +785,7 @@ func (h *C2Handler) ListProfiles(c *gin.Context) {
 // GetProfile 获取单个 Profile
 func (h *C2Handler) GetProfile(c *gin.Context) {
 	id := c.Param("id")
-	profile, err := h.manager.DB().GetC2Profile(id)
+	profile, err := h.mgr().DB().GetC2Profile(id)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -797,7 +808,7 @@ func (h *C2Handler) CreateProfile(c *gin.Context) {
 	req.ID = "p_" + strings.ReplaceAll(uuid.New().String(), "-", "")[:14]
 	req.CreatedAt = time.Now()

-	if err := h.manager.DB().CreateC2Profile(&req); err != nil {
+	if err := h.mgr().DB().CreateC2Profile(&req); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
@@ -807,7 +818,7 @@ func (h *C2Handler) CreateProfile(c *gin.Context) {
 // UpdateProfile 更新 Profile
 func (h *C2Handler) UpdateProfile(c *gin.Context) {
 	id := c.Param("id")
-	profile, err := h.manager.DB().GetC2Profile(id)
+	profile, err := h.mgr().DB().GetC2Profile(id)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -832,7 +843,7 @@ func (h *C2Handler) UpdateProfile(c *gin.Context) {
 	profile.JitterMinMS = req.JitterMinMS
 	profile.JitterMaxMS = req.JitterMaxMS

-	if err := h.manager.DB().UpdateC2Profile(profile); err != nil {
+	if err := h.mgr().DB().UpdateC2Profile(profile); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
@@ -842,7 +853,7 @@ func (h *C2Handler) UpdateProfile(c *gin.Context) {
 // DeleteProfile 删除 Profile
 func (h *C2Handler) DeleteProfile(c *gin.Context) {
 	id := c.Param("id")
-	if err := h.manager.DB().DeleteC2Profile(id); err != nil {
+	if err := h.mgr().DB().DeleteC2Profile(id); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
@@ -870,7 +881,7 @@ func (h *C2Handler) UploadFileForImplant(c *gin.Context) {
 	defer file.Close()

 	fileID := "f_" + strings.ReplaceAll(uuid.New().String(), "-", "")[:14]
-	dir := filepath.Join(h.manager.StorageDir(), "downstream")
+	dir := filepath.Join(h.mgr().StorageDir(), "downstream")
 	if err := osMkdirAll(dir); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -898,7 +909,7 @@ func (h *C2Handler) UploadFileForImplant(c *gin.Context) {
 		SizeBytes:  n,
 		CreatedAt:  time.Now(),
 	}
-	_ = h.manager.DB().CreateC2File(dbFile)
+	_ = h.mgr().DB().CreateC2File(dbFile)

 	c.JSON(http.StatusOK, gin.H{
 		"file_id":     fileID,
@@ -915,7 +926,7 @@ func (h *C2Handler) ListFiles(c *gin.Context) {
 		c.JSON(http.StatusBadRequest, gin.H{"error": "session_id required"})
 		return
 	}
-	files, err := h.manager.DB().ListC2FilesBySession(sessionID)
+	files, err := h.mgr().DB().ListC2FilesBySession(sessionID)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -926,7 +937,7 @@ func (h *C2Handler) ListFiles(c *gin.Context) {
 // DownloadResultFile 下载任务结果文件（截图等 blob 结果）
 func (h *C2Handler) DownloadResultFile(c *gin.Context) {
 	taskID := c.Param("id")
-	task, err := h.manager.DB().GetC2Task(taskID)
+	task, err := h.mgr().DB().GetC2Task(taskID)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -41,6 +41,14 @@ type SkillsToolRegistrar func() error
 // BatchTaskToolRegistrar 批量任务 MCP 工具注册器（ApplyConfig 时重新注册）
 type BatchTaskToolRegistrar func() error

+// C2ToolRegistrar C2 MCP 工具注册器（ApplyConfig 时 ClearTools 之后调用）
+type C2ToolRegistrar func() error
+
+// C2Runtime ApplyConfig 时按配置启停 C2 子系统（由 internal/app.App 实现）
+type C2Runtime interface {
+	ReconcileC2AfterConfigApply() error
+}
+
 // RetrieverUpdater 检索器更新接口
 type RetrieverUpdater interface {
 	UpdateConfig(config *knowledge.RetrievalConfig)
@@ -73,6 +81,8 @@ type ConfigHandler struct {
 	webshellToolRegistrar      WebshellToolRegistrar      // WebShell 工具注册器（可选）
 	skillsToolRegistrar        SkillsToolRegistrar        // Skills工具注册器（可选）
 	batchTaskToolRegistrar     BatchTaskToolRegistrar     // 批量任务 MCP 工具（可选）
+	c2ToolRegistrar            C2ToolRegistrar            // C2 MCP 工具（可选）
+	c2Runtime                  C2Runtime                  // C2 启停（可选）
 	retrieverUpdater           RetrieverUpdater           // 检索器更新器（可选）
 	knowledgeInitializer       KnowledgeInitializer       // 知识库初始化器（可选）
 	appUpdater                 AppUpdater                 // App更新器（可选）
@@ -154,6 +164,20 @@ func (h *ConfigHandler) SetBatchTaskToolRegistrar(registrar BatchTaskToolRegistr
 	h.batchTaskToolRegistrar = registrar
 }

+// SetC2ToolRegistrar 设置 C2 MCP 工具注册器
+func (h *ConfigHandler) SetC2ToolRegistrar(registrar C2ToolRegistrar) {
+	h.mu.Lock()
+	defer h.mu.Unlock()
+	h.c2ToolRegistrar = registrar
+}
+
+// SetC2Runtime 设置 C2 运行时（Apply 时启停）
+func (h *ConfigHandler) SetC2Runtime(rt C2Runtime) {
+	h.mu.Lock()
+	defer h.mu.Unlock()
+	h.c2Runtime = rt
+}
+
 // SetRetrieverUpdater 设置检索器更新器
 func (h *ConfigHandler) SetRetrieverUpdater(updater RetrieverUpdater) {
 	h.mu.Lock()
@@ -193,6 +217,7 @@ type GetConfigResponse struct {
 	Knowledge  config.KnowledgeConfig  `json:"knowledge"`
 	Robots     config.RobotsConfig     `json:"robots,omitempty"`
 	MultiAgent config.MultiAgentPublic `json:"multi_agent,omitempty"`
+	C2         config.C2Public          `json:"c2"`
 }

 // ToolConfigInfo 工具配置信息
@@ -286,6 +311,7 @@ func (h *ConfigHandler) GetConfig(c *gin.Context) {
 		Agent:      h.config.Agent,
 		Hitl:       h.config.Hitl,
 		Knowledge:  h.config.Knowledge,
+		C2:         h.config.C2.Public(),
 		Robots:     h.config.Robots,
 		MultiAgent: multiPub,
 	})
@@ -591,6 +617,7 @@ type UpdateConfigRequest struct {
 	Knowledge  *config.KnowledgeConfig     `json:"knowledge,omitempty"`
 	Robots     *config.RobotsConfig        `json:"robots,omitempty"`
 	MultiAgent *config.MultiAgentAPIUpdate `json:"multi_agent,omitempty"`
+	C2         *config.C2APIUpdate          `json:"c2,omitempty"`
 }

 // ToolEnableStatus 工具启用状态
@@ -676,6 +703,12 @@ func (h *ConfigHandler) UpdateConfig(c *gin.Context) {
 		)
 	}

+	if req.C2 != nil {
+		v := req.C2.Enabled
+		h.config.C2.Enabled = &v
+		h.logger.Info("更新C2配置", zap.Bool("enabled", v))
+	}
+
 	// 多代理标量（sub_agents 等仍由 config.yaml 维护）
 	if req.MultiAgent != nil {
 		h.config.MultiAgent.Enabled = req.MultiAgent.Enabled
@@ -853,7 +886,7 @@ func (h *ConfigHandler) TestOpenAI(c *gin.Context) {
 		"messages": []map[string]string{
 			{"role": "user", "content": "Hi"},
 		},
-		"max_tokens": 5,
+		"max_completion_tokens": 5,
 	}

 	// 使用内部 openai Client 进行测试，若 provider 为 claude 会自动走桥接层
@@ -980,6 +1013,18 @@ func (h *ConfigHandler) ApplyConfig(c *gin.Context) {
 		h.logger.Info("知识库组件重新初始化完成")
 	}

+	// C2：在 ClearTools 之前按配置启停（随后由 c2ToolRegistrar 注册 MCP 工具）
+	h.mu.RLock()
+	c2Rt := h.c2Runtime
+	h.mu.RUnlock()
+	if c2Rt != nil {
+		if err := c2Rt.ReconcileC2AfterConfigApply(); err != nil {
+			h.logger.Error("C2 配置应用失败", zap.Error(err))
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "C2 启动失败: " + err.Error()})
+			return
+		}
+	}
+
 	// 现在获取写锁，执行快速的操作
 	h.mu.Lock()
 	defer h.mu.Unlock()
@@ -1044,6 +1089,16 @@ func (h *ConfigHandler) ApplyConfig(c *gin.Context) {
 		}
 	}

+	// 重新注册 C2 MCP 工具（仅当 C2 已启动）
+	if h.c2ToolRegistrar != nil {
+		h.logger.Info("重新注册 C2 MCP 工具")
+		if err := h.c2ToolRegistrar(); err != nil {
+			h.logger.Error("重新注册 C2 MCP 工具失败", zap.Error(err))
+		} else {
+			h.logger.Info("C2 MCP 工具已处理")
+		}
+	}
+
 	// 如果知识库启用，重新注册知识库工具
 	if h.config.Knowledge.Enabled && h.knowledgeToolRegistrar != nil {
 		h.logger.Info("重新注册知识库工具")
@@ -1131,6 +1186,7 @@ func (h *ConfigHandler) saveConfig() error {
 	updateOpenAIConfig(root, h.config.OpenAI)
 	updateFOFAConfig(root, h.config.FOFA)
 	updateKnowledgeConfig(root, h.config.Knowledge)
+	updateC2Config(root, h.config.C2)
 	updateRobotsConfig(root, h.config.Robots)
 	updateHitlConfig(root, h.config.Hitl)
 	updateMultiAgentConfig(root, h.config.MultiAgent)
@@ -1309,6 +1365,12 @@ func updateKnowledgeConfig(doc *yaml.Node, cfg config.KnowledgeConfig) {
 	setIntInMap(indexingNode, "retry_delay_ms", cfg.Indexing.RetryDelayMs)
 }

+func updateC2Config(doc *yaml.Node, cfg config.C2Config) {
+	root := doc.Content[0]
+	c2Node := ensureMap(root, "c2")
+	setBoolInMap(c2Node, "enabled", cfg.EnabledEffective())
+}
+
 func mergeHitlToolWhitelistSlice(existing, add []string) []string {
 	seen := make(map[string]struct{})
 	out := make([]string, 0, len(existing)+len(add))
@@ -43,8 +43,11 @@ func (h *AgentHandler) EinoSingleAgentLoopStream(c *gin.Context) {
 	var sseWriteMu sync.Mutex
 	var ssePublishConversationID string
 	sendEvent := func(eventType, message string, data interface{}) {
-		if eventType == "error" && baseCtx != nil && errors.Is(context.Cause(baseCtx), ErrTaskCancelled) {
-			return
+		if eventType == "error" && baseCtx != nil {
+			cause := context.Cause(baseCtx)
+			if errors.Is(cause, ErrTaskCancelled) || errors.Is(cause, ErrUserInterruptContinue) {
+				return
+			}
 		}
 		ev := StreamEvent{Type: eventType, Message: message, Data: data}
 		b, errMarshal := json.Marshal(ev)
@@ -114,33 +117,10 @@ func (h *AgentHandler) EinoSingleAgentLoopStream(c *gin.Context) {
 	}

 	var cancelWithCause context.CancelCauseFunc
-	baseCtx, cancelWithCause = context.WithCancelCause(context.Background())
-	taskCtx, timeoutCancel := context.WithTimeout(baseCtx, 600*time.Minute)
-	defer timeoutCancel()
-	defer cancelWithCause(nil)
-	progressCallback := h.createProgressCallback(taskCtx, cancelWithCause, conversationID, assistantMessageID, sendEvent)
-	taskCtx = multiagent.WithHITLToolInterceptor(taskCtx, func(ctx context.Context, toolName, arguments string) (string, error) {
-		return h.interceptHITLForEinoTool(ctx, cancelWithCause, conversationID, assistantMessageID, sendEvent, toolName, arguments)
-	})
-
-	if _, err := h.tasks.StartTask(conversationID, req.Message, cancelWithCause); err != nil {
-		var errorMsg string
-		if errors.Is(err, ErrTaskAlreadyRunning) {
-			errorMsg = "⚠️ 当前会话已有任务正在执行中，请等待当前任务完成或点击「停止任务」后再尝试。"
-			sendEvent("error", errorMsg, map[string]interface{}{
-				"conversationId": conversationID,
-				"errorType":      "task_already_running",
-			})
-		} else {
-			errorMsg = "❌ 无法启动任务: " + err.Error()
-			sendEvent("error", errorMsg, nil)
-		}
-		if assistantMessageID != "" {
-			_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", errorMsg, assistantMessageID)
-		}
-		sendEvent("done", "", map[string]interface{}{"conversationId": conversationID})
-		return
-	}
+	firstRun := true
+	curFinalMessage := prep.FinalMessage
+	curHistory := prep.History
+	roleTools := prep.RoleTools

 	taskStatus := "completed"
 	defer h.tasks.FinishTask(conversationID, taskStatus)
@@ -161,28 +141,114 @@ func (h *AgentHandler) EinoSingleAgentLoopStream(c *gin.Context) {
 		return
 	}

-	result, runErr := multiagent.RunEinoSingleChatModelAgent(
-		taskCtx,
-		h.config,
-		&h.config.MultiAgent,
-		h.agent,
-		h.logger,
-		conversationID,
-		prep.FinalMessage,
-		prep.History,
-		prep.RoleTools,
-		progressCallback,
-	)
+	var result *multiagent.RunResult
+	var runErr error
+
+	for {
+		baseCtx, cancelWithCause = context.WithCancelCause(context.Background())
+		taskCtx, timeoutCancel := context.WithTimeout(baseCtx, 600*time.Minute)
+
+		if firstRun {
+			if _, err := h.tasks.StartTask(conversationID, req.Message, cancelWithCause); err != nil {
+				var errorMsg string
+				if errors.Is(err, ErrTaskAlreadyRunning) {
+					errorMsg = "⚠️ 当前会话已有任务正在执行中，请等待当前任务完成或点击「停止任务」后再尝试。"
+					sendEvent("error", errorMsg, map[string]interface{}{
+						"conversationId": conversationID,
+						"errorType":      "task_already_running",
+					})
+				} else {
+					errorMsg = "❌ 无法启动任务: " + err.Error()
+					sendEvent("error", errorMsg, nil)
+				}
+				if assistantMessageID != "" {
+					_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", errorMsg, time.Now(), assistantMessageID)
+				}
+				sendEvent("done", "", map[string]interface{}{"conversationId": conversationID})
+				timeoutCancel()
+				return
+			}
+			firstRun = false
+		} else {
+			if err := h.tasks.ResetTaskCancelForContinue(conversationID, cancelWithCause); err != nil {
+				h.logger.Error("续跑任务时重置 cancel 失败", zap.Error(err))
+				taskStatus = "failed"
+				sendEvent("error", err.Error(), nil)
+				sendEvent("done", "", map[string]interface{}{"conversationId": conversationID})
+				timeoutCancel()
+				return
+			}
+		}
+
+		progressCallback := h.createProgressCallback(taskCtx, cancelWithCause, conversationID, assistantMessageID, sendEvent)
+		taskCtx = multiagent.WithHITLToolInterceptor(taskCtx, func(ctx context.Context, toolName, arguments string) (string, error) {
+			return h.interceptHITLForEinoTool(ctx, cancelWithCause, conversationID, assistantMessageID, sendEvent, toolName, arguments)
+		})
+
+		result, runErr = multiagent.RunEinoSingleChatModelAgent(
+			taskCtx,
+			h.config,
+			&h.config.MultiAgent,
+			h.agent,
+			h.logger,
+			conversationID,
+			curFinalMessage,
+			curHistory,
+			roleTools,
+			progressCallback,
+		)
+		timeoutCancel()
+
+		if runErr == nil {
+			break
+		}

-	if runErr != nil {
 		h.persistEinoAgentTraceForResume(conversationID, result)
 		cause := context.Cause(baseCtx)
+		if errors.Is(cause, ErrUserInterruptContinue) {
+			reason := h.tasks.TakeInterruptContinueReason(conversationID)
+			prepNext, perr := h.prepareSessionAfterUserInterrupt(conversationID, assistantMessageID, reason, roleTools)
+			if perr != nil {
+				h.logger.Error("准备中断后续跑失败", zap.Error(perr))
+				taskStatus = "failed"
+				h.tasks.UpdateTaskStatus(conversationID, taskStatus)
+				errMsg := "中断后续跑失败: " + perr.Error()
+				if assistantMessageID != "" {
+					_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", errMsg, time.Now(), assistantMessageID)
+				}
+				sendEvent("error", errMsg, map[string]interface{}{
+					"conversationId": conversationID,
+					"messageId":      assistantMessageID,
+				})
+				sendEvent("done", "", map[string]interface{}{"conversationId": conversationID})
+				return
+			}
+			assistantMessageID = prepNext.AssistantMessageID
+			curFinalMessage = prepNext.FinalMessage
+			curHistory = prepNext.History
+			if prepNext.UserMessageID != "" {
+				sendEvent("message_saved", "", map[string]interface{}{
+					"conversationId": conversationID,
+					"userMessageId":  prepNext.UserMessageID,
+				})
+			}
+			sendEvent("user_interrupt_continue", reason, map[string]interface{}{
+				"conversationId": conversationID,
+				"reason":         reason,
+				"messageId":      assistantMessageID,
+			})
+			sendEvent("progress", "已接收中断说明，继续迭代...", map[string]interface{}{
+				"conversationId": conversationID,
+			})
+			continue
+		}
+
 		if errors.Is(cause, ErrTaskCancelled) {
 			taskStatus = "cancelled"
 			h.tasks.UpdateTaskStatus(conversationID, taskStatus)
 			cancelMsg := "任务已被用户取消，后续操作已停止。"
 			if assistantMessageID != "" {
-				_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", cancelMsg, assistantMessageID)
+				_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", cancelMsg, time.Now(), assistantMessageID)
 				_ = h.db.AddProcessDetail(assistantMessageID, conversationID, "cancelled", cancelMsg, nil)
 			}
 			sendEvent("cancelled", cancelMsg, map[string]interface{}{
@@ -198,7 +264,7 @@ func (h *AgentHandler) EinoSingleAgentLoopStream(c *gin.Context) {
 			h.tasks.UpdateTaskStatus(conversationID, taskStatus)
 			timeoutMsg := "任务执行超时，已自动终止。"
 			if assistantMessageID != "" {
-				_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", timeoutMsg, assistantMessageID)
+				_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", timeoutMsg, time.Now(), assistantMessageID)
 				_ = h.db.AddProcessDetail(assistantMessageID, conversationID, "timeout", timeoutMsg, nil)
 			}
 			sendEvent("error", timeoutMsg, map[string]interface{}{
@@ -215,7 +281,7 @@ func (h *AgentHandler) EinoSingleAgentLoopStream(c *gin.Context) {
 		h.tasks.UpdateTaskStatus(conversationID, taskStatus)
 		errMsg := "执行失败: " + runErr.Error()
 		if assistantMessageID != "" {
-			_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", errMsg, assistantMessageID)
+			_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", errMsg, time.Now(), assistantMessageID)
 			_ = h.db.AddProcessDetail(assistantMessageID, conversationID, "error", errMsg, nil)
 		}
 		sendEvent("error", errMsg, map[string]interface{}{
@@ -233,9 +299,10 @@ func (h *AgentHandler) EinoSingleAgentLoopStream(c *gin.Context) {
 			mcpIDsJSON = string(jsonData)
 		}
 		_, _ = h.db.Exec(
-			"UPDATE messages SET content = ?, mcp_execution_ids = ? WHERE id = ?",
+			"UPDATE messages SET content = ?, mcp_execution_ids = ?, updated_at = ? WHERE id = ?",
 			result.Response,
 			mcpIDsJSON,
+			time.Now(),
 			assistantMessageID,
 		)
 	}
@@ -319,9 +386,10 @@ func (h *AgentHandler) EinoSingleAgentLoop(c *gin.Context) {
 			mcpIDsJSON = string(jsonData)
 		}
 		_, _ = h.db.Exec(
-			"UPDATE messages SET content = ?, mcp_execution_ids = ? WHERE id = ?",
+			"UPDATE messages SET content = ?, mcp_execution_ids = ?, updated_at = ? WHERE id = ?",
 			result.Response,
 			mcpIDsJSON,
+			time.Now(),
 			prep.AssistantMessageID,
 		)
 	}
@@ -268,8 +268,8 @@ func (h *FofaHandler) ParseNaturalLanguage(c *gin.Context) {
 			{"role": "system", "content": systemPrompt},
 			{"role": "user", "content": userPrompt},
 		},
-		"temperature": 0.1,
-		"max_tokens":  1200,
+		"temperature":           0.1,
+		"max_completion_tokens": 12000,
 	}

 	// OpenAI 返回结构：只需要 choices[0].message.content
@@ -1,6 +1,9 @@
 package handler

 import (
+	"encoding/json"
+	"errors"
+	"io"
 	"net/http"
 	"strconv"
 	"strings"
@@ -245,6 +248,37 @@ func (h *MonitorHandler) GetExecution(c *gin.Context) {
 	c.JSON(http.StatusNotFound, gin.H{"error": "执行记录未找到"})
 }

+// CancelExecution 手动取消进行中的 MCP 工具调用（仅取消该次 tools/call 的上下文，不停止整条 Agent / 迭代任务）
+// 请求体可选 JSON：{ "note": "用户说明" }，将与工具已返回输出合并交给模型（含「用户终止说明」标题块，与命令行原文区分）。
+func (h *MonitorHandler) CancelExecution(c *gin.Context) {
+	id := c.Param("id")
+	if id == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "执行记录ID不能为空"})
+		return
+	}
+	note := ""
+	dec := json.NewDecoder(c.Request.Body)
+	var body struct {
+		Note string `json:"note"`
+	}
+	if err := dec.Decode(&body); err != nil && !errors.Is(err, io.EOF) {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "请求体须为 JSON，例如 {\"note\":\"说明\"}，可为空对象"})
+		return
+	}
+	note = strings.TrimSpace(body.Note)
+	if h.mcpServer.CancelToolExecutionWithNote(id, note) {
+		h.logger.Info("已请求取消 MCP 工具执行", zap.String("executionId", id), zap.String("source", "internal"), zap.Bool("hasNote", note != ""))
+		c.JSON(http.StatusOK, gin.H{"message": "已发送终止信号", "executionId": id})
+		return
+	}
+	if h.externalMCPMgr != nil && h.externalMCPMgr.CancelToolExecutionWithNote(id, note) {
+		h.logger.Info("已请求取消 MCP 工具执行", zap.String("executionId", id), zap.String("source", "external"), zap.Bool("hasNote", note != ""))
+		c.JSON(http.StatusOK, gin.H{"message": "已发送终止信号", "executionId": id})
+		return
+	}
+	c.JSON(http.StatusNotFound, gin.H{"error": "未找到进行中的工具执行，或该任务已结束"})
+}
+
 // BatchGetToolNames 批量获取工具执行的工具名称（消除前端 N+1 请求）
 func (h *MonitorHandler) BatchGetToolNames(c *gin.Context) {
 	var req struct {
@@ -317,7 +351,7 @@ func (h *MonitorHandler) DeleteExecution(c *gin.Context) {
 		totalCalls := 1
 		successCalls := 0
 		failedCalls := 0
-		if exec.Status == "failed" {
+		if exec.Status == "failed" || exec.Status == "cancelled" {
 			failedCalls = 1
 		} else if exec.Status == "completed" {
 			successCalls = 1
@@ -381,7 +415,7 @@ func (h *MonitorHandler) DeleteExecutions(c *gin.Context) {

 			stats := toolStats[exec.ToolName]
 			stats.totalCalls++
-			if exec.Status == "failed" {
+			if exec.Status == "failed" || exec.Status == "cancelled" {
 				stats.failedCalls++
 			} else if exec.Status == "completed" {
 				stats.successCalls++
@@ -60,8 +60,11 @@ func (h *AgentHandler) MultiAgentLoopStream(c *gin.Context) {
 	sendEvent := func(eventType, message string, data interface{}) {
 		// 用户主动停止时，Eino 可能仍会并发上报 eventType=="error"。
 		// 为避免 UI 看到“取消错误 + cancelled 文案”两条回复，这里直接丢弃取消对应的 error。
-		if eventType == "error" && baseCtx != nil && errors.Is(context.Cause(baseCtx), ErrTaskCancelled) {
-			return
+		if eventType == "error" && baseCtx != nil {
+			cause := context.Cause(baseCtx)
+			if errors.Is(cause, ErrTaskCancelled) || errors.Is(cause, ErrUserInterruptContinue) {
+				return
+			}
 		}
 		ev := StreamEvent{Type: eventType, Message: message, Data: data}
 		b, errMarshal := json.Marshal(ev)
@@ -130,33 +133,12 @@ func (h *AgentHandler) MultiAgentLoopStream(c *gin.Context) {
 		})
 	}

-	baseCtx, cancelWithCause := context.WithCancelCause(context.Background())
-	taskCtx, timeoutCancel := context.WithTimeout(baseCtx, 600*time.Minute)
-	defer timeoutCancel()
-	defer cancelWithCause(nil)
-	progressCallback := h.createProgressCallback(taskCtx, cancelWithCause, conversationID, assistantMessageID, sendEvent)
-	taskCtx = multiagent.WithHITLToolInterceptor(taskCtx, func(ctx context.Context, toolName, arguments string) (string, error) {
-		return h.interceptHITLForEinoTool(ctx, cancelWithCause, conversationID, assistantMessageID, sendEvent, toolName, arguments)
-	})
-
-	if _, err := h.tasks.StartTask(conversationID, req.Message, cancelWithCause); err != nil {
-		var errorMsg string
-		if errors.Is(err, ErrTaskAlreadyRunning) {
-			errorMsg = "⚠️ 当前会话已有任务正在执行中，请等待当前任务完成或点击「停止任务」后再尝试。"
-			sendEvent("error", errorMsg, map[string]interface{}{
-				"conversationId": conversationID,
-				"errorType":      "task_already_running",
-			})
-		} else {
-			errorMsg = "❌ 无法启动任务: " + err.Error()
-			sendEvent("error", errorMsg, nil)
-		}
-		if assistantMessageID != "" {
-			_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", errorMsg, assistantMessageID)
-		}
-		sendEvent("done", "", map[string]interface{}{"conversationId": conversationID})
-		return
-	}
+	var cancelWithCause context.CancelCauseFunc
+	firstRun := true
+	curFinalMessage := prep.FinalMessage
+	curHistory := prep.History
+	roleTools := prep.RoleTools
+	orch := strings.TrimSpace(req.Orchestration)

 	taskStatus := "completed"
 	defer h.tasks.FinishTask(conversationID, taskStatus)
@@ -169,30 +151,116 @@ func (h *AgentHandler) MultiAgentLoopStream(c *gin.Context) {
 	go sseKeepalive(c, stopKeepalive, &sseWriteMu)
 	defer close(stopKeepalive)

-	result, runErr := multiagent.RunDeepAgent(
-		taskCtx,
-		h.config,
-		&h.config.MultiAgent,
-		h.agent,
-		h.logger,
-		conversationID,
-		prep.FinalMessage,
-		prep.History,
-		prep.RoleTools,
-		progressCallback,
-		h.agentsMarkdownDir,
-		strings.TrimSpace(req.Orchestration),
-	)
+	var result *multiagent.RunResult
+	var runErr error
+
+	for {
+		baseCtx, cancelWithCause = context.WithCancelCause(context.Background())
+		taskCtx, timeoutCancel := context.WithTimeout(baseCtx, 600*time.Minute)
+
+		if firstRun {
+			if _, err := h.tasks.StartTask(conversationID, req.Message, cancelWithCause); err != nil {
+				var errorMsg string
+				if errors.Is(err, ErrTaskAlreadyRunning) {
+					errorMsg = "⚠️ 当前会话已有任务正在执行中，请等待当前任务完成或点击「停止任务」后再尝试。"
+					sendEvent("error", errorMsg, map[string]interface{}{
+						"conversationId": conversationID,
+						"errorType":      "task_already_running",
+					})
+				} else {
+					errorMsg = "❌ 无法启动任务: " + err.Error()
+					sendEvent("error", errorMsg, nil)
+				}
+				if assistantMessageID != "" {
+					_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", errorMsg, time.Now(), assistantMessageID)
+				}
+				sendEvent("done", "", map[string]interface{}{"conversationId": conversationID})
+				timeoutCancel()
+				return
+			}
+			firstRun = false
+		} else {
+			if err := h.tasks.ResetTaskCancelForContinue(conversationID, cancelWithCause); err != nil {
+				h.logger.Error("续跑任务时重置 cancel 失败", zap.Error(err))
+				taskStatus = "failed"
+				sendEvent("error", err.Error(), nil)
+				sendEvent("done", "", map[string]interface{}{"conversationId": conversationID})
+				timeoutCancel()
+				return
+			}
+		}
+
+		progressCallback := h.createProgressCallback(taskCtx, cancelWithCause, conversationID, assistantMessageID, sendEvent)
+		taskCtx = multiagent.WithHITLToolInterceptor(taskCtx, func(ctx context.Context, toolName, arguments string) (string, error) {
+			return h.interceptHITLForEinoTool(ctx, cancelWithCause, conversationID, assistantMessageID, sendEvent, toolName, arguments)
+		})
+
+		result, runErr = multiagent.RunDeepAgent(
+			taskCtx,
+			h.config,
+			&h.config.MultiAgent,
+			h.agent,
+			h.logger,
+			conversationID,
+			curFinalMessage,
+			curHistory,
+			roleTools,
+			progressCallback,
+			h.agentsMarkdownDir,
+			orch,
+		)
+		timeoutCancel()
+
+		if runErr == nil {
+			break
+		}

-	if runErr != nil {
 		h.persistEinoAgentTraceForResume(conversationID, result)
 		cause := context.Cause(baseCtx)
+		if errors.Is(cause, ErrUserInterruptContinue) {
+			reason := h.tasks.TakeInterruptContinueReason(conversationID)
+			prepNext, perr := h.prepareSessionAfterUserInterrupt(conversationID, assistantMessageID, reason, roleTools)
+			if perr != nil {
+				h.logger.Error("准备中断后续跑失败", zap.Error(perr))
+				taskStatus = "failed"
+				h.tasks.UpdateTaskStatus(conversationID, taskStatus)
+				errMsg := "中断后续跑失败: " + perr.Error()
+				if assistantMessageID != "" {
+					_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", errMsg, time.Now(), assistantMessageID)
+				}
+				sendEvent("error", errMsg, map[string]interface{}{
+					"conversationId": conversationID,
+					"messageId":      assistantMessageID,
+				})
+				sendEvent("done", "", map[string]interface{}{"conversationId": conversationID})
+				return
+			}
+			assistantMessageID = prepNext.AssistantMessageID
+			curFinalMessage = prepNext.FinalMessage
+			curHistory = prepNext.History
+			if prepNext.UserMessageID != "" {
+				sendEvent("message_saved", "", map[string]interface{}{
+					"conversationId": conversationID,
+					"userMessageId":  prepNext.UserMessageID,
+				})
+			}
+			sendEvent("user_interrupt_continue", reason, map[string]interface{}{
+				"conversationId": conversationID,
+				"reason":         reason,
+				"messageId":      assistantMessageID,
+			})
+			sendEvent("progress", "已接收中断说明，继续迭代...", map[string]interface{}{
+				"conversationId": conversationID,
+			})
+			continue
+		}
+
 		if errors.Is(cause, ErrTaskCancelled) {
 			taskStatus = "cancelled"
 			h.tasks.UpdateTaskStatus(conversationID, taskStatus)
 			cancelMsg := "任务已被用户取消，后续操作已停止。"
 			if assistantMessageID != "" {
-				_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", cancelMsg, assistantMessageID)
+				_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", cancelMsg, time.Now(), assistantMessageID)
 				_ = h.db.AddProcessDetail(assistantMessageID, conversationID, "cancelled", cancelMsg, nil)
 			}
 			sendEvent("cancelled", cancelMsg, map[string]interface{}{
@@ -208,7 +276,7 @@ func (h *AgentHandler) MultiAgentLoopStream(c *gin.Context) {
 			h.tasks.UpdateTaskStatus(conversationID, taskStatus)
 			timeoutMsg := "任务执行超时，已自动终止。"
 			if assistantMessageID != "" {
-				_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", timeoutMsg, assistantMessageID)
+				_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", timeoutMsg, time.Now(), assistantMessageID)
 				_ = h.db.AddProcessDetail(assistantMessageID, conversationID, "timeout", timeoutMsg, nil)
 			}
 			sendEvent("error", timeoutMsg, map[string]interface{}{
@@ -225,7 +293,7 @@ func (h *AgentHandler) MultiAgentLoopStream(c *gin.Context) {
 		h.tasks.UpdateTaskStatus(conversationID, taskStatus)
 		errMsg := "执行失败: " + runErr.Error()
 		if assistantMessageID != "" {
-			_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", errMsg, assistantMessageID)
+			_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", errMsg, time.Now(), assistantMessageID)
 			_ = h.db.AddProcessDetail(assistantMessageID, conversationID, "error", errMsg, nil)
 		}
 		sendEvent("error", errMsg, map[string]interface{}{
@@ -243,9 +311,10 @@ func (h *AgentHandler) MultiAgentLoopStream(c *gin.Context) {
 			mcpIDsJSON = string(jsonData)
 		}
 		_, _ = h.db.Exec(
-			"UPDATE messages SET content = ?, mcp_execution_ids = ? WHERE id = ?",
+			"UPDATE messages SET content = ?, mcp_execution_ids = ?, updated_at = ? WHERE id = ?",
 			result.Response,
 			mcpIDsJSON,
+			time.Now(),
 			assistantMessageID,
 		)
 	}
@@ -323,7 +392,7 @@ func (h *AgentHandler) MultiAgentLoop(c *gin.Context) {
 		h.logger.Error("Eino DeepAgent 执行失败", zap.Error(runErr))
 		errMsg := "执行失败: " + runErr.Error()
 		if prep.AssistantMessageID != "" {
-			_, _ = h.db.Exec("UPDATE messages SET content = ? WHERE id = ?", errMsg, prep.AssistantMessageID)
+			_, _ = h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", errMsg, time.Now(), prep.AssistantMessageID)
 		}
 		c.JSON(http.StatusInternalServerError, gin.H{"error": errMsg})
 		return
@@ -336,9 +405,10 @@ func (h *AgentHandler) MultiAgentLoop(c *gin.Context) {
 			mcpIDsJSON = string(jsonData)
 		}
 		_, _ = h.db.Exec(
-			"UPDATE messages SET content = ?, mcp_execution_ids = ? WHERE id = ?",
+			"UPDATE messages SET content = ?, mcp_execution_ids = ?, updated_at = ? WHERE id = ?",
 			result.Response,
 			mcpIDsJSON,
+			time.Now(),
 			prep.AssistantMessageID,
 		)
 	}
@@ -3,6 +3,7 @@ package handler
 import (
 	"fmt"
 	"strings"
+	"time"

 	"cyberstrike-ai/internal/agent"
 	"cyberstrike-ai/internal/database"
@@ -142,3 +143,64 @@ func (h *AgentHandler) prepareMultiAgentSession(req *ChatRequest) (*multiAgentPr
 		UserMessageID:      userMessageID,
 	}, nil
 }
+
+// prepareSessionAfterUserInterrupt 用户「中断并说明」后：结束当前助手占位、写入用户说明、新建助手占位，并生成下一轮 Run 所需的 History + FinalMessage。
+func (h *AgentHandler) prepareSessionAfterUserInterrupt(conversationID, prevAssistantMessageID, reason string, roleTools []string) (*multiAgentPrepared, error) {
+	if strings.TrimSpace(conversationID) == "" {
+		return nil, fmt.Errorf("conversationId 为空")
+	}
+	if _, err := h.db.GetConversation(conversationID); err != nil {
+		return nil, fmt.Errorf("对话不存在")
+	}
+	note := "（已根据用户说明中断当前步骤，正在继续迭代。）"
+	if prevAssistantMessageID != "" {
+		if _, err := h.db.Exec("UPDATE messages SET content = ?, updated_at = ? WHERE id = ?", note, time.Now(), prevAssistantMessageID); err != nil {
+			return nil, fmt.Errorf("更新助手消息失败: %w", err)
+		}
+		r := strings.TrimSpace(reason)
+		detail := "用户中断并说明"
+		if r != "" {
+			detail += "：" + r
+		}
+		_ = h.db.AddProcessDetail(prevAssistantMessageID, conversationID, "user_interrupt", detail, map[string]interface{}{
+			"reason": r,
+		})
+	}
+	userContent := fmt.Sprintf("【用户中断说明】%s\n\n请根据以上说明调整并继续任务。", strings.TrimSpace(reason))
+	if strings.TrimSpace(reason) == "" {
+		userContent = "【用户中断说明】（未填写具体原因）\n\n请根据情况调整并继续任务。"
+	}
+	userMsgRow, err := h.db.AddMessage(conversationID, "user", userContent, nil)
+	if err != nil {
+		return nil, fmt.Errorf("保存用户消息失败: %w", err)
+	}
+	assistantMsg, err := h.db.AddMessage(conversationID, "assistant", "处理中...", nil)
+	if err != nil || assistantMsg == nil {
+		return nil, fmt.Errorf("创建助手占位失败: %w", err)
+	}
+	msgs, err := h.db.GetMessages(conversationID)
+	if err != nil || len(msgs) < 2 {
+		return nil, fmt.Errorf("读取消息历史失败或消息不足")
+	}
+	histMsgs := msgs[:len(msgs)-2]
+	agentHistory := make([]agent.ChatMessage, 0, len(histMsgs))
+	for _, msg := range histMsgs {
+		agentHistory = append(agentHistory, agent.ChatMessage{
+			Role:    msg.Role,
+			Content: msg.Content,
+		})
+	}
+	userMessageID := ""
+	if userMsgRow != nil {
+		userMessageID = userMsgRow.ID
+	}
+	return &multiAgentPrepared{
+		ConversationID:     conversationID,
+		CreatedNew:         false,
+		History:            agentHistory,
+		FinalMessage:       userContent,
+		RoleTools:          roleTools,
+		AssistantMessageID: assistantMsg.ID,
+		UserMessageID:      userMessageID,
+	}, nil
+}
@@ -461,6 +461,14 @@ func (h *OpenAPIHandler) GetOpenAPISpec(c *gin.Context) {
 							"type":        "string",
 							"description": "对话ID",
 						},
+						"reason": map[string]interface{}{
+							"type":        "string",
+							"description": "中断说明；与 continueAfter 同时为真时必填，将写入对话并由同一会话流式迭代继续",
+						},
+						"continueAfter": map[string]interface{}{
+							"type":        "boolean",
+							"description": "为 true 时取消当前运行步骤并注入 reason 后继续迭代（非彻底停止）",
+						},
 					},
 				},
 				"AgentTask": map[string]interface{}{
@@ -3318,6 +3326,55 @@ func (h *OpenAPIHandler) GetOpenAPISpec(c *gin.Context) {
 					},
 				},
 			},
+			"/api/monitor/execution/{id}/cancel": map[string]interface{}{
+				"post": map[string]interface{}{
+					"tags":        []string{"监控"},
+					"summary":     "取消进行中的工具执行",
+					"description": "对当前进程内正在执行的 MCP 工具调用发送 context 取消信号；上层对话/多步任务可继续。若执行已结束或未在本进程内运行则返回 404。",
+					"operationId": "cancelExecution",
+					"parameters": []map[string]interface{}{
+						{
+							"name":        "id",
+							"in":          "path",
+							"required":    true,
+							"description": "执行ID",
+							"schema": map[string]interface{}{
+								"type": "string",
+							},
+						},
+					},
+					"requestBody": map[string]interface{}{
+						"required": false,
+						"content": map[string]interface{}{
+							"application/json": map[string]interface{}{
+								"schema": map[string]interface{}{
+									"type": "object",
+									"properties": map[string]interface{}{
+										"note": map[string]interface{}{
+											"type":        "string",
+											"description": "可选。非空时与工具已返回输出合并交给大模型，并带有「用户终止说明」标题块以便与命令行原文区分",
+										},
+									},
+								},
+							},
+						},
+					},
+					"responses": map[string]interface{}{
+						"200": map[string]interface{}{
+							"description": "已发送终止信号",
+						},
+						"400": map[string]interface{}{
+							"description": "请求体不是合法 JSON",
+						},
+						"404": map[string]interface{}{
+							"description": "未找到进行中的工具执行",
+						},
+						"401": map[string]interface{}{
+							"description": "未授权",
+						},
+					},
+				},
+			},
 			"/api/monitor/executions": map[string]interface{}{
 				"delete": map[string]interface{}{
 					"tags":        []string{"监控"},
@@ -75,14 +75,58 @@ func (h *RobotHandler) sessionKey(platform, userID string) string {
 	return platform + "_" + userID
 }

+func (h *RobotHandler) loadSessionBinding(sk string) (convID, role string) {
+	if h.db == nil || strings.TrimSpace(sk) == "" {
+		return "", ""
+	}
+	binding, err := h.db.GetRobotSessionBinding(sk)
+	if err != nil {
+		h.logger.Warn("读取机器人会话绑定失败", zap.String("session_key", sk), zap.Error(err))
+		return "", ""
+	}
+	if binding == nil {
+		return "", ""
+	}
+	return binding.ConversationID, binding.RoleName
+}
+
+func (h *RobotHandler) persistSessionBinding(sk, convID, role string) {
+	if h.db == nil || strings.TrimSpace(sk) == "" || strings.TrimSpace(convID) == "" {
+		return
+	}
+	if err := h.db.UpsertRobotSessionBinding(sk, convID, role); err != nil {
+		h.logger.Warn("写入机器人会话绑定失败", zap.String("session_key", sk), zap.Error(err))
+	}
+}
+
+func (h *RobotHandler) deleteSessionBinding(sk string) {
+	if h.db == nil || strings.TrimSpace(sk) == "" {
+		return
+	}
+	if err := h.db.DeleteRobotSessionBinding(sk); err != nil {
+		h.logger.Warn("删除机器人会话绑定失败", zap.String("session_key", sk), zap.Error(err))
+	}
+}
+
 // getOrCreateConversation 获取或创建当前会话，title 用于新对话的标题（取用户首条消息前50字）
 func (h *RobotHandler) getOrCreateConversation(platform, userID, title string) (convID string, isNew bool) {
+	sk := h.sessionKey(platform, userID)
 	h.mu.RLock()
-	convID = h.sessions[h.sessionKey(platform, userID)]
+	convID = h.sessions[sk]
 	h.mu.RUnlock()
 	if convID != "" {
 		return convID, false
 	}
+	if persistedConvID, persistedRole := h.loadSessionBinding(sk); strings.TrimSpace(persistedConvID) != "" {
+		// 会话绑定持久化：服务重启后也可恢复当前对话和角色。
+		h.mu.Lock()
+		h.sessions[sk] = persistedConvID
+		if strings.TrimSpace(persistedRole) != "" {
+			h.sessionRoles[sk] = persistedRole
+		}
+		h.mu.Unlock()
+		return persistedConvID, false
+	}
 	t := strings.TrimSpace(title)
 	if t == "" {
 		t = "新对话 " + time.Now().Format("01-02 15:04")
@@ -96,34 +140,49 @@ func (h *RobotHandler) getOrCreateConversation(platform, userID, title string) (
 	}
 	convID = conv.ID
 	h.mu.Lock()
-	h.sessions[h.sessionKey(platform, userID)] = convID
+	role := h.sessionRoles[sk]
+	h.sessions[sk] = convID
 	h.mu.Unlock()
+	h.persistSessionBinding(sk, convID, role)
 	return convID, true
 }

 // setConversation 切换当前会话
 func (h *RobotHandler) setConversation(platform, userID, convID string) {
+	sk := h.sessionKey(platform, userID)
 	h.mu.Lock()
-	h.sessions[h.sessionKey(platform, userID)] = convID
+	role := h.sessionRoles[sk]
+	h.sessions[sk] = convID
 	h.mu.Unlock()
+	h.persistSessionBinding(sk, convID, role)
 }

 // getRole 获取当前用户使用的角色，未设置时返回"默认"
 func (h *RobotHandler) getRole(platform, userID string) string {
+	sk := h.sessionKey(platform, userID)
 	h.mu.RLock()
-	role := h.sessionRoles[h.sessionKey(platform, userID)]
+	role := h.sessionRoles[sk]
 	h.mu.RUnlock()
-	if role == "" {
-		return "默认"
+	if strings.TrimSpace(role) != "" {
+		return role
 	}
-	return role
+	if _, persistedRole := h.loadSessionBinding(sk); strings.TrimSpace(persistedRole) != "" {
+		h.mu.Lock()
+		h.sessionRoles[sk] = persistedRole
+		h.mu.Unlock()
+		return persistedRole
+	}
+	return "默认"
 }

 // setRole 设置当前用户使用的角色
 func (h *RobotHandler) setRole(platform, userID, roleName string) {
+	sk := h.sessionKey(platform, userID)
 	h.mu.Lock()
-	h.sessionRoles[h.sessionKey(platform, userID)] = roleName
+	h.sessionRoles[sk] = roleName
+	convID := h.sessions[sk]
 	h.mu.Unlock()
+	h.persistSessionBinding(sk, convID, roleName)
 }

 // clearConversation 清空当前会话（切换到新对话）
@@ -140,7 +199,16 @@ func (h *RobotHandler) clearConversation(platform, userID string) (newConvID str

 // HandleMessage 处理用户输入，返回回复文本（供各平台 webhook 调用）
 func (h *RobotHandler) HandleMessage(platform, userID, text string) (reply string) {
+	platform = strings.TrimSpace(platform)
+	userID = strings.TrimSpace(userID)
 	text = strings.TrimSpace(text)
+	if platform == "" {
+		platform = "unknown"
+	}
+	if userID == "" {
+		h.logger.Warn("机器人消息缺少用户标识，已拒绝处理", zap.String("platform", platform))
+		return "无法识别发送者身份，请检查机器人事件订阅权限（需返回可用的用户 ID）。"
+	}
 	if text == "" {
 		return "请输入内容或发送「帮助」/ help 查看命令。"
 	}
@@ -345,7 +413,9 @@ func (h *RobotHandler) cmdDelete(platform, userID, convID string) string {
 		// 删除当前对话时，先清空会话绑定
 		h.mu.Lock()
 		delete(h.sessions, sk)
+		delete(h.sessionRoles, sk)
 		h.mu.Unlock()
+		h.deleteSessionBinding(sk)
 	}
 	if err := h.db.DeleteConversation(convID); err != nil {
 		return "删除失败: " + err.Error()
@@ -647,8 +717,25 @@ func (h *RobotHandler) HandleWecomPOST(c *gin.Context) {
 		h.logger.Debug("企业微信内层 XML 解析成功", zap.String("FromUserName", body.FromUserName), zap.String("Content", body.Content))
 	}

-	userID := body.FromUserName
+	tenantKey := strings.TrimSpace(enterpriseID)
+	if tenantKey == "" {
+		tenantKey = strings.TrimSpace(h.config.Robots.Wecom.CorpID)
+	}
+	if tenantKey == "" {
+		tenantKey = "default"
+	}
+	rawUserID := strings.TrimSpace(body.FromUserName)
+	replyUserID := rawUserID
+	userID := ""
+	if rawUserID != "" {
+		userID = "t:" + tenantKey + "|u:" + rawUserID
+	}
 	text := strings.TrimSpace(body.Content)
+	if userID == "" {
+		h.logger.Warn("企业微信消息缺少可用用户标识，已忽略")
+		c.String(http.StatusOK, "success")
+		return
+	}

 	// 限制回复内容长度（企业微信限制 2048 字节）
 	maxReplyLen := 2000
@@ -661,14 +748,14 @@ func (h *RobotHandler) HandleWecomPOST(c *gin.Context) {

 	if body.MsgType != "text" {
 		h.logger.Debug("企业微信收到非文本消息", zap.String("MsgType", body.MsgType))
-		h.sendWecomReply(c, userID, enterpriseID, limitReply("暂仅支持文本消息，请发送文字。"), timestamp, nonce)
+		h.sendWecomReply(c, replyUserID, enterpriseID, limitReply("暂仅支持文本消息，请发送文字。"), timestamp, nonce)
 		return
 	}

 	// 文本消息：先判断是否为内置命令（如 帮助/列表/新对话 等），这类命令处理很快，可以直接走被动回复，避免依赖主动发送 API。
 	if cmdReply, ok := h.handleRobotCommand("wecom", userID, text); ok {
 		h.logger.Debug("企业微信收到命令消息，走被动回复", zap.String("userID", userID), zap.String("text", text))
-		h.sendWecomReply(c, userID, enterpriseID, limitReply(cmdReply), timestamp, nonce)
+		h.sendWecomReply(c, replyUserID, enterpriseID, limitReply(cmdReply), timestamp, nonce)
 		return
 	}

@@ -684,7 +771,7 @@ func (h *RobotHandler) HandleWecomPOST(c *gin.Context) {
 		reply = limitReply(reply)
 		h.logger.Debug("企业微信消息处理完成", zap.String("userID", userID), zap.String("reply", reply))
 		// 调用企业微信 API 主动发送消息
-		h.sendWecomMessageViaAPI(userID, enterpriseID, reply)
+		h.sendWecomMessageViaAPI(rawUserID, enterpriseID, reply)
 	}()
 }

@@ -3,6 +3,7 @@ package handler
 import (
 	"context"
 	"errors"
+	"strings"
 	"sync"
 	"time"
 )
@@ -10,6 +11,9 @@ import (
 // ErrTaskCancelled 用户取消任务的错误
 var ErrTaskCancelled = errors.New("agent task cancelled by user")

+// ErrUserInterruptContinue 用户在进度条上「中断并说明」：取消当前运行步骤，将说明写入对话并继续迭代（与 ErrTaskCancelled 区分）
+var ErrUserInterruptContinue = errors.New("user interrupt with continue")
+
 // ErrTaskAlreadyRunning 会话已有任务正在执行
 var ErrTaskAlreadyRunning = errors.New("agent task already running for conversation")

@@ -21,6 +25,9 @@ type AgentTask struct {
 	Status         string    `json:"status"`
 	CancellingAt   time.Time `json:"-"` // 进入 cancelling 状态的时间，用于清理长时间卡住的任务

+	// InterruptContinueReason 由 /api/agent-loop/cancel 在 continueAfter 时写入，Run 返回后由 handler 取出并清空
+	InterruptContinueReason string `json:"-"`
+
 	cancel func(error)
 }

@@ -140,6 +147,49 @@ func (m *AgentTaskManager) StartTask(conversationID, message string, cancel cont
 	return task, nil
 }

+// SetInterruptContinueReason 在发起 ErrUserInterruptContinue 取消前写入用户说明（须任务仍存在）。
+func (m *AgentTaskManager) SetInterruptContinueReason(conversationID, reason string) bool {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	task, ok := m.tasks[conversationID]
+	if !ok {
+		return false
+	}
+	task.InterruptContinueReason = strings.TrimSpace(reason)
+	return true
+}
+
+// TakeInterruptContinueReason 取出并清空用户中断说明。
+func (m *AgentTaskManager) TakeInterruptContinueReason(conversationID string) string {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	task, ok := m.tasks[conversationID]
+	if !ok {
+		return ""
+	}
+	r := task.InterruptContinueReason
+	task.InterruptContinueReason = ""
+	return r
+}
+
+// ResetTaskCancelForContinue 在一次「中断并继续」后恢复任务为 running 并绑定新的 cancel（同一会话同一条 HTTP 流内续跑）。
+func (m *AgentTaskManager) ResetTaskCancelForContinue(conversationID string, cancel context.CancelCauseFunc) error {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	task, ok := m.tasks[conversationID]
+	if !ok {
+		return errors.New("no active task")
+	}
+	task.cancel = func(err error) {
+		if cancel != nil {
+			cancel(err)
+		}
+	}
+	task.Status = "running"
+	task.CancellingAt = time.Time{}
+	return nil
+}
+
 // CancelTask 取消指定会话的任务。若任务已在取消中，仍返回 (true, nil) 以便接口幂等、前端不报错。
 func (m *AgentTaskManager) CancelTask(conversationID string, cause error) (bool, error) {
 	m.mu.Lock()
@@ -32,6 +32,8 @@ type ExternalMCPManager struct {
 	refreshWg    sync.WaitGroup            // 等待后台刷新goroutine完成
 	refreshing   atomic.Bool               // 防止 refreshToolCounts 并发堆积
 	mu           sync.RWMutex
+	runningCancels map[string]context.CancelFunc
+	abortUserNotes map[string]string
 }

 // NewExternalMCPManager 创建外部MCP管理器
@@ -42,16 +44,18 @@ func NewExternalMCPManager(logger *zap.Logger) *ExternalMCPManager {
 // NewExternalMCPManagerWithStorage 创建外部MCP管理器（带持久化存储）
 func NewExternalMCPManagerWithStorage(logger *zap.Logger, storage MonitorStorage) *ExternalMCPManager {
 	manager := &ExternalMCPManager{
-		clients:     make(map[string]ExternalMCPClient),
-		configs:     make(map[string]config.ExternalMCPServerConfig),
-		logger:      logger,
-		storage:     storage,
-		executions:  make(map[string]*ToolExecution),
-		stats:       make(map[string]*ToolStats),
-		errors:      make(map[string]string),
-		toolCounts:  make(map[string]int),
-		toolCache:   make(map[string][]Tool),
-		stopRefresh: make(chan struct{}),
+		clients:        make(map[string]ExternalMCPClient),
+		configs:        make(map[string]config.ExternalMCPServerConfig),
+		logger:         logger,
+		storage:        storage,
+		executions:     make(map[string]*ToolExecution),
+		stats:          make(map[string]*ToolStats),
+		errors:         make(map[string]string),
+		toolCounts:     make(map[string]int),
+		toolCache:      make(map[string][]Tool),
+		stopRefresh:    make(chan struct{}),
+		runningCancels: make(map[string]context.CancelFunc),
+		abortUserNotes: make(map[string]string),
 	}
 	// 启动后台刷新工具数量的goroutine
 	manager.startToolCountRefresh()
@@ -452,8 +456,16 @@ func (m *ExternalMCPManager) CallTool(ctx context.Context, toolName string, args
 		}
 	}

+	execCtx, runCancel := context.WithCancel(ctx)
+	m.registerRunningCancel(executionID, runCancel)
+	defer func() {
+		runCancel()
+		m.unregisterRunningCancel(executionID)
+	}()
+
 	// 调用工具
-	result, err := client.CallTool(ctx, actualToolName, args)
+	result, err := client.CallTool(execCtx, actualToolName, args)
+	cancelledWithUserNote := m.applyAbortUserNoteToCancelledToolResult(executionID, &result, &err)

 	// 更新执行记录
 	m.mu.Lock()
@@ -462,16 +474,23 @@ func (m *ExternalMCPManager) CallTool(ctx context.Context, toolName string, args
 	execution.Duration = now.Sub(execution.StartTime)

 	if err != nil {
-		execution.Status = "failed"
-		execution.Error = err.Error()
+		st, msg := executionStatusAndMessage(err)
+		execution.Status = st
+		execution.Error = msg
 	} else if result != nil && result.IsError {
-		execution.Status = "failed"
-		if len(result.Content) > 0 {
-			execution.Error = result.Content[0].Text
+		if cancelledWithUserNote {
+			execution.Status = "cancelled"
+			execution.Error = ""
+			execution.Result = result
 		} else {
-			execution.Error = "工具执行返回错误结果"
+			execution.Status = "failed"
+			if len(result.Content) > 0 {
+				execution.Error = result.Content[0].Text
+			} else {
+				execution.Error = "工具执行返回错误结果"
+			}
+			execution.Result = result
 		}
-		execution.Result = result
 	} else {
 		execution.Status = "completed"
 		if result == nil {
@@ -509,6 +528,50 @@ func (m *ExternalMCPManager) CallTool(ctx context.Context, toolName string, args
 	return result, executionID, nil
 }

+func (m *ExternalMCPManager) applyAbortUserNoteToCancelledToolResult(executionID string, result **ToolResult, err *error) (cancelledWithUserNote bool) {
+	note := strings.TrimSpace(m.readAbortUserNote(executionID))
+	if note == "" {
+		return false
+	}
+	hasErr := err != nil && *err != nil
+	hasRes := result != nil && *result != nil
+	if !hasErr && !hasRes {
+		return false
+	}
+	_ = m.takeAbortUserNote(executionID)
+	partial := ""
+	if hasRes {
+		partial = ToolResultPlainText(*result)
+	}
+	if partial == "" && hasErr {
+		partial = (*err).Error()
+	}
+	merged := MergePartialToolOutputAndAbortNote(partial, note)
+	*err = nil
+	*result = &ToolResult{Content: []Content{{Type: "text", Text: merged}}, IsError: true}
+	return true
+}
+
+func (m *ExternalMCPManager) readAbortUserNote(id string) string {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	if m.abortUserNotes == nil {
+		return ""
+	}
+	return m.abortUserNotes[id]
+}
+
+func (m *ExternalMCPManager) takeAbortUserNote(id string) string {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	if m.abortUserNotes == nil {
+		return ""
+	}
+	n := m.abortUserNotes[id]
+	delete(m.abortUserNotes, id)
+	return n
+}
+
 // cleanupOldExecutions 清理旧的执行记录（保持内存中的记录数量在限制内）
 func (m *ExternalMCPManager) cleanupOldExecutions() {
 	const maxExecutionsInMemory = 1000
@@ -562,6 +625,42 @@ func (m *ExternalMCPManager) GetExecution(id string) (*ToolExecution, bool) {
 	return nil, false
 }

+func (m *ExternalMCPManager) registerRunningCancel(id string, cancel context.CancelFunc) {
+	m.mu.Lock()
+	m.runningCancels[id] = cancel
+	m.mu.Unlock()
+}
+
+func (m *ExternalMCPManager) unregisterRunningCancel(id string) {
+	m.mu.Lock()
+	delete(m.runningCancels, id)
+	m.mu.Unlock()
+}
+
+// CancelToolExecutionWithNote 取消外部 MCP 工具；note 非空时与已返回输出合并后交给模型。
+func (m *ExternalMCPManager) CancelToolExecutionWithNote(id string, note string) bool {
+	m.mu.Lock()
+	cancel, ok := m.runningCancels[id]
+	if !ok || cancel == nil {
+		m.mu.Unlock()
+		return false
+	}
+	if strings.TrimSpace(note) != "" {
+		if m.abortUserNotes == nil {
+			m.abortUserNotes = make(map[string]string)
+		}
+		m.abortUserNotes[id] = strings.TrimSpace(note)
+	}
+	m.mu.Unlock()
+	cancel()
+	return true
+}
+
+// CancelToolExecution 取消正在执行的外部 MCP 工具（无用户说明）。
+func (m *ExternalMCPManager) CancelToolExecution(id string) bool {
+	return m.CancelToolExecutionWithNote(id, "")
+}
+
 // updateStats 更新统计信息
 func (m *ExternalMCPManager) updateStats(toolName string, failed bool) {
 	now := time.Now()
@@ -4,6 +4,7 @@ import (
 	"bufio"
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -40,6 +41,9 @@ type Server struct {
 	logger                *zap.Logger
 	maxExecutionsInMemory int // 内存中最大执行记录数
 	sseClients            map[string]*sseClient
+	runningCancels        map[string]context.CancelFunc
+	runningCancelsMu      sync.Mutex
+	abortUserNotes        map[string]string // 监控页终止时附带的用户说明，与 executionID 对应
 }

 type sseClient struct {
@@ -50,6 +54,13 @@ type sseClient struct {
 // ToolHandler 工具处理函数
 type ToolHandler func(ctx context.Context, args map[string]interface{}) (*ToolResult, error)

+func executionStatusAndMessage(err error) (status string, errMsg string) {
+	if errors.Is(err, context.Canceled) {
+		return "cancelled", "已手动终止（MCP 监控）"
+	}
+	return "failed", err.Error()
+}
+
 // NewServer 创建新的MCP服务器
 func NewServer(logger *zap.Logger) *Server {
 	return NewServerWithStorage(logger, nil)
@@ -68,6 +79,8 @@ func NewServerWithStorage(logger *zap.Logger, storage MonitorStorage) *Server {
 		logger:                logger,
 		maxExecutionsInMemory: 1000, // 默认最多在内存中保留1000条执行记录
 		sseClients:            make(map[string]*sseClient),
+		runningCancels:        make(map[string]context.CancelFunc),
+		abortUserNotes:        make(map[string]string),
 	}

 	// 初始化默认提示词和资源
@@ -444,15 +457,22 @@ func (s *Server) handleCallTool(msg *Message) *Message {
 		}
 	}

-	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Minute)
-	defer cancel()
+	baseCtx, timeoutCancel := context.WithTimeout(context.Background(), 30*time.Minute)
+	defer timeoutCancel()
+	execCtx, runCancel := context.WithCancel(baseCtx)
+	s.registerRunningCancel(executionID, runCancel)
+	defer func() {
+		runCancel()
+		s.unregisterRunningCancel(executionID)
+	}()

 	s.logger.Info("开始执行工具",
 		zap.String("toolName", req.Name),
 		zap.Any("arguments", req.Arguments),
 	)

-	result, err := handler(ctx, req.Arguments)
+	result, err := handler(execCtx, req.Arguments)
+	cancelledWithUserNote := s.applyAbortUserNoteToCancelledToolResult(executionID, &result, &err)
 	now := time.Now()
 	var failed bool
 	var finalResult *ToolResult
@@ -462,18 +482,26 @@ func (s *Server) handleCallTool(msg *Message) *Message {
 	execution.Duration = now.Sub(execution.StartTime)

 	if err != nil {
-		execution.Status = "failed"
-		execution.Error = err.Error()
+		st, msg := executionStatusAndMessage(err)
+		execution.Status = st
+		execution.Error = msg
 		failed = true
 	} else if result != nil && result.IsError {
-		execution.Status = "failed"
-		if len(result.Content) > 0 {
-			execution.Error = result.Content[0].Text
+		if cancelledWithUserNote {
+			execution.Status = "cancelled"
+			execution.Error = ""
+			execution.Result = result
+			failed = true
 		} else {
-			execution.Error = "工具执行返回错误结果"
+			execution.Status = "failed"
+			if len(result.Content) > 0 {
+				execution.Error = result.Content[0].Text
+			} else {
+				execution.Error = "工具执行返回错误结果"
+			}
+			execution.Result = result
+			failed = true
 		}
-		execution.Result = result
-		failed = true
 	} else {
 		execution.Status = "completed"
 		if result == nil {
@@ -510,9 +538,13 @@ func (s *Server) handleCallTool(msg *Message) *Message {
 			zap.Error(err),
 		)

+		errText := fmt.Sprintf("工具执行失败: %v", err)
+		if errors.Is(err, context.Canceled) {
+			errText = "工具执行已手动终止（MCP 监控）。后续编排步骤可继续。"
+		}
 		errorResult, _ := json.Marshal(CallToolResponse{
 			Content: []Content{
-				{Type: "text", Text: fmt.Sprintf("工具执行失败: %v", err)},
+				{Type: "text", Text: errText},
 			},
 			IsError: true,
 		})
@@ -769,7 +801,15 @@ func (s *Server) CallTool(ctx context.Context, toolName string, args map[string]
 		}
 	}

-	result, err := handler(ctx, args)
+	execCtx, runCancel := context.WithCancel(ctx)
+	s.registerRunningCancel(executionID, runCancel)
+	defer func() {
+		runCancel()
+		s.unregisterRunningCancel(executionID)
+	}()
+
+	result, err := handler(execCtx, args)
+	cancelledWithUserNote := s.applyAbortUserNoteToCancelledToolResult(executionID, &result, &err)

 	s.mu.Lock()
 	now := time.Now()
@@ -779,19 +819,28 @@ func (s *Server) CallTool(ctx context.Context, toolName string, args map[string]
 	var finalResult *ToolResult

 	if err != nil {
-		execution.Status = "failed"
-		execution.Error = err.Error()
+		st, msg := executionStatusAndMessage(err)
+		execution.Status = st
+		execution.Error = msg
 		failed = true
 	} else if result != nil && result.IsError {
-		execution.Status = "failed"
-		if len(result.Content) > 0 {
-			execution.Error = result.Content[0].Text
+		if cancelledWithUserNote {
+			execution.Status = "cancelled"
+			execution.Error = ""
+			execution.Result = result
+			failed = true
+			finalResult = result
 		} else {
-			execution.Error = "工具执行返回错误结果"
+			execution.Status = "failed"
+			if len(result.Content) > 0 {
+				execution.Error = result.Content[0].Text
+			} else {
+				execution.Error = "工具执行返回错误结果"
+			}
+			execution.Result = result
+			failed = true
+			finalResult = result
 		}
-		execution.Result = result
-		failed = true
-		finalResult = result
 	} else {
 		execution.Status = "completed"
 		if result == nil {
@@ -869,6 +918,88 @@ func (s *Server) cleanupOldExecutions() {
 	)
 }

+func (s *Server) registerRunningCancel(id string, cancel context.CancelFunc) {
+	s.runningCancelsMu.Lock()
+	s.runningCancels[id] = cancel
+	s.runningCancelsMu.Unlock()
+}
+
+func (s *Server) unregisterRunningCancel(id string) {
+	s.runningCancelsMu.Lock()
+	delete(s.runningCancels, id)
+	s.runningCancelsMu.Unlock()
+}
+
+func (s *Server) readAbortUserNote(id string) string {
+	s.runningCancelsMu.Lock()
+	defer s.runningCancelsMu.Unlock()
+	if s.abortUserNotes == nil {
+		return ""
+	}
+	return s.abortUserNotes[id]
+}
+
+func (s *Server) takeAbortUserNote(id string) string {
+	s.runningCancelsMu.Lock()
+	defer s.runningCancelsMu.Unlock()
+	if s.abortUserNotes == nil {
+		return ""
+	}
+	n := s.abortUserNotes[id]
+	delete(s.abortUserNotes, id)
+	return n
+}
+
+// applyAbortUserNoteToCancelledToolResult 监控页「终止并填写说明」时合并「工具已输出 + 用户说明」交给模型。
+// exec 等工具会把失败写在 *ToolResult 里并返回 err==nil，若仅在 err!=nil 时合并会漏掉说明，甚至误 clear 掉 note。
+func (s *Server) applyAbortUserNoteToCancelledToolResult(executionID string, result **ToolResult, err *error) (cancelledWithUserNote bool) {
+	note := strings.TrimSpace(s.readAbortUserNote(executionID))
+	if note == "" {
+		return false
+	}
+	hasErr := err != nil && *err != nil
+	hasRes := result != nil && *result != nil
+	if !hasErr && !hasRes {
+		return false
+	}
+	_ = s.takeAbortUserNote(executionID)
+	partial := ""
+	if hasRes {
+		partial = ToolResultPlainText(*result)
+	}
+	if partial == "" && hasErr {
+		partial = (*err).Error()
+	}
+	merged := MergePartialToolOutputAndAbortNote(partial, note)
+	*err = nil
+	*result = &ToolResult{Content: []Content{{Type: "text", Text: merged}}, IsError: true}
+	return true
+}
+
+// CancelToolExecutionWithNote 取消内部工具；note 非空时与工具已返回文本合并后交给上层模型。
+func (s *Server) CancelToolExecutionWithNote(id string, note string) bool {
+	s.runningCancelsMu.Lock()
+	cancel, ok := s.runningCancels[id]
+	if !ok || cancel == nil {
+		s.runningCancelsMu.Unlock()
+		return false
+	}
+	if strings.TrimSpace(note) != "" {
+		if s.abortUserNotes == nil {
+			s.abortUserNotes = make(map[string]string)
+		}
+		s.abortUserNotes[id] = strings.TrimSpace(note)
+	}
+	s.runningCancelsMu.Unlock()
+	cancel()
+	return true
+}
+
+// CancelToolExecution 取消正在执行的内部工具调用（无用户说明）。
+func (s *Server) CancelToolExecution(id string) bool {
+	return s.CancelToolExecutionWithNote(id, "")
+}
+
 // initDefaultPrompts 初始化默认提示词模板
 func (s *Server) initDefaultPrompts() {
 	s.mu.Lock()
@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"strings"
 	"time"
 )

@@ -192,7 +193,7 @@ type ToolExecution struct {
 	ID        string                 `json:"id"`
 	ToolName  string                 `json:"toolName"`
 	Arguments map[string]interface{} `json:"arguments"`
-	Status    string                 `json:"status"` // pending, running, completed, failed
+	Status    string                 `json:"status"` // pending, running, completed, failed, cancelled
 	Result    *ToolResult            `json:"result,omitempty"`
 	Error     string                 `json:"error,omitempty"`
 	StartTime time.Time              `json:"startTime"`
@@ -293,3 +294,36 @@ type SamplingContent struct {
 	Type string `json:"type"`
 	Text string `json:"text,omitempty"`
 }
+
+// ToolResultPlainText 拼接工具结果中的文本（手动终止时作为「工具原始输出」）。
+func ToolResultPlainText(r *ToolResult) string {
+	if r == nil || len(r.Content) == 0 {
+		return ""
+	}
+	var b strings.Builder
+	for _, c := range r.Content {
+		b.WriteString(c.Text)
+	}
+	return strings.TrimSpace(b.String())
+}
+
+// AbortNoteBannerForModel 标出后续文本来自「用户手动终止工具时在弹窗中填写」，避免与 stdout/stderr 混淆。
+const AbortNoteBannerForModel = "---\n" +
+	"【用户终止说明｜USER INTERRUPT NOTE】\n" +
+	"（以下由操作者填写，用于指示模型如何继续；不是工具原始输出。）\n" +
+	"（Written by the operator when stopping this tool; not raw tool output.）\n" +
+	"---"
+
+// MergePartialToolOutputAndAbortNote 格式：工具原始输出 + 醒目标题 + 用户终止说明（无说明则原样返回 partial）。
+func MergePartialToolOutputAndAbortNote(partial, userNote string) string {
+	partial = strings.TrimSpace(partial)
+	userNote = strings.TrimSpace(userNote)
+	if userNote == "" {
+		return partial
+	}
+	section := AbortNoteBannerForModel + "\n" + userNote
+	if partial == "" {
+		return section
+	}
+	return partial + "\n\n" + section
+}
@@ -23,22 +23,23 @@ const (

 // StartDing 启动钉钉 Stream 长连接（无需公网），收到消息后调用 handler 并通过 SessionWebhook 回复。
 // 断线（如笔记本睡眠、网络中断）后会自动重连；ctx 被取消时退出，便于配置变更时重启。
-func StartDing(ctx context.Context, cfg config.RobotDingtalkConfig, h MessageHandler, logger *zap.Logger) {
+func StartDing(ctx context.Context, robotsCfg config.RobotsConfig, h MessageHandler, logger *zap.Logger) {
+	cfg := robotsCfg.Dingtalk
 	if !cfg.Enabled || cfg.ClientID == "" || cfg.ClientSecret == "" {
 		return
 	}
-	go runDingLoop(ctx, cfg, h, logger)
+	go runDingLoop(ctx, cfg, robotsCfg.Session.StrictUserIdentityEnabled(), h, logger)
 }

 // runDingLoop 循环维持钉钉长连接：断开且 ctx 未取消时按退避间隔重连。
-func runDingLoop(ctx context.Context, cfg config.RobotDingtalkConfig, h MessageHandler, logger *zap.Logger) {
+func runDingLoop(ctx context.Context, cfg config.RobotDingtalkConfig, strictUserIdentity bool, h MessageHandler, logger *zap.Logger) {
 	backoff := dingReconnectInitial
 	for {
 		streamClient := client.NewStreamClient(
 			client.WithAppCredential(client.NewAppCredentialConfig(cfg.ClientID, cfg.ClientSecret)),
 			client.WithSubscription(dingutils.SubscriptionTypeKCallback, "/v1.0/im/bot/messages/get",
 				chatbot.NewDefaultChatBotFrameHandler(func(ctx context.Context, msg *chatbot.BotCallbackDataModel) ([]byte, error) {
-					go handleDingMessage(ctx, msg, h, logger)
+					go handleDingMessage(ctx, msg, cfg, strictUserIdentity, h, logger)
 					return nil, nil
 				}).OnEventReceived),
 		)
@@ -66,7 +67,7 @@ func runDingLoop(ctx context.Context, cfg config.RobotDingtalkConfig, h MessageH
 	}
 }

-func handleDingMessage(ctx context.Context, msg *chatbot.BotCallbackDataModel, h MessageHandler, logger *zap.Logger) {
+func handleDingMessage(ctx context.Context, msg *chatbot.BotCallbackDataModel, cfg config.RobotDingtalkConfig, strictUserIdentity bool, h MessageHandler, logger *zap.Logger) {
 	if msg == nil || msg.SessionWebhook == "" {
 		return
 	}
@@ -93,9 +94,22 @@ func handleDingMessage(ctx context.Context, msg *chatbot.BotCallbackDataModel, h
 		return
 	}
 	logger.Info("钉钉收到消息", zap.String("sender", msg.SenderId), zap.String("content", content))
-	userID := msg.SenderId
+	tenantKey := strings.TrimSpace(cfg.ClientID)
+	if tenantKey == "" {
+		tenantKey = "default"
+	}
+	userID := strings.TrimSpace(msg.SenderId)
+	if userID != "" {
+		userID = "t:" + tenantKey + "|u:" + userID
+	} else if cfg.AllowConversationIDFallback && !strictUserIdentity {
+		conversationID := strings.TrimSpace(msg.ConversationId)
+		if conversationID != "" {
+			userID = "t:" + tenantKey + "|c:" + conversationID
+		}
+	}
 	if userID == "" {
-		userID = msg.ConversationId
+		logger.Warn("钉钉消息缺少可用用户标识，已忽略")
+		return
 	}
 	reply := h.HandleMessage("dingtalk", userID, content)
 	// 使用 markdown 类型以便正确展示标题、列表、代码块等格式
@@ -27,20 +27,21 @@ type larkTextContent struct {

 // StartLark 启动飞书长连接（无需公网），收到消息后调用 handler 并回复。
 // 断线（如笔记本睡眠、网络中断）后会自动重连；ctx 被取消时退出，便于配置变更时重启。
-func StartLark(ctx context.Context, cfg config.RobotLarkConfig, h MessageHandler, logger *zap.Logger) {
+func StartLark(ctx context.Context, robotsCfg config.RobotsConfig, h MessageHandler, logger *zap.Logger) {
+	cfg := robotsCfg.Lark
 	if !cfg.Enabled || cfg.AppID == "" || cfg.AppSecret == "" {
 		return
 	}
-	go runLarkLoop(ctx, cfg, h, logger)
+	go runLarkLoop(ctx, cfg, robotsCfg.Session.StrictUserIdentityEnabled(), h, logger)
 }

 // runLarkLoop 循环维持飞书长连接：断开且 ctx 未取消时按退避间隔重连。
-func runLarkLoop(ctx context.Context, cfg config.RobotLarkConfig, h MessageHandler, logger *zap.Logger) {
+func runLarkLoop(ctx context.Context, cfg config.RobotLarkConfig, strictUserIdentity bool, h MessageHandler, logger *zap.Logger) {
 	backoff := larkReconnectInitial
 	for {
 		larkClient := lark.NewClient(cfg.AppID, cfg.AppSecret)
 		eventHandler := dispatcher.NewEventDispatcher("", "").OnP2MessageReceiveV1(func(ctx context.Context, event *larkim.P2MessageReceiveV1) error {
-			go handleLarkMessage(ctx, event, h, larkClient, logger)
+			go handleLarkMessage(ctx, event, cfg, strictUserIdentity, h, larkClient, logger)
 			return nil
 		})
 		wsClient := larkws.NewClient(cfg.AppID, cfg.AppSecret,
@@ -70,7 +71,7 @@ func runLarkLoop(ctx context.Context, cfg config.RobotLarkConfig, h MessageHandl
 	}
 }

-func handleLarkMessage(ctx context.Context, event *larkim.P2MessageReceiveV1, h MessageHandler, client *lark.Client, logger *zap.Logger) {
+func handleLarkMessage(ctx context.Context, event *larkim.P2MessageReceiveV1, cfg config.RobotLarkConfig, strictUserIdentity bool, h MessageHandler, client *lark.Client, logger *zap.Logger) {
 	if event == nil || event.Event == nil || event.Event.Message == nil || event.Event.Sender == nil || event.Event.Sender.SenderId == nil {
 		return
 	}
@@ -89,9 +90,10 @@ func handleLarkMessage(ctx context.Context, event *larkim.P2MessageReceiveV1, h
 	if text == "" {
 		return
 	}
-	userID := ""
-	if event.Event.Sender.SenderId.UserId != nil {
-		userID = *event.Event.Sender.SenderId.UserId
+	userID := resolveLarkUserID(event, cfg.AllowChatIDFallback && !strictUserIdentity)
+	if userID == "" {
+		logger.Warn("飞书消息缺少可用用户标识，已忽略")
+		return
 	}
 	messageID := larkcore.StringValue(msg.MessageId)
 	reply := h.HandleMessage("lark", userID, text)
@@ -109,3 +111,31 @@ func handleLarkMessage(ctx context.Context, event *larkim.P2MessageReceiveV1, h
 	}
 	logger.Debug("飞书已回复", zap.String("message_id", messageID))
 }
+
+// resolveLarkUserID 提取飞书会话隔离键：
+// tenant_key + 稳定用户标识（user_id/open_id/union_id）；按配置可选 chat_id 兜底。
+func resolveLarkUserID(event *larkim.P2MessageReceiveV1, allowChatIDFallback bool) string {
+	if event == nil || event.Event == nil || event.Event.Sender == nil || event.Event.Sender.SenderId == nil {
+		return ""
+	}
+	tenantKey := strings.TrimSpace(larkcore.StringValue(event.Event.Sender.TenantKey))
+	if tenantKey == "" {
+		tenantKey = "default"
+	}
+	prefix := "t:" + tenantKey + "|"
+	if id := strings.TrimSpace(larkcore.StringValue(event.Event.Sender.SenderId.UserId)); id != "" {
+		return prefix + "u:" + id
+	}
+	if id := strings.TrimSpace(larkcore.StringValue(event.Event.Sender.SenderId.OpenId)); id != "" {
+		return prefix + "o:" + id
+	}
+	if id := strings.TrimSpace(larkcore.StringValue(event.Event.Sender.SenderId.UnionId)); id != "" {
+		return prefix + "n:" + id
+	}
+	if allowChatIDFallback && event.Event.Message != nil {
+		if id := strings.TrimSpace(larkcore.StringValue(event.Event.Message.ChatId)); id != "" {
+			return prefix + "c:" + id
+		}
+	}
+	return ""
+}
@@ -7,11 +7,11 @@ set -euo pipefail
 # - config.yaml
 # - data/
 # - venv/ (disabled with --no-venv)
+# - tools/ (user extensions; never overwritten by upgrade)
 #
 # Optional preserves (may overwrite upstream updates):
 # - roles/
 # - skills/
-# - tools/
 # Enable with --preserve-custom

 ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
@@ -43,8 +43,8 @@ Usage:
 Options:
  --tag <tag>          Specify GitHub Release tag (e.g. v1.3.28).
                        If omitted, the script uses the latest release.
-  --preserve-custom    Preserve roles/skills/tools (may overwrite upstream files).
-                        Use with caution.
+  --preserve-custom    Preserve roles/skills (may overwrite upstream files).
+                        tools/ is always preserved. Use with caution.
  --no-venv             Do not preserve venv/ (Python deps will be re-installed).
  --no-stop             Do not try to stop the running service.
  --force-stop         If no process matching current directory is found, also stop
@@ -52,7 +52,7 @@ Options:
  --yes                 Do not ask for confirmation.

 Description:
-  The script backs up config.yaml/data/ (and optionally venv/roles/skills/tools) to
+  The script backs up config.yaml/data/tools/ (and optionally venv/roles/skills) to
  .upgrade-backup/
 EOF
 }
@@ -176,10 +176,11 @@ confirm_or_exit() {
  else
    info " - Preserve venv/: no (will remove old venv and re-install deps)"
  fi
+  info " - Preserve tools/: yes (always)"
  if [[ "$PRESERVE_CUSTOM" -eq 1 ]]; then
-    info " - Preserve roles/skills/tools: yes (may overwrite upstream updates)"
+    info " - Preserve roles/skills: yes (may overwrite upstream updates)"
  else
-    info " - Preserve roles/skills/tools: no (will use upstream versions)"
+    info " - Preserve roles/skills: no (will use upstream versions)"
  fi
  info " - Stop service: ${STOP_SERVICE}"
  echo ""
@@ -296,10 +297,12 @@ sync_code() {
    rsync_excludes+=( "--exclude=knowledge_base/" )
  fi

+  # User tool extensions: never replace or delete during upgrade.
+  rsync_excludes+=( "--exclude=tools/" )
+
  if [[ "$PRESERVE_CUSTOM" -eq 1 ]]; then
    rsync_excludes+=( "--exclude=roles/" )
    rsync_excludes+=( "--exclude=skills/" )
-    rsync_excludes+=( "--exclude=tools/" )
  fi

  # Ensure this upgrade script itself is not deleted.
@@ -378,10 +381,12 @@ main() {
  if [[ -d "$KNOWLEDGE_BASE_DIR" ]]; then
    backup_dir_tgz "knowledge_base" "$KNOWLEDGE_BASE_DIR"
  fi
+  if [[ -d "$ROOT_DIR/tools" ]]; then
+    backup_dir_tgz "tools" "$ROOT_DIR/tools"
+  fi
  if [[ "$PRESERVE_CUSTOM" -eq 1 ]]; then
    backup_dir_tgz "roles" "$ROOT_DIR/roles"
    backup_dir_tgz "skills" "$ROOT_DIR/skills"
-    backup_dir_tgz "tools" "$ROOT_DIR/tools"
  fi

  local tmp_dir
@@ -84,6 +84,16 @@
    cursor: pointer;
 }

+/* 原生下拉：避免 appearance:none 在部分浏览器中导致 select 无法正常展开 */
+#page-c2 select.form-control.c2-native-select,
+#page-c2-payloads select.form-control.c2-native-select,
+.c2-modal select.form-control.c2-native-select {
+    appearance: auto;
+    -webkit-appearance: menulist-button;
+    background-image: none;
+    padding-right: 14px;
+}
+
 #page-c2 textarea.form-control,
 #page-c2-payloads textarea.form-control,
 .c2-modal textarea.form-control {
@@ -104,7 +114,7 @@
   C2 Button Overrides (within C2 scope)
   ============================================================================ */

-.c2-listener-actions .btn-primary,
+.c2-listener-card-actions .btn-primary,
 .c2-payload-card .btn-primary,
 .c2-modal-footer .btn-primary {
    background: var(--c2-accent);
@@ -118,7 +128,7 @@
    transition: all 0.2s;
 }

-.c2-listener-actions .btn-primary:hover,
+.c2-listener-card-actions .btn-primary:hover,
 .c2-payload-card .btn-primary:hover,
 .c2-modal-footer .btn-primary:hover {
    background: var(--c2-accent-hover);
@@ -258,10 +268,10 @@

 .c2-listener-grid {
    display: grid;
-    grid-template-columns: repeat(auto-fill, minmax(340px, 1fr));
-    gap: 16px;
-    padding: 24px;
-    align-items: start;
+    grid-template-columns: repeat(auto-fill, minmax(292px, 1fr));
+    gap: 20px;
+    padding: 20px 24px 28px;
+    align-items: stretch;
 }
 .c2-listener-grid:has(.c2-empty) {
    display: flex;
@@ -269,68 +279,214 @@

 .c2-listener-card {
    background: var(--c2-surface);
-    border: 1.5px solid var(--c2-border);
-    border-radius: var(--c2-radius);
-    padding: 24px;
-    transition: all 0.25s ease;
-    position: relative;
+    border: 1px solid var(--c2-border);
+    border-radius: 14px;
+    padding: 0;
+    overflow: hidden;
+    display: flex;
+    flex-direction: column;
+    min-height: 100%;
+    box-shadow: var(--c2-shadow-sm);
+    transition: border-color 0.2s ease, box-shadow 0.2s ease;
+    border-top: 3px solid var(--c2-border);
 }

-.c2-listener-card.running { border-left: 4px solid var(--c2-green); }
-.c2-listener-card.stopped { border-left: 4px solid var(--c2-text-muted); }
-.c2-listener-card.error   { border-left: 4px solid var(--c2-amber); }
+.c2-listener-card--running { border-top-color: var(--c2-green); }
+.c2-listener-card--stopped { border-top-color: var(--c2-text-muted); }
+.c2-listener-card--error { border-top-color: var(--c2-amber); }

 .c2-listener-card:hover {
    box-shadow: var(--c2-shadow-md);
    border-color: var(--c2-border-hover);
 }

-.c2-listener-header {
+.c2-listener-card-head {
    display: flex;
-    justify-content: space-between;
+    gap: 14px;
    align-items: flex-start;
-    margin-bottom: 16px;
+    padding: 18px 18px 0;
+}
+
+.c2-ltype-mark {
+    flex-shrink: 0;
+    width: 44px;
+    height: 44px;
+    border-radius: 12px;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    font-size: 12px;
+    font-weight: 800;
+    letter-spacing: -0.02em;
+    color: #fff;
+    box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15);
+}
+
+.c2-ltype-mark--http { background: linear-gradient(145deg, #3b82f6, #1d4ed8); }
+.c2-ltype-mark--https { background: linear-gradient(145deg, #6366f1, #4338ca); }
+.c2-ltype-mark--tcp { background: linear-gradient(145deg, #8b5cf6, #6d28d9); }
+.c2-ltype-mark--ws { background: linear-gradient(145deg, #0ea5e9, #0369a1); }
+.c2-ltype-mark--def { background: linear-gradient(145deg, #64748b, #475569); }
+
+.c2-listener-card-head-main {
+    flex: 1;
+    min-width: 0;
+}
+
+.c2-listener-card-title-row {
+    display: flex;
+    align-items: flex-start;
+    justify-content: space-between;
+    gap: 10px;
 }

 .c2-listener-name {
+    margin: 0;
    font-weight: 700;
-    font-size: 16px;
+    font-size: 17px;
+    line-height: 1.3;
    color: var(--c2-text);
+    letter-spacing: -0.02em;
+    flex: 1;
+    min-width: 0;
+    word-break: break-word;
 }

-.c2-listener-id {
-    font-size: 11px;
-    color: var(--c2-text-muted);
-    font-family: var(--c2-mono);
-    margin-top: 4px;
-}
-
-.c2-listener-type {
+.c2-listener-pill {
+    flex-shrink: 0;
    font-size: 11px;
+    font-weight: 700;
    padding: 4px 10px;
-    border-radius: var(--c2-radius-xs);
+    border-radius: 999px;
+    letter-spacing: 0.02em;
+}
+
+.c2-listener-pill--running {
+    background: var(--c2-green-dim);
+    color: #047857;
+}
+
+.c2-listener-pill--stopped {
    background: var(--c2-surface-alt);
    color: var(--c2-text-dim);
-    font-weight: 600;
    border: 1px solid var(--c2-border);
-    text-transform: capitalize;
 }

-.c2-listener-info {
-    font-size: 13px;
-    color: var(--c2-text-dim);
-    margin-bottom: 20px;
-    line-height: 1.8;
+.c2-listener-pill--error {
+    background: var(--c2-amber-dim);
+    color: #b45309;
 }

-.c2-listener-address {
+.c2-listener-id-row {
+    margin-top: 8px;
+}
+
+.c2-listener-id-full {
+    display: block;
    font-family: var(--c2-mono);
-    font-size: 13px;
-    margin-bottom: 6px;
+    font-size: 11px;
+    color: var(--c2-text-muted);
+    line-height: 1.4;
+    word-break: break-all;
+    background: var(--c2-surface-alt);
+    padding: 6px 8px;
+    border-radius: 8px;
+    border: 1px solid var(--c2-border);
+}
+
+.c2-listener-card-body {
+    padding: 14px 18px 4px;
+    flex: 1;
    display: flex;
+    flex-direction: column;
+    gap: 8px;
+}
+
+.c2-listener-kv {
+    display: grid;
+    grid-template-columns: auto 1fr;
+    gap: 8px 12px;
+    align-items: baseline;
+    font-size: 13px;
+}
+
+.c2-listener-kv-label {
+    color: var(--c2-text-muted);
+    font-weight: 600;
+    font-size: 12px;
+}
+
+.c2-listener-kv-val {
+    color: var(--c2-text);
+    font-weight: 600;
+    display: inline-flex;
    align-items: center;
    gap: 8px;
-    color: var(--c2-text);
+    min-width: 0;
+    word-break: break-all;
+}
+
+.c2-listener-mono {
+    font-family: var(--c2-mono);
+    font-size: 12px;
+    font-weight: 600;
+}
+
+.c2-listener-profile-badge {
+    display: inline-flex;
+    align-items: center;
+    gap: 8px;
+    align-self: flex-start;
+    font-size: 12px;
+    font-weight: 600;
+    color: #5b21b6;
+    background: rgba(139, 92, 246, 0.1);
+    border: 1px solid rgba(139, 92, 246, 0.25);
+    padding: 6px 10px;
+    border-radius: 999px;
+    max-width: 100%;
+}
+
+.c2-listener-profile-badge span:last-child {
+    overflow: hidden;
+    text-overflow: ellipsis;
+    white-space: nowrap;
+    min-width: 0;
+}
+
+.c2-listener-profile-dot {
+    width: 6px;
+    height: 6px;
+    border-radius: 50%;
+    background: #7c3aed;
+    flex-shrink: 0;
+}
+
+.c2-listener-remark {
+    font-size: 12px;
+    color: var(--c2-text-dim);
+    line-height: 1.45;
+    padding: 8px 10px;
+    background: var(--c2-surface-alt);
+    border-radius: 8px;
+    border: 1px dashed var(--c2-border);
+}
+
+.c2-listener-meta-row {
+    font-size: 12px;
+    color: var(--c2-text-dim);
+    padding-top: 4px;
+}
+
+.c2-listener-meta-label {
+    font-weight: 600;
+    color: var(--c2-text-muted);
+}
+
+.c2-listener-meta-time {
+    font-family: var(--c2-mono);
+    font-size: 11px;
+    color: var(--c2-text-dim);
 }

 .c2-status-dot {
@@ -339,23 +495,32 @@
    border-radius: 50%;
    display: inline-block;
    flex-shrink: 0;
+    background: var(--c2-text-muted);
 }

-.c2-status-dot.running  { background: var(--c2-green); box-shadow: 0 0 0 3px var(--c2-green-dim); }
-.c2-status-dot.stopped  { background: var(--c2-text-muted); }
-.c2-status-dot.active   { background: var(--c2-green); box-shadow: 0 0 0 3px var(--c2-green-dim); }
+.c2-status-dot.running { background: var(--c2-green); box-shadow: 0 0 0 3px var(--c2-green-dim); }
+.c2-status-dot.stopped { background: var(--c2-text-muted); }
+.c2-status-dot.error { background: var(--c2-amber); box-shadow: 0 0 0 3px var(--c2-amber-dim); }
+.c2-status-dot.active { background: var(--c2-green); box-shadow: 0 0 0 3px var(--c2-green-dim); }
 .c2-status-dot.sleeping { background: var(--c2-amber); box-shadow: 0 0 0 3px var(--c2-amber-dim); }
-.c2-status-dot.dead     { background: var(--c2-text-muted); }
+.c2-status-dot.dead { background: var(--c2-text-muted); }

-.c2-listener-actions {
-    display: flex;
-    gap: 8px;
-    flex-wrap: wrap;
-    padding-top: 16px;
+.c2-listener-card-actions {
+    display: grid;
+    grid-template-columns: 1fr 1fr 1fr;
+    gap: 10px;
+    padding: 14px 16px 16px;
+    margin-top: auto;
    border-top: 1px solid var(--c2-border);
+    background: linear-gradient(180deg, rgba(248, 250, 252, 0.5) 0%, var(--c2-surface-alt) 100%);
 }

-.c2-listener-actions button { flex: 1; min-width: 70px; }
+.c2-listener-card-actions button {
+    min-height: 40px;
+    font-size: 13px;
+    font-weight: 600;
+    border-radius: var(--c2-radius-xs);
+}

 /* ============================================================================
   Session Management
@@ -3196,6 +3196,12 @@ header {
    border-color: rgba(220, 53, 69, 0.3);
 }

+.status-chip.status-cancelled {
+    background: rgba(108, 117, 125, 0.12);
+    color: var(--text-secondary, #6c757d);
+    border-color: rgba(108, 117, 125, 0.35);
+}
+
 .status-chip.status-pending,
 .status-chip.status-unknown {
    background: rgba(255, 193, 7, 0.12);
@@ -3203,6 +3209,18 @@ header {
    border-color: rgba(255, 193, 7, 0.3);
 }

+.detail-abort-hint {
+    font-size: 0.875rem;
+    opacity: 0.88;
+    margin: 0 0 10px;
+    line-height: 1.45;
+}
+
+.detail-abort-section .btn-monitor-abort {
+    border-color: rgba(253, 126, 20, 0.55);
+    color: #fd7e14;
+}
+
 .detail-code-card {
    background: var(--bg-secondary);
    border: 1px dashed rgba(0, 0, 0, 0.06);
@@ -5517,6 +5535,16 @@ header {
    color: var(--error-color);
 }

+.monitor-status-chip.cancelled {
+    background: rgba(108, 117, 125, 0.15);
+    color: var(--text-muted, #6c757d);
+}
+
+.monitor-execution-actions .btn-monitor-abort {
+    border-color: rgba(253, 126, 20, 0.55);
+    color: #fd7e14;
+}
+
 .monitor-execution-actions {
    display: flex;
    align-items: center;
@@ -394,6 +394,16 @@
  "tasks": {
    "title": "Task Management",
    "stopTask": "Stop task",
+    "interruptModalTitle": "Interrupt current step",
+    "interruptReasonLabel": "Interrupt note",
+    "interruptModalHint": "Your note is saved as a user message and the agent continues in the same stream. Use \"Stop completely\" to end the task.",
+    "interruptReasonPlaceholder": "e.g. Tool is too slow—skip and summarize…",
+    "interruptReasonRequired": "Please enter a short note so the model can continue accordingly.",
+    "interruptSubmitting": "Submitting...",
+    "interruptConfirmContinue": "Interrupt & continue",
+    "interruptHardStop": "Stop completely",
+    "interruptModalClose": "Close",
+    "userInterruptTimelineTitle": "User interrupt note (continuing)",
    "collapseDetail": "Collapse details",
    "newTask": "New task",
    "autoRefresh": "Auto refresh",
@@ -789,6 +799,7 @@
    "nav": {
      "basic": "Basic",
      "knowledge": "Knowledge base",
+      "c2": "C2",
      "robots": "Bots",
      "terminal": "Terminal",
      "security": "Security",
@@ -800,6 +811,12 @@
    "knowledge": {
      "title": "Knowledge base"
    },
+    "c2": {
+      "title": "C2",
+      "sectionTitle": "Built-in C2",
+      "enableLabel": "Enable built-in C2 (listeners, sessions, payloads, MCP tools)",
+      "enableHint": "When off, listeners are not started and C2 MCP tools are not registered; the C2 sidebar is hidden—useful for local-only chat/knowledge deployments. Click Apply to save."
+    },
    "robots": {
      "title": "Bot settings",
      "description": "Configure WeCom, DingTalk and Lark bots so you can chat with CyberStrikeAI on your phone without opening the web UI.",
@@ -1253,6 +1270,8 @@
    "statusCompleted": "Completed",
    "statusRunning": "Running",
    "statusFailed": "Failed",
+    "statusCancelled": "Cancelled",
+    "terminateExecution": "Stop",
    "loading": "Loading...",
    "noStatsData": "No statistical data",
    "noExecutions": "No execution records",
@@ -1720,8 +1739,22 @@
    "statusRunning": "Running",
    "statusCompleted": "Completed",
    "statusFailed": "Failed",
+    "statusCancelled": "Cancelled",
    "unknown": "Unknown",
    "getDetailFailed": "Failed to get details",
+    "runningNoResponseYet": "No output yet; the tool may still be running. If it hangs, use \"Stop tool\" below to end this call only.",
+    "abortTitle": "Execution control",
+    "abortHint": "Stops only this tool call. The conversation / multi-step task continues (unlike stopping the whole task).",
+    "abortBtn": "Stop tool",
+    "abortConfirm": "Stop this tool call? The overall conversation or iterative task will not be cancelled.",
+    "abortSuccess": "Cancellation requested; status will update when the tool returns.",
+    "abortFailed": "Failed to stop tool",
+    "abortNoteModalTitle": "Stop tool with a note",
+    "abortNoteModalHint": "Optional: why you stopped or how the model should continue. The model sees any tool output first, then a labeled block (USER INTERRUPT NOTE — not raw tool output), then your text. Leave empty for a plain stop.",
+    "abortNoteLabel": "Note (optional)",
+    "abortNotePlaceholder": "e.g. Output is enough—skip waiting and continue…",
+    "abortNoteSubmit": "Stop tool",
+    "abortNoteClose": "Cancel",
    "execSuccessNoContent": "Execution succeeded with no displayable content.",
    "time": "Time",
    "executionId": "Execution ID",
@@ -2106,9 +2139,19 @@
      "bindHintExternal": "Use 0.0.0.0 to allow external access",
      "callbackHost": "Callback host (optional)",
      "callbackHostHint": "Public IP or hostname stored for payloads/beacons; separate from bind address. If empty, payload generation falls back to bind address / auto-detect.",
+      "malleableProfile": "Malleable Profile",
+      "malleableProfileHint": "Optional; HTTP/HTTPS Beacon response headers and traffic disguise. Stop and start the listener again for changes to take effect.",
+      "malleableProfileNone": "None",
+      "malleableProfileNonHttpHint": "This listener type does not use a Malleable Profile. You can still bind one here for later if you switch to HTTP/HTTPS Beacon.",
+      "malleableProfileEmptyListHint": "No saved profiles yet. Create one under C2 → Traffic disguise / Malleable Profile, then pick it here.",
      "placeholderRemarkLong": "Optional remark",
      "editTitle": "Edit Listener",
      "startedAt": "Started {{time}}",
+      "startedAtPrefix": "Started",
+      "statusError": "Error",
+      "bindEndpoint": "Listen address",
+      "callbackShort": "Callback",
+      "profileBadgeTitle": "Malleable Profile bound",
      "confirmDelete": "Delete this listener? All related sessions and tasks will be removed.",
      "toastFillRequired": "Please fill in all required fields",
      "toastCreated": "Listener created",
@@ -2116,6 +2159,8 @@
      "toastStopped": "Listener stopped",
      "toastDeleted": "Listener deleted",
      "toastUpdated": "Listener updated",
+      "loadingProfiles": "Loading Malleable Profiles…",
+      "toastProfilesLoadFailed": "Failed to load Malleable Profiles",
      "submitCreate": "Create",
      "typeLabels": {
        "http_beacon": "HTTP Beacon",
@@ -383,6 +383,16 @@
  "tasks": {
    "title": "任务管理",
    "stopTask": "停止任务",
+    "interruptModalTitle": "中断当前步骤",
+    "interruptReasonLabel": "中断说明",
+    "interruptModalHint": "填写说明后将作为一条用户消息写入对话，智能体在同一会话内继续迭代。若只需完全停止任务，请点「彻底停止」。",
+    "interruptReasonPlaceholder": "例如：工具耗时过长，请先跳过并总结当前结果…",
+    "interruptReasonRequired": "请填写中断说明，以便模型根据你的意图继续。",
+    "interruptSubmitting": "提交中...",
+    "interruptConfirmContinue": "中断并继续",
+    "interruptHardStop": "彻底停止",
+    "interruptModalClose": "关闭",
+    "userInterruptTimelineTitle": "用户中断说明（继续迭代）",
    "collapseDetail": "收起详情",
    "newTask": "新建任务",
    "autoRefresh": "自动刷新",
@@ -778,6 +788,7 @@
    "nav": {
      "basic": "基本设置",
      "knowledge": "知识库",
+      "c2": "C2",
      "robots": "机器人设置",
      "terminal": "终端",
      "security": "安全设置",
@@ -789,6 +800,12 @@
    "knowledge": {
      "title": "知识库设置"
    },
+    "c2": {
+      "title": "C2 设置",
+      "sectionTitle": "内置 C2",
+      "enableLabel": "启用内置 C2（监听器、会话、Payload、MCP 工具等）",
+      "enableHint": "关闭后不再启动监听器、不注册 C2 相关 MCP 工具，侧栏 C2 入口将隐藏；仅本机使用对话与知识库时可关闭以节省资源。修改后请点击「应用配置」。"
+    },
    "robots": {
      "title": "机器人设置",
      "description": "配置企业微信、钉钉、飞书等机器人，在手机端直接与 CyberStrikeAI 对话，无需在服务器上打开网页。",
@@ -1242,6 +1259,8 @@
    "statusCompleted": "已完成",
    "statusRunning": "执行中",
    "statusFailed": "失败",
+    "statusCancelled": "已终止",
+    "terminateExecution": "终止",
    "loading": "加载中...",
    "noStatsData": "暂无统计数据",
    "noExecutions": "暂无执行记录",
@@ -1709,8 +1728,22 @@
    "statusRunning": "执行中",
    "statusCompleted": "已完成",
    "statusFailed": "失败",
+    "statusCancelled": "已终止",
    "unknown": "未知",
    "getDetailFailed": "获取详情失败",
+    "runningNoResponseYet": "尚无返回，工具可能仍在执行。若长时间无响应，可使用下方「终止工具」结束本次调用。",
+    "abortTitle": "运行控制",
+    "abortHint": "仅中断当前这一次工具调用；对话与多步迭代任务会继续，不会等同于「停止任务」。",
+    "abortBtn": "终止工具",
+    "abortConfirm": "确定终止此次工具调用？整条对话或迭代任务不会因此停止。",
+    "abortSuccess": "已发送终止请求，工具返回后状态将更新。",
+    "abortFailed": "终止失败",
+    "abortNoteModalTitle": "终止工具并补充说明",
+    "abortNoteModalHint": "可选：说明为何终止或希望模型如何继续。提交后模型会先看到工具已输出内容（若有），再看到带「用户终止说明」标题的独立区块（中英标注，与命令行原文区分），最后是您的文字。留空则与原先仅终止一致。",
+    "abortNoteLabel": "终止说明（可选）",
+    "abortNotePlaceholder": "例如：输出已够判断，请停止等待并继续下一步…",
+    "abortNoteSubmit": "提交终止",
+    "abortNoteClose": "取消",
    "execSuccessNoContent": "执行成功，未返回可展示的文本内容。",
    "time": "时间",
    "executionId": "执行 ID",
@@ -2095,9 +2128,19 @@
      "bindHintExternal": "使用 0.0.0.0 允许外部访问",
      "callbackHost": "回连地址（可选）",
      "callbackHostHint": "公网 IP 或域名，写入配置供 Payload/Beacon 使用；与「绑定地址」分离。不填则生成 Payload 时按绑定地址或自动探测。",
+      "malleableProfile": "Malleable Profile",
+      "malleableProfileHint": "可选；用于 HTTP/HTTPS Beacon 服务端响应头等流量伪装。修改后需停止并重新启动监听器才会生效。",
+      "malleableProfileNone": "不使用",
+      "malleableProfileNonHttpHint": "当前监听器类型不会使用 Profile；若之后改为 HTTP/HTTPS Beacon，可在此预先绑定。",
+      "malleableProfileEmptyListHint": "暂无已保存的 Profile。请先到侧边栏「流量伪装 / Malleable Profile」页创建，再返回此处选择。",
      "placeholderRemarkLong": "可选的备注说明",
      "editTitle": "编辑监听器",
      "startedAt": "启动于 {{time}}",
+      "startedAtPrefix": "启动于",
+      "statusError": "异常",
+      "bindEndpoint": "监听地址",
+      "callbackShort": "回连",
+      "profileBadgeTitle": "已绑定 Malleable Profile",
      "confirmDelete": "确定删除此监听器？相关会话与任务将被清除。",
      "toastFillRequired": "请填写必填项",
      "toastCreated": "监听器已创建",
@@ -2105,6 +2148,8 @@
      "toastStopped": "监听器已停止",
      "toastDeleted": "监听器已删除",
      "toastUpdated": "监听器已更新",
+      "loadingProfiles": "正在加载 Malleable Profile 列表…",
+      "toastProfilesLoadFailed": "加载 Malleable Profile 列表失败",
      "submitCreate": "创建",
      "typeLabels": {
        "http_beacon": "HTTP Beacon",
@@ -306,12 +306,13 @@ async function bootstrapApp() {

 // 通用工具函数
 function getStatusText(status) {
+    const s = (status && String(status).toLowerCase()) || '';
    if (typeof window.t !== 'function') {
-        const fallback = { pending: '等待中', running: '执行中', completed: '已完成', failed: '失败' };
-        return fallback[status] || status;
+        const fallback = { pending: '等待中', running: '执行中', completed: '已完成', failed: '失败', cancelled: '已终止' };
+        return fallback[s] || status;
    }
-    const keyMap = { pending: 'mcpDetailModal.statusPending', running: 'mcpDetailModal.statusRunning', completed: 'mcpDetailModal.statusCompleted', failed: 'mcpDetailModal.statusFailed' };
-    const key = keyMap[status];
+    const keyMap = { pending: 'mcpDetailModal.statusPending', running: 'mcpDetailModal.statusRunning', completed: 'mcpDetailModal.statusCompleted', failed: 'mcpDetailModal.statusFailed', cancelled: 'mcpDetailModal.statusCancelled' };
+    const key = keyMap[s];
    return key ? window.t(key) : status;
 }

@@ -151,6 +151,74 @@
        return div.innerHTML;
    }

+    /** 监听器表单：Malleable Profile 下拉选项 HTML（value / 文本已转义） */
+    function listenerProfileSelectHtml(selectedProfileId) {
+        const sel = selectedProfileId ? String(selectedProfileId) : '';
+        let opts = `<option value="">${escapeHtml(c2t('c2.listeners.malleableProfileNone'))}</option>`;
+        for (const p of (C2.profiles || [])) {
+            if (!p) continue;
+            const pid = p.id || p.ID;
+            if (!pid) continue;
+            const idEsc = escapeHtml(String(pid));
+            const nameEsc = escapeHtml(p.name || pid);
+            const selected = sel && String(pid) === sel ? ' selected' : '';
+            opts += `<option value="${idEsc}"${selected}>${nameEsc}</option>`;
+        }
+        return opts;
+    }
+
+    function listenerResolvedProfileId(l) {
+        if (!l) return '';
+        const v = l.profileId != null && l.profileId !== '' ? l.profileId : l.profile_id;
+        return v != null ? String(v).trim() : '';
+    }
+
+    /** 监听器卡片展示用 Profile 名称（依赖 C2.profiles，由 loadListeners 一并拉取） */
+    function listenerProfileDisplayName(l) {
+        const pid = listenerResolvedProfileId(l);
+        if (!pid) return '';
+        const list = C2.profiles || [];
+        for (let i = 0; i < list.length; i++) {
+            const p = list[i];
+            if (p && (p.id === pid || p.ID === pid)) return String(p.name || p.id || pid).trim() || pid;
+        }
+        return pid.length > 18 ? pid.substring(0, 16) + '…' : pid;
+    }
+
+    function listenerTypeVisualClass(type) {
+        const t = String(type || '').toLowerCase();
+        if (t === 'https_beacon') return 'c2-ltype-mark--https';
+        if (t === 'http_beacon') return 'c2-ltype-mark--http';
+        if (t === 'tcp_reverse') return 'c2-ltype-mark--tcp';
+        if (t === 'websocket') return 'c2-ltype-mark--ws';
+        return 'c2-ltype-mark--def';
+    }
+
+    function listenerTypeShortLabel(type) {
+        const t = String(type || '').toLowerCase();
+        if (t === 'https_beacon') return 'HTTPS';
+        if (t === 'http_beacon') return 'HTTP';
+        if (t === 'tcp_reverse') return 'TCP';
+        if (t === 'websocket') return 'WS';
+        return '?';
+    }
+
+    function listenerCardStatusPillLabel(status) {
+        const s = String(status || '').toLowerCase();
+        if (s === 'running') return c2t('c2.listeners.running');
+        if (s === 'stopped') return c2t('c2.listeners.stopped');
+        if (s === 'error') return c2t('c2.listeners.statusError');
+        return c2t('c2.listeners.stopped');
+    }
+
+    /** 避免 i18n 插值把日期里的「/」转成 &#x2F;，与 formatTime 拼接后整体转义 */
+    function formatListenerStartedHtml(dateStr) {
+        if (!dateStr) return '';
+        const prefix = c2t('c2.listeners.startedAtPrefix');
+        const time = formatTime(dateStr);
+        return '<div class="c2-listener-meta-row"><span class="c2-listener-meta-label">' + escapeHtml(prefix) + '</span> <span class="c2-listener-meta-time">' + escapeHtml(time) + '</span></div>';
+    }
+
    function copyToClipboard(text) {
        if (navigator.clipboard) {
            navigator.clipboard.writeText(text).then(() => showToast(c2t('c2.clipboardCopied'), 'success'));
@@ -204,13 +272,33 @@
    // ============================================================================

    C2.loadListeners = function() {
-        apiRequest('GET', `${API_BASE}/listeners`).then(data => {
-            C2.listeners = data.listeners || [];
+        Promise.all([
+            apiRequest('GET', `${API_BASE}/listeners`),
+            apiRequest('GET', `${API_BASE}/profiles`).catch(function() { return {}; })
+        ]).then(function(results) {
+            var ldata = results[0];
+            var pdata = results[1];
+            C2.listeners = (ldata && ldata.listeners) || [];
+            if (pdata && pdata.profiles && !pdata.error) {
+                C2.profiles = pdata.profiles;
+            }
            C2.renderListeners();
            C2.updateDashboardStats();
        });
    };

+    /** 拉取 Profile 列表（监听器表单用）；失败时置空列表不阻断弹窗 */
+    C2.ensureProfilesLoaded = function() {
+        return apiRequest('GET', `${API_BASE}/profiles`).then(data => {
+            if (data && data.error) {
+                C2.profiles = [];
+                return C2.profiles;
+            }
+            C2.profiles = (data && data.profiles) || [];
+            return C2.profiles;
+        });
+    };
+
    C2.renderListeners = function() {
        const container = document.getElementById('c2-listener-grid');
        if (!container) return;
@@ -233,33 +321,60 @@
            return;
        }

-        container.innerHTML = C2.listeners.map(l => `
-            <div class="c2-listener-card ${l.status}">
-                <div class="c2-listener-header">
-                    <div>
-                        <div class="c2-listener-name">${escapeHtml(l.name)}</div>
-                        <div class="c2-listener-id">${l.id.substring(0, 12)}...</div>
+        container.innerHTML = C2.listeners.map(function(l) {
+            const st = String(l.status || 'stopped').toLowerCase();
+            const stUi = st === 'running' || st === 'stopped' || st === 'error' ? st : 'stopped';
+            const profilePid = listenerResolvedProfileId(l);
+            const profileName = listenerProfileDisplayName(l);
+            const profileBadge = profilePid
+                ? '<div class="c2-listener-profile-badge" title="' + escapeHtml(c2t('c2.listeners.profileBadgeTitle')) + '"><span class="c2-listener-profile-dot" aria-hidden="true"></span><span>' + escapeHtml(profileName) + '</span></div>'
+                : '';
+            const cb = C2.getListenerCallbackHost(l);
+            const cbRow = cb
+                ? '<div class="c2-listener-kv"><span class="c2-listener-kv-label">' + escapeHtml(c2t('c2.listeners.callbackShort')) + '</span><span class="c2-listener-kv-val c2-listener-mono">' + escapeHtml(cb) + '</span></div>'
+                : '';
+            const remarkRow = l.remark ? '<div class="c2-listener-remark">' + escapeHtml(l.remark) + '</div>' : '';
+            const startedHtml = formatListenerStartedHtml(l.startedAt);
+            const pillLabel = escapeHtml(listenerCardStatusPillLabel(st));
+            const typeMark = escapeHtml(listenerTypeShortLabel(l.type));
+            const typeVis = listenerTypeVisualClass(l.type);
+            const fullType = escapeHtml(listenerTypeLabel(l.type));
+            const bindVal = escapeHtml(String(l.bindHost)) + ':' + escapeHtml(String(l.bindPort));
+
+            return `
+            <article class="c2-listener-card c2-listener-card--${stUi}" data-listener-id="${escapeHtml(l.id)}">
+                <div class="c2-listener-card-head">
+                    <div class="c2-ltype-mark ${typeVis}" title="${fullType}"><span>${typeMark}</span></div>
+                    <div class="c2-listener-card-head-main">
+                        <div class="c2-listener-card-title-row">
+                            <h3 class="c2-listener-name">${escapeHtml(l.name)}</h3>
+                            <span class="c2-listener-pill c2-listener-pill--${stUi}">${pillLabel}</span>
+                        </div>
+                        <div class="c2-listener-id-row">
+                            <code class="c2-listener-id-full" title="${escapeHtml(l.id)}">${escapeHtml(l.id)}</code>
+                        </div>
                    </div>
-                    <span class="c2-listener-type">${escapeHtml(listenerTypeLabel(l.type))}</span>
                </div>
-                <div class="c2-listener-info">
-                    <div class="c2-listener-address">
-                        <span class="c2-status-dot ${l.status}"></span>
-                        <strong>${l.bindHost}:${l.bindPort}</strong>
+                <div class="c2-listener-card-body">
+                    <div class="c2-listener-kv">
+                        <span class="c2-listener-kv-label">${escapeHtml(c2t('c2.listeners.bindEndpoint'))}</span>
+                        <span class="c2-listener-kv-val c2-listener-mono"><span class="c2-status-dot ${escapeHtml(st)}"></span>${bindVal}</span>
                    </div>
-                    ${l.startedAt ? `<div style="font-size:12px;margin-top:4px;">${escapeHtml(c2t('c2.listeners.startedAt', { time: formatTime(l.startedAt) }))}</div>` : ''}
-                    ${l.remark ? `<div style="font-size:12px;margin-top:2px;opacity:0.7;">${escapeHtml(l.remark)}</div>` : ''}
+                    ${cbRow}
+                    ${profileBadge}
+                    ${remarkRow}
+                    ${startedHtml}
                </div>
-                <div class="c2-listener-actions">
-                    ${l.status === 'stopped' 
-                        ? `<button class="btn-primary btn-sm" onclick="C2.startListener('${l.id}')">▶ ${escapeHtml(c2t('c2.listeners.start'))}</button>`
-                        : `<button class="btn-secondary btn-sm" onclick="C2.stopListener('${l.id}')">⏹ ${escapeHtml(c2t('c2.listeners.stop'))}</button>`
+                <div class="c2-listener-card-actions">
+                    ${l.status === 'stopped'
+                        ? `<button type="button" class="btn-primary btn-sm" onclick="C2.startListener('${l.id}')">▶ ${escapeHtml(c2t('c2.listeners.start'))}</button>`
+                        : `<button type="button" class="btn-secondary btn-sm" onclick="C2.stopListener('${l.id}')">⏹ ${escapeHtml(c2t('c2.listeners.stop'))}</button>`
                    }
-                    <button class="btn-ghost btn-sm" onclick="C2.editListener('${l.id}')">${escapeHtml(c2t('c2.listeners.edit'))}</button>
-                    <button class="btn-danger btn-sm" onclick="C2.deleteListener('${l.id}')">${escapeHtml(c2t('c2.listeners.delete'))}</button>
+                    <button type="button" class="btn-secondary btn-sm" onclick="C2.editListener('${l.id}')">${escapeHtml(c2t('c2.listeners.edit'))}</button>
+                    <button type="button" class="btn-danger btn-sm" onclick="C2.deleteListener('${l.id}')">${escapeHtml(c2t('c2.listeners.delete'))}</button>
                </div>
-            </div>
-        `).join('');
+            </article>`;
+        }).join('');
    };

    C2.getListenerCallbackHost = function(l) {
@@ -276,9 +391,25 @@
    C2.showCreateListenerModal = function() {
        const modal = document.getElementById('c2-modal');
        const content = document.getElementById('c2-modal-content');
-        if (!content) return;
+        if (!content || !modal) return;

+        modal.style.display = 'flex';
        content.innerHTML = `
+            <div class="c2-modal-header">
+                <h3>${escapeHtml(c2t('c2.listeners.modalCreateTitle'))}</h3>
+                <button class="c2-modal-close" onclick="C2.closeModal()">&times;</button>
+            </div>
+            <div class="c2-modal-body">
+                <p class="form-hint" style="margin-top:0;">${escapeHtml(c2t('c2.listeners.loadingProfiles'))}</p>
+            </div>
+        `;
+
+        C2.ensureProfilesLoaded().then(() => {
+            const profileOpts = listenerProfileSelectHtml('');
+            const emptyProfHintCreate = (C2.profiles && C2.profiles.length > 0)
+                ? ''
+                : `<div class="form-hint" style="margin-bottom:6px;color:#b45309;">${escapeHtml(c2t('c2.listeners.malleableProfileEmptyListHint'))}</div>`;
+            content.innerHTML = `
            <div class="c2-modal-header">
                <h3>${escapeHtml(c2t('c2.listeners.modalCreateTitle'))}</h3>
                <button class="c2-modal-close" onclick="C2.closeModal()">&times;</button>
@@ -291,7 +422,7 @@
                    </div>
                    <div class="c2-form-group">
                        <label>${escapeHtml(c2t('c2.listeners.type'))}</label>
-                        <select id="c2-listener-type" class="form-control">
+                        <select id="c2-listener-type" class="form-control c2-native-select" onchange="C2.syncListenerProfileRowForType()">
                            <option value="http_beacon">HTTP Beacon</option>
                            <option value="https_beacon">HTTPS Beacon</option>
                            <option value="tcp_reverse">TCP Reverse</option>
@@ -310,6 +441,12 @@
                        <input type="number" id="c2-listener-port" class="form-control" placeholder="8443">
                    </div>
                </div>
+                <div class="c2-form-group" id="c2-listener-profile-group">
+                    <label>${escapeHtml(c2t('c2.listeners.malleableProfile'))}</label>
+                    ${emptyProfHintCreate}
+                    <select id="c2-listener-profile-id" class="form-control c2-native-select">${profileOpts}</select>
+                    <div class="form-hint">${escapeHtml(c2t('c2.listeners.malleableProfileHint'))}</div>
+                </div>
                <div class="c2-form-group">
                    <label>${escapeHtml(c2t('c2.listeners.callbackHost'))}</label>
                    <input type="text" id="c2-listener-callback-host" class="form-control" placeholder="">
@@ -325,7 +462,25 @@
                <button class="btn-primary" onclick="C2.createListener()">${escapeHtml(c2t('c2.listeners.submitCreate'))}</button>
            </div>
        `;
-        modal.style.display = 'flex';
+            C2.syncListenerProfileRowForType();
+        }).catch(() => {
+            showToast(c2t('c2.listeners.toastProfilesLoadFailed'), 'error');
+            C2.closeModal();
+        });
+    };
+
+    /** 非 HTTP/HTTPS Beacon 时隐藏 Profile 行（避免误以为 TCP 等也会用） */
+    C2.syncListenerProfileRowForType = function() {
+        const typeEl = document.getElementById('c2-listener-type');
+        const row = document.getElementById('c2-listener-profile-group');
+        if (!typeEl || !row) return;
+        const t = String(typeEl.value || '').toLowerCase();
+        const show = t === 'http_beacon' || t === 'https_beacon';
+        row.style.display = show ? '' : 'none';
+        if (!show) {
+            const sel = document.getElementById('c2-listener-profile-id');
+            if (sel) sel.value = '';
+        }
    };

    C2.createListener = function() {
@@ -341,9 +496,12 @@
            return;
        }

+        const profileId = (document.getElementById('c2-listener-profile-id')?.value || '').trim();
+
        apiRequest('POST', `${API_BASE}/listeners`, {
            name, type, bind_host: bindHost, bind_port: bindPort, remark,
-            callback_host: callbackHost
+            callback_host: callbackHost,
+            profile_id: profileId
        }).then(data => {
            if (data.error) {
                showToast(data.error, 'error');
@@ -388,12 +546,32 @@
        if (!l) return;

        const cbHost = C2.getListenerCallbackHost(l);
-
        const modal = document.getElementById('c2-modal');
        const content = document.getElementById('c2-modal-content');
-        if (!content) return;
+        if (!content || !modal) return;

+        modal.style.display = 'flex';
        content.innerHTML = `
+            <div class="c2-modal-header">
+                <h3>${escapeHtml(c2t('c2.listeners.editTitle'))}</h3>
+                <button class="c2-modal-close" onclick="C2.closeModal()">&times;</button>
+            </div>
+            <div class="c2-modal-body">
+                <p class="form-hint" style="margin-top:0;">${escapeHtml(c2t('c2.listeners.loadingProfiles'))}</p>
+            </div>
+        `;
+
+        C2.ensureProfilesLoaded().then(() => {
+            const resolvedPid = listenerResolvedProfileId(l);
+            const profileOpts = listenerProfileSelectHtml(resolvedPid);
+            const lt = String(l.type || '').toLowerCase();
+            const httpHint = (lt === 'http_beacon' || lt === 'https_beacon')
+                ? ''
+                : `<div class="form-hint" style="margin-bottom:6px;">${escapeHtml(c2t('c2.listeners.malleableProfileNonHttpHint'))}</div>`;
+            const emptyProfHint = (C2.profiles && C2.profiles.length > 0)
+                ? ''
+                : `<div class="form-hint" style="margin-bottom:6px;color:#b45309;">${escapeHtml(c2t('c2.listeners.malleableProfileEmptyListHint'))}</div>`;
+            content.innerHTML = `
            <div class="c2-modal-header">
                <h3>${escapeHtml(c2t('c2.listeners.editTitle'))}</h3>
                <button class="c2-modal-close" onclick="C2.closeModal()">&times;</button>
@@ -406,13 +584,19 @@
                <div class="c2-form-row">
                    <div class="c2-form-group">
                        <label>${escapeHtml(c2t('c2.listeners.bindHost'))}</label>
-                        <input type="text" id="c2-listener-host" class="form-control" value="${l.bindHost}">
+                        <input type="text" id="c2-listener-host" class="form-control" value="${escapeHtml(String(l.bindHost))}">
                    </div>
                    <div class="c2-form-group">
                        <label>${escapeHtml(c2t('c2.listeners.bindPort'))}</label>
                        <input type="number" id="c2-listener-port" class="form-control" value="${l.bindPort}">
                    </div>
                </div>
+                <div class="c2-form-group" id="c2-listener-profile-group">
+                    <label>${escapeHtml(c2t('c2.listeners.malleableProfile'))}</label>
+                    ${httpHint}${emptyProfHint}
+                    <select id="c2-listener-profile-id" class="form-control c2-native-select">${profileOpts}</select>
+                    <div class="form-hint">${escapeHtml(c2t('c2.listeners.malleableProfileHint'))}</div>
+                </div>
                <div class="c2-form-group">
                    <label>${escapeHtml(c2t('c2.listeners.callbackHost'))}</label>
                    <input type="text" id="c2-listener-callback-host" class="form-control" value="${escapeHtml(cbHost)}">
@@ -428,7 +612,10 @@
                <button class="btn-primary" onclick="C2.saveListener('${l.id}')">${escapeHtml(c2t('common.save'))}</button>
            </div>
        `;
-        modal.style.display = 'flex';
+        }).catch(() => {
+            showToast(c2t('c2.listeners.toastProfilesLoadFailed'), 'error');
+            C2.closeModal();
+        });
    };

    C2.saveListener = function(id) {
@@ -437,10 +624,13 @@
        const bindPort = parseInt(document.getElementById('c2-listener-port')?.value);
        const callbackHost = document.getElementById('c2-listener-callback-host')?.value?.trim() ?? '';
        const remark = document.getElementById('c2-listener-remark')?.value;
+        const profileEl = document.getElementById('c2-listener-profile-id');
+        const profileId = profileEl ? String(profileEl.value || '').trim() : '';

        apiRequest('PUT', `${API_BASE}/listeners/${id}`, {
            name, bind_host: bindHost, bind_port: bindPort, remark,
-            callback_host: callbackHost
+            callback_host: callbackHost,
+            profile_id: profileId
        }).then(data => {
            if (data.error) showToast(data.error, 'error');
            else {
@@ -2446,7 +2446,24 @@ async function showMCPDetail(executionId) {
                    }
                }
            } else {
-                responseElement.textContent = typeof window.t === 'function' ? window.t('chat.noResponseData') : '暂无响应数据';
+                if (normalizedStatus === 'running') {
+                    responseElement.textContent = typeof window.t === 'function' ? window.t('mcpDetailModal.runningNoResponseYet') : '尚无返回，工具可能仍在执行。若长时间无响应，可在下方终止本次调用。';
+                } else {
+                    responseElement.textContent = typeof window.t === 'function' ? window.t('chat.noResponseData') : '暂无响应数据';
+                }
+            }
+
+            const abortSection = document.getElementById('detail-abort-section');
+            const abortBtn = document.getElementById('detail-abort-btn');
+            if (abortSection && abortBtn) {
+                if (normalizedStatus === 'running') {
+                    abortSection.style.display = 'block';
+                    abortBtn.dataset.execId = exec.id || '';
+                    abortBtn.textContent = typeof window.t === 'function' ? window.t('mcpDetailModal.abortBtn') : '终止工具';
+                } else {
+                    abortSection.style.display = 'none';
+                    delete abortBtn.dataset.execId;
+                }
            }
            
            // 显示模态框
@@ -2464,6 +2481,101 @@ function closeMCPDetail() {
    document.getElementById('mcp-detail-modal').style.display = 'none';
 }

+/** 从详情模态框触发：取消当前进行中的 MCP 工具调用 */
+async function abortMCPToolExecutionFromDetail() {
+    const btn = document.getElementById('detail-abort-btn');
+    const id = btn && btn.dataset.execId;
+    if (!id) {
+        return;
+    }
+    await cancelMCPToolExecution(id, { refreshDetail: true });
+}
+
+/**
+ * 打开 MCP 工具终止弹窗（说明会经服务端加上「用户终止说明」标题块后与工具输出合并给模型）
+ * @param {string} executionId
+ * @param {{ refreshDetail?: boolean }} [options]
+ */
+function openMcpToolAbortModal(executionId, options = {}) {
+    window.__mcpToolAbortContext = { executionId: executionId, options: options || {} };
+    const ta = document.getElementById('mcp-tool-abort-note');
+    if (ta) {
+        ta.value = '';
+    }
+    const m = document.getElementById('mcp-tool-abort-modal');
+    if (m) {
+        m.style.display = 'block';
+    }
+}
+
+function closeMcpToolAbortModal() {
+    window.__mcpToolAbortContext = null;
+    const m = document.getElementById('mcp-tool-abort-modal');
+    if (m) {
+        m.style.display = 'none';
+    }
+}
+
+async function submitMcpToolAbortModal() {
+    const ctx = window.__mcpToolAbortContext;
+    if (!ctx || !ctx.executionId) {
+        closeMcpToolAbortModal();
+        return;
+    }
+    const note = (document.getElementById('mcp-tool-abort-note') && document.getElementById('mcp-tool-abort-note').value || '').trim();
+    const executionId = ctx.executionId;
+    const options = ctx.options || {};
+    closeMcpToolAbortModal();
+    await cancelMCPToolExecutionSubmit(executionId, note, options);
+}
+
+/**
+ * 提交终止请求（body: { note }）
+ * @param {string} executionId
+ * @param {string} userNote
+ * @param {{ refreshDetail?: boolean }} [options]
+ */
+async function cancelMCPToolExecutionSubmit(executionId, userNote, options = {}) {
+    if (!executionId) {
+        return;
+    }
+    try {
+        const res = await apiFetch(`/api/monitor/execution/${encodeURIComponent(executionId)}/cancel`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ note: userNote || '' }),
+        });
+        const body = await res.json().catch(() => ({}));
+        if (!res.ok) {
+            throw new Error(body.error || body.message || res.statusText);
+        }
+        const okMsg = typeof window.t === 'function' ? window.t('mcpDetailModal.abortSuccess') : '已发送终止请求';
+        alert(okMsg);
+        if (options.refreshDetail && typeof showMCPDetail === 'function') {
+            await showMCPDetail(executionId);
+        }
+        if (typeof refreshMonitorPanel === 'function') {
+            const page = (typeof monitorState !== 'undefined' && monitorState.pagination && monitorState.pagination.page) ? monitorState.pagination.page : 1;
+            await refreshMonitorPanel(page);
+        }
+    } catch (e) {
+        const failMsg = typeof window.t === 'function' ? window.t('mcpDetailModal.abortFailed') : '终止失败';
+        alert(failMsg + ': ' + (e && e.message ? e.message : String(e)));
+    }
+}
+
+/**
+ * 取消单次 MCP 工具执行（监控页「终止」）。弹出说明框后提交；仅取消该次 tools/call，不停止整条对话/迭代任务。
+ * @param {string} executionId
+ * @param {{ refreshDetail?: boolean }} [options]
+ */
+async function cancelMCPToolExecution(executionId, options = {}) {
+    if (!executionId) {
+        return;
+    }
+    openMcpToolAbortModal(executionId, options);
+}
+
 // 复制详情面板中的内容
 function copyDetailBlock(elementId, triggerBtn = null) {
    const target = document.getElementById(elementId);
@@ -2852,7 +2964,11 @@ async function loadConversation(conversationId) {
                    }
                }

-                const messageId = addMessage(msg.role, displayContent, msg.mcpExecutionIds || [], null, msg.createdAt);
+                // 消息时间口径：
+                // - user: createdAt 即可（发送后不会再更新）
+                // - assistant: 如果后端提供 updatedAt（任务完成时写回），优先用它，避免占位消息“任务开始时间”误导
+                const msgTime = (msg && msg.role === 'assistant' && msg.updatedAt) ? msg.updatedAt : (msg ? msg.createdAt : null);
+                const messageId = addMessage(msg.role, displayContent, msg.mcpExecutionIds || [], null, msgTime);
                const messageEl = document.getElementById(messageId);
                if (messageEl && msg && msg.id) {
                    messageEl.dataset.backendMessageId = String(msg.id);
@@ -1,4 +1,6 @@
 const progressTaskState = new Map();
+/** @type {{ progressId: string, conversationId: string } | null} */
+let userInterruptModalPending = null;
 let activeTaskInterval = null;
 const ACTIVE_TASK_REFRESH_INTERVAL = 10000; // 10秒检查一次
 const TASK_FINAL_STATUSES = new Set(['failed', 'timeout', 'cancelled', 'completed']);
@@ -410,6 +412,128 @@ async function requestCancel(conversationId) {
    return result;
 }

+/** 用户填写说明后中断当前步骤，由后端写入对话并继续同一条流式迭代 */
+async function requestCancelWithContinue(conversationId, reason) {
+    const response = await apiFetch('/api/agent-loop/cancel', {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({
+            conversationId,
+            reason: reason || '',
+            continueAfter: true,
+        }),
+    });
+    const result = await response.json().catch(() => ({}));
+    if (!response.ok) {
+        throw new Error(result.error || (typeof window.t === 'function' ? window.t('tasks.cancelFailed') : '取消失败'));
+    }
+    return result;
+}
+
+function openUserInterruptModal(progressId, conversationId) {
+    userInterruptModalPending = { progressId, conversationId };
+    const ta = document.getElementById('user-interrupt-reason');
+    if (ta) {
+        ta.value = '';
+    }
+    const m = document.getElementById('user-interrupt-modal');
+    if (m) {
+        m.style.display = 'block';
+    }
+}
+
+function closeUserInterruptModal() {
+    userInterruptModalPending = null;
+    const m = document.getElementById('user-interrupt-modal');
+    if (m) {
+        m.style.display = 'none';
+    }
+}
+
+async function submitUserInterruptContinue() {
+    if (!userInterruptModalPending) {
+        return;
+    }
+    const reason = (document.getElementById('user-interrupt-reason') && document.getElementById('user-interrupt-reason').value || '').trim();
+    if (!reason) {
+        alert(typeof window.t === 'function' ? window.t('tasks.interruptReasonRequired') : '请填写中断说明');
+        return;
+    }
+    const { progressId, conversationId } = userInterruptModalPending;
+    closeUserInterruptModal();
+    const stopBtn = document.getElementById(`${progressId}-stop-btn`);
+    try {
+        if (stopBtn) {
+            stopBtn.disabled = true;
+            stopBtn.textContent = typeof window.t === 'function' ? window.t('tasks.interruptSubmitting') : '提交中...';
+        }
+        await requestCancelWithContinue(conversationId, reason);
+        loadActiveTasks();
+    } catch (error) {
+        console.error('中断并继续失败:', error);
+        alert((typeof window.t === 'function' ? window.t('tasks.cancelTaskFailed') : '操作失败') + ': ' + error.message);
+    } finally {
+        if (stopBtn) {
+            stopBtn.disabled = false;
+            stopBtn.textContent = typeof window.t === 'function' ? window.t('tasks.stopTask') : '停止任务';
+        }
+    }
+}
+
+async function submitUserInterruptHardCancel() {
+    if (!userInterruptModalPending) {
+        return;
+    }
+    const { progressId } = userInterruptModalPending;
+    closeUserInterruptModal();
+    await performHardCancelProgressTask(progressId);
+}
+
+/** 彻底停止任务（原「停止任务」行为） */
+async function performHardCancelProgressTask(progressId) {
+    const state = progressTaskState.get(progressId);
+    const stopBtn = document.getElementById(`${progressId}-stop-btn`);
+
+    if (!state || !state.conversationId) {
+        if (stopBtn) {
+            stopBtn.disabled = true;
+            setTimeout(() => {
+                stopBtn.disabled = false;
+            }, 1500);
+        }
+        alert(typeof window.t === 'function' ? window.t('tasks.taskInfoNotSynced') : '任务信息尚未同步，请稍后再试。');
+        return;
+    }
+
+    if (state.cancelling) {
+        return;
+    }
+
+    markProgressCancelling(progressId);
+    if (stopBtn) {
+        stopBtn.disabled = true;
+        stopBtn.textContent = typeof window.t === 'function' ? window.t('tasks.cancelling') : '取消中...';
+    }
+
+    try {
+        await requestCancel(state.conversationId);
+        loadActiveTasks();
+    } catch (error) {
+        console.error('取消任务失败:', error);
+        alert((typeof window.t === 'function' ? window.t('tasks.cancelTaskFailed') : '取消任务失败') + ': ' + error.message);
+        if (stopBtn) {
+            stopBtn.disabled = false;
+            stopBtn.textContent = typeof window.t === 'function' ? window.t('tasks.stopTask') : '停止任务';
+        }
+        const currentState = progressTaskState.get(progressId);
+        if (currentState) {
+            currentState.cancelling = false;
+        }
+    }
+}
+
 function addProgressMessage() {
    const messagesDiv = document.getElementById('chat-messages');
    const messageDiv = document.createElement('div');
@@ -737,7 +861,7 @@ function toggleProcessDetails(progressId, assistantMessageId) {
    }
 }

-// 停止当前进度对应的任务
+// 停止当前进度：弹出「中断并说明 / 彻底停止」
 async function cancelProgressTask(progressId) {
    const state = progressTaskState.get(progressId);
    const stopBtn = document.getElementById(`${progressId}-stop-btn`);
@@ -757,27 +881,7 @@ async function cancelProgressTask(progressId) {
        return;
    }

-    markProgressCancelling(progressId);
-    if (stopBtn) {
-        stopBtn.disabled = true;
-        stopBtn.textContent = typeof window.t === 'function' ? window.t('tasks.cancelling') : '取消中...';
-    }
-
-    try {
-        await requestCancel(state.conversationId);
-        loadActiveTasks();
-    } catch (error) {
-        console.error('取消任务失败:', error);
-        alert((typeof window.t === 'function' ? window.t('tasks.cancelTaskFailed') : '取消任务失败') + ': ' + error.message);
-        if (stopBtn) {
-            stopBtn.disabled = false;
-            stopBtn.textContent = typeof window.t === 'function' ? window.t('tasks.stopTask') : '停止任务';
-        }
-        const currentState = progressTaskState.get(progressId);
-        if (currentState) {
-            currentState.cancelling = false;
-        }
-    }
+    openUserInterruptModal(progressId, state.conversationId);
 }

 // 将进度消息转换为可折叠的详情组件
@@ -1414,6 +1518,18 @@ function handleStreamEvent(event, progressElement, progressId,
            break;
        }
            
+        case 'user_interrupt_continue': {
+            const d = event.data || {};
+            const reason = (d.reason != null && String(d.reason).trim() !== '') ? String(d.reason).trim() : (event.message || '');
+            const timelineTitle = typeof window.t === 'function' ? window.t('tasks.userInterruptTimelineTitle') : '用户中断说明（继续迭代）';
+            addTimelineItem(timeline, 'user_interrupt', {
+                title: '✋ ' + timelineTitle,
+                message: reason,
+                data: d,
+            });
+            break;
+        }
+
        case 'progress':
            const progressTitle = document.querySelector(`#${progressId} .progress-title`);
            if (progressTitle) {
@@ -2777,7 +2893,8 @@ function renderMonitorExecutions(executions = [], statusFilter = 'all') {
    const viewDetailLabel = typeof window.t === 'function' ? window.t('mcpMonitor.viewDetail') : '查看详情';
    const deleteLabel = typeof window.t === 'function' ? window.t('mcpMonitor.delete') : '删除';
    const deleteExecTitle = typeof window.t === 'function' ? window.t('mcpMonitor.deleteExecTitle') : '删除此执行记录';
-    const statusKeyMap = { pending: 'statusPending', running: 'statusRunning', completed: 'statusCompleted', failed: 'statusFailed' };
+    const terminateLabel = typeof window.t === 'function' ? window.t('mcpMonitor.terminateExecution') : '终止';
+    const statusKeyMap = { pending: 'statusPending', running: 'statusRunning', completed: 'statusCompleted', failed: 'statusFailed', cancelled: 'statusCancelled' };
    const locale = (typeof window.__locale === 'string' && window.__locale.startsWith('zh')) ? 'zh-CN' : undefined;
    const rows = executions
        .map(exec => {
@@ -2788,7 +2905,11 @@ function renderMonitorExecutions(executions = [], statusFilter = 'all') {
            const startTime = exec.startTime ? (new Date(exec.startTime).toLocaleString ? new Date(exec.startTime).toLocaleString(locale || 'en-US') : String(exec.startTime)) : unknownLabel;
            const duration = formatExecutionDuration(exec.startTime, exec.endTime);
            const toolName = escapeHtml(exec.toolName || unknownToolLabel);
-            const executionId = escapeHtml(exec.id || '');
+            const rawExecId = exec.id || '';
+            const executionId = escapeHtml(rawExecId);
+            const terminateBtn = status === 'running'
+                ? `<button type="button" class="btn-secondary btn-monitor-abort" onclick="cancelMCPToolExecution('${rawExecId.replace(/\\/g, '\\\\').replace(/'/g, "\\'")}')">${escapeHtml(terminateLabel)}</button>`
+                : '';
            return `
                <tr>
                    <td>
@@ -2801,6 +2922,7 @@ function renderMonitorExecutions(executions = [], statusFilter = 'all') {
                    <td>
                        <div class="monitor-execution-actions">
                            <button class="btn-secondary" onclick="showMCPDetail('${executionId}')">${escapeHtml(viewDetailLabel)}</button>
+                            ${terminateBtn}
                            <button class="btn-secondary btn-delete" onclick="deleteExecution('${executionId}')" title="${escapeHtml(deleteExecTitle)}">${escapeHtml(deleteLabel)}</button>
                        </div>
                    </td>
@@ -65,6 +65,9 @@ function initRouter() {

 // 切换页面
 function switchPage(pageId) {
+    if (typeof window.syncC2NavOnceFromServer === 'function') {
+        void window.syncC2NavOnceFromServer();
+    }
    // 隐藏所有页面
    document.querySelectorAll('.page').forEach(page => {
        page.classList.remove('active');
@@ -29,6 +29,42 @@ let toolsPagination = {
    totalPages: 0
 };

+let c2NavSyncedOnce = false;
+
+/** 首次进入仪表盘等页面前拉一次配置，隐藏侧栏 C2（避免禁用后仍显示） */
+window.syncC2NavOnceFromServer = async function syncC2NavOnceFromServer() {
+    if (c2NavSyncedOnce || typeof apiFetch === 'undefined') {
+        return;
+    }
+    c2NavSyncedOnce = true;
+    try {
+        const r = await apiFetch('/api/config');
+        if (r.ok) {
+            const cfg = await r.json();
+            syncC2NavFromConfig(cfg);
+        }
+    } catch (_) {
+        /* ignore */
+    }
+};
+
+// 根据 C2 是否启用显示主导航 C2 入口与仪表盘 C2 区块（与 /api/config 的 c2.enabled 一致）
+function syncC2NavFromConfig(cfg) {
+    const on = cfg && cfg.c2 && cfg.c2.enabled !== false;
+    const nav = document.getElementById('nav-c2');
+    if (nav) {
+        nav.style.display = on ? '' : 'none';
+    }
+    const dash = document.getElementById('dashboard-section-c2');
+    if (dash) {
+        if (!on) {
+            dash.hidden = true;
+        } else {
+            dash.removeAttribute('hidden');
+        }
+    }
+}
+
 // 切换设置分类
 function switchSettingsSection(section) {
    // 更新导航项状态
@@ -274,6 +310,12 @@ async function loadConfig(loadTools = true) {
            }
        }

+        const c2EnabledCb = document.getElementById('c2-enabled');
+        if (c2EnabledCb) {
+            c2EnabledCb.checked = currentConfig.c2?.enabled !== false;
+        }
+        syncC2NavFromConfig(currentConfig);
+
        // 填充机器人配置
        const robots = currentConfig.robots || {};
        const wecom = robots.wecom || {};
@@ -975,6 +1017,9 @@ async function applySettings() {
        const knowledgeEnabled = knowledgeEnabledCheckbox ? knowledgeEnabledCheckbox.checked : true;
        
        // 收集知识库配置
+        const c2EnabledCheckbox = document.getElementById('c2-enabled');
+        const c2Enabled = c2EnabledCheckbox ? c2EnabledCheckbox.checked : true;
+
        const knowledgeConfig = {
            enabled: knowledgeEnabled,
            base_path: document.getElementById('knowledge-base-path')?.value.trim() || 'knowledge_base',
@@ -1048,6 +1093,9 @@ async function applySettings() {
                };
            })(),
            knowledge: knowledgeConfig,
+            c2: {
+                enabled: c2Enabled
+            },
            robots: {
                wecom: {
                    enabled: document.getElementById('robot-wecom-enabled')?.checked === true,
@@ -1174,6 +1222,15 @@ async function applySettings() {
            ? window.t('settings.apply.applySuccess')
            : '配置已成功应用！';
        alert(successMsg);
+        try {
+            const cfgResp = await apiFetch('/api/config');
+            if (cfgResp.ok) {
+                const fresh = await cfgResp.json();
+                syncC2NavFromConfig(fresh);
+            }
+        } catch (e) {
+            console.warn('refresh C2 nav after apply', e);
+        }
        try {
            if (typeof initChatAgentModeFromConfig === 'function') {
                await initChatAgentModeFromConfig();
@@ -170,6 +170,14 @@
                            <span data-i18n="nav.vulnerabilities">漏洞管理</span>
                        </div>
                    </div>
+                    <div class="nav-item" data-page="chat-files">
+                        <div class="nav-item-content" data-title="文件管理" onclick="switchPage('chat-files')" data-i18n="nav.chatFiles" data-i18n-attr="data-title" data-i18n-skip-text="true">
+                            <svg width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
+                                <path d="M22 19a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h5l2 3h9a2 2 0 0 1 2 2z"></path>
+                            </svg>
+                            <span data-i18n="nav.chatFiles">文件管理</span>
+                        </div>
+                    </div>
                    <div class="nav-item" data-page="webshell">
                        <div class="nav-item-content" data-title="WebShell管理" onclick="switchPage('webshell')" data-i18n="nav.webshell" data-i18n-attr="data-title" data-i18n-skip-text="true">
                            <svg width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
@@ -201,14 +209,6 @@
                            <div class="nav-submenu-item" data-page="c2-profiles" onclick="switchPage('c2-profiles')" data-i18n="nav.c2Profiles">流量伪装</div>
                        </div>
                    </div>
-                    <div class="nav-item" data-page="chat-files">
-                        <div class="nav-item-content" data-title="文件管理" onclick="switchPage('chat-files')" data-i18n="nav.chatFiles" data-i18n-attr="data-title" data-i18n-skip-text="true">
-                            <svg width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                                <path d="M22 19a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h5l2 3h9a2 2 0 0 1 2 2z"></path>
-                            </svg>
-                            <span data-i18n="nav.chatFiles">文件管理</span>
-                        </div>
-                    </div>
                    <div class="nav-item nav-item-has-submenu" data-page="mcp">
                        <div class="nav-item-content" data-title="MCP" onclick="window.toggleSubmenu('mcp')" data-i18n="nav.mcp" data-i18n-attr="data-title" data-i18n-skip-text="true">
                            <svg width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
@@ -1053,6 +1053,7 @@
                                                <option value="completed" data-i18n="mcpMonitor.statusCompleted">已完成</option>
                                                <option value="running" data-i18n="mcpMonitor.statusRunning">执行中</option>
                                                <option value="failed" data-i18n="mcpMonitor.statusFailed">失败</option>
+                                                <option value="cancelled" data-i18n="mcpMonitor.statusCancelled">已终止</option>
                                            </select>
                                        </label>
                                    </div>
@@ -1937,6 +1938,9 @@
                                <div class="settings-nav-item" data-section="knowledge" onclick="switchSettingsSection('knowledge')">
                                    <span data-i18n="settings.nav.knowledge">知识库</span>
                                </div>
+                                <div class="settings-nav-item" data-section="c2" onclick="switchSettingsSection('c2')">
+                                    <span data-i18n="settings.nav.c2">C2</span>
+                                </div>
                                <div class="settings-nav-item" data-section="robots" onclick="switchSettingsSection('robots')">
                                    <span data-i18n="settings.nav.robots">机器人设置</span>
                                </div>
@@ -2222,6 +2226,29 @@
                                </div>
                            </div>

+                            <!-- C2 总开关 -->
+                            <div id="settings-section-c2" class="settings-section-content">
+                                <div class="settings-section-header">
+                                    <h3 data-i18n="settings.c2.title">C2 设置</h3>
+                                </div>
+                                <div class="settings-subsection">
+                                    <h4 data-i18n="settings.c2.sectionTitle">内置 C2</h4>
+                                    <div class="settings-form">
+                                        <div class="form-group">
+                                            <label class="checkbox-label">
+                                                <input type="checkbox" id="c2-enabled" class="modern-checkbox" />
+                                                <span class="checkbox-custom"></span>
+                                                <span class="checkbox-text" data-i18n="settings.c2.enableLabel">启用内置 C2（监听器、会话、Payload、MCP 工具等）</span>
+                                            </label>
+                                            <small class="form-hint" data-i18n="settings.c2.enableHint">关闭后不再启动监听器、不注册 C2 相关 MCP 工具，侧栏 C2 入口将隐藏；仅本机使用对话与知识库时可关闭以节省资源。</small>
+                                        </div>
+                                    </div>
+                                </div>
+                                <div class="settings-actions">
+                                    <button class="btn-primary" onclick="applySettings()" data-i18n="settings.apply.button">应用配置</button>
+                                </div>
+                            </div>
+
                            <!-- 机器人设置 -->
                            <div id="settings-section-robots" class="settings-section-content">
                                <div class="settings-section-header">
@@ -2423,6 +2450,13 @@
                        </div>
                    </div>
                </div>
+                <div class="detail-section detail-abort-section" id="detail-abort-section" style="display: none;">
+                    <div class="detail-section-header">
+                        <h3 data-i18n="mcpDetailModal.abortTitle">运行控制</h3>
+                    </div>
+                    <p class="detail-abort-hint" data-i18n="mcpDetailModal.abortHint">仅中断当前工具调用；对话与多步任务会继续。</p>
+                    <button type="button" class="btn-secondary btn-monitor-abort" id="detail-abort-btn" onclick="abortMCPToolExecutionFromDetail()">终止工具</button>
+                </div>
                <div class="detail-section">
                    <div class="detail-section-header">
                        <h3 data-i18n="mcpDetailModal.requestParams">请求参数</h3>
@@ -2463,6 +2497,49 @@
        </div>
    </div>

+    <!-- 用户中断并说明（继续迭代） -->
+    <div id="user-interrupt-modal" class="modal">
+        <div class="modal-content" style="max-width: 520px;">
+            <div class="modal-header">
+                <h2 data-i18n="tasks.interruptModalTitle">中断当前步骤</h2>
+                <span class="modal-close" onclick="closeUserInterruptModal()">&times;</span>
+            </div>
+            <div class="modal-body">
+                <p class="detail-abort-hint" data-i18n="tasks.interruptModalHint">填写说明后将写入对话并由智能体继续迭代。</p>
+                <div class="form-group">
+                    <label for="user-interrupt-reason"><span data-i18n="tasks.interruptReasonLabel">中断说明</span></label>
+                    <textarea id="user-interrupt-reason" class="form-control" rows="4" data-i18n="tasks.interruptReasonPlaceholder" data-i18n-attr="placeholder" placeholder=""></textarea>
+                </div>
+                <div class="form-actions" style="display: flex; flex-wrap: wrap; gap: 8px; justify-content: flex-end;">
+                    <button type="button" class="btn-secondary" onclick="closeUserInterruptModal()" data-i18n="tasks.interruptModalClose">关闭</button>
+                    <button type="button" class="btn-secondary btn-delete" onclick="submitUserInterruptHardCancel()" data-i18n="tasks.interruptHardStop">彻底停止</button>
+                    <button type="button" class="btn-primary" onclick="submitUserInterruptContinue()" data-i18n="tasks.interruptConfirmContinue">中断并继续</button>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- MCP 工具终止：可填写给模型的说明 -->
+    <div id="mcp-tool-abort-modal" class="modal">
+        <div class="modal-content" style="max-width: 520px;">
+            <div class="modal-header">
+                <h2 data-i18n="mcpDetailModal.abortNoteModalTitle">终止工具并补充说明</h2>
+                <span class="modal-close" onclick="closeMcpToolAbortModal()">&times;</span>
+            </div>
+            <div class="modal-body">
+                <p class="detail-abort-hint" data-i18n="mcpDetailModal.abortNoteModalHint">可选说明。</p>
+                <div class="form-group">
+                    <label for="mcp-tool-abort-note"><span data-i18n="mcpDetailModal.abortNoteLabel">终止说明（可选）</span></label>
+                    <textarea id="mcp-tool-abort-note" class="form-control" rows="4" data-i18n="mcpDetailModal.abortNotePlaceholder" data-i18n-attr="placeholder" placeholder=""></textarea>
+                </div>
+                <div class="form-actions" style="display: flex; flex-wrap: wrap; gap: 8px; justify-content: flex-end;">
+                    <button type="button" class="btn-secondary" onclick="closeMcpToolAbortModal()" data-i18n="mcpDetailModal.abortNoteClose">取消</button>
+                    <button type="button" class="btn-primary" onclick="submitMcpToolAbortModal()" data-i18n="mcpDetailModal.abortNoteSubmit">提交终止</button>
+                </div>
+            </div>
+        </div>
+    </div>
+
    <!-- 外部MCP配置模态框 -->
    <div id="external-mcp-modal" class="modal">
        <div class="modal-content" style="max-width: 900px;">
@@ -2522,7 +2599,7 @@
                <h2 data-i18n="attackChainModal.title">攻击链可视化</h2>
                <div class="modal-header-actions">
                    <button class="btn-primary attack-chain-action-btn" onclick="regenerateAttackChain()" data-i18n="attackChainModal.regenerateTitle" data-i18n-attr="title" data-i18n-skip-text="true" title="重新生成攻击链（包含最新对话内容）">
-                        🔄 <span data-i18n="attackChainModal.regenerate">重新生成</span>
+                        <span data-i18n="attackChainModal.regenerate">重新生成</span>
                    </button>
                    <button class="btn-secondary attack-chain-action-btn" onclick="exportAttackChain('png')" data-i18n="attackChainModal.exportPng" data-i18n-attr="title" title="导出为PNG">
                        📥 PNG
@@ -2531,7 +2608,7 @@
                        📥 SVG
                    </button>
                    <button class="btn-secondary attack-chain-action-btn" onclick="refreshAttackChain()" data-i18n="attackChainModal.refreshTitle" data-i18n-attr="title" title="刷新当前攻击链（不重新生成）">
-                        ↻ <span data-i18n="common.refresh">刷新</span>
+                        <span data-i18n="common.refresh">刷新</span>
                    </button>
                    <span class="modal-close" onclick="closeAttackChainModal()">&times;</span>
                </div>
Author	SHA1	Message	Date
公明	fe625010eb	Update config.yaml	2026-05-07 17:04:39 +08:00
公明	40cd0293b5	Add files via upload	2026-05-07 17:04:14 +08:00
公明	b62dc1f326	Add files via upload	2026-05-07 17:02:26 +08:00
公明	6d180c814d	Add files via upload	2026-05-07 17:01:15 +08:00
公明	e68d3a3d23	Add files via upload	2026-05-07 16:58:54 +08:00
公明	699b9181e6	Add files via upload	2026-05-07 16:57:17 +08:00
公明	7b9070f106	Update config.yaml	2026-05-06 21:37:55 +08:00
公明	5a31b69245	Add files via upload	2026-05-06 21:31:21 +08:00
公明	104a6e30d5	Add files via upload	2026-05-06 21:29:25 +08:00
公明	80c4299dbb	Add files via upload	2026-05-06 21:26:38 +08:00
公明	debe967272	Add files via upload	2026-05-06 20:50:28 +08:00
公明	b28f9c25f8	Update config.yaml	2026-05-06 18:00:13 +08:00
公明	6f5d0b0174	Add files via upload	2026-05-06 17:59:31 +08:00
公明	231a48db8e	Add files via upload	2026-05-06 17:58:42 +08:00
公明	d82ea60827	Add files via upload	2026-05-06 17:56:30 +08:00
公明	24a0c813e2	Add files via upload	2026-05-06 17:50:59 +08:00
公明	24938f92ff	Add files via upload	2026-05-04 13:22:36 +08:00
公明	b24bc63964	Update config.yaml	2026-05-04 13:19:35 +08:00
公明	60517fff44	Update config.yaml	2026-05-04 13:12:56 +08:00
公明	d2635eeb9c	Add files via upload	2026-05-04 13:12:09 +08:00
公明	57ebc7c04b	Add files via upload	2026-05-04 13:09:43 +08:00
公明	b27e443d37	Add files via upload	2026-05-04 13:07:37 +08:00
公明	9b4c6dedc8	Add files via upload	2026-05-04 04:50:53 +08:00
公明	d603060511	Add files via upload	2026-05-04 03:52:47 +08:00