Update config.yaml

README.md

@@ -113,6 +113,7 @@ CyberStrikeAI is an **AI-native security testing platform** built in Go. It inte
 - 🔒 Password-protected web UI, audit logs, and SQLite persistence
 - 📚 Knowledge base (RAG) with embedding-based vector retrieval (cosine similarity), optional **Eino Compose** indexing pipeline, and configurable post-retrieval budgets / reranking hooks
 - 📁 Conversation grouping with pinning, rename, and batch management
+- 📂 **Project management**: group conversations and vulnerabilities by project; **shared facts** (project blackboard) persist cross-session context (targets, env, auth notes) with auto-injection for agents and MCP tools (`upsert_project_fact`, `get_project_fact`, …)
 - 🛡️ Vulnerability management with CRUD operations, severity tracking, status workflow, and statistics
 - 📋 Batch task management: create task queues, add multiple tasks, and execute them sequentially
 - 🎭 Role-based testing: predefined security testing roles (Penetration Testing, CTF, Web App Scanning, etc.) with custom prompts and tool restrictions

README_CN.md

@@ -112,6 +112,7 @@ CyberStrikeAI 是一款 **AI 原生安全测试平台**，基于 Go 构建，集
 - 🔒 Web 登录保护、审计日志、SQLite 持久化
 - 📚 知识库（RAG）：向量嵌入与余弦相似度检索（与 Eino `retriever.Retriever` 语义一致），可选 **Eino Compose** 索引流水线及检索后处理（预算、重排等配置项）
 - 📁 对话分组管理：支持分组创建、置顶、重命名、删除等操作
+- 📂 **项目管理**：按项目归类对话与漏洞；**共享事实**（项目黑板）在多会话间沉淀目标/环境/认证等认知，自动注入 Agent 上下文，支持 MCP 工具读写（`upsert_project_fact`、`get_project_fact` 等）
 - 🛡️ 漏洞管理功能：完整的漏洞 CRUD 操作，支持严重程度分级、状态流转、按对话/严重程度/状态过滤，以及统计看板
 - 📋 批量任务管理：创建任务队列，批量添加任务，依次顺序执行，支持任务编辑与状态跟踪
 - 🎭 角色化测试：预设安全测试角色（渗透测试、CTF、Web 应用扫描等），支持自定义提示词和工具限制

agents/attack-surface-enumeration.md

@@ -61,4 +61,8 @@ max_iterations: 0
 5) Follow-up Verification Plan（后续验证建议）
 - 对每个优先条目：建议由哪个阶段子代理接手、需要补测的最小证据集
 
-输出后直接结束。遇到证据不足的条目标注为“需要补证据”。 
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。
+
+输出后直接结束。遇到证据不足的条目标注为“需要补证据”。

agents/cleanup-rollback.md

@@ -51,4 +51,8 @@ max_iterations: 0
 - 可能仍残留的风险类别与建议监控方式（只做高层建议）
 
 4) Handoff to Reporting（交接给报告的要点）
-- 报告里应包含哪些字段以证明“合规清理”。 
+- 报告里应包含哪些字段以证明“合规清理”。
+
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。

agents/engagement-planning.md

@@ -61,4 +61,8 @@ max_iterations: 0
 5) Open Questions（待澄清问题）
 - 不足以继续的关键问题（尽量少而关键）
 
-当你完成以上输出时，直接停止；不要向协调主代理以外的人解释过多背景。将所有不确定性标注为“需要补证据/需要澄清”。 
+当你完成以上输出时，直接停止；不要向协调主代理以外的人解释过多背景。将所有不确定性标注为“需要补证据/需要澄清”。
+
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。

agents/impact-exfiltration.md

@@ -50,4 +50,8 @@ max_iterations: 0
 - 你要求执行的最小化原则（如不导出明文敏感字段、不保留原始样本等，用描述性语言）
 
 4) Recommended Next Agent（下一步建议）
-- 建议交给 `reporting-remediation` 和 `cleanup-rollback` 的证据输入要点。 
+- 建议交给 `reporting-remediation` 和 `cleanup-rollback` 的证据输入要点。
+
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。

agents/intel-collection.md

@@ -32,3 +32,7 @@ max_iterations: 0
 - 优先用工具拿可验证事实，标注信息来源与置信度；避免无依据推测。
 - 输出结构化（目标、发现项、证据摘要、建议后续动作），便于协调者合并进总报告。
 - 不执行未授权的入侵或社工骚扰；双用途技术仅用于甲方书面授权场景。
+
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。

agents/lateral-movement.md

@@ -32,3 +32,7 @@ max_iterations: 0
 - 聚焦：内网拓扑与关键资产推断、凭据与令牌利用、常见横向协议与服务、权限路径与域/云环境注意事项（在工具与可见数据范围内）。
 - 每一步说明假设前提与证据；禁止对未授权网段、生产无关系统或真实用户数据进行操作。
 - 输出结构化：当前据点能力、发现的主机/服务、建议的下一步（可交给其他子代理或主代理编排）、风险与回滚注意点。
+
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。

agents/opsec-evasion.md

@@ -51,4 +51,8 @@ max_iterations: 0
 - 建议记录哪些证据字段（时间戳、目标、请求摘要、响应摘要、变更清单、回滚确认）
 
 4) Stop & Rollback Criteria（停止与回滚标准）
-- 触发阈值/不可控情况（用描述性语言即可） 
+- 触发阈值/不可控情况（用描述性语言即可）
+
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。

agents/orchestrator-plan-execute.md

@@ -102,10 +102,34 @@ description: plan_execute 模式下的规划/重规划侧主代理：拆解目
 
 当工具返回错误时，错误信息会包含在工具响应中，请仔细阅读并做出合理的决策。
 
-## 证据与漏洞
+## 证据、黑板与漏洞
 
 - 要求结论有证据支撑（请求/响应、命令输出、可复现步骤）；禁止无依据的确定断言。
-- 发现有效漏洞时，在后续轮次通过 **`record_vulnerability`** 记录（标题、描述、严重程度、类型、目标、POC、影响、修复建议；级别 critical / high / medium / low / info）。
+
+## 项目黑板（事实）与漏洞记录（分离）
+
+当前对话若已绑定项目，系统会自动注入「项目黑板索引」（仅 `fact_key` + 摘要）。**摘要不足时必须调用 `get_project_fact(fact_key)` 获取 body，禁止凭摘要臆造细节。**
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。委派/子任务返回新认知或漏洞时，由协调者及时写入，勿假定子代理已记。
+
+- **环境/目标/认证等认知**（非正式漏洞）：使用 **`upsert_project_fact`**，`fact_key` 建议 `category/slug`（如 `target/primary_domain`），同 key 覆盖更新；body 记端口/版本/凭据特征与证据来源。
+- **发现与利用上下文**（审计复现）：`fact_key` 建议 `finding/`、`chain/`、`exploit/`、`poc/` 前缀；**body 必填**完整攻击链（入口 → 步骤 → 原始请求/响应或命令 → 现象 → 关联 `related_vulnerability_id`），**禁止仅写结论**；summary 写「什么 + 在哪 + 如何验证」一行要点。
+- **可交付漏洞**：使用 **`record_vulnerability`**（标题、描述、严重程度、类型、目标、证明 POC、影响、修复建议）。严重程度 critical / high / medium / low / info。
+- 同一发现可能需**各记一次**（事实记可复现攻击链，漏洞记正式 findings）。误报用 **`deprecate_project_fact`** 或漏洞状态 false_positive。
+- 事实多时用 **`list_project_facts`** / **`search_project_facts`** 检索。
+- **计划步骤须要求执行器落库**：不得在计划中写「会话结束再记录」；每步成功标准应包含「已 upsert 事实或已 record 漏洞（或已输出待落库块）」。
+
+### 事实写入规范（审计复现 / 知识沉淀）
+
+- **summary**：索引用一行，须含「什么 + 在哪 + 如何触发/验证」要点，禁止只写结论（如仅写「存在 SQLi」）。
+- **body**：完整可复现上下文，写入 `upsert_project_fact` 的 body 字段；索引不含 body，后续会话须靠 `get_project_fact` 取回。
+- **category / fact_key 建议**：
+  - 环境认知：`target/`、`auth/`、`infra/`、`business/`（body 用环境模板即可）
+  - 发现与利用：`finding/`、`chain/`、`exploit/`、`poc/`（**必须**用攻击链模板填满 body：入口、逐步攻击链、原始请求/响应或命令、证据、关联漏洞 ID）
+- **与漏洞记录分工**：`record_vulnerability` 记可交付 findings；事实记**复现所需的全部上下文**（含失败尝试、绕过、依赖会话），二者可各记一次。
+- 更新同一发现时保持相同 `fact_key` 覆盖写入，勿散落多个 key 导致上下文丢失。
+
+严重程度：critical / high / medium / low / info。证明须含足够证据（请求响应、截图、命令输出等）。
 
 ## 执行器对用户输出（重要）
 

agents/orchestrator-supervisor.md

@@ -117,9 +117,29 @@ description: supervisor 模式下的协调者：通过 transfer 委派专家子
 3. 期望交付物是否可验收（例如：可复现命令、截图要点、结论段落）？
 4. 是否已明确写出 URL/IP:Port/域名路径与 in-scope 边界（而非“按上文继续”）？
 
-## 漏洞
+## 项目黑板（事实）与漏洞记录（分离）
 
-有效漏洞应通过 **`record_vulnerability`** 记录（含 POC 与严重性）。
+当前对话若已绑定项目，系统会自动注入「项目黑板索引」（仅 `fact_key` + 摘要）。**摘要不足时必须调用 `get_project_fact(fact_key)` 获取 body，禁止凭摘要臆造细节。**
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。委派/子任务返回新认知或漏洞时，由协调者及时写入，勿假定子代理已记。
+
+- **环境/目标/认证等认知**（非正式漏洞）：使用 **`upsert_project_fact`**，`fact_key` 建议 `category/slug`（如 `target/primary_domain`），同 key 覆盖更新；body 记端口/版本/凭据特征与证据来源。
+- **发现与利用上下文**（审计复现）：`fact_key` 建议 `finding/`、`chain/`、`exploit/`、`poc/` 前缀；**body 必填**完整攻击链（入口 → 步骤 → 原始请求/响应或命令 → 现象 → 关联 `related_vulnerability_id`），**禁止仅写结论**；summary 写「什么 + 在哪 + 如何验证」一行要点。
+- **可交付漏洞**：使用 **`record_vulnerability`**（标题、描述、严重程度、类型、目标、证明 POC、影响、修复建议）。严重程度 critical / high / medium / low / info。
+- 同一发现可能需**各记一次**（事实记可复现攻击链，漏洞记正式 findings）。误报用 **`deprecate_project_fact`** 或漏洞状态 false_positive。
+- 事实多时用 **`list_project_facts`** / **`search_project_facts`** 检索。
+
+### 事实写入规范（审计复现 / 知识沉淀）
+
+- **summary**：索引用一行，须含「什么 + 在哪 + 如何触发/验证」要点，禁止只写结论（如仅写「存在 SQLi」）。
+- **body**：完整可复现上下文，写入 `upsert_project_fact` 的 body 字段；索引不含 body，后续会话须靠 `get_project_fact` 取回。
+- **category / fact_key 建议**：
+  - 环境认知：`target/`、`auth/`、`infra/`、`business/`（body 用环境模板即可）
+  - 发现与利用：`finding/`、`chain/`、`exploit/`、`poc/`（**必须**用攻击链模板填满 body：入口、逐步攻击链、原始请求/响应或命令、证据、关联漏洞 ID）
+- **与漏洞记录分工**：`record_vulnerability` 记可交付 findings；事实记**复现所需的全部上下文**（含失败尝试、绕过、依赖会话），二者可各记一次。
+- 更新同一发现时保持相同 `fact_key` 覆盖写入，勿散落多个 key 导致上下文丢失。
+
+严重程度：critical / high / medium / low / info。证明须含足够证据（请求响应、截图、命令输出等）。
 
 ## 表达
 

agents/orchestrator.md

@@ -127,7 +127,29 @@ description: 多代理模式下的 Deep 编排者：在已授权安全场景中
 ## 工具与 MCP
 
 - **工具调用失败时**：1) 仔细分析错误信息，理解失败的具体原因；2) 如果工具不存在或未启用，尝试使用其他替代工具完成相同目标；3) 如果参数错误，根据错误提示修正参数后重试；4) 如果工具执行失败但输出了有用信息，可以基于这些信息继续分析；5) 如果确实无法使用某个工具，向用户说明问题，并建议替代方案或手动操作；6) 不要因为单个工具失败就停止整个测试流程，尝试其他方法继续完成任务。工具返回的错误信息会包含在工具响应中，请仔细阅读并做出合理决策。
-- **漏洞记录**：发现**有效漏洞**时，必须使用 **`record_vulnerability`** 记录（标题、描述、严重程度、类型、目标、证明 POC、影响、修复建议）。严重程度使用 critical / high / medium / low / info。记录后可在授权范围内继续测试。
+## 项目黑板（事实）与漏洞记录（分离）
+
+当前对话若已绑定项目，系统会自动注入「项目黑板索引」（仅 `fact_key` + 摘要）。**摘要不足时必须调用 `get_project_fact(fact_key)` 获取 body，禁止凭摘要臆造细节。**
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。委派/子任务返回新认知或漏洞时，由协调者及时写入，勿假定子代理已记。
+
+- **环境/目标/认证等认知**（非正式漏洞）：使用 **`upsert_project_fact`**，`fact_key` 建议 `category/slug`（如 `target/primary_domain`），同 key 覆盖更新；body 记端口/版本/凭据特征与证据来源。
+- **发现与利用上下文**（审计复现）：`fact_key` 建议 `finding/`、`chain/`、`exploit/`、`poc/` 前缀；**body 必填**完整攻击链（入口 → 步骤 → 原始请求/响应或命令 → 现象 → 关联 `related_vulnerability_id`），**禁止仅写结论**；summary 写「什么 + 在哪 + 如何验证」一行要点。
+- **可交付漏洞**：使用 **`record_vulnerability`**（标题、描述、严重程度、类型、目标、证明 POC、影响、修复建议）。严重程度 critical / high / medium / low / info。
+- 同一发现可能需**各记一次**（事实记可复现攻击链，漏洞记正式 findings）。误报用 **`deprecate_project_fact`** 或漏洞状态 false_positive。
+- 事实多时用 **`list_project_facts`** / **`search_project_facts`** 检索。
+
+### 事实写入规范（审计复现 / 知识沉淀）
+
+- **summary**：索引用一行，须含「什么 + 在哪 + 如何触发/验证」要点，禁止只写结论（如仅写「存在 SQLi」）。
+- **body**：完整可复现上下文，写入 `upsert_project_fact` 的 body 字段；索引不含 body，后续会话须靠 `get_project_fact` 取回。
+- **category / fact_key 建议**：
+  - 环境认知：`target/`、`auth/`、`infra/`、`business/`（body 用环境模板即可）
+  - 发现与利用：`finding/`、`chain/`、`exploit/`、`poc/`（**必须**用攻击链模板填满 body：入口、逐步攻击链、原始请求/响应或命令、证据、关联漏洞 ID）
+- **与漏洞记录分工**：`record_vulnerability` 记可交付 findings；事实记**复现所需的全部上下文**（含失败尝试、绕过、依赖会话），二者可各记一次。
+- 更新同一发现时保持相同 `fact_key` 覆盖写入，勿散落多个 key 导致上下文丢失。
+
+严重程度：critical / high / medium / low / info。证明须含足够证据（请求响应、截图、命令输出等）。
 - **编排进度（待办）**：当你的任务包含 3 个或以上步骤，或你准备委派多个子目标并行/串行推进时，优先使用 `write_todos` 来向用户展示“当前在做什么/接下来做什么”。维护约束：同一时刻最多一个条目处于 `in_progress`；完成后立刻标记 `completed`；遇到阻塞就保留为 `in_progress` 并继续推进。
 - **强触发建议（提升多 agent 使用率）**：如果你将要进行任何“证据收集/枚举/扫描/验证/复现/整理报告”这类实质执行动作，且不只是单步查询，请优先在第一个工具调用前就用 `write_todos` 建立计划；随后用 `task` 委派至少一个子代理获取结构化证据，而不是自己把全部步骤做完。
 - **技能库（Skills）与知识库**：技能包位于服务器 `skills/` 目录（各子目录 `SKILL.md`，遵循 agentskills.io）；知识库用于向量检索片段，Skills 为可执行工作流指令。多代理本会话通过内置 **`skill`** 工具渐进加载；子代理同样挂载 skill + 可选本机文件工具时，可在委派说明中提示按需加载。若当前无 skill 工具，需要完整 Skill 工作流时请使用多代理模式或切换为 Eino 编排会话。

agents/penetration.md

@@ -31,5 +31,9 @@ max_iterations: 0
 - 禁止自行猜测目标、替换为历史目标或擅自发起全量探索。
 
 - 以证据为中心：请求/响应、Payload、命令输出、截图说明等，便于审计与复现。
-- 先确认边界与禁止项（如拒绝 DoS、数据破坏）；发现有效漏洞时按协调者要求使用 `record_vulnerability` 等流程（若你的工具集中包含）。
+- 先确认边界与禁止项（如拒绝 DoS、数据破坏）。
 - 输出包含：攻击路径摘要、关键步骤、影响评估、修复与缓解建议；语言简洁，便于主代理汇总。
+
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。

agents/persistence-maintenance.md

@@ -51,4 +51,8 @@ max_iterations: 0
 - 列出需要清理/验证的痕迹类型（配置、会话、日志、服务变更等层级描述即可）
 
 4) Recommended Next Steps（下一步建议）
-- 建议由哪个阶段子代理接手，以及需要哪些证据输入。 
+- 建议由哪个阶段子代理接手，以及需要哪些证据输入。
+
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。

agents/privilege-escalation.md

@@ -53,4 +53,8 @@ max_iterations: 0
 4) Recommended Next Agent（下一步建议）
 - 明确建议由哪个子代理接手（例如 `lateral-movement` / `persistence-maintenance` / `impact-exfiltration` / `reporting-remediation`）
 
-输出后直接结束。 
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。
+
+输出后直接结束。

agents/recon.md

@@ -34,3 +34,7 @@ max_iterations: 0
 
 - 若 **`description` / 用户消息 / 上文交接包** 中已给出资产列表、枚举结论或明确写「跳过全量枚举 / 仅做增量 / 从端口扫描或验证开始」，则**不得**为走完整流程而重新执行等价的广域子域爆破或相同参数集的枚举；仅在交接包声明的**缺口**上补充侦察。
 - 若子目标实为**漏洞验证、协议利用、权限提升**等而非攻击面扩展，应**极短说明**「当前角色为侦察；建议协调者改派专项代理」并仅提供与侦察相关的最小补充信息，避免擅自把任务扩写成新一轮全盘资产收集。
+
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。

agents/reporting-remediation.md

@@ -55,4 +55,8 @@ max_iterations: 0
 5) Appendix（附录）
 - 术语、假设、证据清单索引（按证据类型列出即可）
 
-输出后直接结束。 
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。
+
+输出后直接结束。

agents/vulnerability-triage.md

@@ -57,4 +57,8 @@ max_iterations: 0
 4) Uncertainties & Missing Evidence（不确定性与缺口）
 - 列出最关键的缺口（尽量少，但要关键）
 
-输出后直接结束。 
+## 边渗透边记录
+
+- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。
+
+输出后直接结束。

config.yaml

@@ -10,7 +10,7 @@
 # ============================================
 
 # 前端显示的版本号（可选，不填则显示默认版本）
-version: "v1.6.22"
+version: "v1.6.28"
 # 服务器配置
 server:
   host: 0.0.0.0 # 监听地址，0.0.0.0 表示监听所有网络接口
@@ -77,7 +77,7 @@ fofa:
 # Agent 配置
 # 达到最大迭代次数时，AI 会自动总结测试结果
 agent:
-  max_iterations: 1200 # 最大迭代次数，AI 代理最多执行多少轮工具调用
+  max_iterations: 12000 # 最大迭代次数，AI 代理最多执行多少轮工具调用
   large_result_threshold: 102400 # 大结果阈值（字节），默认50KB，超过此大小会自动保存到存储
   result_storage_dir: tmp # 结果存储目录，大结果会保存在此目录下
   tool_timeout_minutes: 60 # 单次工具执行最大时长（分钟），超时自动终止；0 表示不限制（不推荐，易出现长时间挂起）
@@ -116,7 +116,7 @@ multi_agent:
     tool_search_enable: true # true：工具数 ≥ min 时启用 tool_search，仅前 N 个工具常驻，其余按正则按需解锁，省 token、减误选；false：全量工具进上下文
     tool_search_min_tools: 20 # 达到该数量才启用 tool_search（避免工具很少时多此一举）；与 always_visible 配合使用
     tool_search_always_visible: 12 # 始终直接暴露给模型的工具个数（顺序与角色工具列表一致）；其余工具进入动态池，需 tool_search 解锁
-    tool_search_always_visible_tools: [read_file, glob, grep, write_file, edit_file, execute, task, transfer_to_agent, exit, write_todos, skill, tool_search, TaskCreate, TaskGet, TaskUpdate, TaskList, record_vulnerability, list_knowledge_risk_types, search_knowledge_base, webshell_exec, webshell_file_list, webshell_file_read, webshell_file_write, manage_webshell_list, manage_webshell_add, manage_webshell_update, manage_webshell_delete, manage_webshell_test, batch_task_list, batch_task_get, batch_task_start, batch_task_rerun, batch_task_pause, batch_task_update_metadata, batch_task_update_schedule, batch_task_schedule_enabled, batch_task_update_task, batch_task_remove_task, batch_task_delete, batch_task_create, batch_task_add_task, http-framework-test] # 后端内置常驻工具白名单（优先于 always_visible 数量策略）
+    tool_search_always_visible_tools: [read_file, glob, grep, write_file, edit_file, execute, task, transfer_to_agent, exit, write_todos, skill, tool_search, TaskCreate, TaskGet, TaskUpdate, TaskList, record_vulnerability, list_vulnerabilities, get_vulnerability, list_knowledge_risk_types, search_knowledge_base, webshell_exec, webshell_file_list, webshell_file_read, webshell_file_write, manage_webshell_list, manage_webshell_add, manage_webshell_update, manage_webshell_delete, manage_webshell_test, batch_task_list, batch_task_get, batch_task_start, batch_task_rerun, batch_task_pause, batch_task_update_metadata, batch_task_update_schedule, batch_task_schedule_enabled, batch_task_update_task, batch_task_remove_task, batch_task_delete, batch_task_create, batch_task_add_task, http-framework-test] # 后端内置常驻工具白名单（优先于 always_visible 数量策略）
     plantask_enable: false # true：主代理（Deep / Supervisor 主）挂载 TaskCreate/Get/Update/List；需 eino_skills 可用且 skills_dir 存在，否则仅打日志并跳过
     plantask_rel_dir: .eino/plantask # 结构化任务文件相对 skills_dir 的子目录，其下再按会话 ID 分子目录存放
     reduction_enable: true # true：大工具输出截断/落盘以控上下文；依赖与 plantask 相同的 eino local 写盘后端，无后端时不挂载
@@ -292,3 +292,14 @@ agents_dir: agents
 # 系统会从该目录加载所有 .yaml 格式的角色配置文件
 # 每个角色应创建独立的配置文件，例如：roles/CTF.yaml, roles/默认.yaml 等
 roles_dir: roles # 角色配置文件目录（相对于配置文件所在目录）
+
+# ============================================
+# 项目管理与事实黑板
+# ============================================
+project:
+  enabled: true
+  # default_project_id: "" # 可选：机器人/批量任务创建对话时的默认项目 ID
+  fact_index_max_runes: 3500
+  fact_summary_max_runes: 240
+  default_inject_deprecated: false
+  

internal/agent/agent.go

@@ -17,6 +17,7 @@ import (
 	"cyberstrike-ai/internal/config"
 	"cyberstrike-ai/internal/mcp"
 	"cyberstrike-ai/internal/mcp/builtin"
+	"cyberstrike-ai/internal/project"
 	"cyberstrike-ai/internal/openai"
 	"cyberstrike-ai/internal/security"
 	"cyberstrike-ai/internal/storage"
@@ -365,12 +366,12 @@ type ProgressCallback func(eventType, message string, data interface{})
 
 // AgentLoop 执行Agent循环
 func (a *Agent) AgentLoop(ctx context.Context, userInput string, historyMessages []ChatMessage) (*AgentLoopResult, error) {
-	return a.AgentLoopWithProgress(ctx, userInput, historyMessages, "", nil, nil)
+	return a.AgentLoopWithProgress(ctx, userInput, historyMessages, "", nil, nil, "")
 }
 
 // AgentLoopWithConversationID 执行Agent循环（带对话ID）
 func (a *Agent) AgentLoopWithConversationID(ctx context.Context, userInput string, historyMessages []ChatMessage, conversationID string) (*AgentLoopResult, error) {
-	return a.AgentLoopWithProgress(ctx, userInput, historyMessages, conversationID, nil, nil)
+	return a.AgentLoopWithProgress(ctx, userInput, historyMessages, conversationID, nil, nil, "")
 }
 
 // EinoSingleAgentSystemInstruction 供 Eino adk.ChatModelAgent.Instruction 使用，与 AgentLoopWithProgress 首条 system 对齐（含 system_prompt_path）。
@@ -396,7 +397,7 @@ func (a *Agent) EinoSingleAgentSystemInstruction() string {
 }
 
 // AgentLoopWithProgress 执行Agent循环（带进度回调和对话ID）
-func (a *Agent) AgentLoopWithProgress(ctx context.Context, userInput string, historyMessages []ChatMessage, conversationID string, callback ProgressCallback, roleTools []string) (*AgentLoopResult, error) {
+func (a *Agent) AgentLoopWithProgress(ctx context.Context, userInput string, historyMessages []ChatMessage, conversationID string, callback ProgressCallback, roleTools []string, systemPromptExtra string) (*AgentLoopResult, error) {
 	ctx = withAgentConversationID(ctx, conversationID)
 	// 设置当前对话ID（兼容未走 context 的旧路径；并发会话应以 context 为准）
 	a.mu.Lock()
@@ -426,6 +427,7 @@ func (a *Agent) AgentLoopWithProgress(ctx context.Context, userInput string, his
 			}
 		}
 	}
+	systemPrompt = project.AppendSystemPromptBlock(systemPrompt, systemPromptExtra)
 
 	messages := []ChatMessage{
 		{

internal/agent/default_single_system_prompt.go

@@ -1,6 +1,8 @@
 package agent
 
-import "cyberstrike-ai/internal/mcp/builtin"
+import (
+	"cyberstrike-ai/internal/project"
+)
 
 // DefaultSingleAgentSystemPrompt 单代理（ReAct / MCP）内置系统提示；可通过 agent.system_prompt_path 覆盖为文件。
 func DefaultSingleAgentSystemPrompt() string {
@@ -105,11 +107,7 @@ func DefaultSingleAgentSystemPrompt() string {
 - 若最近一步得到 404/空结果/无效响应，不得直接结束；至少再进行一次“同目标不同策略”的验证（如变更路径、参数、请求方法、上下文来源）。
 - 避免无效空转：同一工具+同类参数连续失败 3 次后，必须切换策略（改工具、改入口、改假设）并说明切换原因。
 
-## 漏洞记录
-
-发现有效漏洞时，必须使用 ` + builtin.ToolRecordVulnerability + ` 记录：标题、描述、严重程度、类型、目标、证明（POC）、影响、修复建议。
-
-严重程度：critical / high / medium / low / info。证明须含足够证据（请求响应、截图、命令输出等）。记录后可在授权范围内继续测试。
+` + project.FactRecordingBlackboardSection(false) + `
 
 ## 技能库（Skills）与知识库
 

internal/app/app.go

@@ -111,7 +111,8 @@ func New(cfg *config.Config, log *logger.Logger, configPath string) (*App, error
 	executor.RegisterTools(mcpServer)
 
 	// 注册漏洞记录工具
-	registerVulnerabilityTool(mcpServer, db, log.Logger)
+	registerVulnerabilityTools(mcpServer, db, log.Logger)
+	registerProjectFactTools(mcpServer, db, cfg, log.Logger)
 
 	if cfg.Auth.GeneratedPassword != "" {
 		config.PrintGeneratedPasswordWarning(cfg.Auth.GeneratedPassword, cfg.Auth.GeneratedPasswordPersisted, cfg.Auth.GeneratedPasswordPersistErr)
@@ -346,6 +347,7 @@ func New(cfg *config.Config, log *logger.Logger, configPath string) (*App, error
 	authHandler.SetAudit(auditSvc)
 	attackChainHandler := handler.NewAttackChainHandler(db, &cfg.OpenAI, log.Logger)
 	vulnerabilityHandler := handler.NewVulnerabilityHandler(db, log.Logger)
+	projectHandler := handler.NewProjectHandler(db, log.Logger)
 	vulnerabilityHandler.SetAudit(auditSvc)
 	webshellHandler := handler.NewWebShellHandler(log.Logger, db)
 	webshellHandler.SetAudit(auditSvc)
@@ -414,7 +416,8 @@ func New(cfg *config.Config, log *logger.Logger, configPath string) (*App, error
 
 	// 设置漏洞工具注册器（内置工具，必须设置）
 	vulnerabilityRegistrar := func() error {
-		registerVulnerabilityTool(mcpServer, db, log.Logger)
+		registerVulnerabilityTools(mcpServer, db, log.Logger)
+		registerProjectFactTools(mcpServer, db, cfg, log.Logger)
 		return nil
 	}
 	configHandler.SetVulnerabilityToolRegistrar(vulnerabilityRegistrar)
@@ -502,6 +505,7 @@ func New(cfg *config.Config, log *logger.Logger, configPath string) (*App, error
 		attackChainHandler,
 		app, // 传递 App 实例以便动态获取 knowledgeHandler
 		vulnerabilityHandler,
+		projectHandler,
 		webshellHandler,
 		chatUploadsHandler,
 		roleHandler,
@@ -747,6 +751,7 @@ func setupRoutes(
 	attackChainHandler *handler.AttackChainHandler,
 	app *App, // 传递 App 实例以便动态获取 knowledgeHandler
 	vulnerabilityHandler *handler.VulnerabilityHandler,
+	projectHandler *handler.ProjectHandler,
 	webshellHandler *handler.WebShellHandler,
 	chatUploadsHandler *handler.ChatUploadsHandler,
 	roleHandler *handler.RoleHandler,
@@ -851,6 +856,7 @@ func setupRoutes(
 		protected.GET("/conversations/:id", conversationHandler.GetConversation)
 		protected.GET("/messages/:id/process-details", conversationHandler.GetMessageProcessDetails)
 		protected.PUT("/conversations/:id", conversationHandler.UpdateConversation)
+		protected.PUT("/conversations/:id/project", conversationHandler.SetConversationProject)
 		protected.DELETE("/conversations/:id", conversationHandler.DeleteConversation)
 		protected.POST("/conversations/:id/delete-turn", conversationHandler.DeleteConversationTurn)
 		protected.PUT("/conversations/:id/pinned", groupHandler.UpdateConversationPinned)
@@ -1067,6 +1073,23 @@ func setupRoutes(
 		protected.PUT("/vulnerabilities/:id", vulnerabilityHandler.UpdateVulnerability)
 		protected.DELETE("/vulnerabilities/:id", vulnerabilityHandler.DeleteVulnerability)
 
+		// 项目管理与事实黑板
+		protected.GET("/projects", projectHandler.ListProjects)
+		protected.POST("/projects", projectHandler.CreateProject)
+		protected.GET("/projects/:id/stats", projectHandler.GetProjectStats)
+		protected.GET("/projects/:id/conversations", projectHandler.ListProjectConversations)
+		protected.GET("/projects/:id", projectHandler.GetProject)
+		protected.PUT("/projects/:id", projectHandler.UpdateProject)
+		protected.DELETE("/projects/:id", projectHandler.DeleteProject)
+		protected.GET("/projects/:id/facts", projectHandler.ListFacts)
+		protected.GET("/projects/:id/facts/:factId/previous-version", projectHandler.GetFactPreviousVersion)
+		protected.GET("/projects/:id/facts/:factId/versions", projectHandler.ListFactVersions)
+		protected.POST("/projects/:id/facts", projectHandler.CreateFact)
+		protected.PUT("/projects/:id/facts/:factId", projectHandler.UpdateFact)
+		protected.DELETE("/projects/:id/facts/:factId", projectHandler.DeleteFact)
+		protected.POST("/projects/:id/facts/deprecate", projectHandler.DeprecateFact)
+		protected.POST("/projects/:id/facts/restore", projectHandler.RestoreFact)
+
 		// WebShell 管理（代理执行 + 连接配置存 SQLite）
 		protected.GET("/webshell/connections", webshellHandler.ListConnections)
 		protected.POST("/webshell/connections", webshellHandler.CreateConnection)
@@ -1187,195 +1210,6 @@ func setupRoutes(
 	})
 }
 
-// registerVulnerabilityTool 注册漏洞记录工具到MCP服务器
-func registerVulnerabilityTool(mcpServer *mcp.Server, db *database.DB, logger *zap.Logger) {
-	tool := mcp.Tool{
-		Name:             builtin.ToolRecordVulnerability,
-		Description:      "记录发现的漏洞详情到漏洞管理系统。当发现有效漏洞时，使用此工具记录漏洞信息，包括标题、描述、严重程度、类型、目标、证明、影响和建议等。",
-		ShortDescription: "记录发现的漏洞详情到漏洞管理系统",
-		InputSchema: map[string]interface{}{
-			"type": "object",
-			"properties": map[string]interface{}{
-				"title": map[string]interface{}{
-					"type":        "string",
-					"description": "漏洞标题（必需）",
-				},
-				"description": map[string]interface{}{
-					"type":        "string",
-					"description": "漏洞详细描述",
-				},
-				"severity": map[string]interface{}{
-					"type":        "string",
-					"description": "漏洞严重程度：critical（严重）、high（高）、medium（中）、low（低）、info（信息）",
-					"enum":        []string{"critical", "high", "medium", "low", "info"},
-				},
-				"vulnerability_type": map[string]interface{}{
-					"type":        "string",
-					"description": "漏洞类型，如：SQL注入、XSS、CSRF、命令注入等",
-				},
-				"target": map[string]interface{}{
-					"type":        "string",
-					"description": "受影响的目标（URL、IP地址、服务等）",
-				},
-				"proof": map[string]interface{}{
-					"type":        "string",
-					"description": "漏洞证明（POC、截图、请求/响应等）",
-				},
-				"impact": map[string]interface{}{
-					"type":        "string",
-					"description": "漏洞影响说明",
-				},
-				"recommendation": map[string]interface{}{
-					"type":        "string",
-					"description": "修复建议",
-				},
-			},
-			"required": []string{"title", "severity"},
-		},
-	}
-
-	handler := func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
-		// 从参数中获取conversation_id（由Agent自动添加）
-		conversationID, _ := args["conversation_id"].(string)
-		if conversationID == "" {
-			return &mcp.ToolResult{
-				Content: []mcp.Content{
-					{
-						Type: "text",
-						Text: "错误: conversation_id 未设置。这是系统错误，请重试。",
-					},
-				},
-				IsError: true,
-			}, nil
-		}
-
-		title, ok := args["title"].(string)
-		if !ok || title == "" {
-			return &mcp.ToolResult{
-				Content: []mcp.Content{
-					{
-						Type: "text",
-						Text: "错误: title 参数必需且不能为空",
-					},
-				},
-				IsError: true,
-			}, nil
-		}
-
-		severity, ok := args["severity"].(string)
-		if !ok || severity == "" {
-			return &mcp.ToolResult{
-				Content: []mcp.Content{
-					{
-						Type: "text",
-						Text: "错误: severity 参数必需且不能为空",
-					},
-				},
-				IsError: true,
-			}, nil
-		}
-
-		// 验证严重程度
-		validSeverities := map[string]bool{
-			"critical": true,
-			"high":     true,
-			"medium":   true,
-			"low":      true,
-			"info":     true,
-		}
-		if !validSeverities[severity] {
-			return &mcp.ToolResult{
-				Content: []mcp.Content{
-					{
-						Type: "text",
-						Text: fmt.Sprintf("错误: severity 必须是 critical、high、medium、low 或 info 之一，当前值: %s", severity),
-					},
-				},
-				IsError: true,
-			}, nil
-		}
-
-		// 获取可选参数
-		description := ""
-		if d, ok := args["description"].(string); ok {
-			description = d
-		}
-
-		vulnType := ""
-		if t, ok := args["vulnerability_type"].(string); ok {
-			vulnType = t
-		}
-
-		target := ""
-		if t, ok := args["target"].(string); ok {
-			target = t
-		}
-
-		proof := ""
-		if p, ok := args["proof"].(string); ok {
-			proof = p
-		}
-
-		impact := ""
-		if i, ok := args["impact"].(string); ok {
-			impact = i
-		}
-
-		recommendation := ""
-		if r, ok := args["recommendation"].(string); ok {
-			recommendation = r
-		}
-
-		// 创建漏洞记录
-		vuln := &database.Vulnerability{
-			ConversationID: conversationID,
-			Title:          title,
-			Description:    description,
-			Severity:       severity,
-			Status:         "open",
-			Type:           vulnType,
-			Target:         target,
-			Proof:          proof,
-			Impact:         impact,
-			Recommendation: recommendation,
-		}
-
-		created, err := db.CreateVulnerability(vuln)
-		if err != nil {
-			logger.Error("记录漏洞失败", zap.Error(err))
-			return &mcp.ToolResult{
-				Content: []mcp.Content{
-					{
-						Type: "text",
-						Text: fmt.Sprintf("记录漏洞失败: %v", err),
-					},
-				},
-				IsError: true,
-			}, nil
-		}
-
-		logger.Info("漏洞记录成功",
-			zap.String("id", created.ID),
-			zap.String("title", created.Title),
-			zap.String("severity", created.Severity),
-			zap.String("conversation_id", conversationID),
-		)
-
-		return &mcp.ToolResult{
-			Content: []mcp.Content{
-				{
-					Type: "text",
-					Text: fmt.Sprintf("漏洞已成功记录！\n\n漏洞ID: %s\n标题: %s\n严重程度: %s\n状态: %s\n\n你可以在漏洞管理页面查看和管理此漏洞。", created.ID, created.Title, created.Severity, created.Status),
-				},
-			},
-			IsError: false,
-		}, nil
-	}
-
-	mcpServer.RegisterTool(tool, handler)
-	logger.Info("漏洞记录工具注册成功")
-}
-
 // registerWebshellTools 注册 WebShell 相关 MCP 工具，供 AI 助手在指定连接上执行命令与文件操作
 func registerWebshellTools(mcpServer *mcp.Server, db *database.DB, webshellHandler *handler.WebShellHandler, logger *zap.Logger) {
 	if db == nil || webshellHandler == nil {

internal/app/project_fact_tools.go

@@ -0,0 +1,336 @@
+package app
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	"cyberstrike-ai/internal/agent"
+	"cyberstrike-ai/internal/config"
+	"cyberstrike-ai/internal/database"
+	"cyberstrike-ai/internal/mcp"
+	"cyberstrike-ai/internal/mcp/builtin"
+	"cyberstrike-ai/internal/project"
+
+	"go.uber.org/zap"
+)
+
+func projectIDFromConversation(db *database.DB, ctx context.Context) (string, error) {
+	convID := agent.ConversationIDFromContext(ctx)
+	if convID == "" {
+		return "", fmt.Errorf("无法确定当前对话，请在对话上下文中使用项目事实工具")
+	}
+	pid, err := db.GetConversationProjectID(convID)
+	if err != nil {
+		return "", err
+	}
+	if strings.TrimSpace(pid) == "" {
+		return "", fmt.Errorf("当前对话未绑定项目，请先在对话中选择项目或创建带项目的对话")
+	}
+	return pid, nil
+}
+
+func textResult(msg string, isErr bool) *mcp.ToolResult {
+	return &mcp.ToolResult{
+		Content: []mcp.Content{{Type: "text", Text: msg}},
+		IsError: isErr,
+	}
+}
+
+// registerProjectFactTools 注册项目黑板 MCP 工具。
+func registerProjectFactTools(mcpServer *mcp.Server, db *database.DB, cfg *config.Config, logger *zap.Logger) {
+	if db == nil || cfg == nil || !cfg.Project.Enabled {
+		if logger != nil {
+			logger.Info("项目黑板工具未注册（未启用）")
+		}
+		return
+	}
+
+	upsertTool := mcp.Tool{
+		Name: builtin.ToolUpsertProjectFact,
+		Description: "写入或更新项目黑板事实，用于跨会话沉淀可复现上下文（非正式漏洞条目；可交付漏洞另用 record_vulnerability）。" +
+			"边渗透边记录：每确认新认知（端口/入口/凭据/可利用点）后立即调用，同 fact_key 覆盖更新，勿等会话结束。" +
+			"禁止仅写结论：summary 须含什么+在哪+如何验证；body 须含攻击链/请求响应/命令等复现细节。" +
+			"发现类建议 fact_key 为 finding|chain|exploit|poc/<slug>，category 对应 finding|chain|exploit|poc，body 按攻击链模板填写。" +
+			"环境类用 target|auth|infra|business/<slug>。同 fact_key 覆盖更新。需当前对话已绑定项目。",
+		ShortDescription: "写入/更新项目事实（含攻击链 body）",
+		InputSchema: map[string]interface{}{
+			"type": "object",
+			"properties": map[string]interface{}{
+				"fact_key": map[string]interface{}{
+					"type":        "string",
+					"description": "项目内唯一 key：target/primary_domain、finding/sqli-login、exploit/upload-rce 等",
+				},
+				"category": map[string]interface{}{
+					"type":        "string",
+					"description": "target | auth | infra | business | finding | chain | exploit | poc | note",
+					"enum":        []string{"target", "auth", "infra", "business", "finding", "chain", "exploit", "poc", "note"},
+				},
+				"summary": map[string]interface{}{
+					"type":        "string",
+					"description": "索引用一行：结论 + 位置 + 触发/验证要点（勿仅写「存在 XSS」等空话）",
+				},
+				"body": map[string]interface{}{
+					"type": "string",
+					"description": "完整可复现详情（仅 get_project_fact 返回）：须含攻击链步骤、原始 HTTP/命令、响应现象、证据与关联。" +
+						"发现/利用类首次写入必填；环境类建议含来源证据。攻击链类可参考模板章节：结论、目标与入口、攻击链、Exploit/POC、关键证据、关联、备注。" +
+						"更新已有 fact_key 时若省略或留空 body，将保留库中已有 body（可只改 summary）。",
+				},
+				"confidence": map[string]interface{}{
+					"type":        "string",
+					"description": "confirmed | tentative | deprecated",
+					"enum":        []string{"confirmed", "tentative", "deprecated"},
+				},
+				"pinned": map[string]interface{}{
+					"type":        "boolean",
+					"description": "是否优先出现在黑板索引",
+				},
+				"related_vulnerability_id": map[string]interface{}{
+					"type":        "string",
+					"description": "可选：关联的漏洞记录 ID",
+				},
+			},
+			"required": []string{"fact_key", "summary"},
+		},
+	}
+
+	mcpServer.RegisterTool(upsertTool, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
+		projectID, err := projectIDFromConversation(db, ctx)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		factKey, _ := args["fact_key"].(string)
+		summary, _ := args["summary"].(string)
+		if strings.TrimSpace(factKey) == "" || strings.TrimSpace(summary) == "" {
+			return textResult("错误: fact_key 与 summary 必填", true), nil
+		}
+		if len([]rune(summary)) > cfg.Project.FactSummaryMaxRunesEffective() {
+			return textResult(fmt.Sprintf("错误: summary 过长（最多 %d 字）", cfg.Project.FactSummaryMaxRunesEffective()), true), nil
+		}
+		f := &database.ProjectFact{
+			ProjectID:              projectID,
+			FactKey:                factKey,
+			Category:               strArg(args, "category"),
+			Summary:                summary,
+			Body:                   strArg(args, "body"),
+			Confidence:             strArg(args, "confidence"),
+			Pinned:                 boolArg(args, "pinned"),
+			RelatedVulnerabilityID: strArg(args, "related_vulnerability_id"),
+		}
+		if convID := agent.ConversationIDFromContext(ctx); convID != "" {
+			f.SourceConversationID = convID
+		}
+		created, err := db.UpsertProjectFact(f)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		msg := fmt.Sprintf("事实已保存。\nfact_key: %s\nid: %s\nconfidence: %s", created.FactKey, created.ID, created.Confidence)
+		if warn := project.SparseBodyWarningIfNeeded(f.Category, f.FactKey, f.Body); warn != "" {
+			msg += warn
+		}
+		return textResult(msg, false), nil
+	})
+
+	getTool := mcp.Tool{
+		Name:             builtin.ToolGetProjectFact,
+		Description:      "按 fact_key 获取项目事实完整 body 与元数据。摘要不足时必须调用本工具，禁止臆造细节。",
+		ShortDescription: "按 key 获取事实详情",
+		InputSchema: map[string]interface{}{
+			"type": "object",
+			"properties": map[string]interface{}{
+				"fact_key": map[string]interface{}{"type": "string", "description": "事实 key"},
+			},
+			"required": []string{"fact_key"},
+		},
+	}
+	mcpServer.RegisterTool(getTool, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
+		projectID, err := projectIDFromConversation(db, ctx)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		key := strings.TrimSpace(strArg(args, "fact_key"))
+		if key == "" {
+			return textResult("错误: fact_key 必填", true), nil
+		}
+		f, err := db.GetProjectFactByKey(projectID, key)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		msg := fmt.Sprintf("fact_key: %s\ncategory: %s\nconfidence: %s\nsummary: %s\nupdated_at: %s",
+			f.FactKey, f.Category, f.Confidence, f.Summary, f.UpdatedAt.Format("2006-01-02 15:04:05"))
+		if f.RelatedVulnerabilityID != "" {
+			msg += fmt.Sprintf("\nrelated_vulnerability_id: %s", f.RelatedVulnerabilityID)
+		}
+		if f.SourceConversationID != "" {
+			msg += fmt.Sprintf("\nsource_conversation_id: %s", f.SourceConversationID)
+		}
+		msg += "\n\n--- body ---\n" + f.Body
+		if warn := project.SparseBodyWarningIfNeeded(f.Category, f.FactKey, f.Body); warn != "" {
+			msg += warn
+		}
+		return textResult(msg, false), nil
+	})
+
+	listTool := mcp.Tool{
+		Name:             builtin.ToolListProjectFacts,
+		Description:      "列出当前项目的事实（分页）。",
+		ShortDescription: "列出项目事实",
+		InputSchema: map[string]interface{}{
+			"type": "object",
+			"properties": map[string]interface{}{
+				"category":   map[string]interface{}{"type": "string"},
+				"confidence": map[string]interface{}{"type": "string"},
+				"limit":      map[string]interface{}{"type": "integer"},
+				"offset":     map[string]interface{}{"type": "integer"},
+			},
+		},
+	}
+	mcpServer.RegisterTool(listTool, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
+		projectID, err := projectIDFromConversation(db, ctx)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		limit := intArg(args, "limit", 50)
+		offset := intArg(args, "offset", 0)
+		filter := database.ProjectFactListFilter{
+			Category:   strArg(args, "category"),
+			Confidence: strArg(args, "confidence"),
+		}
+		list, err := db.ListProjectFacts(projectID, filter, limit, offset)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		var b strings.Builder
+		b.WriteString(fmt.Sprintf("共 %d 条（limit=%d offset=%d）:\n", len(list), limit, offset))
+		for _, f := range list {
+			b.WriteString(fmt.Sprintf("- [%s] %s — %s (%s)\n", f.FactKey, f.Category, f.Summary, f.Confidence))
+		}
+		return textResult(b.String(), false), nil
+	})
+
+	searchTool := mcp.Tool{
+		Name:             builtin.ToolSearchProjectFacts,
+		Description:      "按关键词搜索项目事实（summary/body/fact_key）。",
+		ShortDescription: "搜索项目事实",
+		InputSchema: map[string]interface{}{
+			"type": "object",
+			"properties": map[string]interface{}{
+				"query":  map[string]interface{}{"type": "string"},
+				"limit":  map[string]interface{}{"type": "integer"},
+				"offset": map[string]interface{}{"type": "integer"},
+			},
+			"required": []string{"query"},
+		},
+	}
+	mcpServer.RegisterTool(searchTool, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
+		projectID, err := projectIDFromConversation(db, ctx)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		q := strings.TrimSpace(strArg(args, "query"))
+		if q == "" {
+			return textResult("错误: query 必填", true), nil
+		}
+		list, err := db.ListProjectFacts(projectID, database.ProjectFactListFilter{Search: q}, intArg(args, "limit", 30), intArg(args, "offset", 0))
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		var b strings.Builder
+		b.WriteString(fmt.Sprintf("搜索 \"%s\" 命中 %d 条:\n", q, len(list)))
+		for _, f := range list {
+			b.WriteString(fmt.Sprintf("- [%s] %s — %s\n", f.FactKey, f.Category, f.Summary))
+		}
+		return textResult(b.String(), false), nil
+	})
+
+	deprecateTool := mcp.Tool{
+		Name:             builtin.ToolDeprecateProjectFact,
+		Description:      "将事实标记为 deprecated，从黑板索引中排除。",
+		ShortDescription: "废弃项目事实",
+		InputSchema: map[string]interface{}{
+			"type": "object",
+			"properties": map[string]interface{}{
+				"fact_key": map[string]interface{}{"type": "string"},
+			},
+			"required": []string{"fact_key"},
+		},
+	}
+	mcpServer.RegisterTool(deprecateTool, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
+		projectID, err := projectIDFromConversation(db, ctx)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		key := strings.TrimSpace(strArg(args, "fact_key"))
+		if err := db.DeprecateProjectFact(projectID, key); err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		return textResult("事实已标记为 deprecated: "+key, false), nil
+	})
+
+	restoreTool := mcp.Tool{
+		Name:             builtin.ToolRestoreProjectFact,
+		Description:      "将已废弃（deprecated）的事实恢复为 tentative 或 confirmed，重新参与黑板索引。",
+		ShortDescription: "恢复已废弃的项目事实",
+		InputSchema: map[string]interface{}{
+			"type": "object",
+			"properties": map[string]interface{}{
+				"fact_key": map[string]interface{}{"type": "string"},
+				"confidence": map[string]interface{}{
+					"type":        "string",
+					"description": "恢复后的置信度：tentative（默认）或 confirmed",
+					"enum":        []string{"tentative", "confirmed"},
+				},
+			},
+			"required": []string{"fact_key"},
+		},
+	}
+	mcpServer.RegisterTool(restoreTool, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
+		projectID, err := projectIDFromConversation(db, ctx)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		key := strings.TrimSpace(strArg(args, "fact_key"))
+		if key == "" {
+			return textResult("错误: fact_key 必填", true), nil
+		}
+		conf := strArg(args, "confidence")
+		if err := db.RestoreProjectFact(projectID, key, conf); err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+		if conf == "" {
+			conf = "tentative"
+		}
+		return textResult(fmt.Sprintf("事实已恢复为 %s: %s", conf, key), false), nil
+	})
+
+	if logger != nil {
+		logger.Info("项目黑板 MCP 工具注册成功")
+	}
+}
+
+func strArg(args map[string]interface{}, key string) string {
+	if v, ok := args[key].(string); ok {
+		return v
+	}
+	return ""
+}
+
+func boolArg(args map[string]interface{}, key string) bool {
+	if v, ok := args[key].(bool); ok {
+		return v
+	}
+	return false
+}
+
+func intArg(args map[string]interface{}, key string, def int) int {
+	switch v := args[key].(type) {
+	case float64:
+		return int(v)
+	case int:
+		return v
+	case int64:
+		return int(v)
+	default:
+		return def
+	}
+}

internal/app/vulnerability_tools.go

@@ -0,0 +1,405 @@
+package app
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	"cyberstrike-ai/internal/agent"
+	"cyberstrike-ai/internal/database"
+	"cyberstrike-ai/internal/mcp"
+	"cyberstrike-ai/internal/mcp/builtin"
+
+	"go.uber.org/zap"
+)
+
+func conversationIDFromToolCtx(ctx context.Context) string {
+	if id := agent.ConversationIDFromContext(ctx); id != "" {
+		return id
+	}
+	return mcp.MCPConversationIDFromContext(ctx)
+}
+
+// canAccessVulnerability 校验当前对话是否有权查看该漏洞（默认项目隔离，未绑项目则仅本会话）。
+func canAccessVulnerability(vuln *database.Vulnerability, convID, projectID string) bool {
+	if vuln == nil || convID == "" {
+		return false
+	}
+	if projectID != "" {
+		if strings.TrimSpace(vuln.ProjectID) == projectID {
+			return true
+		}
+		// 历史记录：写入时尚未绑定 project_id，但属于同一会话
+		if strings.TrimSpace(vuln.ProjectID) == "" && vuln.ConversationID == convID {
+			return true
+		}
+		return false
+	}
+	return vuln.ConversationID == convID
+}
+
+func buildVulnerabilityListFilter(db *database.DB, ctx context.Context, args map[string]interface{}) (database.VulnerabilityListFilter, string, error) {
+	convID := conversationIDFromToolCtx(ctx)
+	if convID == "" {
+		return database.VulnerabilityListFilter{}, "", fmt.Errorf("无法确定当前对话，请在对话上下文中使用漏洞查询工具")
+	}
+
+	projectID := ""
+	if pid, err := db.GetConversationProjectID(convID); err == nil {
+		projectID = strings.TrimSpace(pid)
+	}
+
+	scope := strings.TrimSpace(strArg(args, "scope"))
+	if scope == "" {
+		if projectID != "" {
+			scope = "project"
+		} else {
+			scope = "conversation"
+		}
+	}
+
+	filter := database.VulnerabilityListFilter{
+		Severity: strings.TrimSpace(strArg(args, "severity")),
+		Status:   strings.TrimSpace(strArg(args, "status")),
+	}
+	if q := strings.TrimSpace(strArg(args, "q")); q != "" {
+		filter.Search = q
+	} else {
+		filter.Search = strings.TrimSpace(strArg(args, "search"))
+	}
+
+	var scopeLabel string
+	switch scope {
+	case "project":
+		if projectID == "" {
+			return filter, "", fmt.Errorf("当前对话未绑定项目，无法按项目列出漏洞；请使用 scope=conversation，或先在对话中绑定项目")
+		}
+		filter.ProjectID = projectID
+		scopeLabel = fmt.Sprintf("项目 %s", projectID)
+	case "conversation":
+		filter.ConversationID = convID
+		scopeLabel = fmt.Sprintf("会话 %s", convID)
+	default:
+		return filter, "", fmt.Errorf("scope 仅支持 project 或 conversation，当前值: %s", scope)
+	}
+	return filter, scopeLabel, nil
+}
+
+func formatVulnerabilityListItem(v *database.Vulnerability) string {
+	line := fmt.Sprintf("- id=%s | %s | %s | %s", v.ID, v.Severity, v.Status, v.Title)
+	if v.Type != "" {
+		line += fmt.Sprintf(" | type=%s", v.Type)
+	}
+	if v.Target != "" {
+		line += fmt.Sprintf(" | target=%s", truncateRunes(v.Target, 80))
+	}
+	return line
+}
+
+func formatVulnerabilityDetail(v *database.Vulnerability) string {
+	var b strings.Builder
+	b.WriteString(fmt.Sprintf("漏洞ID: %s\n", v.ID))
+	b.WriteString(fmt.Sprintf("标题: %s\n", v.Title))
+	b.WriteString(fmt.Sprintf("严重程度: %s\n", v.Severity))
+	b.WriteString(fmt.Sprintf("状态: %s\n", v.Status))
+	if v.Type != "" {
+		b.WriteString(fmt.Sprintf("类型: %s\n", v.Type))
+	}
+	if v.Target != "" {
+		b.WriteString(fmt.Sprintf("目标: %s\n", v.Target))
+	}
+	if v.ProjectID != "" {
+		b.WriteString(fmt.Sprintf("项目ID: %s\n", v.ProjectID))
+	}
+	b.WriteString(fmt.Sprintf("会话ID: %s\n", v.ConversationID))
+	if !v.CreatedAt.IsZero() {
+		b.WriteString(fmt.Sprintf("创建时间: %s\n", v.CreatedAt.Format("2006-01-02 15:04:05")))
+	}
+	if v.Description != "" {
+		b.WriteString("\n--- 描述 ---\n")
+		b.WriteString(v.Description)
+		b.WriteString("\n")
+	}
+	if v.Proof != "" {
+		b.WriteString("\n--- 证明（POC） ---\n")
+		b.WriteString(v.Proof)
+		b.WriteString("\n")
+	}
+	if v.Impact != "" {
+		b.WriteString("\n--- 影响 ---\n")
+		b.WriteString(v.Impact)
+		b.WriteString("\n")
+	}
+	if v.Recommendation != "" {
+		b.WriteString("\n--- 修复建议 ---\n")
+		b.WriteString(v.Recommendation)
+		b.WriteString("\n")
+	}
+	return b.String()
+}
+
+func truncateRunes(s string, max int) string {
+	r := []rune(s)
+	if len(r) <= max {
+		return s
+	}
+	return string(r[:max]) + "…"
+}
+
+// registerVulnerabilityTools 注册漏洞记录与查询 MCP 工具。
+func registerVulnerabilityTools(mcpServer *mcp.Server, db *database.DB, logger *zap.Logger) {
+	registerRecordVulnerabilityTool(mcpServer, db, logger)
+	registerListVulnerabilitiesTool(mcpServer, db, logger)
+	registerGetVulnerabilityTool(mcpServer, db, logger)
+	if logger != nil {
+		logger.Info("漏洞 MCP 工具注册成功", zap.Strings("tools", []string{
+			builtin.ToolRecordVulnerability,
+			builtin.ToolListVulnerabilities,
+			builtin.ToolGetVulnerability,
+		}))
+	}
+}
+
+func registerRecordVulnerabilityTool(mcpServer *mcp.Server, db *database.DB, logger *zap.Logger) {
+	tool := mcp.Tool{
+		Name:             builtin.ToolRecordVulnerability,
+		Description:      "记录发现的漏洞详情到漏洞管理系统。边渗透边记录：每验证出一条可复现漏洞（含 POC/影响）后立即调用，勿等会话结束。包括标题、描述、严重程度、类型、目标、证明、影响和建议等。记录前可先 list_vulnerabilities 避免重复。",
+		ShortDescription: "记录发现的漏洞详情到漏洞管理系统",
+		InputSchema: map[string]interface{}{
+			"type": "object",
+			"properties": map[string]interface{}{
+				"title": map[string]interface{}{
+					"type":        "string",
+					"description": "漏洞标题（必需）",
+				},
+				"description": map[string]interface{}{
+					"type":        "string",
+					"description": "漏洞详细描述",
+				},
+				"severity": map[string]interface{}{
+					"type":        "string",
+					"description": "漏洞严重程度：critical（严重）、high（高）、medium（中）、low（低）、info（信息）",
+					"enum":        []string{"critical", "high", "medium", "low", "info"},
+				},
+				"vulnerability_type": map[string]interface{}{
+					"type":        "string",
+					"description": "漏洞类型，如：SQL注入、XSS、CSRF、命令注入等",
+				},
+				"target": map[string]interface{}{
+					"type":        "string",
+					"description": "受影响的目标（URL、IP地址、服务等）",
+				},
+				"proof": map[string]interface{}{
+					"type":        "string",
+					"description": "漏洞证明（POC、截图、请求/响应等）",
+				},
+				"impact": map[string]interface{}{
+					"type":        "string",
+					"description": "漏洞影响说明",
+				},
+				"recommendation": map[string]interface{}{
+					"type":        "string",
+					"description": "修复建议",
+				},
+			},
+			"required": []string{"title", "severity"},
+		},
+	}
+
+	mcpServer.RegisterTool(tool, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
+		conversationID := strings.TrimSpace(strArg(args, "conversation_id"))
+		if conversationID == "" {
+			conversationID = conversationIDFromToolCtx(ctx)
+		}
+		if conversationID == "" {
+			return textResult("错误: conversation_id 未设置。这是系统错误，请重试。", true), nil
+		}
+
+		title := strings.TrimSpace(strArg(args, "title"))
+		if title == "" {
+			return textResult("错误: title 参数必需且不能为空", true), nil
+		}
+
+		severity := strings.TrimSpace(strArg(args, "severity"))
+		if severity == "" {
+			return textResult("错误: severity 参数必需且不能为空", true), nil
+		}
+
+		validSeverities := map[string]bool{
+			"critical": true, "high": true, "medium": true, "low": true, "info": true,
+		}
+		if !validSeverities[severity] {
+			return textResult(fmt.Sprintf("错误: severity 必须是 critical、high、medium、low 或 info 之一，当前值: %s", severity), true), nil
+		}
+
+		projectID := ""
+		if pid, perr := db.GetConversationProjectID(conversationID); perr == nil {
+			projectID = strings.TrimSpace(pid)
+		}
+
+		vuln := &database.Vulnerability{
+			ConversationID: conversationID,
+			ProjectID:      projectID,
+			Title:          title,
+			Description:    strArg(args, "description"),
+			Severity:       severity,
+			Status:         "open",
+			Type:           strArg(args, "vulnerability_type"),
+			Target:         strArg(args, "target"),
+			Proof:          strArg(args, "proof"),
+			Impact:         strArg(args, "impact"),
+			Recommendation: strArg(args, "recommendation"),
+		}
+
+		created, err := db.CreateVulnerability(vuln)
+		if err != nil {
+			if logger != nil {
+				logger.Error("记录漏洞失败", zap.Error(err))
+			}
+			return textResult(fmt.Sprintf("记录漏洞失败: %v", err), true), nil
+		}
+
+		if logger != nil {
+			logger.Info("漏洞记录成功",
+				zap.String("id", created.ID),
+				zap.String("title", created.Title),
+				zap.String("severity", created.Severity),
+				zap.String("conversation_id", conversationID),
+			)
+		}
+
+		return textResult(fmt.Sprintf("漏洞已成功记录！\n\n漏洞ID: %s\n标题: %s\n严重程度: %s\n状态: %s\n\n可使用 get_vulnerability(id) 查看详情，或 list_vulnerabilities 查看列表。",
+			created.ID, created.Title, created.Severity, created.Status), false), nil
+	})
+}
+
+func registerListVulnerabilitiesTool(mcpServer *mcp.Server, db *database.DB, logger *zap.Logger) {
+	tool := mcp.Tool{
+		Name: builtin.ToolListVulnerabilities,
+		Description: "列出当前授权范围内的漏洞（摘要）。默认：对话已绑定项目时列出该项目下全部漏洞；未绑项目时仅列出当前会话漏洞。可用 scope=conversation 仅看本会话。记录新漏洞前建议先调用以避免重复。",
+		ShortDescription: "列出漏洞（默认当前项目）",
+		InputSchema: map[string]interface{}{
+			"type": "object",
+			"properties": map[string]interface{}{
+				"scope": map[string]interface{}{
+					"type":        "string",
+					"description": "范围：project（默认，需绑定项目）| conversation（仅当前会话）",
+					"enum":        []string{"project", "conversation"},
+				},
+				"severity": map[string]interface{}{
+					"type":        "string",
+					"description": "按严重程度筛选：critical、high、medium、low、info",
+					"enum":        []string{"critical", "high", "medium", "low", "info"},
+				},
+				"status": map[string]interface{}{
+					"type":        "string",
+					"description": "按状态筛选：open、confirmed、fixed、false_positive",
+					"enum":        []string{"open", "confirmed", "fixed", "false_positive"},
+				},
+				"q": map[string]interface{}{
+					"type":        "string",
+					"description": "关键词搜索（标题、描述、类型、目标等）",
+				},
+				"limit": map[string]interface{}{
+					"type":        "integer",
+					"description": "返回条数上限，默认 30，最大 100",
+				},
+				"offset": map[string]interface{}{
+					"type":        "integer",
+					"description": "分页偏移，默认 0",
+				},
+			},
+		},
+	}
+
+	mcpServer.RegisterTool(tool, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
+		filter, scopeLabel, err := buildVulnerabilityListFilter(db, ctx, args)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+
+		limit := intArg(args, "limit", 30)
+		if limit <= 0 || limit > 100 {
+			limit = 30
+		}
+		offset := intArg(args, "offset", 0)
+		if offset < 0 {
+			offset = 0
+		}
+
+		total, err := db.CountVulnerabilities(filter)
+		if err != nil {
+			if logger != nil {
+				logger.Warn("统计漏洞失败", zap.Error(err))
+			}
+			total = 0
+		}
+
+		list, err := db.ListVulnerabilities(limit, offset, filter)
+		if err != nil {
+			return textResult("错误: "+err.Error(), true), nil
+		}
+
+		var b strings.Builder
+		b.WriteString(fmt.Sprintf("范围: %s\n总计: %d | 本页: %d 条 (limit=%d offset=%d)\n\n", scopeLabel, total, len(list), limit, offset))
+		if len(list) == 0 {
+			b.WriteString("（暂无漏洞记录）\n")
+		} else {
+			for _, v := range list {
+				b.WriteString(formatVulnerabilityListItem(v))
+				b.WriteString("\n")
+			}
+			if total > offset+len(list) {
+				b.WriteString(fmt.Sprintf("\n（还有更多，可增大 offset 或使用 q/severity/status 筛选）\n"))
+			}
+		}
+		b.WriteString("\n需要 POC 与完整字段请对具体 id 调用 get_vulnerability。")
+		return textResult(b.String(), false), nil
+	})
+}
+
+func registerGetVulnerabilityTool(mcpServer *mcp.Server, db *database.DB, logger *zap.Logger) {
+	tool := mcp.Tool{
+		Name:             builtin.ToolGetVulnerability,
+		Description:      "按漏洞 ID 获取完整详情（含 POC、影响、修复建议）。仅能访问当前项目或当前会话下的漏洞（与 list_vulnerabilities 授权范围一致）。",
+		ShortDescription: "按 ID 获取漏洞详情",
+		InputSchema: map[string]interface{}{
+			"type": "object",
+			"properties": map[string]interface{}{
+				"id": map[string]interface{}{
+					"type":        "string",
+					"description": "漏洞 ID（list_vulnerabilities 返回的 id）",
+				},
+			},
+			"required": []string{"id"},
+		},
+	}
+
+	mcpServer.RegisterTool(tool, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
+		convID := conversationIDFromToolCtx(ctx)
+		if convID == "" {
+			return textResult("错误: 无法确定当前对话，请在对话上下文中使用本工具", true), nil
+		}
+
+		id := strings.TrimSpace(strArg(args, "id"))
+		if id == "" {
+			return textResult("错误: id 必填", true), nil
+		}
+
+		vuln, err := db.GetVulnerability(id)
+		if err != nil {
+			return textResult("错误: 漏洞不存在或查询失败", true), nil
+		}
+
+		projectID := ""
+		if pid, perr := db.GetConversationProjectID(convID); perr == nil {
+			projectID = strings.TrimSpace(pid)
+		}
+
+		if !canAccessVulnerability(vuln, convID, projectID) {
+			return textResult("错误: 无权访问该漏洞（仅可查看当前项目或当前会话下的记录）", true), nil
+		}
+
+		return textResult(formatVulnerabilityDetail(vuln), false), nil
+	})
+}

internal/config/config.go

@@ -36,6 +36,32 @@ type Config struct {
 	SkillsDir   string                `yaml:"skills_dir,omitempty" json:"skills_dir,omitempty"` // Skills配置文件目录
 	AgentsDir   string                `yaml:"agents_dir,omitempty" json:"agents_dir,omitempty"` // 多代理子 Agent Markdown 定义目录（*.md，YAML front matter）
 	MultiAgent  MultiAgentConfig      `yaml:"multi_agent,omitempty" json:"multi_agent,omitempty"`
+	Project     ProjectConfig         `yaml:"project,omitempty" json:"project,omitempty"`
+}
+
+// ProjectConfig 项目黑板（跨对话共享事实）配置。
+type ProjectConfig struct {
+	Enabled                 bool   `yaml:"enabled" json:"enabled"`
+	DefaultProjectID        string `yaml:"default_project_id,omitempty" json:"default_project_id,omitempty"` // 机器人/批量等无显式项目时绑定的默认项目
+	FactIndexMaxRunes       int    `yaml:"fact_index_max_runes,omitempty" json:"fact_index_max_runes,omitempty"`
+	FactSummaryMaxRunes     int    `yaml:"fact_summary_max_runes,omitempty" json:"fact_summary_max_runes,omitempty"`
+	DefaultInjectDeprecated bool   `yaml:"default_inject_deprecated,omitempty" json:"default_inject_deprecated,omitempty"`
+}
+
+// FactIndexMaxRunesEffective 自动注入黑板索引的最大 rune 数。
+func (c ProjectConfig) FactIndexMaxRunesEffective() int {
+	if c.FactIndexMaxRunes <= 0 {
+		return 3500
+	}
+	return c.FactIndexMaxRunes
+}
+
+// FactSummaryMaxRunesEffective upsert 时 summary 最大 rune 数（索引一行，宜含验证要点）。
+func (c ProjectConfig) FactSummaryMaxRunesEffective() int {
+	if c.FactSummaryMaxRunes <= 0 {
+		return 200
+	}
+	return c.FactSummaryMaxRunes
 }
 
 // MultiAgentConfig 基于 CloudWeGo Eino adk/prebuilt 的多代理编排（deep | plan_execute | supervisor，与单 Agent /agent-loop 并存）。

internal/database/batch_task.go

@@ -22,6 +22,7 @@ type BatchTaskQueueRow struct {
 	LastScheduleTriggerAt sql.NullTime
 	LastScheduleError     sql.NullString
 	LastRunError          sql.NullString
+	ProjectID             sql.NullString
 	Status                string
 	CreatedAt             time.Time
 	StartedAt             sql.NullTime
@@ -51,6 +52,7 @@ func (db *DB) CreateBatchQueue(
 	scheduleMode string,
 	cronExpr string,
 	nextRunAt *time.Time,
+	projectID string,
 	tasks []map[string]interface{},
 ) error {
 	tx, err := db.Begin()
@@ -65,9 +67,13 @@ func (db *DB) CreateBatchQueue(
 		nextRunAtValue = *nextRunAt
 	}
 
+	var projectIDVal interface{}
+	if strings.TrimSpace(projectID) != "" {
+		projectIDVal = strings.TrimSpace(projectID)
+	}
 	_, err = tx.Exec(
-		"INSERT INTO batch_task_queues (id, title, role, agent_mode, schedule_mode, cron_expr, next_run_at, schedule_enabled, status, created_at, current_index) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
-		queueID, title, role, agentMode, scheduleMode, cronExpr, nextRunAtValue, 1, "pending", now, 0,
+		"INSERT INTO batch_task_queues (id, title, role, agent_mode, schedule_mode, cron_expr, next_run_at, schedule_enabled, project_id, status, created_at, current_index) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
+		queueID, title, role, agentMode, scheduleMode, cronExpr, nextRunAtValue, 1, projectIDVal, "pending", now, 0,
 	)
 	if err != nil {
 		return fmt.Errorf("创建批量任务队列失败: %w", err)
@@ -101,9 +107,9 @@ func (db *DB) GetBatchQueue(queueID string) (*BatchTaskQueueRow, error) {
 	var row BatchTaskQueueRow
 	var createdAt string
 	err := db.QueryRow(
-		"SELECT id, title, role, agent_mode, schedule_mode, cron_expr, next_run_at, schedule_enabled, last_schedule_trigger_at, last_schedule_error, last_run_error, status, created_at, started_at, completed_at, current_index FROM batch_task_queues WHERE id = ?",
+		"SELECT id, title, role, agent_mode, schedule_mode, cron_expr, next_run_at, schedule_enabled, last_schedule_trigger_at, last_schedule_error, last_run_error, project_id, status, created_at, started_at, completed_at, current_index FROM batch_task_queues WHERE id = ?",
 		queueID,
-	).Scan(&row.ID, &row.Title, &row.Role, &row.AgentMode, &row.ScheduleMode, &row.CronExpr, &row.NextRunAt, &row.ScheduleEnabled, &row.LastScheduleTriggerAt, &row.LastScheduleError, &row.LastRunError, &row.Status, &createdAt, &row.StartedAt, &row.CompletedAt, &row.CurrentIndex)
+	).Scan(&row.ID, &row.Title, &row.Role, &row.AgentMode, &row.ScheduleMode, &row.CronExpr, &row.NextRunAt, &row.ScheduleEnabled, &row.LastScheduleTriggerAt, &row.LastScheduleError, &row.LastRunError, &row.ProjectID, &row.Status, &createdAt, &row.StartedAt, &row.CompletedAt, &row.CurrentIndex)
 	if err == sql.ErrNoRows {
 		return nil, nil
 	}
@@ -127,7 +133,7 @@ func (db *DB) GetBatchQueue(queueID string) (*BatchTaskQueueRow, error) {
 // GetAllBatchQueues 获取所有批量任务队列
 func (db *DB) GetAllBatchQueues() ([]*BatchTaskQueueRow, error) {
 	rows, err := db.Query(
-		"SELECT id, title, role, agent_mode, schedule_mode, cron_expr, next_run_at, schedule_enabled, last_schedule_trigger_at, last_schedule_error, last_run_error, status, created_at, started_at, completed_at, current_index FROM batch_task_queues ORDER BY created_at DESC",
+		"SELECT id, title, role, agent_mode, schedule_mode, cron_expr, next_run_at, schedule_enabled, last_schedule_trigger_at, last_schedule_error, last_run_error, project_id, status, created_at, started_at, completed_at, current_index FROM batch_task_queues ORDER BY created_at DESC",
 	)
 	if err != nil {
 		return nil, fmt.Errorf("查询批量任务队列列表失败: %w", err)
@@ -138,7 +144,7 @@ func (db *DB) GetAllBatchQueues() ([]*BatchTaskQueueRow, error) {
 	for rows.Next() {
 		var row BatchTaskQueueRow
 		var createdAt string
-		if err := rows.Scan(&row.ID, &row.Title, &row.Role, &row.AgentMode, &row.ScheduleMode, &row.CronExpr, &row.NextRunAt, &row.ScheduleEnabled, &row.LastScheduleTriggerAt, &row.LastScheduleError, &row.LastRunError, &row.Status, &createdAt, &row.StartedAt, &row.CompletedAt, &row.CurrentIndex); err != nil {
+		if err := rows.Scan(&row.ID, &row.Title, &row.Role, &row.AgentMode, &row.ScheduleMode, &row.CronExpr, &row.NextRunAt, &row.ScheduleEnabled, &row.LastScheduleTriggerAt, &row.LastScheduleError, &row.LastRunError, &row.ProjectID, &row.Status, &createdAt, &row.StartedAt, &row.CompletedAt, &row.CurrentIndex); err != nil {
 			return nil, fmt.Errorf("扫描批量任务队列失败: %w", err)
 		}
 		parsedTime, parseErr := time.Parse("2006-01-02 15:04:05", createdAt)
@@ -158,7 +164,7 @@ func (db *DB) GetAllBatchQueues() ([]*BatchTaskQueueRow, error) {
 
 // ListBatchQueues 列出批量任务队列（支持筛选和分页）
 func (db *DB) ListBatchQueues(limit, offset int, status, keyword string) ([]*BatchTaskQueueRow, error) {
-	query := "SELECT id, title, role, agent_mode, schedule_mode, cron_expr, next_run_at, schedule_enabled, last_schedule_trigger_at, last_schedule_error, last_run_error, status, created_at, started_at, completed_at, current_index FROM batch_task_queues WHERE 1=1"
+	query := "SELECT id, title, role, agent_mode, schedule_mode, cron_expr, next_run_at, schedule_enabled, last_schedule_trigger_at, last_schedule_error, last_run_error, project_id, status, created_at, started_at, completed_at, current_index FROM batch_task_queues WHERE 1=1"
 	args := []interface{}{}
 
 	// 状态筛选
@@ -186,7 +192,7 @@ func (db *DB) ListBatchQueues(limit, offset int, status, keyword string) ([]*Bat
 	for rows.Next() {
 		var row BatchTaskQueueRow
 		var createdAt string
-		if err := rows.Scan(&row.ID, &row.Title, &row.Role, &row.AgentMode, &row.ScheduleMode, &row.CronExpr, &row.NextRunAt, &row.ScheduleEnabled, &row.LastScheduleTriggerAt, &row.LastScheduleError, &row.LastRunError, &row.Status, &createdAt, &row.StartedAt, &row.CompletedAt, &row.CurrentIndex); err != nil {
+		if err := rows.Scan(&row.ID, &row.Title, &row.Role, &row.AgentMode, &row.ScheduleMode, &row.CronExpr, &row.NextRunAt, &row.ScheduleEnabled, &row.LastScheduleTriggerAt, &row.LastScheduleError, &row.LastRunError, &row.ProjectID, &row.Status, &createdAt, &row.StartedAt, &row.CompletedAt, &row.CurrentIndex); err != nil {
 			return nil, fmt.Errorf("扫描批量任务队列失败: %w", err)
 		}
 		parsedTime, parseErr := time.Parse("2006-01-02 15:04:05", createdAt)

internal/database/conversation.go

@@ -17,6 +17,7 @@ import (
 type Conversation struct {
 	ID        string    `json:"id"`
 	Title     string    `json:"title"`
+	ProjectID string    `json:"projectId,omitempty"`
 	Pinned    bool      `json:"pinned"`
 	CreatedAt time.Time `json:"createdAt"`
 	UpdatedAt time.Time `json:"updatedAt"`
@@ -46,13 +47,32 @@ func (db *DB) CreateConversationWithWebshell(webshellConnectionID, title string,
 	id := uuid.New().String()
 	now := time.Now()
 
+	projectID := strings.TrimSpace(meta.ProjectID)
+	if projectID != "" {
+		if _, err := db.GetProject(projectID); err != nil {
+			return nil, err
+		}
+	}
+
 	var err error
-	if webshellConnectionID != "" {
+	wsID := strings.TrimSpace(webshellConnectionID)
+	switch {
+	case wsID != "" && projectID != "":
+		_, err = db.Exec(
+			"INSERT INTO conversations (id, title, created_at, updated_at, webshell_connection_id, project_id) VALUES (?, ?, ?, ?, ?, ?)",
+			id, title, now, now, wsID, projectID,
+		)
+	case wsID != "":
 		_, err = db.Exec(
 			"INSERT INTO conversations (id, title, created_at, updated_at, webshell_connection_id) VALUES (?, ?, ?, ?, ?)",
-			id, title, now, now, webshellConnectionID,
+			id, title, now, now, wsID,
 		)
-	} else {
+	case projectID != "":
+		_, err = db.Exec(
+			"INSERT INTO conversations (id, title, created_at, updated_at, project_id) VALUES (?, ?, ?, ?, ?)",
+			id, title, now, now, projectID,
+		)
+	default:
 		_, err = db.Exec(
 			"INSERT INTO conversations (id, title, created_at, updated_at) VALUES (?, ?, ?, ?)",
 			id, title, now, now,
@@ -65,11 +85,12 @@ func (db *DB) CreateConversationWithWebshell(webshellConnectionID, title string,
 	conv := &Conversation{
 		ID:        id,
 		Title:     title,
+		ProjectID: projectID,
 		CreatedAt: now,
 		UpdatedAt: now,
 	}
-	if webshellConnectionID != "" {
-		meta.WebShellConnectionID = webshellConnectionID
+	if wsID != "" {
+		meta.WebShellConnectionID = wsID
 	}
 	notifyConversationCreated(conv, meta)
 	return conv, nil
@@ -210,16 +231,20 @@ func (db *DB) GetConversation(id string) (*Conversation, error) {
 	var createdAt, updatedAt string
 	var pinned int
 
+	var projectID sql.NullString
 	err := db.QueryRow(
-		"SELECT id, title, pinned, created_at, updated_at FROM conversations WHERE id = ?",
+		"SELECT id, title, pinned, created_at, updated_at, project_id FROM conversations WHERE id = ?",
 		id,
-	).Scan(&conv.ID, &conv.Title, &pinned, &createdAt, &updatedAt)
+	).Scan(&conv.ID, &conv.Title, &pinned, &createdAt, &updatedAt, &projectID)
 	if err != nil {
 		if err == sql.ErrNoRows {
 			return nil, fmt.Errorf("对话不存在")
 		}
 		return nil, fmt.Errorf("查询对话失败: %w", err)
 	}
+	if projectID.Valid {
+		conv.ProjectID = strings.TrimSpace(projectID.String)
+	}
 
 	// 尝试多种时间格式解析
 	var err1, err2 error
@@ -292,16 +317,20 @@ func (db *DB) GetConversationLite(id string) (*Conversation, error) {
 	var createdAt, updatedAt string
 	var pinned int
 
+	var projectID sql.NullString
 	err := db.QueryRow(
-		"SELECT id, title, pinned, created_at, updated_at FROM conversations WHERE id = ?",
+		"SELECT id, title, pinned, created_at, updated_at, project_id FROM conversations WHERE id = ?",
 		id,
-	).Scan(&conv.ID, &conv.Title, &pinned, &createdAt, &updatedAt)
+	).Scan(&conv.ID, &conv.Title, &pinned, &createdAt, &updatedAt, &projectID)
 	if err != nil {
 		if err == sql.ErrNoRows {
 			return nil, fmt.Errorf("对话不存在")
 		}
 		return nil, fmt.Errorf("查询对话失败: %w", err)
 	}
+	if projectID.Valid {
+		conv.ProjectID = strings.TrimSpace(projectID.String)
+	}
 
 	// 尝试多种时间格式解析
 	var err1, err2 error
@@ -341,7 +370,7 @@ func (db *DB) ListConversations(limit, offset int, search string) ([]*Conversati
 		// 使用 EXISTS 子查询代替 LEFT JOIN + DISTINCT，避免大表笛卡尔积
 		searchPattern := "%" + search + "%"
 		rows, err = db.Query(
-			`SELECT c.id, c.title, COALESCE(c.pinned, 0), c.created_at, c.updated_at
+			`SELECT c.id, c.title, COALESCE(c.pinned, 0), c.created_at, c.updated_at, c.project_id
 			 FROM conversations c
 			 WHERE c.title LIKE ?
 			    OR EXISTS (SELECT 1 FROM messages m WHERE m.conversation_id = c.id AND m.content LIKE ?)
@@ -351,7 +380,7 @@ func (db *DB) ListConversations(limit, offset int, search string) ([]*Conversati
 		)
 	} else {
 		rows, err = db.Query(
-			"SELECT id, title, COALESCE(pinned, 0), created_at, updated_at FROM conversations ORDER BY updated_at DESC LIMIT ? OFFSET ?",
+			"SELECT id, title, COALESCE(pinned, 0), created_at, updated_at, project_id FROM conversations ORDER BY updated_at DESC LIMIT ? OFFSET ?",
 			limit, offset,
 		)
 	}
@@ -366,10 +395,14 @@ func (db *DB) ListConversations(limit, offset int, search string) ([]*Conversati
 		var conv Conversation
 		var createdAt, updatedAt string
 		var pinned int
+		var projectID sql.NullString
 
-		if err := rows.Scan(&conv.ID, &conv.Title, &pinned, &createdAt, &updatedAt); err != nil {
+		if err := rows.Scan(&conv.ID, &conv.Title, &pinned, &createdAt, &updatedAt, &projectID); err != nil {
 			return nil, fmt.Errorf("扫描对话失败: %w", err)
 		}
+		if projectID.Valid {
+			conv.ProjectID = strings.TrimSpace(projectID.String)
+		}
 
 		// 尝试多种时间格式解析
 		var err1, err2 error

internal/database/conversation_create_meta.go

@@ -4,6 +4,7 @@ package database
 type ConversationCreateMeta struct {
 	Source               string
 	WebShellConnectionID string
+	ProjectID            string
 	ClientIP             string
 	SessionHint          string
 }

internal/database/database.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
+	"sync"
 	"strings"
 	"time"
 
@@ -12,19 +13,106 @@ import (
 	"go.uber.org/zap"
 )
 
+const (
+	// SQLite 在 WAL 模式下建议使用较保守的连接数，降低长读快照导致 checkpoint 饥饿的概率。
+	sqliteMaxOpenConns = 25
+	sqliteMaxIdleConns = 5
+	// 以页为单位的自动 checkpoint 触发阈值（默认 1000 页，约 4MB @ 4KB/page）。
+	sqliteWALAutoCheckpointPages = 1000
+	// 控制 WAL 目标上限，避免异常场景持续膨胀（256MB）。
+	sqliteJournalSizeLimitBytes = 256 * 1024 * 1024
+	// 定时执行 PASSIVE checkpoint，平滑推进 WAL 回收。
+	sqlitePassiveCheckpointInterval = 300 * time.Second
+)
+
 // configureDBPool 设置 SQLite 连接池参数，提升并发稳定性
 func configureDBPool(db *sql.DB) {
-	// SQLite 同一时间只允许一个写入者，限制连接数避免 "database is locked" 错误
-	db.SetMaxOpenConns(25)
-	db.SetMaxIdleConns(5)
+	// SQLite 同一时间只允许一个写入者；过高连接数会放大锁竞争和 WAL 回收延迟。
+	db.SetMaxOpenConns(sqliteMaxOpenConns)
+	db.SetMaxIdleConns(sqliteMaxIdleConns)
 	db.SetConnMaxLifetime(30 * time.Minute)
 }
 
+// configureSQLitePragmas 调整 WAL 回收行为，降低 -wal 文件长期膨胀风险。
+func configureSQLitePragmas(db *sql.DB) error {
+	if _, err := db.Exec(fmt.Sprintf("PRAGMA wal_autocheckpoint=%d", sqliteWALAutoCheckpointPages)); err != nil {
+		return fmt.Errorf("设置 wal_autocheckpoint 失败: %w", err)
+	}
+	if _, err := db.Exec(fmt.Sprintf("PRAGMA journal_size_limit=%d", sqliteJournalSizeLimitBytes)); err != nil {
+		return fmt.Errorf("设置 journal_size_limit 失败: %w", err)
+	}
+	return nil
+}
+
 // DB 数据库连接
 type DB struct {
 	*sql.DB
 	logger                   *zap.Logger
 	conversationArtifactsDir string
+	checkpointLoopName       string
+	checkpointStop           chan struct{}
+	checkpointDone           chan struct{}
+	closeOnce                sync.Once
+	closeErr                 error
+}
+
+// startPassiveCheckpointLoop 启动后台 PASSIVE checkpoint 循环。
+func (db *DB) startPassiveCheckpointLoop(name string) {
+	if sqlitePassiveCheckpointInterval <= 0 || db == nil || db.DB == nil {
+		return
+	}
+	db.checkpointLoopName = strings.TrimSpace(name)
+	db.checkpointStop = make(chan struct{})
+	db.checkpointDone = make(chan struct{})
+
+	go func() {
+		defer close(db.checkpointDone)
+		ticker := time.NewTicker(sqlitePassiveCheckpointInterval)
+		defer ticker.Stop()
+
+		// 启动后先尝试一次，尽快回收已有 WAL 堆积。
+		db.runPassiveCheckpoint("startup")
+		for {
+			select {
+			case <-db.checkpointStop:
+				return
+			case <-ticker.C:
+				db.runPassiveCheckpoint("ticker")
+			}
+		}
+	}()
+}
+
+// runPassiveCheckpoint 执行一次 PRAGMA wal_checkpoint(PASSIVE)。
+func (db *DB) runPassiveCheckpoint(trigger string) {
+	if db == nil || db.DB == nil {
+		return
+	}
+	startAt := time.Now()
+	var busy, logFrames, checkpointed int
+	err := db.QueryRow("PRAGMA wal_checkpoint(PASSIVE)").Scan(&busy, &logFrames, &checkpointed)
+	if db.logger == nil {
+		return
+	}
+	fields := []zap.Field{
+		zap.String("db", db.checkpointLoopName),
+		zap.String("trigger", trigger),
+		zap.Int("busy", busy),
+		zap.Int("log_frames", logFrames),
+		zap.Int("checkpointed_frames", checkpointed),
+		zap.Int64("elapsed_ms", time.Since(startAt).Milliseconds()),
+	}
+	if err != nil {
+		db.logger.Warn("SQLite PASSIVE checkpoint 完成（失败）",
+			append(fields, zap.Error(err))...,
+		)
+		return
+	}
+	if busy > 0 {
+		db.logger.Info("SQLite PASSIVE checkpoint 完成（部分推进）", fields...)
+		return
+	}
+	db.logger.Info("SQLite PASSIVE checkpoint 完成（成功）", fields...)
 }
 
 // NewDB 创建数据库连接
@@ -37,8 +125,13 @@ func NewDB(dbPath string, logger *zap.Logger) (*DB, error) {
 	configureDBPool(db)
 
 	if err := db.Ping(); err != nil {
+		_ = db.Close()
 		return nil, fmt.Errorf("连接数据库失败: %w", err)
 	}
+	if err := configureSQLitePragmas(db); err != nil {
+		_ = db.Close()
+		return nil, fmt.Errorf("配置数据库 PRAGMA 失败: %w", err)
+	}
 
 	database := &DB{
 		DB:     db,
@@ -54,8 +147,10 @@ func NewDB(dbPath string, logger *zap.Logger) (*DB, error) {
 
 	// 初始化表
 	if err := database.initTables(); err != nil {
+		_ = db.Close()
 		return nil, fmt.Errorf("初始化表失败: %w", err)
 	}
+	database.startPassiveCheckpointLoop("conversations")
 
 	return database, nil
 }
@@ -213,6 +308,59 @@ func (db *DB) initTables() error {
 		FOREIGN KEY (conversation_id) REFERENCES conversations(id) ON DELETE CASCADE
 	);`
 
+	// 创建项目表
+	createProjectsTable := `
+	CREATE TABLE IF NOT EXISTS projects (
+		id TEXT PRIMARY KEY,
+		name TEXT NOT NULL,
+		description TEXT,
+		scope_json TEXT,
+		status TEXT NOT NULL DEFAULT 'active',
+		pinned INTEGER NOT NULL DEFAULT 0,
+		created_at DATETIME NOT NULL,
+		updated_at DATETIME NOT NULL
+	);`
+
+	// 创建项目事实表（黑板）
+	createProjectFactsTable := `
+	CREATE TABLE IF NOT EXISTS project_facts (
+		id TEXT PRIMARY KEY,
+		project_id TEXT NOT NULL,
+		fact_key TEXT NOT NULL,
+		category TEXT NOT NULL DEFAULT 'note',
+		summary TEXT NOT NULL DEFAULT '',
+		body TEXT,
+		confidence TEXT NOT NULL DEFAULT 'tentative',
+		source_conversation_id TEXT,
+		source_message_id TEXT,
+		pinned INTEGER NOT NULL DEFAULT 0,
+		supersedes_fact_id TEXT,
+		related_vulnerability_id TEXT,
+		created_at DATETIME NOT NULL,
+		updated_at DATETIME NOT NULL,
+		FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE,
+		UNIQUE(project_id, fact_key)
+	);`
+
+	createProjectFactVersionsTable := `
+	CREATE TABLE IF NOT EXISTS project_fact_versions (
+		id TEXT PRIMARY KEY,
+		fact_id TEXT NOT NULL,
+		project_id TEXT NOT NULL,
+		fact_key TEXT NOT NULL,
+		category TEXT NOT NULL DEFAULT 'note',
+		summary TEXT NOT NULL DEFAULT '',
+		body TEXT,
+		confidence TEXT NOT NULL DEFAULT 'tentative',
+		source_conversation_id TEXT,
+		source_message_id TEXT,
+		pinned INTEGER NOT NULL DEFAULT 0,
+		related_vulnerability_id TEXT,
+		archived_at DATETIME NOT NULL,
+		FOREIGN KEY (fact_id) REFERENCES project_facts(id) ON DELETE CASCADE,
+		FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE
+	);`
+
 	// 创建漏洞表
 	createVulnerabilitiesTable := `
 	CREATE TABLE IF NOT EXISTS vulnerabilities (
@@ -445,6 +593,14 @@ func (db *DB) initTables() error {
 	CREATE INDEX IF NOT EXISTS idx_vulnerabilities_severity ON vulnerabilities(severity);
 	CREATE INDEX IF NOT EXISTS idx_vulnerabilities_status ON vulnerabilities(status);
 	CREATE INDEX IF NOT EXISTS idx_vulnerabilities_created_at ON vulnerabilities(created_at);
+	CREATE INDEX IF NOT EXISTS idx_projects_status ON projects(status);
+	CREATE INDEX IF NOT EXISTS idx_projects_updated_at ON projects(updated_at);
+	CREATE INDEX IF NOT EXISTS idx_project_facts_project_id ON project_facts(project_id);
+	CREATE INDEX IF NOT EXISTS idx_project_facts_confidence ON project_facts(confidence);
+	CREATE INDEX IF NOT EXISTS idx_project_facts_related_vuln ON project_facts(related_vulnerability_id);
+	CREATE INDEX IF NOT EXISTS idx_project_fact_versions_fact_id ON project_fact_versions(fact_id);
+	CREATE INDEX IF NOT EXISTS idx_conversations_project_id ON conversations(project_id);
+	CREATE INDEX IF NOT EXISTS idx_vulnerabilities_project_id ON vulnerabilities(project_id);
 	CREATE INDEX IF NOT EXISTS idx_batch_tasks_queue_id ON batch_tasks(queue_id);
 	CREATE INDEX IF NOT EXISTS idx_batch_task_queues_created_at ON batch_task_queues(created_at);
 	CREATE INDEX IF NOT EXISTS idx_batch_task_queues_title ON batch_task_queues(title);
@@ -516,6 +672,18 @@ func (db *DB) initTables() error {
 		return fmt.Errorf("创建robot_user_sessions表失败: %w", err)
 	}
 
+	if _, err := db.Exec(createProjectsTable); err != nil {
+		return fmt.Errorf("创建projects表失败: %w", err)
+	}
+
+	if _, err := db.Exec(createProjectFactsTable); err != nil {
+		return fmt.Errorf("创建project_facts表失败: %w", err)
+	}
+
+	if _, err := db.Exec(createProjectFactVersionsTable); err != nil {
+		return fmt.Errorf("创建project_fact_versions表失败: %w", err)
+	}
+
 	if _, err := db.Exec(createVulnerabilitiesTable); err != nil {
 		return fmt.Errorf("创建vulnerabilities表失败: %w", err)
 	}
@@ -583,6 +751,13 @@ func (db *DB) initTables() error {
 		// 不返回错误，允许继续运行
 	}
 
+	if err := db.migrateProjectsTable(); err != nil {
+		db.logger.Warn("迁移projects相关表失败", zap.Error(err))
+	}
+	if err := db.migrateProjectFactVersionsTable(); err != nil {
+		db.logger.Warn("迁移project_fact_versions表失败", zap.Error(err))
+	}
+
 	if err := db.migrateWebshellConnectionsTable(); err != nil {
 		db.logger.Warn("迁移webshell_connections表失败", zap.Error(err))
 		// 不返回错误，允许继续运行
@@ -930,6 +1105,79 @@ func (db *DB) migrateBatchTaskQueuesTable() error {
 		}
 	}
 
+	var projectIDCount int
+	err = db.QueryRow("SELECT COUNT(*) FROM pragma_table_info('batch_task_queues') WHERE name='project_id'").Scan(&projectIDCount)
+	if err != nil {
+		if _, addErr := db.Exec("ALTER TABLE batch_task_queues ADD COLUMN project_id TEXT"); addErr != nil {
+			errMsg := strings.ToLower(addErr.Error())
+			if !strings.Contains(errMsg, "duplicate column") && !strings.Contains(errMsg, "already exists") {
+				db.logger.Warn("添加batch_task_queues.project_id字段失败", zap.Error(addErr))
+			}
+		}
+	} else if projectIDCount == 0 {
+		if _, err := db.Exec("ALTER TABLE batch_task_queues ADD COLUMN project_id TEXT"); err != nil {
+			db.logger.Warn("添加batch_task_queues.project_id字段失败", zap.Error(err))
+		}
+	}
+
+	return nil
+}
+
+// migrateProjectsTable 迁移 projects / conversations / vulnerabilities 的项目关联字段。
+func (db *DB) migrateProjectsTable() error {
+	for _, col := range []struct {
+		table string
+		name  string
+		stmt  string
+	}{
+		{"conversations", "project_id", "ALTER TABLE conversations ADD COLUMN project_id TEXT REFERENCES projects(id) ON DELETE SET NULL"},
+		{"vulnerabilities", "project_id", "ALTER TABLE vulnerabilities ADD COLUMN project_id TEXT"},
+	} {
+		var count int
+		err := db.QueryRow("SELECT COUNT(*) FROM pragma_table_info(?) WHERE name=?", col.table, col.name).Scan(&count)
+		if err != nil {
+			if _, addErr := db.Exec(col.stmt); addErr != nil {
+				errMsg := strings.ToLower(addErr.Error())
+				if !strings.Contains(errMsg, "duplicate column") && !strings.Contains(errMsg, "already exists") {
+					db.logger.Warn("添加字段失败", zap.String("table", col.table), zap.String("field", col.name), zap.Error(addErr))
+				}
+			}
+			continue
+		}
+		if count == 0 {
+			if _, addErr := db.Exec(col.stmt); addErr != nil {
+				db.logger.Warn("添加字段失败", zap.String("table", col.table), zap.String("field", col.name), zap.Error(addErr))
+			}
+		}
+	}
+	return nil
+}
+
+// migrateProjectFactVersionsTable 为已有库创建事实版本表。
+func (db *DB) migrateProjectFactVersionsTable() error {
+	ddl := `
+	CREATE TABLE IF NOT EXISTS project_fact_versions (
+		id TEXT PRIMARY KEY,
+		fact_id TEXT NOT NULL,
+		project_id TEXT NOT NULL,
+		fact_key TEXT NOT NULL,
+		category TEXT NOT NULL DEFAULT 'note',
+		summary TEXT NOT NULL DEFAULT '',
+		body TEXT,
+		confidence TEXT NOT NULL DEFAULT 'tentative',
+		source_conversation_id TEXT,
+		source_message_id TEXT,
+		pinned INTEGER NOT NULL DEFAULT 0,
+		related_vulnerability_id TEXT,
+		archived_at DATETIME NOT NULL,
+		FOREIGN KEY (fact_id) REFERENCES project_facts(id) ON DELETE CASCADE,
+		FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE
+	);`
+	if _, err := db.Exec(ddl); err != nil {
+		return err
+	}
+	_, _ = db.Exec(`CREATE INDEX IF NOT EXISTS idx_project_fact_versions_fact_id ON project_fact_versions(fact_id)`)
+	_, _ = db.Exec(`CREATE INDEX IF NOT EXISTS idx_project_facts_related_vuln ON project_facts(related_vulnerability_id)`)
 	return nil
 }
 
@@ -941,6 +1189,7 @@ func (db *DB) migrateVulnerabilitiesTable() error {
 	}{
 		{name: "conversation_tag", stmt: "ALTER TABLE vulnerabilities ADD COLUMN conversation_tag TEXT"},
 		{name: "task_tag", stmt: "ALTER TABLE vulnerabilities ADD COLUMN task_tag TEXT"},
+		{name: "project_id", stmt: "ALTER TABLE vulnerabilities ADD COLUMN project_id TEXT"},
 	}
 
 	for _, col := range columns {
@@ -1005,8 +1254,13 @@ func NewKnowledgeDB(dbPath string, logger *zap.Logger) (*DB, error) {
 	configureDBPool(sqlDB)
 
 	if err := sqlDB.Ping(); err != nil {
+		_ = sqlDB.Close()
 		return nil, fmt.Errorf("连接知识库数据库失败: %w", err)
 	}
+	if err := configureSQLitePragmas(sqlDB); err != nil {
+		_ = sqlDB.Close()
+		return nil, fmt.Errorf("配置知识库数据库 PRAGMA 失败: %w", err)
+	}
 
 	database := &DB{
 		DB:     sqlDB,
@@ -1015,8 +1269,10 @@ func NewKnowledgeDB(dbPath string, logger *zap.Logger) (*DB, error) {
 
 	// 初始化知识库表
 	if err := database.initKnowledgeTables(); err != nil {
+		_ = sqlDB.Close()
 		return nil, fmt.Errorf("初始化知识库表失败: %w", err)
 	}
+	database.startPassiveCheckpointLoop("knowledge")
 
 	return database, nil
 }
@@ -1130,5 +1386,19 @@ func (db *DB) migrateKnowledgeEmbeddingsColumns() error {
 
 // Close 关闭数据库连接
 func (db *DB) Close() error {
-	return db.DB.Close()
+	if db == nil {
+		return nil
+	}
+	db.closeOnce.Do(func() {
+		if db.checkpointStop != nil {
+			close(db.checkpointStop)
+			if db.checkpointDone != nil {
+				<-db.checkpointDone
+			}
+		}
+		if db.DB != nil {
+			db.closeErr = db.DB.Close()
+		}
+	})
+	return db.closeErr
 }

internal/database/project.go

@@ -0,0 +1,513 @@
+package database
+
+import (
+	"database/sql"
+	"fmt"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+var factKeyPattern = regexp.MustCompile(`^[a-z0-9][a-z0-9._/-]*$`)
+
+// ValidateFactKey 校验事实 key（项目内唯一标识）。
+func ValidateFactKey(key string) error {
+	key = strings.TrimSpace(key)
+	if key == "" {
+		return fmt.Errorf("fact_key 不能为空")
+	}
+	if len(key) > 128 {
+		return fmt.Errorf("fact_key 过长（最多 128 字符）")
+	}
+	if !factKeyPattern.MatchString(key) {
+		return fmt.Errorf("fact_key 格式无效，仅允许小写字母、数字及 . _ / -，且须以小写字母或数字开头")
+	}
+	return nil
+}
+
+// Project 渗透测试项目（跨对话共享黑板）。
+type Project struct {
+	ID          string    `json:"id"`
+	Name        string    `json:"name"`
+	Description string    `json:"description,omitempty"`
+	ScopeJSON   string    `json:"scope_json,omitempty"`
+	Status      string    `json:"status"` // active | archived
+	Pinned      bool      `json:"pinned"`
+	CreatedAt   time.Time `json:"created_at"`
+	UpdatedAt   time.Time `json:"updated_at"`
+}
+
+// ProjectFact 项目事实（黑板条目）。
+type ProjectFact struct {
+	ID                     string    `json:"id"`
+	ProjectID              string    `json:"project_id"`
+	FactKey                string    `json:"fact_key"`
+	Category               string    `json:"category"`
+	Summary                string    `json:"summary"`
+	Body                   string    `json:"body"`
+	Confidence             string    `json:"confidence"` // confirmed | tentative | deprecated
+	SourceConversationID   string    `json:"source_conversation_id,omitempty"`
+	SourceMessageID        string    `json:"source_message_id,omitempty"`
+	Pinned                 bool      `json:"pinned"`
+	SupersedesFactID       string    `json:"supersedes_fact_id,omitempty"`
+	RelatedVulnerabilityID string    `json:"related_vulnerability_id,omitempty"`
+	CreatedAt              time.Time `json:"created_at"`
+	UpdatedAt              time.Time `json:"updated_at"`
+}
+
+// ProjectFactListFilter 事实列表筛选。
+type ProjectFactListFilter struct {
+	Category                string
+	Confidence              string
+	Search                  string
+	RelatedVulnerabilityID  string
+	ExcludeDeprecated       bool // 为 true 时排除 confidence=deprecated
+}
+
+// CreateProject 创建项目。
+func (db *DB) CreateProject(p *Project) (*Project, error) {
+	if p.ID == "" {
+		p.ID = uuid.New().String()
+	}
+	if strings.TrimSpace(p.Status) == "" {
+		p.Status = "active"
+	}
+	now := time.Now()
+	if p.CreatedAt.IsZero() {
+		p.CreatedAt = now
+	}
+	p.UpdatedAt = now
+
+	_, err := db.Exec(
+		`INSERT INTO projects (id, name, description, scope_json, status, pinned, created_at, updated_at)
+		 VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
+		p.ID, p.Name, p.Description, p.ScopeJSON, p.Status, boolToInt(p.Pinned), p.CreatedAt, p.UpdatedAt,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("创建项目失败: %w", err)
+	}
+	return p, nil
+}
+
+// GetProject 获取项目。
+func (db *DB) GetProject(id string) (*Project, error) {
+	var p Project
+	var pinned int
+	var createdAt, updatedAt string
+	err := db.QueryRow(
+		`SELECT id, name, COALESCE(description,''), COALESCE(scope_json,''), status, pinned, created_at, updated_at
+		 FROM projects WHERE id = ?`, id,
+	).Scan(&p.ID, &p.Name, &p.Description, &p.ScopeJSON, &p.Status, &pinned, &createdAt, &updatedAt)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, fmt.Errorf("项目不存在")
+		}
+		return nil, fmt.Errorf("获取项目失败: %w", err)
+	}
+	p.Pinned = pinned != 0
+	p.CreatedAt = parseDBTime(createdAt)
+	p.UpdatedAt = parseDBTime(updatedAt)
+	return &p, nil
+}
+
+// ListProjects 列出项目。
+func (db *DB) ListProjects(status string, limit, offset int) ([]*Project, error) {
+	if limit <= 0 {
+		limit = 200
+	}
+	query := `SELECT id, name, COALESCE(description,''), COALESCE(scope_json,''), status, pinned, created_at, updated_at
+		FROM projects WHERE 1=1`
+	args := []interface{}{}
+	if s := strings.TrimSpace(status); s != "" {
+		query += " AND status = ?"
+		args = append(args, s)
+	}
+	query += " ORDER BY pinned DESC, updated_at DESC LIMIT ? OFFSET ?"
+	args = append(args, limit, offset)
+
+	rows, err := db.Query(query, args...)
+	if err != nil {
+		return nil, fmt.Errorf("列出项目失败: %w", err)
+	}
+	defer rows.Close()
+
+	var out []*Project
+	for rows.Next() {
+		var p Project
+		var pinned int
+		var createdAt, updatedAt string
+		if err := rows.Scan(&p.ID, &p.Name, &p.Description, &p.ScopeJSON, &p.Status, &pinned, &createdAt, &updatedAt); err != nil {
+			return nil, err
+		}
+		p.Pinned = pinned != 0
+		p.CreatedAt = parseDBTime(createdAt)
+		p.UpdatedAt = parseDBTime(updatedAt)
+		out = append(out, &p)
+	}
+	return out, rows.Err()
+}
+
+// UpdateProject 更新项目。
+func (db *DB) UpdateProject(p *Project) error {
+	p.UpdatedAt = time.Now()
+	_, err := db.Exec(
+		`UPDATE projects SET name = ?, description = ?, scope_json = ?, status = ?, pinned = ?, updated_at = ? WHERE id = ?`,
+		p.Name, p.Description, p.ScopeJSON, p.Status, boolToInt(p.Pinned), p.UpdatedAt, p.ID,
+	)
+	if err != nil {
+		return fmt.Errorf("更新项目失败: %w", err)
+	}
+	return nil
+}
+
+// DeleteProject 删除项目（级联删除事实；对话 project_id 置空由 FK 处理；漏洞 project_id 置空）。
+func (db *DB) DeleteProject(id string) error {
+	if _, err := db.Exec(`UPDATE vulnerabilities SET project_id = NULL WHERE project_id = ?`, id); err != nil {
+		return fmt.Errorf("解除漏洞项目关联失败: %w", err)
+	}
+	_, err := db.Exec(`DELETE FROM projects WHERE id = ?`, id)
+	if err != nil {
+		return fmt.Errorf("删除项目失败: %w", err)
+	}
+	return nil
+}
+
+// GetConversationProjectID 返回对话绑定的项目 ID。
+func (db *DB) GetConversationProjectID(conversationID string) (string, error) {
+	var pid sql.NullString
+	err := db.QueryRow(`SELECT project_id FROM conversations WHERE id = ?`, conversationID).Scan(&pid)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return "", fmt.Errorf("对话不存在")
+		}
+		return "", err
+	}
+	if pid.Valid {
+		return strings.TrimSpace(pid.String), nil
+	}
+	return "", nil
+}
+
+// SetConversationProjectID 设置对话所属项目（空字符串表示解除绑定）。
+func (db *DB) SetConversationProjectID(conversationID, projectID string) error {
+	projectID = strings.TrimSpace(projectID)
+	if projectID != "" {
+		if _, err := db.GetProject(projectID); err != nil {
+			return err
+		}
+	}
+	var val interface{}
+	if projectID == "" {
+		val = nil
+	} else {
+		val = projectID
+	}
+	_, err := db.Exec(`UPDATE conversations SET project_id = ?, updated_at = ? WHERE id = ?`, val, time.Now(), conversationID)
+	if err != nil {
+		return fmt.Errorf("设置对话项目失败: %w", err)
+	}
+	return nil
+}
+
+// ListProjectFactsForIndex 列出用于黑板索引注入的事实（不含 deprecated，除非 includeDeprecated）。
+func (db *DB) ListProjectFactsForIndex(projectID string, includeDeprecated bool) ([]*ProjectFact, error) {
+	query := `SELECT id, project_id, fact_key, category, summary, COALESCE(body,''), confidence,
+		COALESCE(source_conversation_id,''), COALESCE(source_message_id,''), pinned,
+		COALESCE(supersedes_fact_id,''), COALESCE(related_vulnerability_id,''), created_at, updated_at
+		FROM project_facts WHERE project_id = ?`
+	args := []interface{}{projectID}
+	if !includeDeprecated {
+		query += " AND confidence != 'deprecated'"
+	}
+	query += " ORDER BY pinned DESC, updated_at DESC"
+	rows, err := db.Query(query, args...)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	return scanProjectFacts(rows)
+}
+
+// ListProjectFacts 分页列出项目事实。
+func (db *DB) ListProjectFacts(projectID string, filter ProjectFactListFilter, limit, offset int) ([]*ProjectFact, error) {
+	if limit <= 0 {
+		limit = 100
+	}
+	query := `SELECT id, project_id, fact_key, category, summary, COALESCE(body,''), confidence,
+		COALESCE(source_conversation_id,''), COALESCE(source_message_id,''), pinned,
+		COALESCE(supersedes_fact_id,''), COALESCE(related_vulnerability_id,''), created_at, updated_at
+		FROM project_facts WHERE project_id = ?`
+	args := []interface{}{projectID}
+	if c := strings.TrimSpace(filter.Category); c != "" {
+		query += " AND category = ?"
+		args = append(args, c)
+	}
+	if c := strings.TrimSpace(filter.Confidence); c != "" {
+		query += " AND confidence = ?"
+		args = append(args, c)
+	}
+	if filter.ExcludeDeprecated {
+		query += " AND confidence != 'deprecated'"
+	}
+	if rid := strings.TrimSpace(filter.RelatedVulnerabilityID); rid != "" {
+		query += " AND related_vulnerability_id = ?"
+		args = append(args, rid)
+	}
+	if s := strings.TrimSpace(filter.Search); s != "" {
+		pat := "%" + s + "%"
+		query += " AND (fact_key LIKE ? OR summary LIKE ? OR body LIKE ?)"
+		args = append(args, pat, pat, pat)
+	}
+	query += " ORDER BY pinned DESC, updated_at DESC LIMIT ? OFFSET ?"
+	args = append(args, limit, offset)
+
+	rows, err := db.Query(query, args...)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	return scanProjectFacts(rows)
+}
+
+// GetProjectFactByKey 按 key 获取事实。
+func (db *DB) GetProjectFactByKey(projectID, factKey string) (*ProjectFact, error) {
+	row := db.QueryRow(
+		`SELECT id, project_id, fact_key, category, summary, COALESCE(body,''), confidence,
+			COALESCE(source_conversation_id,''), COALESCE(source_message_id,''), pinned,
+			COALESCE(supersedes_fact_id,''), COALESCE(related_vulnerability_id,''), created_at, updated_at
+		 FROM project_facts WHERE project_id = ? AND fact_key = ?`,
+		projectID, factKey,
+	)
+	return scanProjectFactRow(row)
+}
+
+// GetProjectFact 按 ID 获取事实。
+func (db *DB) GetProjectFact(id string) (*ProjectFact, error) {
+	row := db.QueryRow(
+		`SELECT id, project_id, fact_key, category, summary, COALESCE(body,''), confidence,
+			COALESCE(source_conversation_id,''), COALESCE(source_message_id,''), pinned,
+			COALESCE(supersedes_fact_id,''), COALESCE(related_vulnerability_id,''), created_at, updated_at
+		 FROM project_facts WHERE id = ?`, id,
+	)
+	return scanProjectFactRow(row)
+}
+
+// mergeFactBodyOnUpdate 更新时若 incoming body 为空则保留已有内容，避免仅改 summary 时丢失攻击链。
+func mergeFactBodyOnUpdate(incoming, existing string) string {
+	if strings.TrimSpace(incoming) == "" {
+		return existing
+	}
+	return incoming
+}
+
+// UpsertProjectFact 创建或更新事实（按 project_id + fact_key）。
+func (db *DB) UpsertProjectFact(f *ProjectFact) (*ProjectFact, error) {
+	if err := ValidateFactKey(f.FactKey); err != nil {
+		return nil, err
+	}
+	if strings.TrimSpace(f.Category) == "" {
+		f.Category = "note"
+	}
+	if strings.TrimSpace(f.Confidence) == "" {
+		f.Confidence = "tentative"
+	}
+	now := time.Now()
+
+	existing, err := db.GetProjectFactByKey(f.ProjectID, f.FactKey)
+	if err == nil && existing != nil {
+		f.ID = existing.ID
+		f.CreatedAt = existing.CreatedAt
+		f.UpdatedAt = now
+		f.Body = mergeFactBodyOnUpdate(f.Body, existing.Body)
+		if strings.TrimSpace(f.Category) == "" {
+			f.Category = existing.Category
+		}
+		if strings.TrimSpace(f.Confidence) == "" {
+			f.Confidence = existing.Confidence
+		}
+		if projectFactContentChanged(existing, f) {
+			versionID, verr := db.InsertProjectFactVersion(existing)
+			if verr != nil {
+				return nil, verr
+			}
+			f.SupersedesFactID = versionID
+		} else if f.SupersedesFactID == "" {
+			f.SupersedesFactID = existing.SupersedesFactID
+		}
+		_, err = db.Exec(
+			`UPDATE project_facts SET category = ?, summary = ?, body = ?, confidence = ?,
+				source_conversation_id = COALESCE(?, source_conversation_id),
+				source_message_id = COALESCE(?, source_message_id),
+				pinned = ?, supersedes_fact_id = ?, related_vulnerability_id = ?, updated_at = ?
+			 WHERE id = ?`,
+			f.Category, f.Summary, f.Body, f.Confidence,
+			nullIfEmpty(f.SourceConversationID), nullIfEmpty(f.SourceMessageID), boolToInt(f.Pinned),
+			nullIfEmpty(f.SupersedesFactID), nullIfEmpty(f.RelatedVulnerabilityID), f.UpdatedAt, f.ID,
+		)
+		if err != nil {
+			return nil, fmt.Errorf("更新事实失败: %w", err)
+		}
+		return f, nil
+	}
+
+	if f.ID == "" {
+		f.ID = uuid.New().String()
+	}
+	f.CreatedAt = now
+	f.UpdatedAt = now
+	_, err = db.Exec(
+		`INSERT INTO project_facts (
+			id, project_id, fact_key, category, summary, body, confidence,
+			source_conversation_id, source_message_id, pinned, supersedes_fact_id, related_vulnerability_id,
+			created_at, updated_at
+		) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		f.ID, f.ProjectID, f.FactKey, f.Category, f.Summary, f.Body, f.Confidence,
+		nullIfEmpty(f.SourceConversationID), nullIfEmpty(f.SourceMessageID), boolToInt(f.Pinned),
+		nullIfEmpty(f.SupersedesFactID), nullIfEmpty(f.RelatedVulnerabilityID),
+		f.CreatedAt, f.UpdatedAt,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("创建事实失败: %w", err)
+	}
+	return f, nil
+}
+
+// DeprecateProjectFact 将事实标记为 deprecated。
+func (db *DB) DeprecateProjectFact(projectID, factKey string) error {
+	res, err := db.Exec(
+		`UPDATE project_facts SET confidence = 'deprecated', updated_at = ? WHERE project_id = ? AND fact_key = ?`,
+		time.Now(), projectID, factKey,
+	)
+	if err != nil {
+		return err
+	}
+	n, _ := res.RowsAffected()
+	if n == 0 {
+		return fmt.Errorf("事实不存在")
+	}
+	return nil
+}
+
+// RestoreProjectFact 将已废弃事实恢复为 tentative 或 confirmed（重新参与黑板索引）。
+func (db *DB) RestoreProjectFact(projectID, factKey, confidence string) error {
+	confidence = strings.TrimSpace(strings.ToLower(confidence))
+	if confidence == "" {
+		confidence = "tentative"
+	}
+	if confidence != "confirmed" && confidence != "tentative" {
+		return fmt.Errorf("confidence 须为 confirmed 或 tentative")
+	}
+
+	existing, err := db.GetProjectFactByKey(projectID, factKey)
+	if err != nil {
+		return fmt.Errorf("事实不存在")
+	}
+	if strings.ToLower(strings.TrimSpace(existing.Confidence)) != "deprecated" {
+		return fmt.Errorf("事实未处于废弃状态")
+	}
+
+	_, err = db.Exec(
+		`UPDATE project_facts SET confidence = ?, updated_at = ? WHERE project_id = ? AND fact_key = ?`,
+		confidence, time.Now(), projectID, factKey,
+	)
+	return err
+}
+
+// DeleteProjectFact 删除事实。
+func (db *DB) DeleteProjectFact(id string) error {
+	_, err := db.Exec(`DELETE FROM project_facts WHERE id = ?`, id)
+	return err
+}
+
+func scanProjectFacts(rows *sql.Rows) ([]*ProjectFact, error) {
+	var out []*ProjectFact
+	for rows.Next() {
+		f, err := scanProjectFactFromRows(rows)
+		if err != nil {
+			return nil, err
+		}
+		out = append(out, f)
+	}
+	return out, rows.Err()
+}
+
+func scanProjectFactRow(row *sql.Row) (*ProjectFact, error) {
+	var f ProjectFact
+	var pinned int
+	var createdAt, updatedAt string
+	err := row.Scan(
+		&f.ID, &f.ProjectID, &f.FactKey, &f.Category, &f.Summary, &f.Body, &f.Confidence,
+		&f.SourceConversationID, &f.SourceMessageID, &pinned,
+		&f.SupersedesFactID, &f.RelatedVulnerabilityID, &createdAt, &updatedAt,
+	)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, fmt.Errorf("事实不存在")
+		}
+		return nil, err
+	}
+	f.Pinned = pinned != 0
+	f.CreatedAt = parseDBTime(createdAt)
+	f.UpdatedAt = parseDBTime(updatedAt)
+	return &f, nil
+}
+
+func scanProjectFactFromRows(rows *sql.Rows) (*ProjectFact, error) {
+	var f ProjectFact
+	var pinned int
+	var createdAt, updatedAt string
+	err := rows.Scan(
+		&f.ID, &f.ProjectID, &f.FactKey, &f.Category, &f.Summary, &f.Body, &f.Confidence,
+		&f.SourceConversationID, &f.SourceMessageID, &pinned,
+		&f.SupersedesFactID, &f.RelatedVulnerabilityID, &createdAt, &updatedAt,
+	)
+	if err != nil {
+		return nil, err
+	}
+	f.Pinned = pinned != 0
+	f.CreatedAt = parseDBTime(createdAt)
+	f.UpdatedAt = parseDBTime(updatedAt)
+	return &f, nil
+}
+
+func boolToInt(b bool) int {
+	if b {
+		return 1
+	}
+	return 0
+}
+
+func nullIfEmpty(s string) interface{} {
+	if strings.TrimSpace(s) == "" {
+		return nil
+	}
+	return s
+}
+
+func parseDBTime(s string) time.Time {
+	s = strings.TrimSpace(s)
+	if s == "" {
+		return time.Time{}
+	}
+	// go-sqlite3 读 DATETIME 常返回 RFC3339（含 T），写入时可能是空格分隔格式，需兼容多种形态
+	layouts := []string{
+		time.RFC3339Nano,
+		time.RFC3339,
+		"2006-01-02 15:04:05.999999999-07:00",
+		"2006-01-02 15:04:05-07:00",
+		"2006-01-02T15:04:05.999999999-07:00",
+		"2006-01-02T15:04:05-07:00",
+		"2006-01-02 15:04:05.999999999",
+		"2006-01-02 15:04:05",
+		"2006-01-02T15:04:05.999999999",
+		"2006-01-02T15:04:05",
+	}
+	for _, layout := range layouts {
+		if t, e := time.Parse(layout, s); e == nil {
+			return t
+		}
+	}
+	return time.Time{}
+}

internal/database/project_fact_upsert_test.go

@@ -0,0 +1,196 @@
+package database
+
+import (
+	"path/filepath"
+	"testing"
+
+	"go.uber.org/zap"
+)
+
+func TestUpsertProjectFact_preservesBodyOnEmptyUpdate(t *testing.T) {
+	dbPath := filepath.Join(t.TempDir(), "facts.db")
+	db, err := NewDB(dbPath, zap.NewNop())
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer db.Close()
+
+	proj, err := db.CreateProject(&Project{Name: "test-facts"})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	const body = "## 攻击链\n1. step\n```http\nGET / HTTP/1.1\n```\n"
+	_, err = db.UpsertProjectFact(&ProjectFact{
+		ProjectID: proj.ID,
+		FactKey:   "finding/sqli-login",
+		Category:  "finding",
+		Summary:   "SQLi on /login",
+		Body:      body,
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	updated, err := db.UpsertProjectFact(&ProjectFact{
+		ProjectID: proj.ID,
+		FactKey:   "finding/sqli-login",
+		Summary:   "SQLi on /login (confirmed)",
+		Body:      "",
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if updated.Summary != "SQLi on /login (confirmed)" {
+		t.Fatalf("summary=%q", updated.Summary)
+	}
+	if updated.Body != body {
+		t.Fatalf("returned body=%q want preserved attack chain", updated.Body)
+	}
+
+	fromDB, err := db.GetProjectFactByKey(proj.ID, "finding/sqli-login")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if fromDB.Body != body {
+		t.Fatalf("stored body=%q want preserved", fromDB.Body)
+	}
+}
+
+func TestUpsertProjectFact_replacesBodyWhenProvided(t *testing.T) {
+	dbPath := filepath.Join(t.TempDir(), "facts.db")
+	db, err := NewDB(dbPath, zap.NewNop())
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer db.Close()
+
+	proj, err := db.CreateProject(&Project{Name: "test-facts"})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = db.UpsertProjectFact(&ProjectFact{
+		ProjectID: proj.ID,
+		FactKey:   "target/primary",
+		Summary:   "v1",
+		Body:      "old body",
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	const newBody = "new body with evidence"
+	updated, err := db.UpsertProjectFact(&ProjectFact{
+		ProjectID: proj.ID,
+		FactKey:   "target/primary",
+		Summary:   "v2",
+		Body:      newBody,
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if updated.Body != newBody {
+		t.Fatalf("body=%q want %q", updated.Body, newBody)
+	}
+}
+
+func TestRestoreProjectFact(t *testing.T) {
+	dbPath := filepath.Join(t.TempDir(), "facts.db")
+	db, err := NewDB(dbPath, zap.NewNop())
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer db.Close()
+
+	proj, err := db.CreateProject(&Project{Name: "restore-test"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	key := "target/restore-me"
+	_, err = db.UpsertProjectFact(&ProjectFact{
+		ProjectID:  proj.ID,
+		FactKey:    key,
+		Summary:    "s",
+		Confidence: "confirmed",
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := db.DeprecateProjectFact(proj.ID, key); err != nil {
+		t.Fatal(err)
+	}
+	if err := db.RestoreProjectFact(proj.ID, key, "confirmed"); err != nil {
+		t.Fatal(err)
+	}
+	f, err := db.GetProjectFactByKey(proj.ID, key)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if f.Confidence != "confirmed" {
+		t.Fatalf("confidence=%q want confirmed", f.Confidence)
+	}
+	if err := db.RestoreProjectFact(proj.ID, key, ""); err == nil {
+		t.Fatal("expected error when not deprecated")
+	}
+}
+
+func TestUpsertProjectFact_createsVersionOnContentChange(t *testing.T) {
+	dbPath := filepath.Join(t.TempDir(), "facts.db")
+	db, err := NewDB(dbPath, zap.NewNop())
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer db.Close()
+
+	proj, err := db.CreateProject(&Project{Name: "version-test"})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	created, err := db.UpsertProjectFact(&ProjectFact{
+		ProjectID: proj.ID,
+		FactKey:   "finding/xss",
+		Category:  "finding",
+		Summary:   "v1",
+		Body:      "body v1",
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if created.SupersedesFactID != "" {
+		t.Fatalf("expected no supersedes on create, got %q", created.SupersedesFactID)
+	}
+
+	updated, err := db.UpsertProjectFact(&ProjectFact{
+		ProjectID: proj.ID,
+		FactKey:   "finding/xss",
+		Summary:   "v2",
+		Body:      "body v2",
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if updated.SupersedesFactID == "" {
+		t.Fatal("expected supersedes_fact_id after content change")
+	}
+	prev, err := db.GetProjectFactVersion(updated.SupersedesFactID)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if prev.Summary != "v1" || prev.Body != "body v1" {
+		t.Fatalf("previous version mismatch: summary=%q body=%q", prev.Summary, prev.Body)
+	}
+}
+
+func TestMergeFactBodyOnUpdate(t *testing.T) {
+	if got := mergeFactBodyOnUpdate("", "keep"); got != "keep" {
+		t.Fatalf("empty incoming: got %q", got)
+	}
+	if got := mergeFactBodyOnUpdate("  ", "keep"); got != "keep" {
+		t.Fatalf("whitespace incoming: got %q", got)
+	}
+	if got := mergeFactBodyOnUpdate("new", "old"); got != "new" {
+		t.Fatalf("non-empty incoming: got %q", got)
+	}
+}

internal/database/project_fact_version.go

@@ -0,0 +1,144 @@
+package database
+
+import (
+	"database/sql"
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+// ProjectFactVersion 事实历史快照（同 fact_key 更新前归档）。
+type ProjectFactVersion struct {
+	ID                     string    `json:"id"`
+	FactID                 string    `json:"fact_id"`
+	ProjectID              string    `json:"project_id"`
+	FactKey                string    `json:"fact_key"`
+	Category               string    `json:"category"`
+	Summary                string    `json:"summary"`
+	Body                   string    `json:"body"`
+	Confidence             string    `json:"confidence"`
+	SourceConversationID   string    `json:"source_conversation_id,omitempty"`
+	SourceMessageID        string    `json:"source_message_id,omitempty"`
+	Pinned                 bool      `json:"pinned"`
+	RelatedVulnerabilityID string    `json:"related_vulnerability_id,omitempty"`
+	ArchivedAt             time.Time `json:"archived_at"`
+}
+
+// InsertProjectFactVersion 将当前事实行快照写入版本表。
+func (db *DB) InsertProjectFactVersion(f *ProjectFact) (string, error) {
+	if f == nil || f.ID == "" {
+		return "", fmt.Errorf("无效的事实记录")
+	}
+	id := uuid.New().String()
+	now := time.Now()
+	_, err := db.Exec(
+		`INSERT INTO project_fact_versions (
+			id, fact_id, project_id, fact_key, category, summary, body, confidence,
+			source_conversation_id, source_message_id, pinned, related_vulnerability_id, archived_at
+		) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		id, f.ID, f.ProjectID, f.FactKey, f.Category, f.Summary, f.Body, f.Confidence,
+		nullIfEmpty(f.SourceConversationID), nullIfEmpty(f.SourceMessageID), boolToInt(f.Pinned),
+		nullIfEmpty(f.RelatedVulnerabilityID), now,
+	)
+	if err != nil {
+		return "", fmt.Errorf("归档事实版本失败: %w", err)
+	}
+	return id, nil
+}
+
+// GetProjectFactVersion 按版本 ID 获取快照。
+func (db *DB) GetProjectFactVersion(versionID string) (*ProjectFactVersion, error) {
+	row := db.QueryRow(
+		`SELECT id, fact_id, project_id, fact_key, category, summary, COALESCE(body,''), confidence,
+			COALESCE(source_conversation_id,''), COALESCE(source_message_id,''), pinned,
+			COALESCE(related_vulnerability_id,''), archived_at
+		 FROM project_fact_versions WHERE id = ?`, versionID,
+	)
+	return scanProjectFactVersionRow(row)
+}
+
+// ListProjectFactVersions 列出某条事实的全部历史版本（新→旧）。
+func (db *DB) ListProjectFactVersions(factID string, limit int) ([]*ProjectFactVersion, error) {
+	if limit <= 0 {
+		limit = 20
+	}
+	rows, err := db.Query(
+		`SELECT id, fact_id, project_id, fact_key, category, summary, COALESCE(body,''), confidence,
+			COALESCE(source_conversation_id,''), COALESCE(source_message_id,''), pinned,
+			COALESCE(related_vulnerability_id,''), archived_at
+		 FROM project_fact_versions WHERE fact_id = ? ORDER BY archived_at DESC LIMIT ?`,
+		factID, limit,
+	)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var out []*ProjectFactVersion
+	for rows.Next() {
+		v, err := scanProjectFactVersionFromRows(rows)
+		if err != nil {
+			return nil, err
+		}
+		out = append(out, v)
+	}
+	return out, rows.Err()
+}
+
+func projectFactContentChanged(existing, incoming *ProjectFact) bool {
+	if existing == nil || incoming == nil {
+		return false
+	}
+	mergedBody := mergeFactBodyOnUpdate(incoming.Body, existing.Body)
+	inCat := stringsTrimDefault(incoming.Category, existing.Category)
+	inConf := stringsTrimDefault(incoming.Confidence, existing.Confidence)
+	return existing.Summary != incoming.Summary ||
+		existing.Body != mergedBody ||
+		existing.Category != inCat ||
+		existing.Confidence != inConf
+}
+
+func stringsTrimDefault(s, fallback string) string {
+	if strings.TrimSpace(s) == "" {
+		return fallback
+	}
+	return strings.TrimSpace(s)
+}
+
+func scanProjectFactVersionRow(row *sql.Row) (*ProjectFactVersion, error) {
+	var v ProjectFactVersion
+	var pinned int
+	var archivedAt string
+	err := row.Scan(
+		&v.ID, &v.FactID, &v.ProjectID, &v.FactKey, &v.Category, &v.Summary, &v.Body, &v.Confidence,
+		&v.SourceConversationID, &v.SourceMessageID, &pinned,
+		&v.RelatedVulnerabilityID, &archivedAt,
+	)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, fmt.Errorf("事实版本不存在")
+		}
+		return nil, err
+	}
+	v.Pinned = pinned != 0
+	v.ArchivedAt = parseDBTime(archivedAt)
+	return &v, nil
+}
+
+func scanProjectFactVersionFromRows(rows *sql.Rows) (*ProjectFactVersion, error) {
+	var v ProjectFactVersion
+	var pinned int
+	var archivedAt string
+	err := rows.Scan(
+		&v.ID, &v.FactID, &v.ProjectID, &v.FactKey, &v.Category, &v.Summary, &v.Body, &v.Confidence,
+		&v.SourceConversationID, &v.SourceMessageID, &pinned,
+		&v.RelatedVulnerabilityID, &archivedAt,
+	)
+	if err != nil {
+		return nil, err
+	}
+	v.Pinned = pinned != 0
+	v.ArchivedAt = parseDBTime(archivedAt)
+	return &v, nil
+}

internal/database/project_stats.go

@@ -0,0 +1,121 @@
+package database
+
+import (
+	"database/sql"
+	"fmt"
+	"strings"
+)
+
+// ProjectStats 项目聚合统计。
+type ProjectStats struct {
+	FactCount         int `json:"fact_count"`
+	VulnCount         int `json:"vuln_count"`
+	ConversationCount int `json:"conversation_count"`
+	SparseFactCount   int `json:"sparse_fact_count"`
+}
+
+// GetProjectStatsCounts 统计项目下事实、漏洞、对话数量（不含 sparse，由 project 包补全）。
+func (db *DB) GetProjectStatsCounts(projectID string) (*ProjectStats, error) {
+	projectID = strings.TrimSpace(projectID)
+	if projectID == "" {
+		return nil, fmt.Errorf("project_id 不能为空")
+	}
+	if _, err := db.GetProject(projectID); err != nil {
+		return nil, err
+	}
+	stats := &ProjectStats{}
+	if err := db.QueryRow(
+		`SELECT COUNT(*) FROM project_facts WHERE project_id = ? AND confidence != 'deprecated'`,
+		projectID,
+	).Scan(&stats.FactCount); err != nil {
+		return nil, fmt.Errorf("统计事实失败: %w", err)
+	}
+	if err := db.QueryRow(
+		`SELECT COUNT(*) FROM vulnerabilities WHERE project_id = ?`,
+		projectID,
+	).Scan(&stats.VulnCount); err != nil {
+		return nil, fmt.Errorf("统计漏洞失败: %w", err)
+	}
+	if err := db.QueryRow(
+		`SELECT COUNT(*) FROM conversations WHERE project_id = ?`,
+		projectID,
+	).Scan(&stats.ConversationCount); err != nil {
+		return nil, fmt.Errorf("统计对话失败: %w", err)
+	}
+	return stats, nil
+}
+
+// ListProjectFactsForSparseCheck 返回用于待补全检测的事实字段（非 deprecated）。
+func (db *DB) ListProjectFactsForSparseCheck(projectID string) ([]struct {
+	Category string
+	FactKey  string
+	Body     string
+}, error) {
+	rows, err := db.Query(
+		`SELECT category, fact_key, COALESCE(body,'') FROM project_facts WHERE project_id = ? AND confidence != 'deprecated'`,
+		projectID,
+	)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var out []struct {
+		Category string
+		FactKey  string
+		Body     string
+	}
+	for rows.Next() {
+		var row struct {
+			Category string
+			FactKey  string
+			Body     string
+		}
+		if err := rows.Scan(&row.Category, &row.FactKey, &row.Body); err != nil {
+			return nil, err
+		}
+		out = append(out, row)
+	}
+	return out, rows.Err()
+}
+
+// ListConversationsByProjectID 列出绑定到项目的对话。
+func (db *DB) ListConversationsByProjectID(projectID string, limit, offset int) ([]*Conversation, error) {
+	if limit <= 0 {
+		limit = 100
+	}
+	rows, err := db.Query(
+		`SELECT id, title, COALESCE(pinned, 0), created_at, updated_at, project_id
+		 FROM conversations WHERE project_id = ? ORDER BY updated_at DESC LIMIT ? OFFSET ?`,
+		projectID, limit, offset,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("查询项目对话失败: %w", err)
+	}
+	defer rows.Close()
+
+	var conversations []*Conversation
+	for rows.Next() {
+		var conv Conversation
+		var createdAt, updatedAt string
+		var pinned int
+		var pid sql.NullString
+		if err := rows.Scan(&conv.ID, &conv.Title, &pinned, &createdAt, &updatedAt, &pid); err != nil {
+			return nil, err
+		}
+		if pid.Valid {
+			conv.ProjectID = strings.TrimSpace(pid.String)
+		}
+		conv.CreatedAt = parseDBTime(createdAt)
+		conv.UpdatedAt = parseDBTime(updatedAt)
+		conv.Pinned = pinned != 0
+		conversations = append(conversations, &conv)
+	}
+	return conversations, rows.Err()
+}
+
+// CountConversationsByProjectID 统计项目绑定对话数。
+func (db *DB) CountConversationsByProjectID(projectID string) (int, error) {
+	var n int
+	err := db.QueryRow(`SELECT COUNT(*) FROM conversations WHERE project_id = ?`, projectID).Scan(&n)
+	return n, err
+}

internal/database/project_time_test.go

@@ -0,0 +1,93 @@
+package database
+
+import (
+	"encoding/json"
+	"os"
+	"path/filepath"
+	"testing"
+	"time"
+
+	"go.uber.org/zap"
+)
+
+func TestParseDBTime_projectFactFormats(t *testing.T) {
+	cases := []string{
+		"2026-05-26 11:13:07.442143+08:00",
+		"2026-05-26 11:13:07",
+		"2026-05-26T11:13:07.442143+08:00",
+	}
+	for _, s := range cases {
+		got := parseDBTime(s)
+		if got.IsZero() {
+			t.Fatalf("parseDBTime(%q) returned zero", s)
+		}
+	}
+}
+
+func TestListProjectFacts_updatedAtJSON(t *testing.T) {
+	root, err := os.Getwd()
+	if err != nil {
+		t.Skip(err)
+	}
+	dbPath := filepath.Join(root, "..", "..", "data", "conversations.db")
+	if _, err := os.Stat(dbPath); err != nil {
+		t.Skip("conversations.db not found")
+	}
+	db, err := NewDB(dbPath, zap.NewNop())
+	if err != nil {
+		t.Fatal(err)
+	}
+	projects, err := db.ListProjects("", 1, 0)
+	if err != nil || len(projects) == 0 {
+		t.Skip("no projects")
+	}
+	pid := projects[0].ID
+
+	list, err := db.ListProjectFacts(pid, ProjectFactListFilter{}, 5, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(list) == 0 {
+		t.Skip("no facts")
+	}
+	for _, f := range list {
+		if f.UpdatedAt.IsZero() {
+			t.Fatalf("fact %s UpdatedAt is zero after ListProjectFacts", f.FactKey)
+		}
+		b, err := json.Marshal(f)
+		if err != nil {
+			t.Fatal(err)
+		}
+		var m map[string]interface{}
+		if err := json.Unmarshal(b, &m); err != nil {
+			t.Fatal(err)
+		}
+		raw, ok := m["updated_at"].(string)
+		if !ok || raw == "" || raw[:4] == "0001" {
+			t.Fatalf("bad updated_at in JSON: %v", m["updated_at"])
+		}
+	}
+}
+
+func TestParseDBTime_zeroOnGarbage(t *testing.T) {
+	if !parseDBTime("").IsZero() {
+		t.Fatal("expected zero for empty")
+	}
+}
+
+// Ensure RFC3339 round-trip used by API is after year 2000.
+func TestParseDBTime_marshalRoundTrip(t *testing.T) {
+	s := "2026-05-26 11:13:07.442143+08:00"
+	tm := parseDBTime(s)
+	b, err := json.Marshal(tm)
+	if err != nil {
+		t.Fatal(err)
+	}
+	var back time.Time
+	if err := json.Unmarshal(b, &back); err != nil {
+		t.Fatal(err)
+	}
+	if back.IsZero() {
+		t.Fatalf("unmarshal zero from %s", string(b))
+	}
+}

internal/database/vulnerability.go

@@ -15,6 +15,7 @@ type VulnerabilityListFilter struct {
 	ID              string
 	Search          string // 关键词模糊匹配（标题、描述、类型、目标等）
 	ConversationID  string
+	ProjectID       string
 	Severity        string
 	Status          string
 	TaskID          string
@@ -38,6 +39,10 @@ func (f VulnerabilityListFilter) appendWhere(query string, args []interface{}) (
 		query += " AND conversation_id = ?"
 		args = append(args, f.ConversationID)
 	}
+	if f.ProjectID != "" {
+		query += " AND project_id = ?"
+		args = append(args, f.ProjectID)
+	}
 	if f.TaskID != "" {
 		query += " AND EXISTS (SELECT 1 FROM batch_tasks bt WHERE bt.conversation_id = vulnerabilities.conversation_id AND (bt.id = ? OR bt.queue_id = ?))"
 		args = append(args, f.TaskID, f.TaskID)
@@ -85,6 +90,7 @@ func (f VulnerabilityListFilter) appendWhere(query string, args []interface{}) (
 type Vulnerability struct {
 	ID              string    `json:"id"`
 	ConversationID  string    `json:"conversation_id"`
+	ProjectID       string    `json:"project_id,omitempty"`
 	ConversationTag string    `json:"conversation_tag,omitempty"`
 	TaskTag         string    `json:"task_tag,omitempty"`
 	TaskID          string    `json:"task_id,omitempty"`
@@ -116,17 +122,23 @@ func (db *DB) CreateVulnerability(vuln *Vulnerability) (*Vulnerability, error) {
 	}
 	vuln.UpdatedAt = now
 
+	if strings.TrimSpace(vuln.ProjectID) == "" && vuln.ConversationID != "" {
+		if pid, err := db.GetConversationProjectID(vuln.ConversationID); err == nil {
+			vuln.ProjectID = pid
+		}
+	}
+
 	query := `
 		INSERT INTO vulnerabilities (
-			id, conversation_id, conversation_tag, task_tag, title, description, severity, status,
+			id, conversation_id, project_id, conversation_tag, task_tag, title, description, severity, status,
 			vulnerability_type, target, proof, impact, recommendation,
 			created_at, updated_at
-		) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+		) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
 	`
 
 	_, err := db.Exec(
 		query,
-		vuln.ID, vuln.ConversationID, vuln.ConversationTag, vuln.TaskTag, vuln.Title, vuln.Description,
+		vuln.ID, vuln.ConversationID, nullIfEmpty(vuln.ProjectID), vuln.ConversationTag, vuln.TaskTag, vuln.Title, vuln.Description,
 		vuln.Severity, vuln.Status, vuln.Type, vuln.Target,
 		vuln.Proof, vuln.Impact, vuln.Recommendation,
 		vuln.CreatedAt, vuln.UpdatedAt,
@@ -142,7 +154,7 @@ func (db *DB) CreateVulnerability(vuln *Vulnerability) (*Vulnerability, error) {
 func (db *DB) GetVulnerability(id string) (*Vulnerability, error) {
 	var vuln Vulnerability
 	query := `
-		SELECT id, conversation_id, title, description, severity, status,
+		SELECT id, conversation_id, COALESCE(project_id,''), title, description, severity, status,
 		       conversation_tag, task_tag, vulnerability_type, target, proof, impact, recommendation,
 		       COALESCE((SELECT bt.id FROM batch_tasks bt WHERE bt.conversation_id = vulnerabilities.conversation_id LIMIT 1), '') AS task_id,
 		       COALESCE((SELECT bt.queue_id FROM batch_tasks bt WHERE bt.conversation_id = vulnerabilities.conversation_id LIMIT 1), '') AS task_queue_id,
@@ -152,7 +164,7 @@ func (db *DB) GetVulnerability(id string) (*Vulnerability, error) {
 	`
 
 	err := db.QueryRow(query, id).Scan(
-		&vuln.ID, &vuln.ConversationID, &vuln.Title, &vuln.Description,
+		&vuln.ID, &vuln.ConversationID, &vuln.ProjectID, &vuln.Title, &vuln.Description,
 		&vuln.Severity, &vuln.Status, &vuln.ConversationTag, &vuln.TaskTag, &vuln.Type, &vuln.Target,
 		&vuln.Proof, &vuln.Impact, &vuln.Recommendation,
 		&vuln.TaskID, &vuln.TaskQueueID,
@@ -171,7 +183,7 @@ func (db *DB) GetVulnerability(id string) (*Vulnerability, error) {
 // ListVulnerabilities 列出漏洞
 func (db *DB) ListVulnerabilities(limit, offset int, filter VulnerabilityListFilter) ([]*Vulnerability, error) {
 	query := `
-		SELECT id, conversation_id, title, description, severity, status, conversation_tag, task_tag,
+		SELECT id, conversation_id, COALESCE(project_id,''), title, description, severity, status, conversation_tag, task_tag,
 		       vulnerability_type, target, proof, impact, recommendation,
 		       COALESCE((SELECT bt.id FROM batch_tasks bt WHERE bt.conversation_id = vulnerabilities.conversation_id LIMIT 1), '') AS task_id,
 		       COALESCE((SELECT bt.queue_id FROM batch_tasks bt WHERE bt.conversation_id = vulnerabilities.conversation_id LIMIT 1), '') AS task_queue_id,
@@ -195,7 +207,7 @@ func (db *DB) ListVulnerabilities(limit, offset int, filter VulnerabilityListFil
 	for rows.Next() {
 		var vuln Vulnerability
 		err := rows.Scan(
-			&vuln.ID, &vuln.ConversationID, &vuln.Title, &vuln.Description,
+			&vuln.ID, &vuln.ConversationID, &vuln.ProjectID, &vuln.Title, &vuln.Description,
 			&vuln.Severity, &vuln.Status, &vuln.ConversationTag, &vuln.TaskTag, &vuln.Type, &vuln.Target,
 			&vuln.Proof, &vuln.Impact, &vuln.Recommendation,
 			&vuln.TaskID, &vuln.TaskQueueID,
@@ -232,7 +244,7 @@ func (db *DB) UpdateVulnerability(id string, vuln *Vulnerability) error {
 
 	query := `
 		UPDATE vulnerabilities
-		SET conversation_tag = ?, task_tag = ?, title = ?, description = ?, severity = ?, status = ?,
+		SET project_id = ?, conversation_tag = ?, task_tag = ?, title = ?, description = ?, severity = ?, status = ?,
 		    vulnerability_type = ?, target = ?, proof = ?, impact = ?,
 		    recommendation = ?, updated_at = ?
 		WHERE id = ?
@@ -240,7 +252,7 @@ func (db *DB) UpdateVulnerability(id string, vuln *Vulnerability) error {
 
 	_, err := db.Exec(
 		query,
-		vuln.ConversationTag, vuln.TaskTag, vuln.Title, vuln.Description, vuln.Severity, vuln.Status,
+		nullIfEmpty(vuln.ProjectID), vuln.ConversationTag, vuln.TaskTag, vuln.Title, vuln.Description, vuln.Severity, vuln.Status,
 		vuln.Type, vuln.Target, vuln.Proof, vuln.Impact,
 		vuln.Recommendation, vuln.UpdatedAt, id,
 	)
@@ -253,10 +265,22 @@ func (db *DB) UpdateVulnerability(id string, vuln *Vulnerability) error {
 
 // DeleteVulnerability 删除漏洞
 func (db *DB) DeleteVulnerability(id string) error {
-	_, err := db.Exec("DELETE FROM vulnerabilities WHERE id = ?", id)
+	tx, err := db.Begin()
 	if err != nil {
+		return fmt.Errorf("开启事务失败: %w", err)
+	}
+	defer func() { _ = tx.Rollback() }()
+
+	// 删除漏洞前先解除项目事实中的关联，避免前端继续显示已删除漏洞的短 ID。
+	if _, err := tx.Exec("UPDATE project_facts SET related_vulnerability_id = NULL WHERE related_vulnerability_id = ?", id); err != nil {
+		return fmt.Errorf("清理事实漏洞关联失败: %w", err)
+	}
+	if _, err := tx.Exec("DELETE FROM vulnerabilities WHERE id = ?", id); err != nil {
 		return fmt.Errorf("删除漏洞失败: %w", err)
 	}
+	if err := tx.Commit(); err != nil {
+		return fmt.Errorf("提交事务失败: %w", err)
+	}
 	return nil
 }
 
@@ -366,10 +390,15 @@ func (db *DB) GetVulnerabilityFilterOptions() (map[string][]string, error) {
 	if err != nil {
 		return nil, fmt.Errorf("查询任务标签建议失败: %w", err)
 	}
+	projectIDs, err := collect(`SELECT DISTINCT project_id FROM vulnerabilities WHERE project_id IS NOT NULL AND project_id <> '' ORDER BY created_at DESC LIMIT 200`)
+	if err != nil {
+		return nil, fmt.Errorf("查询项目ID建议失败: %w", err)
+	}
 
 	return map[string][]string{
 		"vulnerability_ids": vulnIDs,
 		"conversation_ids":  conversationIDs,
+		"project_ids":       projectIDs,
 		"task_ids":          taskIDs,
 		"queue_ids":         queueIDs,
 		"conversation_tags": conversationTags,

internal/einoobserve/attach.go

@@ -96,6 +96,17 @@ type runHandler struct {
 	seq       atomic.Uint64
 }
 
+func safeRunInfo(info *callbacks.RunInfo) callbacks.RunInfo {
+	if info == nil {
+		return callbacks.RunInfo{
+			Name:      "unknown",
+			Type:      "unknown",
+			Component: components.Component("unknown"),
+		}
+	}
+	return *info
+}
+
 func (h *runHandler) genSpanID() string {
 	return fmt.Sprintf("%s-%d", h.runID, h.seq.Add(1))
 }
@@ -134,6 +145,7 @@ func (h *runHandler) popMatching(want string) string {
 }
 
 func (h *runHandler) onStart(ctx context.Context, info *callbacks.RunInfo, input callbacks.CallbackInput) context.Context {
+	ri := safeRunInfo(info)
 	var parentID string
 	h.mu.Lock()
 	if len(h.spanStack) > 0 {
@@ -151,9 +163,9 @@ func (h *runHandler) onStart(ctx context.Context, info *callbacks.RunInfo, input
 		ctx, sp = tracer.Start(ctx, spanName,
 			trace.WithSpanKind(trace.SpanKindInternal),
 			trace.WithAttributes(
-				attribute.String("eino.component", string(info.Component)),
-				attribute.String("eino.name", info.Name),
-				attribute.String("eino.type", info.Type),
+				attribute.String("eino.component", string(ri.Component)),
+				attribute.String("eino.name", ri.Name),
+				attribute.String("eino.type", ri.Type),
 				attribute.String("cyberstrike.run_id", h.runID),
 				attribute.String("cyberstrike.conversation_id", strings.TrimSpace(h.params.ConversationID)),
 				attribute.String("cyberstrike.orchestration", strings.TrimSpace(h.params.OrchMode)),
@@ -169,9 +181,9 @@ func (h *runHandler) onStart(ctx context.Context, info *callbacks.RunInfo, input
 			zap.String("runId", h.runID),
 			zap.String("spanId", spanID),
 			zap.String("parentSpanId", parentID),
-			zap.String("component", string(info.Component)),
-			zap.String("name", info.Name),
-			zap.String("type", info.Type),
+			zap.String("component", string(ri.Component)),
+			zap.String("name", ri.Name),
+			zap.String("type", ri.Type),
 			zap.String("phase", "start"),
 		}
 		if sp, ok := ctx.Value(ctxOtelSpanKey{}).(trace.Span); ok && sp != nil {
@@ -195,9 +207,9 @@ func (h *runHandler) onStart(ctx context.Context, info *callbacks.RunInfo, input
 			"parentSpanId":   parentID,
 			"conversationId": strings.TrimSpace(h.params.ConversationID),
 			"orchestration":    strings.TrimSpace(h.params.OrchMode),
-			"component":      string(info.Component),
-			"name":           info.Name,
-			"type":           info.Type,
+			"component":      string(ri.Component),
+			"name":           ri.Name,
+			"type":           ri.Type,
 			"ts":             time.Now().UTC().Format(time.RFC3339Nano),
 			"inputSummary":   inSum,
 			"source":         "eino_callbacks",
@@ -208,6 +220,7 @@ func (h *runHandler) onStart(ctx context.Context, info *callbacks.RunInfo, input
 }
 
 func (h *runHandler) onEnd(ctx context.Context, info *callbacks.RunInfo, output callbacks.CallbackOutput) context.Context {
+	ri := safeRunInfo(info)
 	spanID, _ := ctx.Value(ctxSpanKey{}).(string)
 	if spanID == "" {
 		spanID = h.popSpan()
@@ -226,9 +239,9 @@ func (h *runHandler) onEnd(ctx context.Context, info *callbacks.RunInfo, output
 		fields := []zap.Field{
 			zap.String("runId", h.runID),
 			zap.String("spanId", spanID),
-			zap.String("component", string(info.Component)),
-			zap.String("name", info.Name),
-			zap.String("type", info.Type),
+			zap.String("component", string(ri.Component)),
+			zap.String("name", ri.Name),
+			zap.String("type", ri.Type),
 			zap.String("phase", "end"),
 		}
 		if h.cfg.ZapVerbose {
@@ -243,9 +256,9 @@ func (h *runHandler) onEnd(ctx context.Context, info *callbacks.RunInfo, output
 			"spanId":         spanID,
 			"conversationId": strings.TrimSpace(h.params.ConversationID),
 			"orchestration":    strings.TrimSpace(h.params.OrchMode),
-			"component":      string(info.Component),
-			"name":           info.Name,
-			"type":           info.Type,
+			"component":      string(ri.Component),
+			"name":           ri.Name,
+			"type":           ri.Type,
 			"ts":             time.Now().UTC().Format(time.RFC3339Nano),
 			"outputSummary":  outSum,
 			"source":         "eino_callbacks",
@@ -255,6 +268,7 @@ func (h *runHandler) onEnd(ctx context.Context, info *callbacks.RunInfo, output
 }
 
 func (h *runHandler) onError(ctx context.Context, info *callbacks.RunInfo, err error) context.Context {
+	ri := safeRunInfo(info)
 	spanID, _ := ctx.Value(ctxSpanKey{}).(string)
 	if spanID == "" {
 		spanID = h.popSpan()
@@ -276,9 +290,9 @@ func (h *runHandler) onError(ctx context.Context, info *callbacks.RunInfo, err e
 		h.params.Logger.Warn("eino_callback_error",
 			zap.String("runId", h.runID),
 			zap.String("spanId", spanID),
-			zap.String("component", string(info.Component)),
-			zap.String("name", info.Name),
-			zap.String("type", info.Type),
+			zap.String("component", string(ri.Component)),
+			zap.String("name", ri.Name),
+			zap.String("type", ri.Type),
 			zap.Error(err),
 		)
 	}
@@ -288,9 +302,9 @@ func (h *runHandler) onError(ctx context.Context, info *callbacks.RunInfo, err e
 			"spanId":         spanID,
 			"conversationId": strings.TrimSpace(h.params.ConversationID),
 			"orchestration":    strings.TrimSpace(h.params.OrchMode),
-			"component":      string(info.Component),
-			"name":           info.Name,
-			"type":           info.Type,
+			"component":      string(ri.Component),
+			"name":           ri.Name,
+			"type":           ri.Type,
 			"ts":             time.Now().UTC().Format(time.RFC3339Nano),
 			"error":          msg,
 			"source":         "eino_callbacks",
@@ -300,28 +314,30 @@ func (h *runHandler) onError(ctx context.Context, info *callbacks.RunInfo, err e
 }
 
 func (h *runHandler) onStartStreamIn(ctx context.Context, info *callbacks.RunInfo, input *schema.StreamReader[callbacks.CallbackInput]) context.Context {
+	ri := safeRunInfo(info)
 	if input != nil {
 		input.Close()
 	}
 	if h.params.Logger != nil {
 		h.params.Logger.Debug("eino_callback_stream_in",
 			zap.String("runId", h.runID),
-			zap.String("component", string(info.Component)),
-			zap.String("name", info.Name),
+			zap.String("component", string(ri.Component)),
+			zap.String("name", ri.Name),
 		)
 	}
 	return ctx
 }
 
 func (h *runHandler) onEndStreamOut(ctx context.Context, info *callbacks.RunInfo, output *schema.StreamReader[callbacks.CallbackOutput]) context.Context {
+	ri := safeRunInfo(info)
 	if output != nil {
 		output.Close()
 	}
 	if h.params.Logger != nil {
 		h.params.Logger.Debug("eino_callback_stream_out",
 			zap.String("runId", h.runID),
-			zap.String("component", string(info.Component)),
-			zap.String("name", info.Name),
+			zap.String("component", string(ri.Component)),
+			zap.String("name", ri.Name),
 		)
 	}
 	return ctx

internal/handler/agent.go

@@ -87,6 +87,23 @@ func normalizeProcessDetailText(s string) string {
 // discardPlanningIfEchoesToolResult drops buffered planning text when it only repeats the
 // upcoming tool_result body. Streaming models often echo tool stdout in chunk.Content; flushing
 // that into "planning" before persisting tool_result duplicates the output after page refresh.
+// sameResponseStreamMeta 判断是否为同一段主通道流（Eino ADK 可能对同一 MessageStream 重复发 response_start）。
+func sameResponseStreamMeta(a, b map[string]interface{}) bool {
+	if a == nil || b == nil {
+		return false
+	}
+	agentA, _ := a["einoAgent"].(string)
+	agentB, _ := b["einoAgent"].(string)
+	agentA = strings.TrimSpace(agentA)
+	agentB = strings.TrimSpace(agentB)
+	if agentA == "" || !strings.EqualFold(agentA, agentB) {
+		return false
+	}
+	orchA, _ := a["orchestration"].(string)
+	orchB, _ := b["orchestration"].(string)
+	return strings.TrimSpace(orchA) == strings.TrimSpace(orchB)
+}
+
 func discardPlanningIfEchoesToolResult(respPlan *responsePlanAgg, toolData interface{}) {
 	if respPlan == nil {
 		return
@@ -222,6 +239,7 @@ type ChatReasoningRequest struct {
 type ChatRequest struct {
 	Message              string           `json:"message" binding:"required"`
 	ConversationID       string           `json:"conversationId,omitempty"`
+	ProjectID            string           `json:"projectId,omitempty"` // 新对话绑定的项目（可选；未指定时可用 config.project.default_project_id）
 	Role                 string           `json:"role,omitempty"` // 角色名称
 	Attachments          []ChatAttachment `json:"attachments,omitempty"`
 	WebShellConnectionID string           `json:"webshellConnectionId,omitempty"` // WebShell 管理 - AI 助手：当前选中的连接 ID，仅使用 webshell_* 工具
@@ -560,7 +578,9 @@ func (h *AgentHandler) AgentLoop(c *gin.Context) {
 	conversationID := req.ConversationID
 	if conversationID == "" {
 		title := safeTruncateString(req.Message, 50)
-		conv, err := h.db.CreateConversation(title, audit.ConversationCreateMetaFromGin(c, "agent_loop"))
+		meta := audit.ConversationCreateMetaFromGin(c, "agent_loop")
+		meta.ProjectID = effectiveProjectID(h.config, req.ProjectID)
+		conv, err := h.db.CreateConversation(title, meta)
 		if err != nil {
 			h.logger.Error("创建对话失败", zap.Error(err))
 			c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
@@ -635,6 +655,8 @@ func (h *AgentHandler) AgentLoop(c *gin.Context) {
 			builtin.ToolWebshellFileRead,
 			builtin.ToolWebshellFileWrite,
 			builtin.ToolRecordVulnerability,
+			builtin.ToolListVulnerabilities,
+			builtin.ToolGetVulnerability,
 			builtin.ToolListKnowledgeRiskTypes,
 			builtin.ToolSearchKnowledgeBase,
 		}
@@ -682,7 +704,7 @@ func (h *AgentHandler) AgentLoop(c *gin.Context) {
 	taskCtx = h.injectReactHITLInterceptor(taskCtx, cancelWithCause, conversationID, "", nil)
 
 	// 执行Agent Loop，传入历史消息和对话ID（使用包含角色提示词的finalMessage和角色工具列表）
-	result, err := h.agent.AgentLoopWithProgress(taskCtx, finalMessage, agentHistoryMessages, conversationID, progressCallback, roleTools)
+	result, err := h.agent.AgentLoopWithProgress(taskCtx, finalMessage, agentHistoryMessages, conversationID, progressCallback, roleTools, h.projectBlackboardBlock(conversationID))
 	if err != nil {
 		h.logger.Error("Agent Loop执行失败", zap.Error(err))
 
@@ -760,7 +782,9 @@ func (h *AgentHandler) ProcessMessageForRobot(ctx context.Context, platform, con
 		if strings.TrimSpace(platform) != "" {
 			src = "robot:" + strings.TrimSpace(platform)
 		}
-		conv, createErr := h.db.CreateConversation(title, audit.ConversationCreateMeta(src))
+		meta := audit.ConversationCreateMeta(src)
+		meta.ProjectID = effectiveProjectID(h.config, "")
+		conv, createErr := h.db.CreateConversation(title, meta)
 		if createErr != nil {
 			return "", "", fmt.Errorf("创建对话失败: %w", createErr)
 		}
@@ -839,7 +863,7 @@ func (h *AgentHandler) ProcessMessageForRobot(ctx context.Context, platform, con
 		for {
 			resultMA, errMA = multiagent.RunEinoSingleChatModelAgent(
 				taskCtx, h.config, &h.config.MultiAgent, h.agent, h.logger,
-				conversationID, curMsg, curHist, roleTools, progressCallback, nil,
+				conversationID, curMsg, curHist, roleTools, progressCallback, nil, h.projectBlackboardBlock(conversationID),
 			)
 			if errMA == nil {
 				// 成功后重置 transient 重试窗口，下一次分段从第 1 次重试开始。
@@ -872,7 +896,7 @@ func (h *AgentHandler) ProcessMessageForRobot(ctx context.Context, platform, con
 			resultMA, errMA = multiagent.RunDeepAgent(
 				taskCtx, h.config, &h.config.MultiAgent, h.agent, h.logger,
 				conversationID, curMsg, curHist, roleTools, progressCallback,
-				h.agentsMarkdownDir, robotMode, nil,
+				h.agentsMarkdownDir, robotMode, nil, h.projectBlackboardBlock(conversationID),
 			)
 			if errMA == nil {
 				// 成功后重置 transient 重试窗口，下一次分段从第 1 次重试开始。
@@ -891,7 +915,7 @@ func (h *AgentHandler) ProcessMessageForRobot(ctx context.Context, platform, con
 		return h.finalizeRobotAgentSuccess(assistantMessageID, conversationID, resultMA)
 	}
 
-	result, err := h.agent.AgentLoopWithProgress(taskCtx, finalMessage, agentHistoryMessages, conversationID, progressCallback, roleTools)
+	result, err := h.agent.AgentLoopWithProgress(taskCtx, finalMessage, agentHistoryMessages, conversationID, progressCallback, roleTools, h.projectBlackboardBlock(conversationID))
 	if err != nil {
 		taskStatus = "failed"
 		errMsg := "执行失败: " + err.Error()
@@ -989,6 +1013,8 @@ func (h *AgentHandler) createProgressCallback(runCtx context.Context, cancelRun
 	}
 	thinkingStreams := make(map[string]*thinkingBuf) // streamId -> buf
 	flushedThinking := make(map[string]bool)         // streamId -> flushed
+	seenToolCallSigs := make(map[string]string)      // toolCallId -> payload signature
+	seenToolResultSigs := make(map[string]string)    // toolCallId -> payload signature
 
 	// response_start + response_delta：前端时间线显示为「📝 规划中」（monitor.js），不落逐条 delta；
 	// 聚合为一条 planning 写入 process_details，刷新后与线上一致。
@@ -1051,6 +1077,29 @@ func (h *AgentHandler) createProgressCallback(runCtx context.Context, cancelRun
 	}
 
 	return func(eventType, message string, data interface{}) {
+		// 上游在重试/补偿时可能重复回调相同 tool_call/tool_result。
+		// 这里做幂等过滤，保证前端展示和 process_details 都以唯一事件为准。
+		if (eventType == "tool_call" || eventType == "tool_result") && data != nil {
+			if dataMap, ok := data.(map[string]interface{}); ok {
+				toolCallID := strings.TrimSpace(fmt.Sprint(dataMap["toolCallId"]))
+				if toolCallID != "" && toolCallID != "<nil>" {
+					payloadJSON, _ := json.Marshal(dataMap)
+					sig := eventType + "|" + message + "|" + string(payloadJSON)
+					seen := seenToolCallSigs
+					if eventType == "tool_result" {
+						seen = seenToolResultSigs
+					}
+					if prev, exists := seen[toolCallID]; exists && prev == sig {
+						h.logger.Debug("跳过重复工具进度事件",
+							zap.String("eventType", eventType),
+							zap.String("toolCallId", toolCallID))
+						return
+					}
+					seen[toolCallID] = sig
+				}
+			}
+		}
+
 		// 流式：写 HTTP SSE；非流式（机器人等）：镜像到 taskEventBus 供 Web 订阅
 		if sendEventFunc != nil {
 			sendEventFunc(eventType, message, data)
@@ -1244,6 +1293,17 @@ func (h *AgentHandler) createProgressCallback(runCtx context.Context, cancelRun
 
 		// 多代理主代理「规划中」：response_start / response_delta 仅用于 SSE，聚合落一条 planning
 		if eventType == "response_start" {
+			if dataMap, ok := data.(map[string]interface{}); ok {
+				if sameResponseStreamMeta(respPlan.meta, dataMap) {
+					if respPlan.meta == nil {
+						respPlan.meta = make(map[string]interface{}, len(dataMap))
+					}
+					for k, v := range dataMap {
+						respPlan.meta[k] = v
+					}
+					return
+				}
+			}
 			flushResponsePlan()
 			respPlan.meta = nil
 			if dataMap, ok := data.(map[string]interface{}); ok {
@@ -1385,7 +1445,7 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {
 	var req ChatRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		// 对于流式请求，也发送SSE格式的错误
-		c.Header("Content-Type", "text/event-stream")
+		c.Header("Content-Type", "text/event-stream; charset=utf-8")
 		c.Header("Cache-Control", "no-cache")
 		c.Header("Connection", "keep-alive")
 		event := StreamEvent{
@@ -1407,7 +1467,7 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {
 	)
 
 	// 设置SSE响应头
-	c.Header("Content-Type", "text/event-stream")
+	c.Header("Content-Type", "text/event-stream; charset=utf-8")
 	c.Header("Cache-Control", "no-cache")
 	c.Header("Connection", "keep-alive")
 	c.Header("X-Accel-Buffering", "no") // 禁用nginx缓冲
@@ -1518,6 +1578,7 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {
 		var conv *database.Conversation
 		var err error
 		meta := audit.ConversationCreateMetaFromGin(c, "agent_loop_stream")
+		meta.ProjectID = effectiveProjectID(h.config, req.ProjectID)
 		if req.WebShellConnectionID != "" {
 			meta.Source = "webshell_chat"
 			conv, err = h.db.CreateConversationWithWebshell(strings.TrimSpace(req.WebShellConnectionID), title, meta)
@@ -1595,6 +1656,8 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {
 			builtin.ToolWebshellFileRead,
 			builtin.ToolWebshellFileWrite,
 			builtin.ToolRecordVulnerability,
+			builtin.ToolListVulnerabilities,
+			builtin.ToolGetVulnerability,
 			builtin.ToolListKnowledgeRiskTypes,
 			builtin.ToolSearchKnowledgeBase,
 		}
@@ -1725,7 +1788,7 @@ func (h *AgentHandler) AgentLoopStream(c *gin.Context) {
 	go sseKeepalive(c, stopKeepalive, &sseWriteMu)
 	defer close(stopKeepalive)
 
-	result, err := h.agent.AgentLoopWithProgress(taskCtx, finalMessage, agentHistoryMessages, conversationID, progressCallback, roleTools)
+	result, err := h.agent.AgentLoopWithProgress(taskCtx, finalMessage, agentHistoryMessages, conversationID, progressCallback, roleTools, h.projectBlackboardBlock(conversationID))
 	if err != nil {
 		h.logger.Error("Agent Loop执行失败", zap.Error(err))
 		cause := context.Cause(baseCtx)
@@ -1985,7 +2048,7 @@ func (h *AgentHandler) SubscribeAgentTaskEvents(c *gin.Context) {
 		return
 	}
 
-	c.Header("Content-Type", "text/event-stream")
+	c.Header("Content-Type", "text/event-stream; charset=utf-8")
 	c.Header("Cache-Control", "no-cache")
 	c.Header("Connection", "keep-alive")
 	c.Header("X-Accel-Buffering", "no")
@@ -2037,6 +2100,7 @@ type BatchTaskRequest struct {
 	ScheduleMode string   `json:"scheduleMode,omitempty"`   // manual | cron
 	CronExpr     string   `json:"cronExpr,omitempty"`       // scheduleMode=cron 时必填
 	ExecuteNow   bool     `json:"executeNow,omitempty"`     // 创建后是否立即执行（默认 false）
+	ProjectID    string   `json:"projectId,omitempty"`      // 队列内子对话绑定的项目（可选）
 }
 
 func normalizeBatchQueueAgentMode(mode string) string {
@@ -2117,7 +2181,7 @@ func (h *AgentHandler) CreateBatchQueue(c *gin.Context) {
 		nextRunAt = &next
 	}
 
-	queue, createErr := h.batchTaskManager.CreateBatchQueue(req.Title, req.Role, agentMode, scheduleMode, cronExpr, nextRunAt, validTasks)
+	queue, createErr := h.batchTaskManager.CreateBatchQueue(req.Title, req.Role, agentMode, scheduleMode, cronExpr, req.ProjectID, nextRunAt, validTasks)
 	if createErr != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": createErr.Error()})
 		return
@@ -2651,7 +2715,9 @@ func (h *AgentHandler) executeBatchQueue(queueID string) {
 
 		// 创建新对话
 		title := safeTruncateString(task.Message, 50)
-		conv, err := h.db.CreateConversation(title, audit.ConversationCreateMeta("batch_task"))
+		batchMeta := audit.ConversationCreateMeta("batch_task")
+		batchMeta.ProjectID = effectiveProjectID(h.config, queue.ProjectID)
+		conv, err := h.db.CreateConversation(title, batchMeta)
 		var conversationID string
 		if err != nil {
 			h.logger.Error("创建对话失败", zap.String("queueId", queueID), zap.String("taskId", task.ID), zap.Error(err))
@@ -2801,15 +2867,15 @@ func (h *AgentHandler) executeBatchQueue(queueID string) {
 			var runErr error
 			switch {
 			case useBatchMulti:
-				resultMA, runErr = multiagent.RunDeepAgent(taskCtx, h.config, &h.config.MultiAgent, h.agent, h.logger, conversationID, finalMessage, []agent.ChatMessage{}, roleTools, progressCallback, h.agentsMarkdownDir, batchOrch, nil)
+				resultMA, runErr = multiagent.RunDeepAgent(taskCtx, h.config, &h.config.MultiAgent, h.agent, h.logger, conversationID, finalMessage, []agent.ChatMessage{}, roleTools, progressCallback, h.agentsMarkdownDir, batchOrch, nil, h.projectBlackboardBlock(conversationID))
 			case useEinoSingle:
 				if h.config == nil {
 					runErr = fmt.Errorf("服务器配置未加载")
 				} else {
-					resultMA, runErr = multiagent.RunEinoSingleChatModelAgent(taskCtx, h.config, &h.config.MultiAgent, h.agent, h.logger, conversationID, finalMessage, []agent.ChatMessage{}, roleTools, progressCallback, nil)
+					resultMA, runErr = multiagent.RunEinoSingleChatModelAgent(taskCtx, h.config, &h.config.MultiAgent, h.agent, h.logger, conversationID, finalMessage, []agent.ChatMessage{}, roleTools, progressCallback, nil, h.projectBlackboardBlock(conversationID))
 				}
 			default:
-				result, runErr = h.agent.AgentLoopWithProgress(taskCtx, finalMessage, []agent.ChatMessage{}, conversationID, progressCallback, roleTools)
+				result, runErr = h.agent.AgentLoopWithProgress(taskCtx, finalMessage, []agent.ChatMessage{}, conversationID, progressCallback, roleTools, h.projectBlackboardBlock(conversationID))
 			}
 
 			if runErr != nil {

internal/handler/batch_task_manager.go

@@ -65,6 +65,7 @@ type BatchTaskQueue struct {
 	LastScheduleTriggerAt *time.Time   `json:"lastScheduleTriggerAt,omitempty"`
 	LastScheduleError     string       `json:"lastScheduleError,omitempty"`
 	LastRunError          string       `json:"lastRunError,omitempty"`
+	ProjectID             string       `json:"projectId,omitempty"`
 	Tasks                 []*BatchTask `json:"tasks"`
 	Status                string       `json:"status"` // pending, running, paused, completed, cancelled
 	CreatedAt             time.Time    `json:"createdAt"`
@@ -103,7 +104,7 @@ func (m *BatchTaskManager) SetDB(db *database.DB) {
 
 // CreateBatchQueue 创建批量任务队列
 func (m *BatchTaskManager) CreateBatchQueue(
-	title, role, agentMode, scheduleMode, cronExpr string,
+	title, role, agentMode, scheduleMode, cronExpr, projectID string,
 	nextRunAt *time.Time,
 	tasks []string,
 ) (*BatchTaskQueue, error) {
@@ -126,6 +127,7 @@ func (m *BatchTaskManager) CreateBatchQueue(
 		ID:              queueID,
 		Title:           title,
 		Role:            role,
+		ProjectID:       strings.TrimSpace(projectID),
 		AgentMode:       normalizeBatchQueueAgentMode(agentMode),
 		ScheduleMode:    normalizeBatchQueueScheduleMode(scheduleMode),
 		CronExpr:        strings.TrimSpace(cronExpr),
@@ -171,6 +173,7 @@ func (m *BatchTaskManager) CreateBatchQueue(
 			queue.ScheduleMode,
 			queue.CronExpr,
 			queue.NextRunAt,
+			queue.ProjectID,
 			dbTasks,
 		); err != nil {
 			m.logger.Warn("batch queue DB create failed", zap.String("queueId", queueID), zap.Error(err))
@@ -263,6 +266,9 @@ func (m *BatchTaskManager) loadQueueFromDB(queueID string) *BatchTaskQueue {
 	if queueRow.LastRunError.Valid {
 		queue.LastRunError = strings.TrimSpace(queueRow.LastRunError.String)
 	}
+	if queueRow.ProjectID.Valid {
+		queue.ProjectID = strings.TrimSpace(queueRow.ProjectID.String)
+	}
 	if queueRow.StartedAt.Valid {
 		queue.StartedAt = &queueRow.StartedAt.Time
 	}
@@ -499,6 +505,9 @@ func (m *BatchTaskManager) LoadFromDB() error {
 		if queueRow.LastRunError.Valid {
 			queue.LastRunError = strings.TrimSpace(queueRow.LastRunError.String)
 		}
+		if queueRow.ProjectID.Valid {
+			queue.ProjectID = strings.TrimSpace(queueRow.ProjectID.String)
+		}
 		if queueRow.StartedAt.Valid {
 			queue.StartedAt = &queueRow.StartedAt.Time
 		}

internal/handler/batch_task_mcp.go

@@ -176,6 +176,10 @@ func RegisterBatchTaskMCPTools(mcpServer *mcp.Server, h *AgentHandler, logger *z
 					"type":        "boolean",
 					"description": "创建后是否立即开始执行队列，默认 false（pending，需 batch_task_start）",
 				},
+				"project_id": map[string]interface{}{
+					"type":        "string",
+					"description": "队列内子对话绑定的项目 ID（可选，未指定时使用 config.project.default_project_id）",
+				},
 			},
 		},
 	}, func(ctx context.Context, args map[string]interface{}) (*mcp.ToolResult, error) {
@@ -204,7 +208,8 @@ func RegisterBatchTaskMCPTools(mcpServer *mcp.Server, h *AgentHandler, logger *z
 		if !ok {
 			executeNow = false
 		}
-		queue, createErr := h.batchTaskManager.CreateBatchQueue(title, role, agentMode, scheduleMode, cronExpr, nextRunAt, tasks)
+		projectID := strings.TrimSpace(mcpArgString(args, "project_id"))
+		queue, createErr := h.batchTaskManager.CreateBatchQueue(title, role, agentMode, scheduleMode, cronExpr, projectID, nextRunAt, tasks)
 		if createErr != nil {
 			return batchMCPTextResult("创建队列失败: "+createErr.Error(), true), nil
 		}

internal/handler/conversation.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"net/http"
 	"strconv"
+	"strings"
 
 	"cyberstrike-ai/internal/audit"
 	"cyberstrike-ai/internal/database"
@@ -33,7 +34,13 @@ func NewConversationHandler(db *database.DB, logger *zap.Logger) *ConversationHa
 
 // CreateConversationRequest 创建对话请求
 type CreateConversationRequest struct {
-	Title string `json:"title"`
+	Title     string `json:"title"`
+	ProjectID string `json:"projectId,omitempty"`
+}
+
+// SetConversationProjectRequest 设置对话所属项目
+type SetConversationProjectRequest struct {
+	ProjectID string `json:"projectId"` // 空字符串表示解除绑定
 }
 
 // CreateConversation 创建新对话
@@ -49,7 +56,9 @@ func (h *ConversationHandler) CreateConversation(c *gin.Context) {
 		title = "新对话"
 	}
 
-	conv, err := h.db.CreateConversation(title, audit.ConversationCreateMetaFromGin(c, "api"))
+	meta := audit.ConversationCreateMetaFromGin(c, "api")
+	meta.ProjectID = strings.TrimSpace(req.ProjectID)
+	conv, err := h.db.CreateConversation(title, meta)
 	if err != nil {
 		h.logger.Error("创建对话失败", zap.Error(err))
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
@@ -59,6 +68,25 @@ func (h *ConversationHandler) CreateConversation(c *gin.Context) {
 	c.JSON(http.StatusOK, conv)
 }
 
+// SetConversationProject 设置或清除对话绑定的项目
+func (h *ConversationHandler) SetConversationProject(c *gin.Context) {
+	id := c.Param("id")
+	var req SetConversationProjectRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	if _, err := h.db.GetConversation(id); err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": "对话不存在"})
+		return
+	}
+	if err := h.db.SetConversationProjectID(id, req.ProjectID); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"success": true, "projectId": strings.TrimSpace(req.ProjectID)})
+}
+
 // ListConversations 列出对话
 func (h *ConversationHandler) ListConversations(c *gin.Context) {
 	limitStr := c.DefaultQuery("limit", "50")

internal/handler/eino_single_agent.go

@@ -19,7 +19,7 @@ import (
 
 // EinoSingleAgentLoopStream Eino ADK 单代理（ChatModelAgent + Runner）流式对话；不依赖 multi_agent.enabled。
 func (h *AgentHandler) EinoSingleAgentLoopStream(c *gin.Context) {
-	c.Header("Content-Type", "text/event-stream")
+	c.Header("Content-Type", "text/event-stream; charset=utf-8")
 	c.Header("Cache-Control", "no-cache")
 	c.Header("Connection", "keep-alive")
 
@@ -230,6 +230,7 @@ func (h *AgentHandler) EinoSingleAgentLoopStream(c *gin.Context) {
 			roleTools,
 			progressCallback,
 			chatReasoningToClientIntent(req.Reasoning),
+			h.projectBlackboardBlock(conversationID),
 		)
 
 		if result != nil && len(result.MCPExecutionIDs) > 0 {
@@ -429,6 +430,7 @@ func (h *AgentHandler) EinoSingleAgentLoop(c *gin.Context) {
 		prep.RoleTools,
 		progressCallback,
 		chatReasoningToClientIntent(req.Reasoning),
+		h.projectBlackboardBlock(prep.ConversationID),
 	)
 	if runErr != nil {
 		if shouldPersistEinoAgentTraceAfterRunError(baseCtx) {

internal/handler/multi_agent.go

@@ -20,7 +20,7 @@ import (
 
 // MultiAgentLoopStream Eino DeepAgent 流式对话（需 config.multi_agent.enabled）。
 func (h *AgentHandler) MultiAgentLoopStream(c *gin.Context) {
-	c.Header("Content-Type", "text/event-stream")
+	c.Header("Content-Type", "text/event-stream; charset=utf-8")
 	c.Header("Cache-Control", "no-cache")
 	c.Header("Connection", "keep-alive")
 	if h.config == nil || !h.config.MultiAgent.Enabled {
@@ -242,6 +242,7 @@ func (h *AgentHandler) MultiAgentLoopStream(c *gin.Context) {
 			h.agentsMarkdownDir,
 			orch,
 			chatReasoningToClientIntent(req.Reasoning),
+			h.projectBlackboardBlock(conversationID),
 		)
 
 		if result != nil && len(result.MCPExecutionIDs) > 0 {
@@ -443,6 +444,7 @@ func (h *AgentHandler) MultiAgentLoop(c *gin.Context) {
 		h.agentsMarkdownDir,
 		strings.TrimSpace(req.Orchestration),
 		chatReasoningToClientIntent(req.Reasoning),
+		h.projectBlackboardBlock(prep.ConversationID),
 	)
 	if runErr != nil {
 		if shouldPersistEinoAgentTraceAfterRunError(baseCtx) {

internal/handler/multi_agent_prepare.go

@@ -36,6 +36,7 @@ func (h *AgentHandler) prepareMultiAgentSession(req *ChatRequest, c *gin.Context
 		var conv *database.Conversation
 		var err error
 		meta := audit.ConversationCreateMetaFromGin(c, source)
+		meta.ProjectID = effectiveProjectID(h.config, req.ProjectID)
 		if strings.TrimSpace(req.WebShellConnectionID) != "" {
 			meta.Source = source + "_webshell"
 			meta.WebShellConnectionID = strings.TrimSpace(req.WebShellConnectionID)
@@ -90,6 +91,14 @@ func (h *AgentHandler) prepareMultiAgentSession(req *ChatRequest, c *gin.Context
 			builtin.ToolWebshellFileRead,
 			builtin.ToolWebshellFileWrite,
 			builtin.ToolRecordVulnerability,
+			builtin.ToolListVulnerabilities,
+			builtin.ToolGetVulnerability,
+			builtin.ToolUpsertProjectFact,
+			builtin.ToolGetProjectFact,
+			builtin.ToolListProjectFacts,
+			builtin.ToolSearchProjectFacts,
+			builtin.ToolDeprecateProjectFact,
+			builtin.ToolRestoreProjectFact,
 			builtin.ToolListKnowledgeRiskTypes,
 			builtin.ToolSearchKnowledgeBase,
 		}

internal/handler/openapi.go

@@ -73,8 +73,22 @@ func (h *OpenAPIHandler) GetOpenAPISpec(c *gin.Context) {
 							"description": "对话标题",
 							"example":     "Web应用安全测试",
 						},
+						"projectId": map[string]interface{}{
+							"type":        "string",
+							"description": "绑定的项目 ID（可选，共享事实黑板）",
+						},
 					},
 				},
+				"SetConversationProjectRequest": map[string]interface{}{
+					"type": "object",
+					"properties": map[string]interface{}{
+						"projectId": map[string]interface{}{
+							"type":        "string",
+							"description": "项目 ID；空字符串表示解除绑定",
+						},
+					},
+					"required": []string{"projectId"},
+				},
 				"Conversation": map[string]interface{}{
 					"type": "object",
 					"properties": map[string]interface{}{
@@ -98,6 +112,10 @@ func (h *OpenAPIHandler) GetOpenAPISpec(c *gin.Context) {
 							"format":      "date-time",
 							"description": "更新时间",
 						},
+						"projectId": map[string]interface{}{
+							"type":        "string",
+							"description": "绑定的项目 ID（可选）",
+						},
 					},
 				},
 				"ConversationDetail": map[string]interface{}{
@@ -1326,6 +1344,37 @@ func (h *OpenAPIHandler) GetOpenAPISpec(c *gin.Context) {
 					},
 				},
 			},
+			"/api/conversations/{id}/project": map[string]interface{}{
+				"put": map[string]interface{}{
+					"tags":        []string{"对话管理"},
+					"summary":     "设置对话所属项目",
+					"description": "绑定或解除对话与项目的关联，用于共享事实黑板",
+					"operationId": "setConversationProject",
+					"parameters": []map[string]interface{}{
+						{
+							"name": "id", "in": "path", "required": true,
+							"description": "对话ID",
+							"schema": map[string]interface{}{"type": "string"},
+						},
+					},
+					"requestBody": map[string]interface{}{
+						"required": true,
+						"content": map[string]interface{}{
+							"application/json": map[string]interface{}{
+								"schema": map[string]interface{}{
+									"$ref": "#/components/schemas/SetConversationProjectRequest",
+								},
+							},
+						},
+					},
+					"responses": map[string]interface{}{
+						"200": map[string]interface{}{"description": "设置成功"},
+						"400": map[string]interface{}{"description": "项目不存在或参数错误"},
+						"404": map[string]interface{}{"description": "对话不存在"},
+						"401": map[string]interface{}{"description": "未授权"},
+					},
+				},
+			},
 			"/api/conversations/{id}/results": map[string]interface{}{
 				"get": map[string]interface{}{
 					"tags":        []string{"对话管理"},
@@ -2444,6 +2493,86 @@ func (h *OpenAPIHandler) GetOpenAPISpec(c *gin.Context) {
 					},
 				},
 			},
+			"/api/projects": map[string]interface{}{
+				"get": map[string]interface{}{
+					"tags":        []string{"项目管理"},
+					"summary":     "列出项目",
+					"operationId": "listProjects",
+					"parameters": []map[string]interface{}{
+						{"name": "status", "in": "query", "schema": map[string]interface{}{"type": "string", "enum": []string{"active", "archived"}}},
+						{"name": "limit", "in": "query", "schema": map[string]interface{}{"type": "integer", "default": 200}},
+					},
+					"responses": map[string]interface{}{
+						"200": map[string]interface{}{"description": "项目列表"},
+						"401": map[string]interface{}{"description": "未授权"},
+					},
+				},
+				"post": map[string]interface{}{
+					"tags":        []string{"项目管理"},
+					"summary":     "创建项目",
+					"operationId": "createProject",
+					"requestBody": map[string]interface{}{
+						"required": true,
+						"content": map[string]interface{}{
+							"application/json": map[string]interface{}{
+								"schema": map[string]interface{}{
+									"type": "object",
+									"properties": map[string]interface{}{
+										"name":        map[string]interface{}{"type": "string"},
+										"description": map[string]interface{}{"type": "string"},
+										"scope_json":  map[string]interface{}{"type": "string"},
+									},
+									"required": []string{"name"},
+								},
+							},
+						},
+					},
+					"responses": map[string]interface{}{
+						"200": map[string]interface{}{"description": "创建成功"},
+						"401": map[string]interface{}{"description": "未授权"},
+					},
+				},
+			},
+			"/api/projects/{id}": map[string]interface{}{
+				"get": map[string]interface{}{
+					"tags": []string{"项目管理"}, "summary": "获取项目", "operationId": "getProject",
+					"parameters": []map[string]interface{}{
+						{"name": "id", "in": "path", "required": true, "schema": map[string]interface{}{"type": "string"}},
+					},
+					"responses": map[string]interface{}{"200": map[string]interface{}{"description": "项目详情"}},
+				},
+				"put": map[string]interface{}{
+					"tags": []string{"项目管理"}, "summary": "更新项目", "operationId": "updateProject",
+					"parameters": []map[string]interface{}{
+						{"name": "id", "in": "path", "required": true, "schema": map[string]interface{}{"type": "string"}},
+					},
+					"responses": map[string]interface{}{"200": map[string]interface{}{"description": "更新成功"}},
+				},
+				"delete": map[string]interface{}{
+					"tags": []string{"项目管理"}, "summary": "删除项目", "operationId": "deleteProject",
+					"parameters": []map[string]interface{}{
+						{"name": "id", "in": "path", "required": true, "schema": map[string]interface{}{"type": "string"}},
+					},
+					"responses": map[string]interface{}{"200": map[string]interface{}{"description": "删除成功"}},
+				},
+			},
+			"/api/projects/{id}/facts": map[string]interface{}{
+				"get": map[string]interface{}{
+					"tags": []string{"项目管理"}, "summary": "列出或按 key 获取事实", "operationId": "listProjectFacts",
+					"parameters": []map[string]interface{}{
+						{"name": "id", "in": "path", "required": true, "schema": map[string]interface{}{"type": "string"}},
+						{"name": "fact_key", "in": "query", "schema": map[string]interface{}{"type": "string"}},
+					},
+					"responses": map[string]interface{}{"200": map[string]interface{}{"description": "事实列表或单条"}},
+				},
+				"post": map[string]interface{}{
+					"tags": []string{"项目管理"}, "summary": "创建/更新事实", "operationId": "upsertProjectFactREST",
+					"parameters": []map[string]interface{}{
+						{"name": "id", "in": "path", "required": true, "schema": map[string]interface{}{"type": "string"}},
+					},
+					"responses": map[string]interface{}{"200": map[string]interface{}{"description": "成功"}},
+				},
+			},
 			"/api/vulnerabilities": map[string]interface{}{
 				"get": map[string]interface{}{
 					"tags":        []string{"漏洞管理"},
@@ -2502,6 +2631,15 @@ func (h *OpenAPIHandler) GetOpenAPISpec(c *gin.Context) {
 								"type": "string",
 							},
 						},
+						{
+							"name":        "project_id",
+							"in":          "query",
+							"required":    false,
+							"description": "项目ID",
+							"schema": map[string]interface{}{
+								"type": "string",
+							},
+						},
 						{
 							"name":        "severity",
 							"in":          "query",

internal/handler/project.go

@@ -0,0 +1,400 @@
+package handler
+
+import (
+	"net/http"
+	"strconv"
+	"strings"
+
+	"cyberstrike-ai/internal/database"
+	"cyberstrike-ai/internal/project"
+
+	"github.com/gin-gonic/gin"
+	"go.uber.org/zap"
+)
+
+// ProjectHandler 项目管理处理器。
+type ProjectHandler struct {
+	db     *database.DB
+	logger *zap.Logger
+}
+
+// NewProjectHandler 创建项目管理处理器。
+func NewProjectHandler(db *database.DB, logger *zap.Logger) *ProjectHandler {
+	return &ProjectHandler{db: db, logger: logger}
+}
+
+type createProjectRequest struct {
+	Name        string `json:"name" binding:"required"`
+	Description string `json:"description"`
+	ScopeJSON   string `json:"scope_json"`
+	Status      string `json:"status"`
+}
+
+// updateProjectRequest 部分更新：字段省略表示不修改；传 null 或 "" 可清空字符串字段。
+type updateProjectRequest struct {
+	Name        *string `json:"name"`
+	Description *string `json:"description"`
+	ScopeJSON   *string `json:"scope_json"`
+	Status      *string `json:"status"`
+	Pinned      *bool   `json:"pinned"`
+}
+
+// CreateProject POST /api/projects
+func (h *ProjectHandler) CreateProject(c *gin.Context) {
+	var req createProjectRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	p := &database.Project{
+		Name:        strings.TrimSpace(req.Name),
+		Description: req.Description,
+		ScopeJSON:   req.ScopeJSON,
+		Status:      strings.TrimSpace(req.Status),
+	}
+	created, err := h.db.CreateProject(p)
+	if err != nil {
+		h.logger.Error("创建项目失败", zap.Error(err))
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, created)
+}
+
+// ListProjects GET /api/projects
+func (h *ProjectHandler) ListProjects(c *gin.Context) {
+	status := c.Query("status")
+	limit, _ := strconv.Atoi(c.DefaultQuery("limit", "200"))
+	offset, _ := strconv.Atoi(c.Query("offset"))
+	list, err := h.db.ListProjects(status, limit, offset)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	if list == nil {
+		list = []*database.Project{}
+	}
+	c.JSON(http.StatusOK, list)
+}
+
+// GetProjectStats GET /api/projects/:id/stats
+func (h *ProjectHandler) GetProjectStats(c *gin.Context) {
+	stats, err := project.GetProjectStats(h.db, c.Param("id"))
+	if err != nil {
+		if strings.Contains(err.Error(), "不存在") {
+			c.JSON(http.StatusNotFound, gin.H{"error": "项目不存在"})
+			return
+		}
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, stats)
+}
+
+// ListProjectConversations GET /api/projects/:id/conversations
+func (h *ProjectHandler) ListProjectConversations(c *gin.Context) {
+	projectID := c.Param("id")
+	if _, err := h.db.GetProject(projectID); err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": "项目不存在"})
+		return
+	}
+	limit, _ := strconv.Atoi(c.DefaultQuery("limit", "100"))
+	offset, _ := strconv.Atoi(c.Query("offset"))
+	list, err := h.db.ListConversationsByProjectID(projectID, limit, offset)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	if list == nil {
+		list = []*database.Conversation{}
+	}
+	total, _ := h.db.CountConversationsByProjectID(projectID)
+	c.JSON(http.StatusOK, gin.H{
+		"conversations": list,
+		"total":         total,
+		"limit":         limit,
+		"offset":        offset,
+	})
+}
+
+// GetProject GET /api/projects/:id
+func (h *ProjectHandler) GetProject(c *gin.Context) {
+	p, err := h.db.GetProject(c.Param("id"))
+	if err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": "项目不存在"})
+		return
+	}
+	c.JSON(http.StatusOK, p)
+}
+
+// UpdateProject PUT /api/projects/:id
+func (h *ProjectHandler) UpdateProject(c *gin.Context) {
+	id := c.Param("id")
+	p, err := h.db.GetProject(id)
+	if err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": "项目不存在"})
+		return
+	}
+	var req updateProjectRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	if req.Name != nil {
+		if s := strings.TrimSpace(*req.Name); s != "" {
+			p.Name = s
+		}
+	}
+	if req.Description != nil {
+		p.Description = *req.Description
+	}
+	if req.ScopeJSON != nil {
+		p.ScopeJSON = *req.ScopeJSON
+	}
+	if req.Status != nil {
+		if s := strings.TrimSpace(*req.Status); s != "" {
+			p.Status = s
+		}
+	}
+	if req.Pinned != nil {
+		p.Pinned = *req.Pinned
+	}
+	if err := h.db.UpdateProject(p); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, p)
+}
+
+// DeleteProject DELETE /api/projects/:id
+func (h *ProjectHandler) DeleteProject(c *gin.Context) {
+	if err := h.db.DeleteProject(c.Param("id")); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"success": true})
+}
+
+type upsertFactRequest struct {
+	FactKey                string `json:"fact_key" binding:"required"`
+	Category               string `json:"category"`
+	Summary                string `json:"summary" binding:"required"`
+	Body                   string `json:"body"`
+	Confidence             string `json:"confidence"`
+	Pinned                 bool   `json:"pinned"`
+	RelatedVulnerabilityID string `json:"related_vulnerability_id"`
+}
+
+// updateFactRequest 部分更新事实；指针字段省略=不修改，body 传 "" 可清空（仍走 merge 逻辑见 Upsert）。
+type updateFactRequest struct {
+	FactKey                *string `json:"fact_key"`
+	Category               *string `json:"category"`
+	Summary                *string `json:"summary"`
+	Body                   *string `json:"body"`
+	Confidence             *string `json:"confidence"`
+	Pinned                 *bool   `json:"pinned"`
+	RelatedVulnerabilityID *string `json:"related_vulnerability_id"`
+	ClearBody              bool    `json:"clear_body"`
+}
+
+// ListFacts GET /api/projects/:id/facts （fact_key 查询参数可获取单条详情）
+func (h *ProjectHandler) ListFacts(c *gin.Context) {
+	projectID := c.Param("id")
+	if key := strings.TrimSpace(c.Query("fact_key")); key != "" {
+		f, err := h.db.GetProjectFactByKey(projectID, key)
+		if err != nil {
+			c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
+			return
+		}
+		c.JSON(http.StatusOK, f)
+		return
+	}
+	limit, _ := strconv.Atoi(c.DefaultQuery("limit", "100"))
+	offset, _ := strconv.Atoi(c.Query("offset"))
+	filter := database.ProjectFactListFilter{
+		Category:               c.Query("category"),
+		Confidence:             c.Query("confidence"),
+		Search:                 c.Query("search"),
+		RelatedVulnerabilityID: c.Query("related_vulnerability_id"),
+	}
+	if c.Query("exclude_deprecated") == "1" || c.Query("exclude_deprecated") == "true" {
+		filter.ExcludeDeprecated = true
+	}
+	list, err := h.db.ListProjectFacts(projectID, filter, limit, offset)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	if list == nil {
+		list = []*database.ProjectFact{}
+	}
+	if sparseOnly := c.Query("sparse_only"); sparseOnly == "1" || sparseOnly == "true" {
+		filtered := make([]*database.ProjectFact, 0, len(list))
+		for _, f := range list {
+			if project.IsSparseFactBody(f.Category, f.FactKey, f.Body) {
+				filtered = append(filtered, f)
+			}
+		}
+		list = filtered
+	}
+	c.JSON(http.StatusOK, list)
+}
+
+// GetFactPreviousVersion GET /api/projects/:id/facts/:factId/previous-version
+func (h *ProjectHandler) GetFactPreviousVersion(c *gin.Context) {
+	existing, err := h.db.GetProjectFact(c.Param("factId"))
+	if err != nil || existing.ProjectID != c.Param("id") {
+		c.JSON(http.StatusNotFound, gin.H{"error": "事实不存在"})
+		return
+	}
+	if strings.TrimSpace(existing.SupersedesFactID) == "" {
+		c.JSON(http.StatusNotFound, gin.H{"error": "无上一版本"})
+		return
+	}
+	v, err := h.db.GetProjectFactVersion(existing.SupersedesFactID)
+	if err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, v)
+}
+
+// ListFactVersions GET /api/projects/:id/facts/:factId/versions
+func (h *ProjectHandler) ListFactVersions(c *gin.Context) {
+	existing, err := h.db.GetProjectFact(c.Param("factId"))
+	if err != nil || existing.ProjectID != c.Param("id") {
+		c.JSON(http.StatusNotFound, gin.H{"error": "事实不存在"})
+		return
+	}
+	limit, _ := strconv.Atoi(c.DefaultQuery("limit", "20"))
+	list, err := h.db.ListProjectFactVersions(existing.ID, limit)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	if list == nil {
+		list = []*database.ProjectFactVersion{}
+	}
+	c.JSON(http.StatusOK, list)
+}
+
+// CreateFact POST /api/projects/:id/facts
+func (h *ProjectHandler) CreateFact(c *gin.Context) {
+	var req upsertFactRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	f := &database.ProjectFact{
+		ProjectID:              c.Param("id"),
+		FactKey:                req.FactKey,
+		Category:               req.Category,
+		Summary:                req.Summary,
+		Body:                   req.Body,
+		Confidence:             req.Confidence,
+		Pinned:                 req.Pinned,
+		RelatedVulnerabilityID: req.RelatedVulnerabilityID,
+	}
+	created, err := h.db.UpsertProjectFact(f)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, created)
+}
+
+// UpdateFact PUT /api/projects/:id/facts/:factId
+func (h *ProjectHandler) UpdateFact(c *gin.Context) {
+	existing, err := h.db.GetProjectFact(c.Param("factId"))
+	if err != nil || existing.ProjectID != c.Param("id") {
+		c.JSON(http.StatusNotFound, gin.H{"error": "事实不存在"})
+		return
+	}
+	var req updateFactRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	if req.FactKey != nil {
+		if k := strings.TrimSpace(*req.FactKey); k != "" {
+			existing.FactKey = k
+		}
+	}
+	if req.Category != nil && strings.TrimSpace(*req.Category) != "" {
+		existing.Category = *req.Category
+	}
+	if req.Summary != nil && strings.TrimSpace(*req.Summary) != "" {
+		existing.Summary = *req.Summary
+	}
+	if req.ClearBody {
+		existing.Body = ""
+	} else if req.Body != nil {
+		existing.Body = *req.Body
+	}
+	if req.Confidence != nil && strings.TrimSpace(*req.Confidence) != "" {
+		existing.Confidence = *req.Confidence
+	}
+	if req.Pinned != nil {
+		existing.Pinned = *req.Pinned
+	}
+	if req.RelatedVulnerabilityID != nil {
+		existing.RelatedVulnerabilityID = *req.RelatedVulnerabilityID
+	}
+	updated, err := h.db.UpsertProjectFact(existing)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, updated)
+}
+
+// DeleteFact DELETE /api/projects/:id/facts/:factId
+func (h *ProjectHandler) DeleteFact(c *gin.Context) {
+	existing, err := h.db.GetProjectFact(c.Param("factId"))
+	if err != nil || existing.ProjectID != c.Param("id") {
+		c.JSON(http.StatusNotFound, gin.H{"error": "事实不存在"})
+		return
+	}
+	if err := h.db.DeleteProjectFact(existing.ID); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"success": true})
+}
+
+type deprecateFactRequest struct {
+	FactKey string `json:"fact_key" binding:"required"`
+}
+
+// DeprecateFact POST /api/projects/:id/facts/deprecate
+func (h *ProjectHandler) DeprecateFact(c *gin.Context) {
+	var req deprecateFactRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	if err := h.db.DeprecateProjectFact(c.Param("id"), req.FactKey); err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"success": true})
+}
+
+type restoreFactRequest struct {
+	FactKey    string `json:"fact_key" binding:"required"`
+	Confidence string `json:"confidence"` // 可选：confirmed | tentative，默认 tentative
+}
+
+// RestoreFact POST /api/projects/:id/facts/restore
+func (h *ProjectHandler) RestoreFact(c *gin.Context) {
+	var req restoreFactRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	if err := h.db.RestoreProjectFact(c.Param("id"), req.FactKey, req.Confidence); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"success": true})
+}

internal/handler/project_context.go

@@ -0,0 +1,32 @@
+package handler
+
+import (
+	"strings"
+
+	"cyberstrike-ai/internal/project"
+	"go.uber.org/zap"
+)
+
+// projectBlackboardBlock 根据对话 ID 构建项目事实索引块（用于注入 system prompt）。
+func (h *AgentHandler) projectBlackboardBlock(conversationID string) string {
+	if h == nil || h.db == nil || h.config == nil {
+		return ""
+	}
+	if !h.config.Project.Enabled {
+		return ""
+	}
+	conversationID = strings.TrimSpace(conversationID)
+	if conversationID == "" {
+		return ""
+	}
+	projectID, err := h.db.GetConversationProjectID(conversationID)
+	if err != nil || projectID == "" {
+		return ""
+	}
+	block, err := project.BuildProjectBlackboardBlock(h.db, projectID, h.config.Project)
+	if err != nil {
+		h.logger.Warn("构建项目黑板索引失败", zap.String("conversationId", conversationID), zap.Error(err))
+		return ""
+	}
+	return strings.TrimSpace(block)
+}

internal/handler/project_resolve.go

@@ -0,0 +1,18 @@
+package handler
+
+import (
+	"strings"
+
+	"cyberstrike-ai/internal/config"
+)
+
+// effectiveProjectID 请求/队列显式项目优先，否则使用 config.project.default_project_id。
+func effectiveProjectID(cfg *config.Config, explicit string) string {
+	if pid := strings.TrimSpace(explicit); pid != "" {
+		return pid
+	}
+	if cfg != nil {
+		return strings.TrimSpace(cfg.Project.DefaultProjectID)
+	}
+	return ""
+}

internal/handler/robot.go

@@ -40,8 +40,13 @@ const (
 	robotCmdRoles      = "角色"
 	robotCmdRolesList  = "角色列表"
 	robotCmdSwitchRole = "切换角色"
-	robotCmdDelete     = "删除"
-	robotCmdVersion    = "版本"
+	robotCmdDelete       = "删除"
+	robotCmdVersion      = "版本"
+	robotCmdProjects     = "项目"
+	robotCmdProjectsList = "项目列表"
+	robotCmdBindProject  = "绑定项目"
+	robotCmdNewProject   = "新建项目"
+	robotCmdUnbindProject = "解除项目"
 )
 
 // RobotHandler 企业微信/钉钉/飞书等机器人回调处理
@@ -133,7 +138,9 @@ func (h *RobotHandler) getOrCreateConversation(platform, userID, title string) (
 	} else {
 		t = safeTruncateString(t, 50)
 	}
-	conv, err := h.db.CreateConversation(t, database.ConversationCreateMeta{Source: "robot:" + platform})
+	meta := database.ConversationCreateMeta{Source: "robot:" + platform}
+	meta.ProjectID = effectiveProjectID(h.config, "")
+	conv, err := h.db.CreateConversation(t, meta)
 	if err != nil {
 		h.logger.Warn("创建机器人会话失败", zap.Error(err))
 		return "", false
@@ -188,7 +195,9 @@ func (h *RobotHandler) setRole(platform, userID, roleName string) {
 // clearConversation 清空当前会话（切换到新对话）
 func (h *RobotHandler) clearConversation(platform, userID string) (newConvID string) {
 	title := "新对话 " + time.Now().Format("01-02 15:04")
-	conv, err := h.db.CreateConversation(title, database.ConversationCreateMeta{Source: "robot:" + platform + ":new"})
+	meta := database.ConversationCreateMeta{Source: "robot:" + platform + ":new"}
+	meta.ProjectID = effectiveProjectID(h.config, "")
+	conv, err := h.db.CreateConversation(title, meta)
 	if err != nil {
 		h.logger.Warn("创建新对话失败", zap.Error(err))
 		return ""
@@ -230,7 +239,7 @@ func (h *RobotHandler) HandleMessage(platform, userID, text string) (reply strin
 			_ = h.db.UpdateConversationTitle(convID, newTitle)
 		}
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
+	ctx, cancel := context.WithTimeout(context.Background(), h.robotMessageTimeout())
 	sk := h.sessionKey(platform, userID)
 	h.cancelMu.Lock()
 	h.runningCancels[sk] = cancel
@@ -248,6 +257,9 @@ func (h *RobotHandler) HandleMessage(platform, userID, text string) (reply strin
 		if errors.Is(err, context.Canceled) {
 			return "任务已取消。"
 		}
+		if errors.Is(err, context.DeadlineExceeded) {
+			return "任务执行超时，请稍后重试或精简本次请求范围。"
+		}
 		return "处理失败: " + err.Error()
 	}
 	if newConvID != convID {
@@ -256,22 +268,182 @@ func (h *RobotHandler) HandleMessage(platform, userID, text string) (reply strin
 	return resp
 }
 
+func (h *RobotHandler) robotMessageTimeout() time.Duration {
+	// 机器人整次消息处理超时（与单次工具超时 agent.tool_timeout_minutes 解耦）。
+	return 10 * time.Hour
+}
+
 func (h *RobotHandler) cmdHelp() string {
-	return "**【CyberStrikeAI 机器人命令】**\n\n" +
-		"- `帮助` `help` — 显示本帮助 | Show this help\n" +
-		"- `列表` `list` — 列出所有对话标题与 ID | List conversations\n" +
-		"- `切换 <ID>` `switch <ID>` — 指定对话继续 | Switch to conversation\n" +
-		"- `新对话` `new` — 开启新对话 | Start new conversation\n" +
-		"- `清空` `clear` — 清空当前上下文 | Clear context\n" +
-		"- `当前` `current` — 显示当前对话 ID 与标题 | Show current conversation\n" +
-		"- `停止` `stop` — 中断当前任务 | Stop running task\n" +
-		"- `角色` `roles` — 列出所有可用角色 | List roles\n" +
-		"- `角色 <名>` `role <name>` — 切换当前角色 | Switch role\n" +
-		"- `删除 <ID>` `delete <ID>` — 删除指定对话 | Delete conversation\n" +
-		"- `版本` `version` — 显示当前版本号 | Show version\n\n" +
-		"---\n" +
-		"除以上命令外，直接输入内容将发送给 AI 进行渗透测试/安全分析。\n" +
-		"Otherwise, send any text for AI penetration testing / security analysis."
+	var b strings.Builder
+	b.WriteString("【CyberStrikeAI 机器人命令】\n\n")
+	b.WriteString("【通用 General】\n")
+	b.WriteString("· 帮助 / help — 显示本帮助\n")
+	b.WriteString("· 版本 / version — 显示当前版本号\n")
+	b.WriteString("\n【对话 Conversation】\n")
+	b.WriteString("· 列表 / list — 列出所有对话标题与 ID\n")
+	b.WriteString("· 切换 <ID> / switch <ID> — 指定对话继续\n")
+	b.WriteString("· 新对话 / new — 开启新对话\n")
+	b.WriteString("· 清空 / clear — 清空当前上下文\n")
+	b.WriteString("· 当前 / current — 显示当前对话、角色与项目\n")
+	b.WriteString("· 停止 / stop — 中断当前任务\n")
+	b.WriteString("· 删除 <ID> / delete <ID> — 删除指定对话\n")
+	b.WriteString("\n【角色 Role】\n")
+	b.WriteString("· 角色 / roles — 列出所有可用角色\n")
+	b.WriteString("· 角色 <名> / role <name> — 切换当前角色\n")
+	if h.projectsEnabled() {
+		b.WriteString("\n【项目 Project】\n")
+		b.WriteString("· 项目 / projects — 列出所有项目\n")
+		b.WriteString("· 新建项目 <名称> / new project <name> — 创建并绑定当前对话\n")
+		b.WriteString("· 绑定项目 <ID或名称> / bind project <ID|name> — 绑定到已有项目\n")
+		b.WriteString("· 解除项目 / unbind project — 解除项目绑定\n")
+	}
+	b.WriteString("\n──────────────\n")
+	b.WriteString("除以上命令外，直接输入内容将发送给 AI 进行渗透测试/安全分析。")
+	return b.String()
+}
+
+func (h *RobotHandler) projectsEnabled() bool {
+	return h.config != nil && h.config.Project.Enabled
+}
+
+func (h *RobotHandler) resolveProjectByIDOrName(idOrName string) (*database.Project, string) {
+	idOrName = strings.TrimSpace(idOrName)
+	if idOrName == "" {
+		return nil, "请指定项目 ID 或名称，例如：绑定项目 xxx-xxx"
+	}
+	if p, err := h.db.GetProject(idOrName); err == nil {
+		return p, ""
+	}
+	list, err := h.db.ListProjects("", 200, 0)
+	if err != nil {
+		return nil, "查询项目失败: " + err.Error()
+	}
+	var matches []*database.Project
+	for _, p := range list {
+		if p.Name == idOrName {
+			matches = append(matches, p)
+		}
+	}
+	switch len(matches) {
+	case 0:
+		return nil, fmt.Sprintf("项目「%s」不存在。发送「项目」查看列表。", idOrName)
+	case 1:
+		return matches[0], ""
+	default:
+		var b strings.Builder
+		b.WriteString(fmt.Sprintf("名称「%s」匹配到多个项目，请使用 ID 绑定：\n", idOrName))
+		for _, p := range matches {
+			b.WriteString(fmt.Sprintf("· %s\n  ID: %s\n", p.Name, p.ID))
+		}
+		return nil, strings.TrimSuffix(b.String(), "\n")
+	}
+}
+
+func (h *RobotHandler) formatProjectLabel(projectID string) string {
+	if strings.TrimSpace(projectID) == "" {
+		return "未绑定"
+	}
+	if p, err := h.db.GetProject(projectID); err == nil {
+		return fmt.Sprintf("「%s」 (%s)", p.Name, p.ID)
+	}
+	return projectID
+}
+
+func (h *RobotHandler) cmdProjects() string {
+	if !h.projectsEnabled() {
+		return "项目功能未启用（config.project.enabled）。"
+	}
+	list, err := h.db.ListProjects("", 50, 0)
+	if err != nil {
+		return "获取项目列表失败: " + err.Error()
+	}
+	if len(list) == 0 {
+		return "暂无项目。发送「新建项目 <名称>」创建并绑定到当前对话。"
+	}
+	var b strings.Builder
+	b.WriteString("【项目列表】\n")
+	for i, p := range list {
+		if i >= 20 {
+			b.WriteString("… 仅显示前 20 条\n")
+			break
+		}
+		status := p.Status
+		if status == "" {
+			status = "active"
+		}
+		b.WriteString(fmt.Sprintf("· %s [%s]\n  ID: %s\n", p.Name, status, p.ID))
+	}
+	return strings.TrimSuffix(b.String(), "\n")
+}
+
+func (h *RobotHandler) cmdBindProject(platform, userID, idOrName string) string {
+	if !h.projectsEnabled() {
+		return "项目功能未启用（config.project.enabled）。"
+	}
+	p, errMsg := h.resolveProjectByIDOrName(idOrName)
+	if p == nil {
+		return errMsg
+	}
+	convID, _ := h.getOrCreateConversation(platform, userID, "")
+	if convID == "" {
+		return "无法获取当前对话，请稍后再试。"
+	}
+	if err := h.db.SetConversationProjectID(convID, p.ID); err != nil {
+		return "绑定失败: " + err.Error()
+	}
+	return fmt.Sprintf("已将当前对话绑定到项目：「%s」\nID: %s", p.Name, p.ID)
+}
+
+func (h *RobotHandler) cmdNewProject(platform, userID, name string) string {
+	if !h.projectsEnabled() {
+		return "项目功能未启用（config.project.enabled）。"
+	}
+	name = strings.TrimSpace(name)
+	if name == "" {
+		return "请指定项目名称，例如：新建项目 某目标渗透"
+	}
+	p := &database.Project{Name: name, Status: "active"}
+	created, err := h.db.CreateProject(p)
+	if err != nil {
+		return "创建项目失败: " + err.Error()
+	}
+	convID, _ := h.getOrCreateConversation(platform, userID, name)
+	if convID == "" {
+		return fmt.Sprintf("项目已创建：「%s」\nID: %s\n（绑定当前对话失败，请手动发送「绑定项目 %s」）", created.Name, created.ID, created.ID)
+	}
+	if err := h.db.SetConversationProjectID(convID, created.ID); err != nil {
+		return fmt.Sprintf("项目已创建：「%s」\nID: %s\n绑定失败: %s", created.Name, created.ID, err.Error())
+	}
+	return fmt.Sprintf("已创建项目并绑定当前对话：「%s」\nID: %s", created.Name, created.ID)
+}
+
+func (h *RobotHandler) cmdUnbindProject(platform, userID string) string {
+	if !h.projectsEnabled() {
+		return "项目功能未启用（config.project.enabled）。"
+	}
+	sk := h.sessionKey(platform, userID)
+	h.mu.RLock()
+	convID := h.sessions[sk]
+	h.mu.RUnlock()
+	if convID == "" {
+		if persistedConvID, _ := h.loadSessionBinding(sk); persistedConvID != "" {
+			convID = persistedConvID
+		}
+	}
+	if convID == "" {
+		return "当前没有进行中的对话，无需解除绑定。"
+	}
+	projectID, err := h.db.GetConversationProjectID(convID)
+	if err != nil {
+		return "获取对话项目失败: " + err.Error()
+	}
+	if strings.TrimSpace(projectID) == "" {
+		return "当前对话未绑定项目。"
+	}
+	if err := h.db.SetConversationProjectID(convID, ""); err != nil {
+		return "解除绑定失败: " + err.Error()
+	}
+	return "已解除当前对话的项目绑定。"
 }
 
 func (h *RobotHandler) cmdList() string {
@@ -345,7 +517,12 @@ func (h *RobotHandler) cmdCurrent(platform, userID string) string {
 		return "当前对话 ID: " + convID + "（获取标题失败）"
 	}
 	role := h.getRole(platform, userID)
-	return fmt.Sprintf("当前对话：「%s」\nID: %s\n当前角色: %s", conv.Title, conv.ID, role)
+	reply := fmt.Sprintf("当前对话：「%s」\nID: %s\n当前角色: %s", conv.Title, conv.ID, role)
+	if h.projectsEnabled() {
+		projectID, _ := h.db.GetConversationProjectID(conv.ID)
+		reply += "\n当前项目: " + h.formatProjectLabel(projectID)
+	}
+	return reply
 }
 
 func (h *RobotHandler) cmdRoles() string {
@@ -482,6 +659,26 @@ func (h *RobotHandler) handleRobotCommand(platform, userID, text string) (string
 		return h.cmdDelete(platform, userID, convID), true
 	case text == robotCmdVersion || text == "version":
 		return h.cmdVersion(), true
+	case text == robotCmdProjects || text == robotCmdProjectsList || text == "projects":
+		return h.cmdProjects(), true
+	case text == robotCmdUnbindProject || text == "unbind project":
+		return h.cmdUnbindProject(platform, userID), true
+	case strings.HasPrefix(text, robotCmdNewProject+" ") || strings.HasPrefix(text, "new project "):
+		var name string
+		if strings.HasPrefix(text, robotCmdNewProject+" ") {
+			name = strings.TrimSpace(text[len(robotCmdNewProject)+1:])
+		} else {
+			name = strings.TrimSpace(text[len("new project "):])
+		}
+		return h.cmdNewProject(platform, userID, name), true
+	case strings.HasPrefix(text, robotCmdBindProject+" ") || strings.HasPrefix(text, "bind project "):
+		var idOrName string
+		if strings.HasPrefix(text, robotCmdBindProject+" ") {
+			idOrName = strings.TrimSpace(text[len(robotCmdBindProject)+1:])
+		} else {
+			idOrName = strings.TrimSpace(text[len("bind project "):])
+		}
+		return h.cmdBindProject(platform, userID, idOrName), true
 	default:
 		return "", false
 	}

internal/handler/vulnerability.go

@@ -36,6 +36,7 @@ func NewVulnerabilityHandler(db *database.DB, logger *zap.Logger) *Vulnerability
 // CreateVulnerabilityRequest 创建漏洞请求
 type CreateVulnerabilityRequest struct {
 	ConversationID  string `json:"conversation_id" binding:"required"`
+	ProjectID       string `json:"project_id"`
 	ConversationTag string `json:"conversation_tag"`
 	TaskTag         string `json:"task_tag"`
 	Title           string `json:"title" binding:"required"`
@@ -59,6 +60,7 @@ func (h *VulnerabilityHandler) CreateVulnerability(c *gin.Context) {
 
 	vuln := &database.Vulnerability{
 		ConversationID:  req.ConversationID,
+		ProjectID:       strings.TrimSpace(req.ProjectID),
 		ConversationTag: req.ConversationTag,
 		TaskTag:         req.TaskTag,
 		Title:           req.Title,
@@ -116,6 +118,7 @@ func parseVulnerabilityListFilter(c *gin.Context) database.VulnerabilityListFilt
 		q = strings.TrimSpace(c.Query("search"))
 	}
 	return database.VulnerabilityListFilter{
+		ProjectID: c.Query("project_id"),
 		ID:              c.Query("id"),
 		Search:          q,
 		ConversationID:  c.Query("conversation_id"),
@@ -193,17 +196,18 @@ func (h *VulnerabilityHandler) ListVulnerabilities(c *gin.Context) {
 
 // UpdateVulnerabilityRequest 更新漏洞请求
 type UpdateVulnerabilityRequest struct {
-	ConversationTag string `json:"conversation_tag"`
-	TaskTag         string `json:"task_tag"`
-	Title           string `json:"title"`
-	Description     string `json:"description"`
-	Severity        string `json:"severity"`
-	Status          string `json:"status"`
-	Type            string `json:"type"`
-	Target          string `json:"target"`
-	Proof           string `json:"proof"`
-	Impact          string `json:"impact"`
-	Recommendation  string `json:"recommendation"`
+	ProjectID       *string `json:"project_id"`
+	ConversationTag string  `json:"conversation_tag"`
+	TaskTag         string  `json:"task_tag"`
+	Title           string  `json:"title"`
+	Description     string  `json:"description"`
+	Severity        string  `json:"severity"`
+	Status          string  `json:"status"`
+	Type            string  `json:"type"`
+	Target          string  `json:"target"`
+	Proof           string  `json:"proof"`
+	Impact          string  `json:"impact"`
+	Recommendation  string  `json:"recommendation"`
 }
 
 // UpdateVulnerability 更新漏洞
@@ -224,6 +228,9 @@ func (h *VulnerabilityHandler) UpdateVulnerability(c *gin.Context) {
 	}
 
 	// 更新字段
+	if req.ProjectID != nil {
+		existing.ProjectID = strings.TrimSpace(*req.ProjectID)
+	}
 	if req.ConversationTag != "" {
 		existing.ConversationTag = req.ConversationTag
 	}
@@ -274,7 +281,7 @@ func (h *VulnerabilityHandler) UpdateVulnerability(c *gin.Context) {
 
 	if h.audit != nil {
 		h.audit.RecordOK(c, "vulnerability", "update", "更新漏洞记录", "vulnerability", id, map[string]interface{}{
-			"severity": updated.Severity, "status": updated.Status,
+			"severity": updated.Severity, "status": updated.Status, "project_id": updated.ProjectID,
 		})
 	}
 	c.JSON(http.StatusOK, updated)

internal/handler/webshell.go

@@ -134,6 +134,16 @@ func quoteCmdPath(p string) string {
 	return "\"" + strings.ReplaceAll(p, "\"", "\"\"") + "\""
 }
 
+// normalizeWindowsCmdPath 把前端统一的 "/" 路径转换为 cmd 更稳定识别的 "\"。
+// 仅用于 Windows 命令构造，不改变语义（例如 "." / ".." 会保持不变）。
+func normalizeWindowsCmdPath(p string) string {
+	s := strings.TrimSpace(p)
+	if s == "" {
+		return s
+	}
+	return strings.ReplaceAll(s, "/", "\\")
+}
+
 // quotePsSingle 把字符串按 PowerShell 单引号字符串规则转义（内部 ' → ''）。
 // 供 PowerShell 脚本参数使用，全脚本只用单引号，外层 cmd 再用双引号包裹即可安全传递。
 func quotePsSingle(s string) string {
@@ -198,6 +208,7 @@ func (h *WebShellHandler) buildFileCommand(in fileCommandInput) (string, error)
 			p = "."
 		}
 		if targetOS == "windows" {
+			p = normalizeWindowsCmdPath(p)
 			return "dir /a " + quoteCmdPath(p), nil
 		}
 		return "ls -la " + quoteShellSinglePosix(p), nil
@@ -207,6 +218,7 @@ func (h *WebShellHandler) buildFileCommand(in fileCommandInput) (string, error)
 			return "", errFileOpPathRequired
 		}
 		if targetOS == "windows" {
+			path = normalizeWindowsCmdPath(path)
 			return "type " + quoteCmdPath(path), nil
 		}
 		return "cat " + quoteShellSinglePosix(path), nil
@@ -216,6 +228,7 @@ func (h *WebShellHandler) buildFileCommand(in fileCommandInput) (string, error)
 			return "", errFileOpPathRequired
 		}
 		if targetOS == "windows" {
+			path = normalizeWindowsCmdPath(path)
 			return "del /q /f " + quoteCmdPath(path), nil
 		}
 		return "rm -f " + quoteShellSinglePosix(path), nil
@@ -225,6 +238,7 @@ func (h *WebShellHandler) buildFileCommand(in fileCommandInput) (string, error)
 			return "", errFileOpPathRequired
 		}
 		if targetOS == "windows" {
+			path = normalizeWindowsCmdPath(path)
 			// cmd 的 md 默认会自动创建中间目录（等价于 Linux 的 mkdir -p）
 			return "md " + quoteCmdPath(path), nil
 		}
@@ -237,6 +251,8 @@ func (h *WebShellHandler) buildFileCommand(in fileCommandInput) (string, error)
 			return "", errFileOpRenameNeedsBothPaths
 		}
 		if targetOS == "windows" {
+			oldPath = normalizeWindowsCmdPath(oldPath)
+			newPath = normalizeWindowsCmdPath(newPath)
 			return "move /y " + quoteCmdPath(oldPath) + " " + quoteCmdPath(newPath), nil
 		}
 		return "mv -f " + quoteShellSinglePosix(oldPath) + " " + quoteShellSinglePosix(newPath), nil
@@ -249,6 +265,7 @@ func (h *WebShellHandler) buildFileCommand(in fileCommandInput) (string, error)
 		// 这样既能写入任意二进制/含引号的文本，又避免各家 shell 的转义地狱。
 		b64 := base64.StdEncoding.EncodeToString([]byte(in.Content))
 		if targetOS == "windows" {
+			path = normalizeWindowsCmdPath(path)
 			return buildWindowsPowerShellWrite(path, b64), nil
 		}
 		return "echo '" + b64 + "' | base64 -d > " + quoteShellSinglePosix(path), nil
@@ -261,6 +278,7 @@ func (h *WebShellHandler) buildFileCommand(in fileCommandInput) (string, error)
 			return "", errFileOpUploadTooLarge
 		}
 		if targetOS == "windows" {
+			path = normalizeWindowsCmdPath(path)
 			return buildWindowsPowerShellWrite(path, in.Content), nil
 		}
 		return "echo '" + in.Content + "' | base64 -d > " + quoteShellSinglePosix(path), nil
@@ -270,6 +288,7 @@ func (h *WebShellHandler) buildFileCommand(in fileCommandInput) (string, error)
 			return "", errFileOpPathRequired
 		}
 		if targetOS == "windows" {
+			path = normalizeWindowsCmdPath(path)
 			if in.ChunkIndex == 0 {
 				return buildWindowsPowerShellWrite(path, in.Content), nil
 			}

internal/handler/webshell_context.go

@@ -15,7 +15,7 @@ const WebshellSkillHintMultiAgent = "Skills 包请使用 Eino 多代理内置 `s
 
 // webshellAssistantToolList AI 助手在 WebShell 上下文下允许使用的工具清单（展示给模型用）。
 // 注意：此处只是展示字符串，真正的权限限制是在调用方设置的 roleTools 切片里。
-const webshellAssistantToolList = "webshell_exec、webshell_file_list、webshell_file_read、webshell_file_write、record_vulnerability、list_knowledge_risk_types、search_knowledge_base"
+const webshellAssistantToolList = "webshell_exec、webshell_file_list、webshell_file_read、webshell_file_write、record_vulnerability、list_vulnerabilities、get_vulnerability、upsert_project_fact、get_project_fact、list_project_facts、search_project_facts、deprecate_project_fact、restore_project_fact、list_knowledge_risk_types、search_knowledge_base"
 
 // BuildWebshellAssistantContext 根据连接信息与用户原始消息组装 AI 助手的上下文提示词。
 // 上下文包含：连接 ID、备注、目标系统（及对应命令集建议）、响应编码、可用工具清单、Skills 加载入口、
@@ -65,7 +65,7 @@ func BuildWebshellAssistantContext(conn *database.WebShellConnection, skillHint,
 	b.WriteString(conn.ID)
 	b.WriteString("\"）：")
 	b.WriteString(webshellAssistantToolList)
-	b.WriteString("。")
+	b.WriteString("。边渗透边记录：每确认新认知即 upsert_project_fact，每验证漏洞即 record_vulnerability，勿等会话结束。")
 	b.WriteString(skillHint)
 	b.WriteString("\n\n用户请求：")
 	b.WriteString(userMsg)

internal/mcp/builtin/constants.go

@@ -4,7 +4,17 @@ package builtin
 // 所有代码中使用内置工具名称的地方都应该使用这些常量，而不是硬编码字符串
 const (
 	// 漏洞管理工具
-	ToolRecordVulnerability = "record_vulnerability"
+	ToolRecordVulnerability  = "record_vulnerability"
+	ToolListVulnerabilities  = "list_vulnerabilities"
+	ToolGetVulnerability     = "get_vulnerability"
+
+	// 项目黑板（事实）工具
+	ToolUpsertProjectFact    = "upsert_project_fact"
+	ToolGetProjectFact       = "get_project_fact"
+	ToolListProjectFacts     = "list_project_facts"
+	ToolSearchProjectFacts   = "search_project_facts"
+	ToolDeprecateProjectFact = "deprecate_project_fact"
+	ToolRestoreProjectFact   = "restore_project_fact"
 
 	// 知识库工具
 	ToolListKnowledgeRiskTypes = "list_knowledge_risk_types"
@@ -53,6 +63,14 @@ const (
 func IsBuiltinTool(toolName string) bool {
 	switch toolName {
 	case ToolRecordVulnerability,
+		ToolListVulnerabilities,
+		ToolGetVulnerability,
+		ToolUpsertProjectFact,
+		ToolGetProjectFact,
+		ToolListProjectFacts,
+		ToolSearchProjectFacts,
+		ToolDeprecateProjectFact,
+		ToolRestoreProjectFact,
 		ToolListKnowledgeRiskTypes,
 		ToolSearchKnowledgeBase,
 		ToolWebshellExec,
@@ -96,6 +114,14 @@ func IsBuiltinTool(toolName string) bool {
 func GetAllBuiltinTools() []string {
 	return []string{
 		ToolRecordVulnerability,
+		ToolListVulnerabilities,
+		ToolGetVulnerability,
+		ToolUpsertProjectFact,
+		ToolGetProjectFact,
+		ToolListProjectFacts,
+		ToolSearchProjectFacts,
+		ToolDeprecateProjectFact,
+		ToolRestoreProjectFact,
 		ToolListKnowledgeRiskTypes,
 		ToolSearchKnowledgeBase,
 		ToolWebshellExec,

internal/multiagent/eino_adk_run_loop.go

@@ -184,14 +184,19 @@ func runEinoADKAgentLoop(ctx context.Context, args *einoADKRunLoopArgs, baseMsgs
 	mainAgentToolStep := make(map[string]int)
 	pendingByID := make(map[string]toolCallPendingInfo)
 	pendingQueueByAgent := make(map[string][]string)
+	var pendingMu sync.Mutex
 	markPending := func(tc toolCallPendingInfo) {
 		if tc.ToolCallID == "" {
 			return
 		}
+		pendingMu.Lock()
+		defer pendingMu.Unlock()
 		pendingByID[tc.ToolCallID] = tc
 		pendingQueueByAgent[tc.EinoAgent] = append(pendingQueueByAgent[tc.EinoAgent], tc.ToolCallID)
 	}
 	popNextPendingForAgent := func(agentName string) (toolCallPendingInfo, bool) {
+		pendingMu.Lock()
+		defer pendingMu.Unlock()
 		q := pendingQueueByAgent[agentName]
 		for len(q) > 0 {
 			id := q[0]
@@ -208,19 +213,42 @@ func runEinoADKAgentLoop(ctx context.Context, args *einoADKRunLoopArgs, baseMsgs
 		if toolCallID == "" {
 			return
 		}
+		pendingMu.Lock()
+		defer pendingMu.Unlock()
 		delete(pendingByID, toolCallID)
 	}
+	popAnyPending := func() (toolCallPendingInfo, bool) {
+		pendingMu.Lock()
+		defer pendingMu.Unlock()
+		for id, tc := range pendingByID {
+			delete(pendingByID, id)
+			return tc, true
+		}
+		return toolCallPendingInfo{}, false
+	}
+	pendingCount := func() int {
+		pendingMu.Lock()
+		defer pendingMu.Unlock()
+		return len(pendingByID)
+	}
 	flushAllPendingAsFailed := func(err error) {
+		pendingMu.Lock()
+		pendingSnapshot := make([]toolCallPendingInfo, 0, len(pendingByID))
+		for _, tc := range pendingByID {
+			pendingSnapshot = append(pendingSnapshot, tc)
+		}
+		pendingByID = make(map[string]toolCallPendingInfo)
+		pendingQueueByAgent = make(map[string][]string)
+		pendingMu.Unlock()
+
 		if progress == nil {
-			pendingByID = make(map[string]toolCallPendingInfo)
-			pendingQueueByAgent = make(map[string][]string)
 			return
 		}
 		msg := ""
 		if err != nil {
 			msg = err.Error()
 		}
-		for _, tc := range pendingByID {
+		for _, tc := range pendingSnapshot {
 			toolName := tc.ToolName
 			if strings.TrimSpace(toolName) == "" {
 				toolName = "unknown"
@@ -238,8 +266,6 @@ func runEinoADKAgentLoop(ctx context.Context, args *einoADKRunLoopArgs, baseMsgs
 				"source":         "eino",
 			})
 		}
-		pendingByID = make(map[string]toolCallPendingInfo)
-		pendingQueueByAgent = make(map[string][]string)
 	}
 
 	// 最近一次成功的 Eino filesystem execute 的标准输出（trim）：用于抑制模型紧接着复述同一字符串时的重复「助手输出」时间线。
@@ -319,7 +345,9 @@ func runEinoADKAgentLoop(ctx context.Context, args *einoADKRunLoopArgs, baseMsgs
 	}
 
 	runnerCfg := adk.RunnerConfig{
-		Agent:           da,
+		Agent: da,
+		// 启用 ADK 流式事件：plan_execute 也需要输出 reasoning/response 流，
+		// 与 deep/supervisor/eino_single 的前端体验保持一致。
 		EnableStreaming: true,
 	}
 	var cpStore *fileCheckPointStore
@@ -519,8 +547,7 @@ func runEinoADKAgentLoop(ctx context.Context, args *einoADKRunLoopArgs, baseMsgs
 				}
 				return takePartial(ctxErr)
 			}
-			if len(pendingByID) > 0 {
-				orphanCount := len(pendingByID)
+			if orphanCount := pendingCount(); orphanCount > 0 {
 				flushAllPendingAsFailed(errors.New("pending tool call missing result before run completion"))
 				if progress != nil {
 					progress("eino_pending_orphaned", "pending tool calls were force-closed at run end", map[string]interface{}{
@@ -957,12 +984,8 @@ func runEinoADKAgentLoop(ctx context.Context, args *einoADKRunLoopArgs, baseMsgs
 					toolCallID = inferred.ToolCallID
 				} else if inferred, ok := popNextPendingForAgent(""); ok {
 					toolCallID = inferred.ToolCallID
-				} else {
-					for id := range pendingByID {
-						toolCallID = id
-						delete(pendingByID, id)
-						break
-					}
+				} else if inferred, ok := popAnyPending(); ok {
+					toolCallID = inferred.ToolCallID
 				}
 			}
 			if toolCallID != "" {

internal/multiagent/eino_orchestration.go

@@ -59,6 +59,7 @@ func NewPlanExecuteRoot(ctx context.Context, a *PlanExecuteRootArgs) (adk.Resuma
 	}
 	plannerCfg := &planexecute.PlannerConfig{
 		ToolCallingChatModel: tcm,
+		NewPlan:              newLenientPlan,
 	}
 	if fn := planExecutePlannerGenInput(a.OrchInstruction, a.AppCfg, a.MwCfg, a.Logger, a.ModelName, a.ConversationID, a.PlannerReplannerRewriteHandlers); fn != nil {
 		plannerCfg.GenInputFn = fn
@@ -70,6 +71,7 @@ func NewPlanExecuteRoot(ctx context.Context, a *PlanExecuteRootArgs) (adk.Resuma
 	replanner, err := planexecute.NewReplanner(ctx, &planexecute.ReplannerConfig{
 		ChatModel:  tcm,
 		GenInputFn: planExecuteReplannerGenInput(a.OrchInstruction, a.AppCfg, a.MwCfg, a.Logger, a.ModelName, a.ConversationID, a.PlannerReplannerRewriteHandlers),
+		NewPlan:    newLenientPlan,
 	})
 	if err != nil {
 		return nil, fmt.Errorf("plan_execute replanner: %w", err)
@@ -146,14 +148,12 @@ func planExecutePlannerGenInput(
 	}
 	return func(ctx context.Context, userInput []adk.Message) ([]adk.Message, error) {
 		userInput = capPlanExecuteUserInputMessages(userInput, appCfg, mwCfg)
-		msgs := make([]adk.Message, 0, 1+len(userInput))
-		if oi != "" {
-			msgs = append(msgs, schema.SystemMessage(oi))
-		}
+		msgs := make([]adk.Message, 0, len(userInput))
 		msgs = append(msgs, userInput...)
 		if rewritten, rerr := applyBeforeModelRewriteHandlers(ctx, msgs, rewriteHandlers); rerr == nil && len(rewritten) > 0 {
 			msgs = rewritten
 		}
+		msgs = normalizeSingleLeadingSystemMessage(msgs, oi)
 		logPlanExecuteModelInputEstimate(logger, modelName, conversationID, "plan_execute_planner", msgs)
 		return msgs, nil
 	}
@@ -182,9 +182,7 @@ func planExecuteExecutorGenInput(
 		if err != nil {
 			return nil, err
 		}
-		if oi != "" {
-			userMsgs = append([]adk.Message{schema.SystemMessage(oi)}, userMsgs...)
-		}
+		userMsgs = normalizeSingleLeadingSystemMessage(userMsgs, oi)
 		logPlanExecuteModelInputEstimate(logger, modelName, conversationID, "plan_execute_executor_gen_input", userMsgs)
 		return userMsgs, nil
 	}
@@ -231,17 +229,54 @@ func planExecuteReplannerGenInput(
 		if err != nil {
 			return nil, err
 		}
-		if oi != "" {
-			msgs = append([]adk.Message{schema.SystemMessage(oi)}, msgs...)
-		}
 		if rewritten, rerr := applyBeforeModelRewriteHandlers(ctx, msgs, rewriteHandlers); rerr == nil && len(rewritten) > 0 {
 			msgs = rewritten
 		}
+		msgs = normalizeSingleLeadingSystemMessage(msgs, oi)
 		logPlanExecuteModelInputEstimate(logger, modelName, conversationID, "plan_execute_replanner", msgs)
 		return msgs, nil
 	}
 }
 
+// normalizeSingleLeadingSystemMessage enforces a provider-friendly message shape:
+// exactly one system message at index 0 (when any system context exists).
+// For strict OpenAI-compatible backends (e.g. qwen/vllm templates), this avoids
+// "System message must be at the beginning" caused by multiple/disordered system messages.
+func normalizeSingleLeadingSystemMessage(msgs []adk.Message, extraSystem string) []adk.Message {
+	extraSystem = strings.TrimSpace(extraSystem)
+	if len(msgs) == 0 {
+		if extraSystem == "" {
+			return msgs
+		}
+		return []adk.Message{schema.SystemMessage(extraSystem)}
+	}
+
+	systemParts := make([]string, 0, 2)
+	if extraSystem != "" {
+		systemParts = append(systemParts, extraSystem)
+	}
+	nonSystem := make([]adk.Message, 0, len(msgs))
+	for _, msg := range msgs {
+		if msg == nil {
+			continue
+		}
+		if msg.Role == schema.System {
+			if s := strings.TrimSpace(msg.Content); s != "" {
+				systemParts = append(systemParts, s)
+			}
+			continue
+		}
+		nonSystem = append(nonSystem, msg)
+	}
+	if len(systemParts) == 0 {
+		return nonSystem
+	}
+	out := make([]adk.Message, 0, len(nonSystem)+1)
+	out = append(out, schema.SystemMessage(strings.Join(systemParts, "\n\n")))
+	out = append(out, nonSystem...)
+	return out
+}
+
 func capPlanExecuteUserInputMessages(input []adk.Message, appCfg *config.Config, mwCfg *config.MultiAgentEinoMiddlewareConfig) []adk.Message {
 	if len(input) == 0 {
 		return input

internal/multiagent/eino_orchestration_system_message_test.go

@@ -0,0 +1,45 @@
+package multiagent
+
+import (
+	"testing"
+
+	"github.com/cloudwego/eino/adk"
+	"github.com/cloudwego/eino/schema"
+)
+
+func TestNormalizeSingleLeadingSystemMessage_MergesMultipleSystems(t *testing.T) {
+	in := []adk.Message{
+		schema.SystemMessage("sys-1"),
+		schema.UserMessage("u1"),
+		schema.SystemMessage("sys-2"),
+		schema.AssistantMessage("a1", nil),
+	}
+	out := normalizeSingleLeadingSystemMessage(in, "orch")
+	if len(out) != 3 {
+		t.Fatalf("unexpected output length: got %d want 3", len(out))
+	}
+	if out[0].Role != schema.System {
+		t.Fatalf("first message role must be system, got %s", out[0].Role)
+	}
+	if got := out[0].Content; got != "orch\n\nsys-1\n\nsys-2" {
+		t.Fatalf("unexpected merged system content: %q", got)
+	}
+	if out[1].Role != schema.User || out[2].Role != schema.Assistant {
+		t.Fatalf("non-system message order changed unexpectedly")
+	}
+}
+
+func TestNormalizeSingleLeadingSystemMessage_NoSystemKeepsFlow(t *testing.T) {
+	in := []adk.Message{
+		schema.UserMessage("u1"),
+		schema.AssistantMessage("a1", nil),
+	}
+	out := normalizeSingleLeadingSystemMessage(in, "")
+	if len(out) != 2 {
+		t.Fatalf("unexpected output length: got %d want 2", len(out))
+	}
+	if out[0].Role != schema.User || out[1].Role != schema.Assistant {
+		t.Fatalf("message order changed unexpectedly")
+	}
+}
+

internal/multiagent/eino_single_runner.go

@@ -13,6 +13,7 @@ import (
 	"cyberstrike-ai/internal/config"
 	"cyberstrike-ai/internal/einomcp"
 	"cyberstrike-ai/internal/openai"
+	"cyberstrike-ai/internal/project"
 	"cyberstrike-ai/internal/reasoning"
 
 	einoopenai "github.com/cloudwego/eino-ext/components/model/openai"
@@ -38,6 +39,7 @@ func RunEinoSingleChatModelAgent(
 	roleTools []string,
 	progress func(eventType, message string, data interface{}),
 	reasoningClient *reasoning.ClientIntent,
+	systemPromptExtra string,
 ) (*RunResult, error) {
 	if appCfg == nil || ag == nil {
 		return nil, fmt.Errorf("eino single: 配置或 Agent 为空")
@@ -177,7 +179,8 @@ func RunEinoSingleChatModelAgent(
 		},
 		EmitInternalEvents: true,
 	}
-	ins := injectToolNamesOnlyInstruction(ctx, ag.EinoSingleAgentSystemInstruction(), mainTools, singleToolSearchActive)
+	ins := project.AppendSystemPromptBlock(ag.EinoSingleAgentSystemInstruction(), systemPromptExtra)
+	ins = injectToolNamesOnlyInstruction(ctx, ins, mainTools, singleToolSearchActive)
 	if logger != nil {
 		names := collectToolNames(ctx, mainTools)
 		mountedNames := collectToolNames(ctx, mainToolsForCfg)

internal/multiagent/eino_transient_retry.go

@@ -3,6 +3,7 @@ package multiagent
 import (
 	"context"
 	"errors"
+	"io"
 	"strings"
 	"time"
 
@@ -23,6 +24,10 @@ func isEinoTransientRunError(err error) bool {
 	if err == nil {
 		return false
 	}
+	// io.EOF 常见于流式正常收尾，不应触发分段重试。
+	if errors.Is(err, io.EOF) {
+		return false
+	}
 	if errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded) {
 		return false
 	}
@@ -55,7 +60,6 @@ func isEinoTransientRunError(err error) bool {
 		"no such host",
 		"network is unreachable",
 		"broken pipe",
-		"eof",
 		"read tcp",
 		"write tcp",
 		"dial tcp",

internal/multiagent/eino_transient_retry_test.go

@@ -3,6 +3,7 @@ package multiagent
 import (
 	"context"
 	"errors"
+	"io"
 	"testing"
 	"time"
 
@@ -18,9 +19,12 @@ func TestIsEinoTransientRunError(t *testing.T) {
 		want bool
 	}{
 		{"nil", nil, false},
+		{"io eof", io.EOF, false},
+		{"plain eof text", errors.New("EOF"), false},
 		{"429", errors.New("HTTP 429 Too Many Requests"), true},
 		{"rate limit", errors.New(`{"error":"rate limit exceeded"}`), true},
 		{"connection reset", errors.New("read tcp: connection reset by peer"), true},
+		{"unexpected eof", errors.New("unexpected EOF"), true},
 		{"503", errors.New("upstream returned 503"), true},
 		{"iteration limit", errors.New("max iteration reached"), false},
 		{"canceled", context.Canceled, false},

internal/multiagent/orchestrator_instruction.go

@@ -5,7 +5,7 @@ import (
 
 	"cyberstrike-ai/internal/agents"
 	"cyberstrike-ai/internal/config"
-	"cyberstrike-ai/internal/mcp/builtin"
+	"cyberstrike-ai/internal/project"
 )
 
 // DefaultPlanExecuteOrchestratorInstruction 当未配置 plan_execute 专用 Markdown / YAML 时的内置主代理（规划/重规划侧）提示。
@@ -106,16 +106,14 @@ func DefaultPlanExecuteOrchestratorInstruction() string {
 
 当工具返回错误时，错误信息会包含在工具响应中，请仔细阅读并做出合理的决策。
 
-## 漏洞记录
+` + project.FactRecordingBlackboardSection(true) + `
 
-发现有效漏洞时，必须使用 ` + builtin.ToolRecordVulnerability + ` 记录：标题、描述、严重程度、类型、目标、证明（POC）、影响、修复建议。
-
-严重程度：critical / high / medium / low / info。证明须含足够证据（请求响应、截图、命令输出等）。记录后可在授权范围内继续测试。
+- **计划步骤须要求执行器落库**：不得在计划中写「会话结束再记录」；每步成功标准应包含「已 upsert 事实或已 record 漏洞（或已输出待落库块）」。
 
 ## 技能库（Skills）与知识库
 
 - 技能包位于服务器 skills/ 目录（各子目录 SKILL.md，遵循 agentskills.io）；知识库用于向量检索片段，Skills 为可执行工作流指令。
-- plan_execute 执行器通过 MCP 使用知识库与漏洞记录等；Skills 的渐进式加载在「多代理 / Eino DeepAgent」等模式中由内置 skill 工具完成（需 multi_agent.eino_skills）。
+- plan_execute 执行器通过 MCP 使用知识库、项目事实与漏洞记录等；Skills 的渐进式加载在「多代理 / Eino DeepAgent」等模式中由内置 skill 工具完成（需 multi_agent.eino_skills）。
 - 若需要完整 Skill 工作流而当前会话无 skill 工具，请在计划或对用户说明中建议切换多代理或 Eino 编排会话。
 
 ## 执行器对用户输出（重要）
@@ -206,7 +204,8 @@ func DefaultSupervisorOrchestratorInstruction() string {
 - **委派优先**：可独立封装、需要专项上下文的子目标（枚举、验证、归纳、报告素材）优先 transfer 给匹配子代理，并在委派说明中写清：子目标、约束、期望交付物结构、证据要求。
 - **亲自执行**：仅当无合适专家、需全局衔接或子代理结果不足时，由你直接调用工具。
 - **汇总**：子代理输出是证据来源；你要对齐矛盾、补全上下文，给出统一结论与可复现验证步骤，避免机械拼接。
-- **漏洞**：有效漏洞应通过 ` + builtin.ToolRecordVulnerability + ` 记录（含 POC 与严重性：critical / high / medium / low / info）。
+
+` + project.FactRecordingBlackboardSection(true) + `
 
 ## transfer 交接与防重复劳动
 

internal/multiagent/plan_execute_lenient_plan.go

@@ -0,0 +1,157 @@
+package multiagent
+
+import (
+	"context"
+	"encoding/json"
+	"strings"
+
+	"github.com/cloudwego/eino/adk/prebuilt/planexecute"
+)
+
+// lenientPlan keeps plan_execute running even when model tool arguments contain minor JSON defects.
+// It first tries strict JSON, then falls back to lightweight step extraction heuristics.
+type lenientPlan struct {
+	Steps []string `json:"steps"`
+}
+
+func newLenientPlan(context.Context) planexecute.Plan {
+	return &lenientPlan{}
+}
+
+func (p *lenientPlan) FirstStep() string {
+	if p == nil || len(p.Steps) == 0 {
+		return ""
+	}
+	return p.Steps[0]
+}
+
+func (p *lenientPlan) MarshalJSON() ([]byte, error) {
+	type alias lenientPlan
+	return json.Marshal((*alias)(p))
+}
+
+func (p *lenientPlan) UnmarshalJSON(b []byte) error {
+	type alias lenientPlan
+	var strict alias
+	if err := json.Unmarshal(b, &strict); err == nil {
+		strict.Steps = normalizePlanSteps(strict.Steps)
+		if len(strict.Steps) > 0 {
+			*p = lenientPlan(strict)
+			return nil
+		}
+	}
+
+	steps := extractPlanStepsLenient(string(b))
+	if len(steps) == 0 {
+		steps = []string{"继续按当前目标执行下一步，并输出可验证证据。"}
+	}
+	p.Steps = steps
+	return nil
+}
+
+func extractPlanStepsLenient(raw string) []string {
+	s := strings.TrimSpace(stripCodeFence(raw))
+	if s == "" {
+		return nil
+	}
+
+	if extracted, ok := sliceByStepsArray(s); ok {
+		var arr []string
+		if err := json.Unmarshal([]byte(extracted), &arr); err == nil {
+			arr = normalizePlanSteps(arr)
+			if len(arr) > 0 {
+				return arr
+			}
+		}
+		if arr := splitStepsHeuristically(strings.Trim(extracted, "[]")); len(arr) > 0 {
+			return arr
+		}
+	}
+
+	// Last-resort: treat plaintext body as one actionable step.
+	s = strings.TrimSpace(s)
+	if s == "" {
+		return nil
+	}
+	return []string{s}
+}
+
+func sliceByStepsArray(s string) (string, bool) {
+	lower := strings.ToLower(s)
+	key := `"steps"`
+	i := strings.Index(lower, key)
+	if i < 0 {
+		return "", false
+	}
+	start := strings.Index(s[i:], "[")
+	if start < 0 {
+		return "", false
+	}
+	start += i
+	depth := 0
+	for j := start; j < len(s); j++ {
+		switch s[j] {
+		case '[':
+			depth++
+		case ']':
+			depth--
+			if depth == 0 {
+				return s[start : j+1], true
+			}
+		}
+	}
+	return "", false
+}
+
+func splitStepsHeuristically(body string) []string {
+	body = strings.ReplaceAll(body, "\r\n", "\n")
+	body = strings.ReplaceAll(body, "\\n", "\n")
+	var parts []string
+	if strings.Contains(body, "\n") {
+		for _, line := range strings.Split(body, "\n") {
+			parts = append(parts, line)
+		}
+	} else {
+		for _, seg := range strings.Split(body, ",") {
+			parts = append(parts, seg)
+		}
+	}
+
+	out := make([]string, 0, len(parts))
+	for _, part := range parts {
+		t := strings.TrimSpace(part)
+		t = strings.Trim(t, "\"'`")
+		t = strings.TrimLeft(t, "-*0123456789.、 \t")
+		t = strings.TrimSpace(strings.ReplaceAll(t, `\"`, `"`))
+		if t == "" {
+			continue
+		}
+		out = append(out, t)
+	}
+	return normalizePlanSteps(out)
+}
+
+func normalizePlanSteps(in []string) []string {
+	out := make([]string, 0, len(in))
+	for _, step := range in {
+		t := strings.TrimSpace(step)
+		if t == "" {
+			continue
+		}
+		out = append(out, t)
+	}
+	return out
+}
+
+func stripCodeFence(s string) string {
+	s = strings.TrimSpace(s)
+	if !strings.HasPrefix(s, "```") {
+		return s
+	}
+	s = strings.TrimPrefix(s, "```json")
+	s = strings.TrimPrefix(s, "```JSON")
+	s = strings.TrimPrefix(s, "```")
+	s = strings.TrimSuffix(strings.TrimSpace(s), "```")
+	return strings.TrimSpace(s)
+}
+

internal/multiagent/runner.go

@@ -17,6 +17,7 @@ import (
 	"cyberstrike-ai/internal/config"
 	"cyberstrike-ai/internal/einomcp"
 	"cyberstrike-ai/internal/openai"
+	"cyberstrike-ai/internal/project"
 	"cyberstrike-ai/internal/reasoning"
 
 	einoopenai "github.com/cloudwego/eino-ext/components/model/openai"
@@ -64,6 +65,7 @@ func RunDeepAgent(
 	agentsMarkdownDir string,
 	orchestrationOverride string,
 	reasoningClient *reasoning.ClientIntent,
+	systemPromptExtra string,
 ) (*RunResult, error) {
 	if appCfg == nil || ma == nil || ag == nil {
 		return nil, fmt.Errorf("multiagent: 配置或 Agent 为空")
@@ -339,6 +341,7 @@ func RunDeepAgent(
 		return nil, err
 	}
 
+	orchInstruction = project.AppendSystemPromptBlock(orchInstruction, systemPromptExtra)
 	orchInstruction = injectToolNamesOnlyInstruction(ctx, orchInstruction, mainTools, mainToolSearchActive)
 	if logger != nil {
 		mainNames := collectToolNames(ctx, mainTools)
@@ -387,7 +390,8 @@ func RunDeepAgent(
 
 	// noNestedTaskMiddleware 必须在最外层（最先拦截），防止 skill 或其他中间件内部触发 task 调用绕过检测。
 	deepHandlers := []adk.ChatModelAgentMiddleware{newNoNestedTaskMiddleware()}
-	if mw := newTaskContextEnrichMiddleware(userMessage, history, ma.SubAgentUserContextMaxRunes); mw != nil {
+	taskEnrichExtra := systemPromptExtra
+	if mw := newTaskContextEnrichMiddleware(userMessage, history, ma.SubAgentUserContextMaxRunes, taskEnrichExtra); mw != nil {
 		deepHandlers = append(deepHandlers, mw)
 	}
 	if len(mainOrchestratorPre) > 0 {

internal/multiagent/sub_agent_context.go

@@ -30,8 +30,15 @@ type taskContextEnrichMiddleware struct {
 // newTaskContextEnrichMiddleware returns a middleware that enriches task
 // descriptions with user conversation context. Returns nil if disabled
 // (maxRunes < 0) or no user messages exist.
-func newTaskContextEnrichMiddleware(userMessage string, history []agent.ChatMessage, maxRunes int) adk.ChatModelAgentMiddleware {
+func newTaskContextEnrichMiddleware(userMessage string, history []agent.ChatMessage, maxRunes int, projectBlackboard string) adk.ChatModelAgentMiddleware {
 	supplement := buildUserContextSupplement(userMessage, history, maxRunes)
+	if bb := strings.TrimSpace(projectBlackboard); bb != "" {
+		if supplement != "" {
+			supplement += "\n\n## 项目黑板索引\n" + bb
+		} else {
+			supplement = "\n\n## 项目黑板索引\n" + bb
+		}
+	}
 	if supplement == "" {
 		return nil
 	}

internal/multiagent/sub_agent_context_test.go

@@ -105,6 +105,7 @@ func TestTaskContextEnrichMiddleware_EnrichesTaskDescription(t *testing.T) {
 		"继续测试",
 		[]agent.ChatMessage{{Role: "user", Content: "http://8.163.32.73:8081 pikachu靶场"}},
 		0,
+		"",
 	)
 	if mw == nil {
 		t.Fatal("expected non-nil middleware")
@@ -149,7 +150,7 @@ func TestTaskContextEnrichMiddleware_EnrichesTaskDescription(t *testing.T) {
 }
 
 func TestTaskContextEnrichMiddleware_IgnoresNonTaskTools(t *testing.T) {
-	mw := newTaskContextEnrichMiddleware("test", nil, 0)
+	mw := newTaskContextEnrichMiddleware("test", nil, 0, "")
 	if mw == nil {
 		t.Fatal("expected non-nil middleware")
 	}
@@ -175,7 +176,7 @@ func TestTaskContextEnrichMiddleware_IgnoresNonTaskTools(t *testing.T) {
 }
 
 func TestTaskContextEnrichMiddleware_NilWhenDisabled(t *testing.T) {
-	mw := newTaskContextEnrichMiddleware("test", nil, -1)
+	mw := newTaskContextEnrichMiddleware("test", nil, -1, "")
 	if mw != nil {
 		t.Error("middleware should be nil when disabled")
 	}

internal/project/blackboard.go

@@ -0,0 +1,78 @@
+package project
+
+import (
+	"fmt"
+	"sort"
+	"strings"
+
+	"cyberstrike-ai/internal/config"
+	"cyberstrike-ai/internal/database"
+)
+
+// AppendSystemPromptBlock 将附加块追加到 system prompt。
+func AppendSystemPromptBlock(base, block string) string {
+	base = strings.TrimSpace(base)
+	block = strings.TrimSpace(block)
+	if block == "" {
+		return base
+	}
+	if base == "" {
+		return block
+	}
+	return base + "\n\n" + block
+}
+
+// BuildFactIndexBlock 为 Agent 系统提示生成项目黑板索引（仅 key + summary，不含 body）。
+func BuildFactIndexBlock(db *database.DB, projectID string, cfg config.ProjectConfig) (string, error) {
+	if db == nil || !cfg.Enabled {
+		return "", nil
+	}
+	projectID = strings.TrimSpace(projectID)
+	if projectID == "" {
+		return "", nil
+	}
+
+	proj, err := db.GetProject(projectID)
+	if err != nil {
+		return "", err
+	}
+
+	facts, err := db.ListProjectFactsForIndex(projectID, cfg.DefaultInjectDeprecated)
+	if err != nil {
+		return "", err
+	}
+	if len(facts) == 0 {
+		return fmt.Sprintf("## 项目黑板索引（project: %s, id: %s）\n（暂无事实）\n需要写入请使用 upsert_project_fact；需要详情请调用 get_project_fact(fact_key)。", proj.Name, proj.ID), nil
+	}
+
+	sort.SliceStable(facts, func(i, j int) bool {
+		if facts[i].Pinned != facts[j].Pinned {
+			return facts[i].Pinned
+		}
+		return facts[i].UpdatedAt.After(facts[j].UpdatedAt)
+	})
+
+	maxRunes := cfg.FactIndexMaxRunesEffective()
+	var b strings.Builder
+	b.WriteString(fmt.Sprintf("## 项目黑板索引（project: %s, id: %s）\n", proj.Name, proj.ID))
+	used := len([]rune(b.String()))
+	omitted := 0
+
+	for _, f := range facts {
+		line := fmt.Sprintf("- [%s] %s — %s (%s)\n", f.FactKey, f.Category, strings.TrimSpace(f.Summary), f.Confidence)
+		lineRunes := len([]rune(line))
+		if used+lineRunes > maxRunes {
+			omitted++
+			continue
+		}
+		b.WriteString(line)
+		used += lineRunes
+	}
+
+	if omitted > 0 {
+		b.WriteString(fmt.Sprintf("\n（另有 %d 条未列入索引，请使用 list_project_facts 或 search_project_facts 查询。）\n", omitted))
+	}
+	b.WriteString("需要完整内容（攻击链、POC、请求响应等）时必须调用 get_project_fact(fact_key)，禁止凭摘要臆造细节。\n")
+	b.WriteString("写入事实时：summary 写「什么+在哪+如何验证」；body 写可复现全流程（发现/利用类 fact_key 建议 finding|chain|exploit|poc/ 前缀）。\n")
+	return b.String(), nil
+}

internal/project/fact_recording_prompt.go

@@ -0,0 +1,100 @@
+package project
+
+import (
+	"strings"
+
+	"cyberstrike-ai/internal/mcp/builtin"
+)
+
+// 边渗透边记录：统一节奏文案（agents/*.md 须与 FactRecordingIncrementalRhythmMarkdown 保持一致）。
+const (
+	factRhythmCore = "勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 `upsert_project_fact`（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 `record_vulnerability`；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。"
+	factRhythmCoordinatorSuffix = "委派/子任务返回新认知或漏洞时，由协调者及时写入，勿假定子代理已记。"
+	factRhythmSubAgentSuffix      = "若工具集中无上述工具，须在交付物末尾给出「待落库」结构化条目（fact_key 建议、summary、body/POC 要点），供协调者**立即**写入。"
+)
+
+// FactRecordingIncrementalRhythmMarkdown 返回边渗透边记录节奏（Markdown，供 agents/*.md 与文档对齐）。
+func FactRecordingIncrementalRhythmMarkdown(coordinator, subAgent bool) string {
+	var b strings.Builder
+	b.WriteString("- **边渗透边记录（强制节奏）**：")
+	b.WriteString(factRhythmCore)
+	if coordinator {
+		b.WriteString(factRhythmCoordinatorSuffix)
+	}
+	if subAgent {
+		b.WriteString(factRhythmSubAgentSuffix)
+	}
+	return b.String()
+}
+
+func factRecordingIncrementalRhythmBuiltin(coordinator, subAgent bool) string {
+	var b strings.Builder
+	b.WriteString("- **边渗透边记录（强制节奏）**：勿等会话结束或收尾再批量写入。每**确认**一条新认知（开放端口/服务版本、入口路径、认证态或凭据特征、可利用点或攻击面变化）后，**立即**调用 ")
+	b.WriteString(builtin.ToolUpsertProjectFact)
+	b.WriteString("（同 fact_key 覆盖更新）。每**验证**出一条可复现漏洞（含 POC/影响）后，**立即**调用 ")
+	b.WriteString(builtin.ToolRecordVulnerability)
+	b.WriteString("；与事实可各记一次。继续下一步工作前优先落库，避免上下文压缩后细节丢失。未绑项目时说明无法写黑板，仍在本轮保留证据摘要。")
+	if coordinator {
+		b.WriteString(factRhythmCoordinatorSuffix)
+	}
+	if subAgent {
+		b.WriteString(factRhythmSubAgentSuffix)
+	}
+	return b.String()
+}
+
+// FactRecordingBlackboardSection 项目黑板与漏洞记录的完整系统提示块（单/多 Agent 主代理共用）。
+// coordinatorDelegate 为 true 时追加「协调者代子代理落库」说明（Deep / plan_execute / supervisor）。
+func FactRecordingBlackboardSection(coordinatorDelegate bool) string {
+	var b strings.Builder
+	b.WriteString("## 项目黑板（事实）与漏洞记录（分离）\n\n")
+	b.WriteString("当前对话若已绑定项目，系统会自动注入「项目黑板索引」（仅 fact_key + 摘要）。**摘要不足时必须调用 ")
+	b.WriteString(builtin.ToolGetProjectFact)
+	b.WriteString("(fact_key) 获取 body，禁止凭摘要臆造细节。**\n\n")
+	b.WriteString(factRecordingIncrementalRhythmBuiltin(coordinatorDelegate, false))
+	b.WriteString("\n\n")
+	b.WriteString("- **环境/目标/认证等认知**（非正式漏洞条目）：使用 ")
+	b.WriteString(builtin.ToolUpsertProjectFact)
+	b.WriteString("，fact_key 建议 `category/slug`（如 target/primary_domain），同 key 覆盖更新；body 记端口/版本/凭据特征与证据来源。\n")
+	b.WriteString("- **发现与利用上下文**（审计复现）：fact_key 建议 finding/、chain/、exploit/、poc/ 前缀；**body 必填**完整攻击链（入口 → 步骤 → 原始请求/响应或命令 → 现象 → 关联 related_vulnerability_id），**禁止仅写结论**；summary 写「什么 + 在哪 + 如何验证」一行要点。\n")
+	b.WriteString("- **可交付漏洞**：使用 ")
+	b.WriteString(builtin.ToolRecordVulnerability)
+	b.WriteString("，含标题、严重程度、类型、目标、证明（POC）、影响、修复建议。记前可先 ")
+	b.WriteString(builtin.ToolListVulnerabilities)
+	b.WriteString(" 查重，详情用 ")
+	b.WriteString(builtin.ToolGetVulnerability)
+	b.WriteString("(id)（默认仅当前项目/会话）。\n")
+	b.WriteString("- 同一发现可能需**各记一次**（事实记**完整攻击链与 exploit 细节**供复现，漏洞记正式 findings）。误报用 ")
+	b.WriteString(builtin.ToolDeprecateProjectFact)
+	b.WriteString(" 或漏洞状态 false_positive。\n")
+	b.WriteString("- 事实多时用 ")
+	b.WriteString(builtin.ToolListProjectFacts)
+	b.WriteString(" / ")
+	b.WriteString(builtin.ToolSearchProjectFacts)
+	b.WriteString(" 检索。\n\n")
+	b.WriteString(FactRecordingGuidanceBlock())
+	b.WriteString("\n\n严重程度：critical / high / medium / low / info。证明须含足够证据（请求响应、截图、命令输出等）。")
+	return b.String()
+}
+
+// FactRecordingSubAgentSection 子代理边渗透边记录（无工具时输出待落库条目）。
+func FactRecordingSubAgentSection() string {
+	return "## 边渗透边记录\n\n" + factRecordingIncrementalRhythmBuiltin(false, true) + "\n"
+}
+
+// FactRecordingBlackboardSectionMarkdown 与 FactRecordingBlackboardSection 等价的 Markdown（工具名为字面量，供 agents/*.md）。
+func FactRecordingBlackboardSectionMarkdown(coordinatorDelegate bool) string {
+	var b strings.Builder
+	b.WriteString("## 项目黑板（事实）与漏洞记录（分离）\n\n")
+	b.WriteString("当前对话若已绑定项目，系统会自动注入「项目黑板索引」（仅 `fact_key` + 摘要）。**摘要不足时必须调用 `get_project_fact(fact_key)` 获取 body，禁止凭摘要臆造细节。**\n\n")
+	b.WriteString(FactRecordingIncrementalRhythmMarkdown(coordinatorDelegate, false))
+	b.WriteString("\n\n")
+	b.WriteString("- **环境/目标/认证等认知**（非正式漏洞）：使用 **`upsert_project_fact`**，`fact_key` 建议 `category/slug`（如 `target/primary_domain`），同 key 覆盖更新；body 记端口/版本/凭据特征与证据来源。\n")
+	b.WriteString("- **发现与利用上下文**（审计复现）：`fact_key` 建议 `finding/`、`chain/`、`exploit/`、`poc/` 前缀；**body 必填**完整攻击链（入口 → 步骤 → 原始请求/响应或命令 → 现象 → 关联 `related_vulnerability_id`），**禁止仅写结论**；summary 写「什么 + 在哪 + 如何验证」一行要点。\n")
+	b.WriteString("- **可交付漏洞**：使用 **`record_vulnerability`**（标题、描述、严重程度、类型、目标、证明 POC、影响、修复建议）。严重程度 critical / high / medium / low / info。\n")
+	b.WriteString("- 同一发现可能需**各记一次**（事实记可复现攻击链，漏洞记正式 findings）。误报用 **`deprecate_project_fact`** 或漏洞状态 false_positive。\n")
+	b.WriteString("- 事实多时用 **`list_project_facts`** / **`search_project_facts`** 检索。\n\n")
+	b.WriteString(FactRecordingGuidanceBlock())
+	b.WriteString("\n\n严重程度：critical / high / medium / low / info。证明须含足够证据（请求响应、截图、命令输出等）。")
+	return b.String()
+}

internal/project/fact_template.go

@@ -0,0 +1,140 @@
+package project
+
+import (
+	"fmt"
+	"strings"
+)
+
+// 事实 category 常量（写入 upsert_project_fact 的 category 字段）。
+const (
+	FactCategoryTarget   = "target"
+	FactCategoryAuth     = "auth"
+	FactCategoryInfra    = "infra"
+	FactCategoryBusiness = "business"
+	FactCategoryFinding  = "finding"
+	FactCategoryChain    = "chain"
+	FactCategoryExploit  = "exploit"
+	FactCategoryPOC      = "poc"
+	FactCategoryNote     = "note"
+)
+
+// RequiresAttackChainBody 判断该事实是否应携带可复现的攻击链 / exploit 详情（写在 body，非仅 summary）。
+func RequiresAttackChainBody(category, factKey string) bool {
+	c := strings.ToLower(strings.TrimSpace(category))
+	switch c {
+	case FactCategoryFinding, FactCategoryChain, FactCategoryExploit, FactCategoryPOC, "vuln":
+		return true
+	}
+	key := strings.ToLower(strings.TrimSpace(factKey))
+	for _, prefix := range []string{"finding/", "chain/", "exploit/", "poc/"} {
+		if strings.HasPrefix(key, prefix) {
+			return true
+		}
+	}
+	return false
+}
+
+// IsSparseFactBody 攻击链类事实 body 过短或缺少关键段落时返回 true（软校验，不阻断写入）。
+func IsSparseFactBody(category, factKey, body string) bool {
+	if !RequiresAttackChainBody(category, factKey) {
+		return false
+	}
+	body = strings.TrimSpace(body)
+	if body == "" {
+		return true
+	}
+	lower := strings.ToLower(body)
+	// 至少应包含可复现线索：步骤/请求/命令/代码块 之一
+	hasSteps := strings.Contains(lower, "攻击链") || strings.Contains(lower, "## 攻击") ||
+		strings.Contains(lower, "## exploit") || strings.Contains(lower, "## poc")
+	hasHTTP := strings.Contains(lower, "```http") || strings.Contains(lower, "```bash") ||
+		strings.Contains(lower, "curl ") || strings.Contains(lower, "get ") || strings.Contains(lower, "post ")
+	hasReq := strings.Contains(lower, "请求") || strings.Contains(lower, "响应") || strings.Contains(lower, "payload")
+	// 无攻击链/POC/请求等结构线索，视为仅结论性描述（不论长短）
+	return !(hasSteps || hasHTTP || hasReq)
+}
+
+// FactBodyTemplate 按 category 返回建议的 body Markdown 骨架（供 Agent 填入真实内容）。
+func FactBodyTemplate(category, factKey string) string {
+	if RequiresAttackChainBody(category, factKey) {
+		return attackChainFactBodyTemplate
+	}
+	return envFactBodyTemplate
+}
+
+const attackChainFactBodyTemplate = `## 结论（可验证，一句话）
+<勿仅写「存在漏洞」；写明类型 + 位置 + 触发条件>
+
+## 目标与入口
+- 目标: <URL / IP:Port / 主机名>
+- 入口: <路径 / 接口 / 参数>
+- 前置条件: <匿名 / 角色 / Cookie / 其他依赖>
+
+## 攻击链（逐步可复现）
+1. <侦察/发现>
+2. <利用/触发>
+3. <影响证明（读文件、RCE 回显、越权数据等）>
+
+## Exploit / POC
+### 请求
+` + "```http\n<METHOD> <path> HTTP/1.1\nHost: ...\n...\n\n<body>\n```" + `
+
+### 响应 / 现象
+<关键响应片段、状态码、差异点>
+
+### 命令 / 脚本（如有）
+` + "```bash\n<command>\n```" + `
+
+## 关键证据
+- <工具输出摘要 / 截图路径 / 会话或消息 ID>
+
+## 关联
+- related_vulnerability_id: <可选，对应 record_vulnerability 的 id>
+- 依赖事实: <fact_key，如 auth/session_cookie>
+
+## 备注与不确定性
+<待验证假设、环境差异、绕过尝试记录>`
+
+const envFactBodyTemplate = `## 摘要
+<该事实的核心认知>
+
+## 细节
+<端口/版本/路径/凭据特征/业务规则等>
+
+## 来源与证据
+<命令输出、响应片段、发现时间>
+
+## 关联
+- 相关 fact_key: <可选>`
+
+// FactRecordingGuidanceBlock 写入系统提示：要求事实沉淀攻击链上下文而非仅结论。
+func FactRecordingGuidanceBlock() string {
+	return `### 事实写入规范（审计复现 / 知识沉淀）
+
+- **summary**：索引用一行，须含「什么 + 在哪 + 如何触发/验证」要点，禁止只写结论（如仅写「存在 SQLi」）。
+- **body**：完整可复现上下文，写入 ` + "`upsert_project_fact`" + ` 的 body 字段；索引不含 body，后续会话须靠 ` + "`get_project_fact`" + ` 取回。
+- **category / fact_key 建议**：
+  - 环境认知：` + "`target/`" + `、` + "`auth/`" + `、` + "`infra/`" + `、` + "`business/`" + `（body 用环境模板即可）
+  - 发现与利用：` + "`finding/`" + `、` + "`chain/`" + `、` + "`exploit/`" + `、` + "`poc/`" + `（**必须**用攻击链模板填满 body：入口、逐步攻击链、原始请求/响应或命令、证据、关联漏洞 ID）
+- **与漏洞记录分工**：` + "`record_vulnerability`" + ` 记可交付 findings；事实记**复现所需的全部上下文**（含失败尝试、绕过、依赖会话），二者可各记一次。
+- 更新同一发现时保持相同 ` + "`fact_key`" + ` 覆盖写入，勿散落多个 key 导致上下文丢失。`
+}
+
+// SparseBodyWarning 攻击链类事实 body 不足时的工具返回提示（不阻断保存）。
+func SparseBodyWarning(category, factKey string) string {
+	if !IsSparseFactBody(category, factKey, "") {
+		return ""
+	}
+	return fmt.Sprintf(
+		"\n\n⚠ 提示：category=%q / fact_key=%q 属于攻击链类事实，但 body 为空或过简。请补充完整攻击链与 POC（参考模板），便于后续审计复现。\n建议 body 骨架：\n%s",
+		category, factKey, FactBodyTemplate(category, factKey),
+	)
+}
+
+// SparseBodyWarningIfNeeded 根据实际 body 判断是否追加警告。
+func SparseBodyWarningIfNeeded(category, factKey, body string) string {
+	if !IsSparseFactBody(category, factKey, body) {
+		return ""
+	}
+	return SparseBodyWarning(category, factKey)
+}

internal/project/fact_template_test.go

@@ -0,0 +1,42 @@
+package project
+
+import (
+	"strings"
+	"testing"
+)
+
+func TestRequiresAttackChainBody(t *testing.T) {
+	cases := []struct {
+		cat, key string
+		want     bool
+	}{
+		{"finding", "note/misc", true},
+		{"note", "finding/sqli-login", true},
+		{"target", "target/primary_domain", false},
+		{"auth", "auth/admin_cookie", false},
+		{"chain", "x", true},
+		{"", "exploit/rce-upload", true},
+	}
+	for _, tc := range cases {
+		if got := RequiresAttackChainBody(tc.cat, tc.key); got != tc.want {
+			t.Errorf("RequiresAttackChainBody(%q,%q)=%v want %v", tc.cat, tc.key, got, tc.want)
+		}
+	}
+}
+
+func TestIsSparseFactBody(t *testing.T) {
+	long := strings.Repeat("x", 150)
+	if !IsSparseFactBody("finding", "finding/x", "") {
+		t.Error("empty body should be sparse")
+	}
+	if !IsSparseFactBody("finding", "finding/x", long) {
+		t.Error("body without repro clues should be sparse")
+	}
+	body := "## 攻击链\n1. step\n## Exploit\n```http\nGET / HTTP/1.1\n```\n"
+	if IsSparseFactBody("finding", "finding/x", body) {
+		t.Error("structured body should not be sparse")
+	}
+	if IsSparseFactBody("target", "target/x", "") {
+		t.Error("env fact empty body is ok")
+	}
+}

internal/project/scope_block.go

@@ -0,0 +1,99 @@
+package project
+
+import (
+	"encoding/json"
+	"fmt"
+	"strings"
+
+	"cyberstrike-ai/internal/config"
+	"cyberstrike-ai/internal/database"
+)
+
+// projectScopePayload 解析 projects.scope_json（约定字段，可扩展）。
+type projectScopePayload struct {
+	Targets []string `json:"targets"`
+	Exclude []string `json:"exclude"`
+	Notes   string   `json:"notes"`
+}
+
+// BuildScopeBlock 将项目 scope_json 格式化为 Agent 可读的授权范围块。
+func BuildScopeBlock(proj *database.Project) string {
+	if proj == nil {
+		return ""
+	}
+	raw := strings.TrimSpace(proj.ScopeJSON)
+	if raw == "" {
+		return ""
+	}
+
+	var payload projectScopePayload
+	if err := json.Unmarshal([]byte(raw), &payload); err != nil {
+		return fmt.Sprintf("## 项目测试范围（project: %s）\n（scope_json 非合法 JSON，请人工核对配置）\n```\n%s\n```\n"+
+			"仅对明确授权目标执行测试；超出范围须停止并说明。\n", proj.Name, truncateRunes(raw, 800))
+	}
+
+	var b strings.Builder
+	b.WriteString(fmt.Sprintf("## 项目测试范围（project: %s, id: %s）\n", proj.Name, proj.ID))
+	b.WriteString("以下为授权边界，**必须遵守**：仅测试列出的 targets，避开 exclude，不得擅自扩大范围。\n")
+
+	if len(payload.Targets) > 0 {
+		b.WriteString("\n**允许测试（targets）**：\n")
+		for _, t := range payload.Targets {
+			t = strings.TrimSpace(t)
+			if t != "" {
+				b.WriteString("- " + t + "\n")
+			}
+		}
+	}
+	if len(payload.Exclude) > 0 {
+		b.WriteString("\n**明确排除（exclude）**：\n")
+		for _, t := range payload.Exclude {
+			t = strings.TrimSpace(t)
+			if t != "" {
+				b.WriteString("- " + t + "\n")
+			}
+		}
+	}
+	if n := strings.TrimSpace(payload.Notes); n != "" {
+		b.WriteString("\n**说明（notes）**：\n" + n + "\n")
+	}
+	if len(payload.Targets) == 0 && len(payload.Exclude) == 0 && strings.TrimSpace(payload.Notes) == "" {
+		b.WriteString("\n（scope_json 已配置但未识别 targets/exclude/notes 字段，原始内容供参考）\n```json\n")
+		b.WriteString(truncateRunes(raw, 1200))
+		b.WriteString("\n```\n")
+	}
+	b.WriteString("\n若目标不在 targets 内或命中 exclude，不得主动扫描/利用；需用户明确扩大授权后再继续。\n")
+	return b.String()
+}
+
+func truncateRunes(s string, max int) string {
+	r := []rune(s)
+	if len(r) <= max {
+		return s
+	}
+	return string(r[:max]) + "…"
+}
+
+// BuildProjectBlackboardBlock 组合测试范围 + 事实黑板索引。
+func BuildProjectBlackboardBlock(db *database.DB, projectID string, cfg config.ProjectConfig) (string, error) {
+	projectID = strings.TrimSpace(projectID)
+	if projectID == "" {
+		return "", nil
+	}
+	proj, err := db.GetProject(projectID)
+	if err != nil {
+		return "", err
+	}
+	parts := []string{}
+	if scope := strings.TrimSpace(BuildScopeBlock(proj)); scope != "" {
+		parts = append(parts, scope)
+	}
+	index, err := BuildFactIndexBlock(db, projectID, cfg)
+	if err != nil {
+		return "", err
+	}
+	if strings.TrimSpace(index) != "" {
+		parts = append(parts, index)
+	}
+	return strings.Join(parts, "\n\n"), nil
+}

internal/project/scope_block_test.go

@@ -0,0 +1,40 @@
+package project
+
+import (
+	"strings"
+	"testing"
+
+	"cyberstrike-ai/internal/database"
+)
+
+func TestBuildScopeBlock_targetsExcludeNotes(t *testing.T) {
+	proj := &database.Project{
+		ID:   "p1",
+		Name: "Acme",
+		ScopeJSON: `{"targets":["https://app.example.com"],"exclude":["*.cdn.example.com"],"notes":"仅 Web 层"}`,
+	}
+	block := BuildScopeBlock(proj)
+	if !strings.Contains(block, "https://app.example.com") {
+		t.Fatalf("missing target: %s", block)
+	}
+	if !strings.Contains(block, "cdn.example.com") {
+		t.Fatalf("missing exclude: %s", block)
+	}
+	if !strings.Contains(block, "仅 Web 层") {
+		t.Fatalf("missing notes: %s", block)
+	}
+}
+
+func TestBuildScopeBlock_empty(t *testing.T) {
+	if BuildScopeBlock(&database.Project{Name: "X"}) != "" {
+		t.Fatal("expected empty")
+	}
+}
+
+func TestBuildScopeBlock_invalidJSON(t *testing.T) {
+	proj := &database.Project{Name: "X", ScopeJSON: `{not json`}
+	block := BuildScopeBlock(proj)
+	if !strings.Contains(block, "非合法 JSON") {
+		t.Fatalf("unexpected: %s", block)
+	}
+}

internal/project/stats.go

@@ -0,0 +1,21 @@
+package project
+
+import "cyberstrike-ai/internal/database"
+
+// GetProjectStats 聚合项目统计（含待补全事实数）。
+func GetProjectStats(db *database.DB, projectID string) (*database.ProjectStats, error) {
+	stats, err := db.GetProjectStatsCounts(projectID)
+	if err != nil {
+		return nil, err
+	}
+	rows, err := db.ListProjectFactsForSparseCheck(projectID)
+	if err != nil {
+		return nil, err
+	}
+	for _, r := range rows {
+		if IsSparseFactBody(r.Category, r.FactKey, r.Body) {
+			stats.SparseFactCount++
+		}
+	}
+	return stats, nil
+}

tools/fscan.yaml

@@ -0,0 +1,288 @@
+name: "fscan"
+command: "fscan"
+enabled: false
+short_description: "内网综合扫描工具，支持存活探测、端口扫描、服务识别、爆破、POC检测"
+description: |
+  Fscan是一款内网综合扫描工具，支持主机发现、端口扫描、服务识别、
+
+  密码爆破、Web指纹识别和漏洞POC检测。
+
+  **主要功能：**
+  - 主机存活探测（ICMP/TCP/Ping）
+  - 端口扫描（默认1000常用端口）
+  - 服务版本识别与指纹匹配
+  - 弱口令暴力破解（SSH/SMB/Mysql/Redis等）
+  - Web应用漏洞POC扫描
+  - DNS探测与域名枚举
+  - Redis未授权利用（写入/WebShell/反弹Shell）
+  - 持久化后门生成（Linux ELF / Windows PE）
+
+  **使用场景：**
+  - 内网资产快速梳理
+  - 弱口令批量检测
+  - 常见服务漏洞验证
+  - 渗透测试信息收集
+  - 红队内网横向
+parameters:
+  - name: "target"
+    type: "string"
+    description: "目标主机：IP地址、IP段（如192.168.1.0/24）、IP文件或域名"
+    required: true
+    flag: "-h"
+    format: "flag"
+  - name: "ports"
+    type: "string"
+    description: |
+      扫描端口列表，逗号分隔。默认覆盖1000个常用端口。
+      示例: "22,80,443,3306,6379" 或 "1-1000"
+    required: false
+    flag: "-p"
+    format: "flag"
+    default: "21,22,23,25,53,80,81,88,110,111,135,139,143,161,389,443,445,465,502,512,513,514,515,548,554,587,623,636,873,902,993,995,1080,1099,1194,1433,1434,1521,1522,1525,1723,1883,2049,2121,2181,2200,2222,2375,2376,2379,2380,3000,3128,3268,3269,3306,3389,3690,4369,4444,4848,5000,5005,5044,5060,5432,5601,5631,5632,5671,5672,5900,5984,5985,5986,6000,6379,6380,6443,6666,6667,7001,7002,7474,7687,8000,8005,8008,8009,8080,8081,8086,8088,8089,8090,8161,8180,8443,8500,8834,8848,8880,8888,9000,9001,9042,9080,9090,9092,9093,9160,9200,9300,9418,9443,9999,10000,10051,10250,10255,11211,15672,22222,26379,27017,27018,50000,50070,50075,61613,61614,61616"
+  - name: "mode"
+    type: "string"
+    description: |
+      扫描模式：
+      - all：全功能扫描（默认）
+      - icmp：仅存活探测
+      - 或指定插件名称（如 ssh, smb, mysql, redis 等）
+    required: false
+    flag: "-m"
+    format: "flag"
+    default: "all"
+  - name: "output_file"
+    type: "string"
+    description: "结果输出文件路径（默认 result.txt）"
+    required: false
+    flag: "-o"
+    format: "flag"
+    default: "result.txt"
+  - name: "output_format"
+    type: "string"
+    description: "输出格式：txt（默认）, json, csv"
+    required: false
+    flag: "-f"
+    format: "flag"
+    default: "txt"
+  - name: "threads"
+    type: "int"
+    description: "端口扫描线程数"
+    required: false
+    flag: "-t"
+    format: "flag"
+    default: 600
+  - name: "module_threads"
+    type: "int"
+    description: "模块并发线程数"
+    required: false
+    flag: "-mt"
+    format: "flag"
+    default: 20
+  - name: "poc_num"
+    type: "int"
+    description: "POC扫描并发数"
+    required: false
+    flag: "-num"
+    format: "flag"
+    default: 20
+  - name: "timeout"
+    type: "int"
+    description: "端口扫描超时时间（秒）"
+    required: false
+    flag: "-time"
+    format: "flag"
+    default: 3
+  - name: "web_timeout"
+    type: "int"
+    description: "Web请求超时时间（秒）"
+    required: false
+    flag: "-wt"
+    format: "flag"
+    default: 5
+  - name: "global_timeout"
+    type: "int"
+    description: "全局超时时间（秒）"
+    required: false
+    flag: "-gt"
+    format: "flag"
+    default: 180
+  - name: "url"
+    type: "string"
+    description: "目标URL（用于Web扫描模式）"
+    required: false
+    flag: "-u"
+    format: "flag"
+  - name: "proxy"
+    type: "string"
+    description: "HTTP代理地址（如: http://127.0.0.1:8080）"
+    required: false
+    flag: "-proxy"
+    format: "flag"
+  - name: "socks5"
+    type: "string"
+    description: "SOCKS5代理地址（如: 127.0.0.1:1080）"
+    required: false
+    flag: "-socks5"
+    format: "flag"
+  - name: "cookie"
+    type: "string"
+    description: "HTTP Cookie值"
+    required: false
+    flag: "-cookie"
+    format: "flag"
+  - name: "domain"
+    type: "string"
+    description: "目标域名"
+    required: false
+    flag: "-domain"
+    format: "flag"
+  - name: "username"
+    type: "string"
+    description: "暴力破解用户名"
+    required: false
+    flag: "-user"
+    format: "flag"
+  - name: "password"
+    type: "string"
+    description: "暴力破解密码"
+    required: false
+    flag: "-pwd"
+    format: "flag"
+  - name: "user_file"
+    type: "string"
+    description: "用户名字典文件路径"
+    required: false
+    flag: "-userf"
+    format: "flag"
+  - name: "pass_file"
+    type: "string"
+    description: "密码字典文件路径"
+    required: false
+    flag: "-pwdf"
+    format: "flag"
+  - name: "host_file"
+    type: "string"
+    description: "目标主机文件路径（每行一个IP）"
+    required: false
+    flag: "-hf"
+    format: "flag"
+  - name: "port_file"
+    type: "string"
+    description: "自定义端口文件路径"
+    required: false
+    flag: "-pf"
+    format: "flag"
+  - name: "url_file"
+    type: "string"
+    description: "目标URL文件路径"
+    required: false
+    flag: "-uf"
+    format: "flag"
+  - name: "pocname"
+    type: "string"
+    description: "指定POC名称进行单点扫描"
+    required: false
+    flag: "-pocname"
+    format: "flag"
+  - name: "pocpath"
+    type: "string"
+    description: "自定义POC脚本路径"
+    required: false
+    flag: "-pocpath"
+    format: "flag"
+  - name: "iface"
+    type: "string"
+    description: "指定本地网卡IP地址（VPN场景使用）"
+    required: false
+    flag: "-iface"
+    format: "flag"
+  - name: "exclude_host"
+    type: "string"
+    description: "排除的主机IP"
+    required: false
+    flag: "-eh"
+    format: "flag"
+  - name: "exclude_port"
+    type: "string"
+    description: "排除的端口"
+    required: false
+    flag: "-ep"
+    format: "flag"
+  - name: "retry"
+    type: "int"
+    description: "最大重试次数"
+    required: false
+    flag: "-retry"
+    format: "flag"
+    default: 3
+  - name: "rate_limit"
+    type: "int"
+    description: "每分钟最大发包次数（0表示不限制）"
+    required: false
+    flag: "-rate"
+    format: "flag"
+  - name: "max_redirect"
+    type: "int"
+    description: "HTTP最大重定向次数"
+    required: false
+    flag: "-max-redirect"
+    format: "flag"
+    default: 10
+  - name: "lang"
+    type: "string"
+    description: "输出语言：zh（默认中文）, en（英文）"
+    required: false
+    flag: "-lang"
+    format: "flag"
+    default: "zh"
+  - name: "log_level"
+    type: "string"
+    description: "日志级别（默认 base,info,success）"
+    required: false
+    flag: "-log"
+    format: "flag"
+    default: "base,info,success"
+  - name: "reverse_shell"
+    type: "string"
+    description: "反弹Shell目标地址:端口（如: 192.168.1.100:4444）"
+    required: false
+    flag: "-rsh"
+    format: "flag"
+  - name: "sshkey_file"
+    type: "string"
+    description: "SSH私钥文件路径"
+    required: false
+    flag: "-sshkey"
+    format: "flag"
+  - name: "download_url"
+    type: "string"
+    description: "要下载的文件URL"
+    required: false
+    flag: "-download-url"
+    format: "flag"
+  - name: "download_path"
+    type: "string"
+    description: "下载文件保存路径"
+    required: false
+    flag: "-download-path"
+    format: "flag"
+  - name: "additional_args"
+    type: "string"
+    description: |
+      额外的fscan参数。用于传递未在参数列表中定义的fscan选项。
+
+      **示例值：**
+      - "-nobr -nopoc" （禁用爆破和POC，仅做端口扫描）
+      - "-ao" （仅进行存活探测）
+      - "-silent -nocolor" （静默无颜色输出）
+      - "-debug" （开启调试模式）
+      - "-full" （全量POC扫描）
+      - "-no" （禁用结果保存）
+      - "-dns" （启用DNS日志记录）
+
+      **注意事项：**
+      - 多个参数用空格分隔
+      - 确保参数格式正确，避免命令注入
+      - 此参数会直接追加到命令末尾
+    required: false
+    format: "positional"

web/static/i18n/en-US.json

@@ -48,6 +48,7 @@
   },
   "login": {
     "title": "Sign in to CyberStrikeAI",
+    "titlePrefix": "Sign in to",
     "subtitle": "Enter the access password from config",
     "passwordLabel": "Password",
     "passwordPlaceholder": "Enter password",
@@ -58,6 +59,7 @@
     "chat": "Chat",
     "infoCollect": "Recon",
     "tasks": "Tasks",
+    "projects": "Projects",
     "vulnerabilities": "Vulnerabilities",
     "webshell": "WebShell Management",
     "chatFiles": "File Management",
@@ -222,6 +224,182 @@
     "noVulnDesc": "This list shows recent records; new results appear here when detection completes in chat",
     "startScanBtn": "Go to chat to scan"
   },
+  "projects": {
+    "title": "Projects",
+    "showArchived": "Show archived",
+    "newProjectCta": "+ New project",
+    "projectList": "Project list",
+    "searchProjectsPlaceholder": "Search projects…",
+    "selectOrCreateTitle": "Select or create a project",
+    "selectOrCreateHint": "Projects share a cross-chat fact board; target, environment, auth and other facts are auto-injected in bound conversations.",
+    "createFirstProject": "Create first project",
+    "defaultProjectName": "Project",
+    "statusActive": "Active",
+    "statusArchived": "Archived",
+    "vulnerabilityManagement": "Vulnerability management",
+    "addFactCta": "+ Add fact",
+    "tabFacts": "Fact board",
+    "tabConversations": "Bound conversations",
+    "tabVulns": "Related vulnerabilities",
+    "tabSettings": "Settings",
+    "factToolbarHint": "Index includes key and summary only (must include what + where + how to verify); put attack chain / POC in body, and reproduce via get_project_fact.",
+    "searchFactsSr": "Search facts",
+    "searchFactsPlaceholder": "Search key, summary, body…",
+    "category": "Category",
+    "all": "All",
+    "confidence": "Confidence",
+    "confidenceConfirmed": "Confirmed",
+    "confidenceTentative": "Tentative",
+    "confidenceDeprecated": "Deprecated",
+    "displayOptions": "Display options",
+    "sparseOnly": "Sparse only",
+    "hideDeprecated": "Hide deprecated",
+    "summary": "Summary",
+    "updated": "Updated",
+    "boundConversationsHint": "Conversations bound to this project; click to open",
+    "titleLabel": "Title",
+    "projectVulnSummaryHint": "Vulnerability summary under this project",
+    "searchVulnsSr": "Search vulnerabilities",
+    "searchVulnsPlaceholder": "Search title, description, type, target…",
+    "noMatchingVulns": "No matching vulnerabilities, try adjusting filters",
+    "viewInVulnerabilityManagement": "View in vulnerability management",
+    "severity": "Severity",
+    "status": "Status",
+    "modalNewTitle": "New project",
+    "modalNewSubtitle": "After creation, bind conversations to share fact board across chats",
+    "projectName": "Project name",
+    "projectNamePlaceholder": "e.g. Client A Web pentest",
+    "projectDescription": "Project description",
+    "projectDescriptionPlaceholder": "Scope, authorization boundary, notes…",
+    "createProject": "Create project",
+    "newProject": "New project",
+    "chatSelectorButton": "Share fact board across chats after binding a project",
+    "selectProject": "Select project",
+    "noProject": "No project",
+    "factBodyEnvTitle": "Environment fact",
+    "factBodyHasDetail": "Has details",
+    "factBodySparseTitle": "Missing attack-chain/POC structure",
+    "factBodySparse": "Incomplete",
+    "factBodyReproducibleTitle": "Contains reproducible structure",
+    "factBodyReproducible": "Reproducible",
+    "factHintAttackSparse": "Attack-chain fact: fill complete body (steps, HTTP/command, response evidence); avoid conclusion-only notes. You can insert the attack-chain template.",
+    "factHintAttackReady": "Attack-chain fact: body is used for audit reproduction, keep original request/response and step-by-step flow.",
+    "factHintEnv": "Environment fact: body should include evidence source; for findings/exploitation use finding|chain|exploit|poc category.",
+    "confirmOverwriteBodyTemplate": "Overwrite current body content with template?",
+    "loadProjectsFailed": "Failed to load projects",
+    "restoreTitle": "Restore as tentative and re-index into board",
+    "restore": "Restore",
+    "deprecateTitle": "Mark as deprecated",
+    "deprecate": "Deprecate",
+    "editTitle": "Edit fields",
+    "viewBodyTitle": "View full body",
+    "details": "Details",
+    "deleteForeverTitle": "Delete permanently",
+    "noProjects": "No projects",
+    "noMatchingProjects": "No matching projects",
+    "pinned": "Pinned",
+    "archived": "Archived",
+    "statsFacts": "{{count}} facts",
+    "statsVulns": "{{count}} vulnerabilities",
+    "statsConversations": "{{count}} conversations",
+    "statsSparse": "{{count}} incomplete",
+    "projectNotFound": "Project not found",
+    "updatedPrefix": "Updated {{time}}",
+    "noMatchingFacts": "No matching facts, try adjusting filters",
+    "noFacts": "No facts yet. Click Add fact or let Agent write facts automatically",
+    "relatedVulnIdTitle": "Related vulnerability ID",
+    "noBoundConversations": "No bound conversations yet; select this project in chat to bind",
+    "untitledConversation": "Untitled conversation",
+    "open": "Open",
+    "unbindProjectTitle": "Unbind project",
+    "unbind": "Unbind",
+    "confirmUnbindConversation": "Unbind this conversation from current project?",
+    "unbindFailed": "Unbind failed",
+    "factMetaCategory": "Category: {{value}}",
+    "factMetaConfidence": "Confidence: {{value}}",
+    "factMetaUpdated": "Updated: {{time}}",
+    "factMetaRelatedVuln": "Related vulnerability: {{value}}",
+    "factMetaSourceConversation": "Source conversation: {{value}}",
+    "factMetaHasPrevious": "Has previous version",
+    "emptyBody": "(empty body)",
+    "factSparseWarn": "This fact belongs to attack-chain/exploit category, but body lacks reproducible structure (steps, HTTP/command, request/response, etc.). Edit and complete it for audit reproduction.",
+    "factPreviousMeta": "Archived at {{time}} · Summary: {{summary}} · Confidence: {{confidence}}",
+    "loadVulnerabilityListFailed": "Failed to load vulnerability list",
+    "noVulnerabilitiesInProject": "No vulnerabilities in this project yet. Create one first or let Agent record it.",
+    "promptLinkFactToVuln": "Enter index to link fact \"{{factKey}}\":\n\n{{lines}}",
+    "invalidIndex": "Invalid index",
+    "linkFailed": "Link failed",
+    "linkSuccess": "Linked vulnerability",
+    "promptConversationIdForVulnCreate": "Conversation ID is required to create vulnerability (can be source conversation):",
+    "cancelledNoConversationId": "Cancelled: conversation_id not provided",
+    "createVulnerabilityFailed": "Failed to create vulnerability",
+    "createVulnerabilityAndLinkSuccess": "Created vulnerability and linked: {{value}}",
+    "confirmDeprecateFact": "Mark fact {{factKey}} as deprecated?",
+    "operationFailed": "Operation failed",
+    "confirmRestoreFact": "Restore fact {{factKey}}? It will re-enter board index with tentative status.",
+    "noVulnerabilityRecords": "No vulnerability records in this project",
+    "viewRelatedFactsTitle": "View related facts",
+    "facts": "Facts",
+    "loadRelatedFactsFailed": "Failed to load related facts",
+    "noFactsForVulnerability": "This vulnerability has no related facts yet. Link vulnerability or generate vulnerability draft from fact detail.",
+    "promptChooseFactByIndex": "This vulnerability is linked to {{count}} facts. Enter index to view:\n{{lines}}",
+    "enterProjectName": "Please enter project name",
+    "saveFailed": "Save failed",
+    "invalidJson": "Invalid JSON format",
+    "scopeNoteAuthorizedWebOnly": "Authorized for Web application layer testing only",
+    "invalidScopeJson": "Invalid scope JSON, please fix it first or click Format",
+    "saved": "Saved",
+    "confirmArchiveProject": "After archiving, this project is hidden from active list by default. Continue?",
+    "confirmRestoreProjectActive": "Restore to active?",
+    "confirmDeleteProject": "Delete this project? Facts will be deleted and conversations unbound.",
+    "deleteFailed": "Delete failed",
+    "addFact": "Add fact",
+    "saveFact": "Save fact",
+    "editFact": "Edit fact",
+    "saveChanges": "Save changes",
+    "customCategoryOption": "{{value}} (custom)",
+    "selectProjectFirst": "Please select a project first",
+    "loadFactFailed": "Failed to load fact",
+    "factKeySummaryRequired": "fact_key and summary are required",
+    "confirmSaveSparseFact": "This fact is attack-chain/exploit related, but body does not contain reproducible structure (steps, HTTP/command, request/response).\nSave anyway? It's recommended to insert attack-chain template and fill POC first.",
+    "confirmDeleteFact": "Delete this fact?",
+    "notUpdatedYet": "Not updated yet",
+    "clearStaleProjectBindingFailed": "Failed to clear stale project binding",
+    "noProjectDescription": "No project binding",
+    "noProjectsClickCreate": "No projects yet, click New project below",
+    "sharedFactBoard": "Shared fact board",
+    "loadFailedRetry": "Load failed, please retry later",
+    "projectBound": "Project bound",
+    "projectUnbound": "Project unbound",
+    "updateProjectBindingFailed": "Failed to update project binding",
+    "basicInfoTitle": "Basic information",
+    "basicInfoHint": "Name and description are shown in project details",
+    "settingsIntroTitle": "Project settings",
+    "settingsIntroHint": "Configure project metadata and Agent authorization boundary; takes effect immediately for bound conversations after saving.",
+    "pinProject": "Pin project (show first in list)",
+    "editDescriptionPlaceholder": "Targets, authorization scope, contacts, notes…",
+    "scopeTitle": "Test scope",
+    "scopeHint": "JSON format for Agent authorization boundary and target assets",
+    "formatJson": "Format",
+    "example": "Example",
+    "scopeJsonLabel": "Scope JSON",
+    "scopeFootnote": "Supports targets, exclude, notes and more. Empty means no scope limit.",
+    "dangerZoneTitle": "Danger zone",
+    "dangerZoneHint": "Archived projects are hidden unless 'Show archived' is enabled; deletion removes all facts permanently.",
+    "archiveRestore": "Archive / Restore",
+    "deleteProject": "Delete project",
+    "saveChangesHint": "Click save to sync changes to server",
+    "saveSettings": "Save changes",
+    "factModalSubtitle": "Summary is indexed on board; body stores attack chain and POC for audit reproduction (separate from vulnerability records).",
+    "relatedVulnIdLabel": "Related vulnerability ID",
+    "optional": "Optional",
+    "factDetails": "Fact details",
+    "previousVersion": "Previous version",
+    "currentVersion": "Current version",
+    "linkVulnerability": "Link vulnerability",
+    "createVulnerabilityDraft": "Create vulnerability draft",
+    "generatedFromFact": "Generated from project fact {{factKey}}"
+  },
   "chat": {
     "newChat": "New chat",
     "toggleConversationPanel": "Collapse/expand conversation list",
@@ -296,6 +474,8 @@
     "einoAgentReplyTitle": "Sub-agent reply",
     "einoStreamErrorTitle": "⚠️ Eino stream interrupted ({{agent}})",
     "einoStreamErrorMessage": "Streaming read failed; the system will retry or terminate according to policy.",
+    "einoRunRetryTitle": "🔁 Transient error retry",
+    "einoRunRetryErrorDetail": "Error detail",
     "iterationLimitReachedTitle": "⛔ Iteration limit reached",
     "iterationLimitReachedMessage": "Maximum iteration count reached; automatic iteration has stopped.",
     "einoPendingOrphanedTitle": "🧹 Tool call reconciliation",
@@ -310,6 +490,9 @@
     "loadFailedRetry": "Load failed, please retry",
     "dataFormatError": "Data format error",
     "progressInProgress": "Penetration test in progress...",
+    "scrollToBottom": "Scroll to bottom",
+    "scrollToBottomHasNew": "↓ New content below",
+    "scrollToBottomNew": "↓ {{count}} new update(s)",
     "executionFailed": "Execution failed",
     "penetrationTestComplete": "Penetration test complete",
     "yesterday": "Yesterday",
@@ -1588,6 +1771,11 @@
     "detailVulnId": "Vuln ID",
     "detailType": "Type",
     "detailTarget": "Target",
+    "detailProject": "Project",
+    "projectUnbound": "No project",
+    "projectBindHint": "Once bound, agents can list this finding under the project scope.",
+    "projectBindFailed": "Failed to update project binding",
+    "projectBindOk": "Project binding updated",
     "detailConversationId": "Conversation ID",
     "detailTaskId": "Task ID",
     "detailTaskQueueId": "Task queue ID",
@@ -1907,17 +2095,25 @@
   "settingsRobotsExtra": {
     "botCommandsTitle": "Bot command instructions",
     "botCommandsDesc": "You can send the following commands in chat (Chinese and English supported):",
+    "botCmdCategoryGeneral": "General",
+    "botCmdCategoryConversation": "Conversation",
+    "botCmdCategoryRole": "Role",
+    "botCmdCategoryProject": "Project",
     "botCmdHelp": "Show this help",
     "botCmdList": "List conversations",
     "botCmdSwitch": "Switch to conversation",
     "botCmdNew": "Start new conversation",
     "botCmdClear": "Clear context",
-    "botCmdCurrent": "Show current conversation",
+    "botCmdCurrent": "Show current conversation, role and project",
     "botCmdStop": "Stop running task",
     "botCmdRoles": "List roles",
     "botCmdRole": "Switch role",
     "botCmdDelete": "Delete conversation",
     "botCmdVersion": "Show version",
+    "botCmdProjects": "List projects",
+    "botCmdNewProject": "Create project and bind current conversation",
+    "botCmdBindProject": "Bind current conversation to a project",
+    "botCmdUnbindProject": "Unbind project from current conversation",
     "botCommandsFooter": "Otherwise, send any text for AI penetration testing / security analysis."
   },
   "mcpDetailModal": {
@@ -2089,6 +2285,9 @@
     "role": "Role",
     "defaultRole": "Default",
     "roleHint": "Select a role; all tasks will be executed using that role's configuration (prompt and tools).",
+    "project": "Project",
+    "projectNone": "(Unbound)",
+    "projectHint": "Optionally bind this queue to a project; leave empty to keep it unbound.",
     "agentMode": "Agent mode",
     "agentModeSingle": "Single-agent (ReAct)",
     "agentModeMulti": "Multi-agent (Eino)",
@@ -2161,6 +2360,9 @@
     "add": "Add"
   },
   "vulnerabilityModal": {
+    "project": "Project",
+    "projectNone": "(Unbound)",
+    "projectHint": "Bound findings appear in list_vulnerabilities for that project; leave empty to infer from the conversation when possible.",
     "conversationId": "Conversation ID",
     "conversationIdPlaceholder": "Enter conversation ID",
     "conversationTag": "Conversation tag",

web/static/i18n/zh-CN.json

@@ -48,6 +48,7 @@
   },
   "login": {
     "title": "登录 CyberStrikeAI",
+    "titlePrefix": "登录",
     "subtitle": "请输入配置中的访问密码",
     "passwordLabel": "密码",
     "passwordPlaceholder": "输入登录密码",
@@ -58,6 +59,7 @@
     "chat": "对话",
     "infoCollect": "信息收集",
     "tasks": "任务管理",
+    "projects": "项目管理",
     "vulnerabilities": "漏洞管理",
     "webshell": "WebShell管理",
     "chatFiles": "文件管理",
@@ -211,6 +213,182 @@
     "noVulnDesc": "此处展示近期漏洞记录；在对话中完成检测后，新结果会出现在这里",
     "startScanBtn": "前往对话发起扫描"
   },
+  "projects": {
+    "title": "项目管理",
+    "showArchived": "显示已归档",
+    "newProjectCta": "+ 新建项目",
+    "projectList": "项目列表",
+    "searchProjectsPlaceholder": "搜索项目…",
+    "selectOrCreateTitle": "选择或创建项目",
+    "selectOrCreateHint": "项目用于跨对话共享「事实黑板」：目标、环境、认证等信息会在绑定项目的对话中自动注入。",
+    "createFirstProject": "创建第一个项目",
+    "defaultProjectName": "项目",
+    "statusActive": "进行中",
+    "statusArchived": "已归档",
+    "vulnerabilityManagement": "漏洞管理",
+    "addFactCta": "+ 添加事实",
+    "tabFacts": "事实黑板",
+    "tabConversations": "关联对话",
+    "tabVulns": "关联漏洞",
+    "tabSettings": "设置",
+    "factToolbarHint": "索引仅含 key 与摘要（须含「什么 + 在哪 + 如何验证」）；攻击链 / POC 写在 body，Agent 通过 get_project_fact 复现",
+    "searchFactsSr": "搜索事实",
+    "searchFactsPlaceholder": "搜索 key、摘要、body…",
+    "category": "分类",
+    "all": "全部",
+    "confidence": "置信度",
+    "confidenceConfirmed": "已确认",
+    "confidenceTentative": "待确认",
+    "confidenceDeprecated": "已废弃",
+    "displayOptions": "显示选项",
+    "sparseOnly": "仅待补全",
+    "hideDeprecated": "隐藏废弃",
+    "summary": "摘要",
+    "updated": "更新",
+    "boundConversationsHint": "绑定到本项目的对话；点击可打开会话",
+    "titleLabel": "标题",
+    "projectVulnSummaryHint": "本项目下记录的漏洞汇总",
+    "searchVulnsSr": "搜索漏洞",
+    "searchVulnsPlaceholder": "搜索标题、描述、类型、目标…",
+    "noMatchingVulns": "无匹配漏洞，请调整筛选条件",
+    "viewInVulnerabilityManagement": "在漏洞管理中查看",
+    "severity": "严重度",
+    "status": "状态",
+    "modalNewTitle": "新建项目",
+    "modalNewSubtitle": "创建后可绑定对话，跨会话共享事实黑板",
+    "projectName": "项目名称",
+    "projectNamePlaceholder": "例如：某客户 Web 渗透",
+    "projectDescription": "项目描述",
+    "projectDescriptionPlaceholder": "测试范围、授权边界、注意事项…",
+    "createProject": "创建项目",
+    "newProject": "新建项目",
+    "chatSelectorButton": "绑定项目后共享事实黑板（跨对话）",
+    "selectProject": "选择项目",
+    "noProject": "无项目",
+    "factBodyEnvTitle": "环境类事实",
+    "factBodyHasDetail": "有详情",
+    "factBodySparseTitle": "缺少攻击链/POC 结构",
+    "factBodySparse": "待补全",
+    "factBodyReproducibleTitle": "含可复现结构",
+    "factBodyReproducible": "可复现",
+    "factHintAttackSparse": "⚠ 攻击链类事实：请填写完整 body（步骤、HTTP/命令、响应现象），勿仅写结论。可点「插入攻击链模板」。",
+    "factHintAttackReady": "攻击链类：body 将用于审计复现，请保留原始请求/响应与逐步步骤。",
+    "factHintEnv": "环境认知类：body 建议记录来源证据；发现/利用请改用 finding|chain|exploit|poc 分类。",
+    "confirmOverwriteBodyTemplate": "将覆盖当前 body 内容为模板，是否继续？",
+    "loadProjectsFailed": "加载项目失败",
+    "restoreTitle": "恢复为待确认并重新进入黑板索引",
+    "restore": "恢复",
+    "deprecateTitle": "标记为已废弃",
+    "deprecate": "废弃",
+    "editTitle": "编辑各字段",
+    "viewBodyTitle": "查看完整 body",
+    "details": "详情",
+    "deleteForeverTitle": "永久删除",
+    "noProjects": "暂无项目",
+    "noMatchingProjects": "无匹配项目",
+    "pinned": "置顶",
+    "archived": "归档",
+    "statsFacts": "{{count}} 条事实",
+    "statsVulns": "{{count}} 个漏洞",
+    "statsConversations": "{{count}} 个对话",
+    "statsSparse": "{{count}} 待补全",
+    "projectNotFound": "项目不存在",
+    "updatedPrefix": "更新于 {{time}}",
+    "noMatchingFacts": "无匹配事实，请调整筛选条件",
+    "noFacts": "暂无事实，点击「添加事实」或由 Agent 自动写入",
+    "relatedVulnIdTitle": "关联漏洞 ID",
+    "noBoundConversations": "暂无绑定对话；在对话页选择本项目即可关联",
+    "untitledConversation": "未命名对话",
+    "open": "打开",
+    "unbindProjectTitle": "解除项目绑定",
+    "unbind": "解绑",
+    "confirmUnbindConversation": "解除该对话与当前项目的绑定？",
+    "unbindFailed": "解绑失败",
+    "factMetaCategory": "分类: {{value}}",
+    "factMetaConfidence": "置信度: {{value}}",
+    "factMetaUpdated": "更新: {{time}}",
+    "factMetaRelatedVuln": "关联漏洞: {{value}}",
+    "factMetaSourceConversation": "来源对话: {{value}}",
+    "factMetaHasPrevious": "含上一版本",
+    "emptyBody": "(无 body)",
+    "factSparseWarn": "⚠ 该事实属于攻击链/利用类，但 body 缺少可复现结构（攻击链步骤、HTTP/命令、请求响应等）。建议编辑后补全以便审计复现。",
+    "factPreviousMeta": "归档于 {{time}} · 摘要: {{summary}} · 置信度: {{confidence}}",
+    "loadVulnerabilityListFailed": "加载漏洞列表失败",
+    "noVulnerabilitiesInProject": "本项目暂无漏洞，请先创建或让 Agent 记录漏洞",
+    "promptLinkFactToVuln": "输入序号以关联事实「{{factKey}}」：\n\n{{lines}}",
+    "invalidIndex": "序号无效",
+    "linkFailed": "关联失败",
+    "linkSuccess": "已关联漏洞",
+    "promptConversationIdForVulnCreate": "创建漏洞需要对话 ID（可与来源会话一致）：",
+    "cancelledNoConversationId": "已取消：未提供 conversation_id",
+    "createVulnerabilityFailed": "创建漏洞失败",
+    "createVulnerabilityAndLinkSuccess": "已创建漏洞并关联：{{value}}",
+    "confirmDeprecateFact": "将事实 {{factKey}} 标记为已废弃？",
+    "operationFailed": "操作失败",
+    "confirmRestoreFact": "恢复事实 {{factKey}}？将重新进入黑板索引（状态：待确认）。",
+    "noVulnerabilityRecords": "本项目暂无漏洞记录",
+    "viewRelatedFactsTitle": "查看关联事实",
+    "facts": "事实",
+    "loadRelatedFactsFailed": "加载关联事实失败",
+    "noFactsForVulnerability": "该漏洞暂无关联事实，可在事实详情中「关联漏洞」或「生成漏洞草稿」建立链接",
+    "promptChooseFactByIndex": "该漏洞关联 {{count}} 条事实，输入序号查看：\n{{lines}}",
+    "enterProjectName": "请输入项目名称",
+    "saveFailed": "保存失败",
+    "invalidJson": "JSON 格式无效",
+    "scopeNoteAuthorizedWebOnly": "仅授权 Web 应用层测试",
+    "invalidScopeJson": "测试范围 JSON 无效，请先修正或点击「格式化」",
+    "saved": "已保存",
+    "confirmArchiveProject": "归档后默认不再出现在活跃列表，是否继续？",
+    "confirmRestoreProjectActive": "恢复为 active？",
+    "confirmDeleteProject": "确定删除该项目？事实将一并删除，对话将解除绑定。",
+    "deleteFailed": "删除失败",
+    "addFact": "添加事实",
+    "saveFact": "保存事实",
+    "editFact": "编辑事实",
+    "saveChanges": "保存修改",
+    "customCategoryOption": "{{value}}（自定义）",
+    "selectProjectFirst": "请先选择项目",
+    "loadFactFailed": "加载事实失败",
+    "factKeySummaryRequired": "fact_key 与 summary 必填",
+    "confirmSaveSparseFact": "该事实属于攻击链/利用类，但 body 尚未包含可复现结构（步骤、HTTP/命令、请求响应等）。\n仍要保存吗？建议先插入攻击链模板并填写 POC。",
+    "confirmDeleteFact": "删除该事实？",
+    "notUpdatedYet": "尚未更新",
+    "clearStaleProjectBindingFailed": "清除失效的项目绑定失败",
+    "noProjectDescription": "不绑定项目黑板",
+    "noProjectsClickCreate": "暂无项目，点击下方「新建项目」",
+    "sharedFactBoard": "共享事实黑板",
+    "loadFailedRetry": "加载失败，请稍后重试",
+    "projectBound": "已绑定项目",
+    "projectUnbound": "已解除项目绑定",
+    "updateProjectBindingFailed": "更新项目绑定失败",
+    "basicInfoTitle": "基本信息",
+    "basicInfoHint": "名称与描述会显示在项目详情中",
+    "settingsIntroTitle": "项目设置",
+    "settingsIntroHint": "配置项目元数据与 Agent 授权边界，保存后即时生效于绑定对话。",
+    "pinProject": "置顶项目（列表优先显示）",
+    "editDescriptionPlaceholder": "测试目标、授权范围、联系人、注意事项…",
+    "scopeTitle": "测试范围",
+    "scopeHint": "JSON 格式，供 Agent 理解授权边界与目标资产",
+    "formatJson": "格式化",
+    "example": "示例",
+    "scopeJsonLabel": "范围 JSON",
+    "scopeFootnote": "支持 targets、exclude、notes 等字段，留空表示不限制范围。",
+    "dangerZoneTitle": "危险操作",
+    "dangerZoneHint": "归档后需在列表勾选「显示已归档」才能查看；删除将清除全部事实且不可恢复。",
+    "archiveRestore": "归档 / 恢复",
+    "deleteProject": "删除项目",
+    "saveChangesHint": "修改后请点击保存以同步到服务器",
+    "saveSettings": "保存更改",
+    "factModalSubtitle": "摘要注入黑板索引；body 沉淀攻击链与 POC，供审计复现（与漏洞记录分工）",
+    "relatedVulnIdLabel": "关联漏洞 ID",
+    "optional": "可选",
+    "factDetails": "事实详情",
+    "previousVersion": "上一版本",
+    "currentVersion": "当前版本",
+    "linkVulnerability": "关联漏洞",
+    "createVulnerabilityDraft": "生成漏洞草稿",
+    "generatedFromFact": "由项目事实 {{factKey}} 生成"
+  },
   "chat": {
     "newChat": "新对话",
     "toggleConversationPanel": "折叠/展开对话列表",
@@ -285,6 +463,8 @@
     "einoAgentReplyTitle": "子代理回复",
     "einoStreamErrorTitle": "⚠️ Eino 流式中断（{{agent}}）",
     "einoStreamErrorMessage": "流式读取异常，系统将按策略重试或结束。",
+    "einoRunRetryTitle": "🔁 临时错误重试",
+    "einoRunRetryErrorDetail": "具体报错",
     "iterationLimitReachedTitle": "⛔ 达到迭代上限",
     "iterationLimitReachedMessage": "已达到最大迭代次数，任务已停止继续自动迭代。",
     "einoPendingOrphanedTitle": "🧹 工具调用收尾补偿",
@@ -299,6 +479,9 @@
     "loadFailedRetry": "加载失败，请重试",
     "dataFormatError": "数据格式错误",
     "progressInProgress": "渗透测试进行中...",
+    "scrollToBottom": "回到底部",
+    "scrollToBottomHasNew": "↓ 有新内容",
+    "scrollToBottomNew": "↓ {{count}} 条新内容",
     "executionFailed": "执行失败",
     "penetrationTestComplete": "渗透测试完成",
     "yesterday": "昨天",
@@ -1577,6 +1760,11 @@
     "detailVulnId": "漏洞ID",
     "detailType": "类型",
     "detailTarget": "目标",
+    "detailProject": "所属项目",
+    "projectUnbound": "未绑定项目",
+    "projectBindHint": "绑定后 Agent 可在项目范围内查询到该漏洞",
+    "projectBindFailed": "绑定项目失败",
+    "projectBindOk": "已更新项目绑定",
     "detailConversationId": "会话ID",
     "detailTaskId": "任务ID",
     "detailTaskQueueId": "任务队列ID",
@@ -1896,17 +2084,25 @@
   "settingsRobotsExtra": {
     "botCommandsTitle": "机器人命令说明",
     "botCommandsDesc": "在对话中可发送以下命令（支持中英文）：",
+    "botCmdCategoryGeneral": "通用",
+    "botCmdCategoryConversation": "对话",
+    "botCmdCategoryRole": "角色",
+    "botCmdCategoryProject": "项目",
     "botCmdHelp": "显示本帮助 | Show this help",
     "botCmdList": "列出所有对话标题与 ID | List conversations",
     "botCmdSwitch": "指定对话继续 | Switch to conversation",
     "botCmdNew": "开启新对话 | Start new conversation",
     "botCmdClear": "清空当前上下文 | Clear context",
-    "botCmdCurrent": "显示当前对话 ID 与标题 | Show current conversation",
+    "botCmdCurrent": "显示当前对话、角色与项目 | Show current conversation",
     "botCmdStop": "中断当前任务 | Stop running task",
     "botCmdRoles": "列出所有可用角色 | List roles",
     "botCmdRole": "切换当前角色 | Switch role",
     "botCmdDelete": "删除指定对话 | Delete conversation",
     "botCmdVersion": "显示当前版本号 | Show version",
+    "botCmdProjects": "列出所有项目 | List projects",
+    "botCmdNewProject": "创建项目并绑定当前对话 | Create & bind project",
+    "botCmdBindProject": "将当前对话绑定到项目 | Bind conversation",
+    "botCmdUnbindProject": "解除当前对话的项目绑定 | Unbind project",
     "botCommandsFooter": "除以上命令外，直接输入内容将发送给 AI 进行渗透测试/安全分析。Otherwise, send any text for AI penetration testing / security analysis."
   },
   "mcpDetailModal": {
@@ -2078,6 +2274,9 @@
     "role": "角色",
     "defaultRole": "默认",
     "roleHint": "选择一个角色，所有任务将使用该角色的配置（提示词和工具）执行。",
+    "project": "所属项目",
+    "projectNone": "（未绑定）",
+    "projectHint": "可为队列绑定项目；留空则不绑定项目上下文。",
     "agentMode": "代理模式",
     "agentModeSingle": "单代理（ReAct）",
     "agentModeMulti": "多代理（Eino）",
@@ -2150,6 +2349,9 @@
     "add": "添加"
   },
   "vulnerabilityModal": {
+    "project": "所属项目",
+    "projectNone": "（未绑定）",
+    "projectHint": "绑定后 Agent 在项目范围内可通过 list_vulnerabilities 看到本条记录；留空则尝试从会话自动关联。",
     "conversationId": "会话ID",
     "conversationIdPlaceholder": "输入会话ID",
     "conversationTag": "对话标签",

web/static/js/chat-scroll.js

@@ -0,0 +1,347 @@
+/**
+ * 主对话区智能粘底滚动：流式输出时自动跟随，用户上滑阅读时不抢焦点。
+ * 主 POST 流（sendMessage）与刷新后 task-events 补流共用同一策略。
+ */
+(function () {
+    'use strict';
+
+    /** 距底部在此范围内才继续自动跟随（宜小，避免“差一点也被拽回去”） */
+    const CHAT_SCROLL_FOLLOW_THRESHOLD_PX = 48;
+    /** FAB 隐藏：用户已手动滚近底部 */
+    const CHAT_SCROLL_FAB_HIDE_THRESHOLD_PX = 120;
+    /** 用户上滑后的短暂锁，防止 SSE 与 scroll 事件竞态抢滚动 */
+    const DETACH_LOCK_MS = 280;
+
+    /** @type {'following' | 'detached'} */
+    let scrollMode = 'following';
+    let scrollFollowRaf = 0;
+    /** 用户脱离跟随后，下方是否有未读的新输出（不按 SSE 次数计） */
+    let hasPendingNewBelow = false;
+    let listenersBound = false;
+    let lastScrollTop = 0;
+    let programmaticScroll = false;
+    let detachLockUntil = 0;
+
+    function getChatMessagesEl() {
+        return document.getElementById('chat-messages');
+    }
+
+    /** 主 POST 流 + 刷新后 task-events 补流均视为「流式进行中」 */
+    function isStreamActive() {
+        try {
+            const live = window.__csAgentLiveStream;
+            if (live && live.active) return true;
+            const replay = window.__csTaskEventStream;
+            return !!(replay && replay.active);
+        } catch (e) {
+            return false;
+        }
+    }
+
+    function distanceFromBottom(el) {
+        if (!el) return 0;
+        const { scrollTop, scrollHeight, clientHeight } = el;
+        return scrollHeight - clientHeight - scrollTop;
+    }
+
+    function isNearBottom(thresholdPx) {
+        const el = getChatMessagesEl();
+        if (!el) return true;
+        return distanceFromBottom(el) <= thresholdPx;
+    }
+
+    function isChatMessagesPinnedToBottom() {
+        return isNearBottom(CHAT_SCROLL_FAB_HIDE_THRESHOLD_PX);
+    }
+
+    /** 已在底部时恢复 following（解决：手动滚到底但 scrollMode 仍为 detached） */
+    function resumeFollowingIfAtBottom() {
+        if (Date.now() < detachLockUntil) return false;
+        if (!isNearBottom(CHAT_SCROLL_FOLLOW_THRESHOLD_PX)) return false;
+        if (scrollMode === 'detached') setScrollFollowing();
+        return true;
+    }
+
+    function captureScrollPinState() {
+        if (Date.now() < detachLockUntil) return false;
+        if (resumeFollowingIfAtBottom()) return true;
+        return scrollMode === 'following';
+    }
+
+    function setScrollFollowing() {
+        scrollMode = 'following';
+        detachLockUntil = 0;
+        hasPendingNewBelow = false;
+        updateScrollToBottomFab();
+    }
+
+    function markPendingNewBelow() {
+        if (scrollMode !== 'detached') return;
+        hasPendingNewBelow = true;
+        updateScrollToBottomFab();
+    }
+
+    function setScrollDetached() {
+        scrollMode = 'detached';
+        detachLockUntil = Date.now() + DETACH_LOCK_MS;
+        cancelAnimationFrame(scrollFollowRaf);
+        if (isStreamActive()) {
+            hasPendingNewBelow = true;
+        }
+        updateScrollToBottomFab();
+    }
+
+    function scrollChatToBottomInstant() {
+        if (scrollMode !== 'following') return;
+        const el = getChatMessagesEl();
+        if (!el) return;
+        programmaticScroll = true;
+        el.scrollTop = el.scrollHeight;
+        lastScrollTop = el.scrollTop;
+        requestAnimationFrame(function () {
+            programmaticScroll = false;
+        });
+    }
+
+    function scrollChatToBottomSmooth() {
+        const el = getChatMessagesEl();
+        if (!el) return;
+        programmaticScroll = true;
+        el.scrollTo({ top: el.scrollHeight, behavior: 'smooth' });
+        requestAnimationFrame(function () {
+            programmaticScroll = false;
+            const node = getChatMessagesEl();
+            if (node) lastScrollTop = node.scrollTop;
+        });
+    }
+
+    function updateScrollToBottomFab() {
+        const fab = document.getElementById('chat-scroll-to-bottom');
+        if (!fab) return;
+
+        const show = scrollMode === 'detached' && !isNearBottom(CHAT_SCROLL_FAB_HIDE_THRESHOLD_PX);
+        fab.classList.toggle('visible', show);
+
+        let label;
+        if (hasPendingNewBelow) {
+            label = typeof window.t === 'function'
+                ? window.t('chat.scrollToBottomHasNew')
+                : '↓ 有新内容';
+        } else {
+            label = typeof window.t === 'function'
+                ? window.t('chat.scrollToBottom')
+                : '回到底部';
+        }
+        fab.setAttribute('aria-label', label);
+        fab.textContent = label;
+    }
+
+    function canAutoScrollNow(wasPinnedBeforeDomUpdate) {
+        if (Date.now() < detachLockUntil) return false;
+        if (resumeFollowingIfAtBottom()) return true;
+        if (scrollMode === 'detached') return false;
+        if (wasPinnedBeforeDomUpdate === true) return true;
+        return isNearBottom(CHAT_SCROLL_FOLLOW_THRESHOLD_PX);
+    }
+
+    function scheduleChatScrollToBottomIfFollowing(wasPinnedBeforeDomUpdate) {
+        if (!canAutoScrollNow(wasPinnedBeforeDomUpdate)) {
+            markPendingNewBelow();
+            return;
+        }
+        cancelAnimationFrame(scrollFollowRaf);
+        scrollFollowRaf = requestAnimationFrame(scrollChatToBottomInstant);
+    }
+
+    /** @param {boolean} wasPinned DOM 更新前是否应跟随（由 captureScrollPinState 传入） */
+    function scrollChatMessagesToBottomIfPinned(wasPinned) {
+        scheduleChatScrollToBottomIfFollowing(wasPinned);
+    }
+
+    function forceScrollChatToBottom(smooth) {
+        setScrollFollowing();
+        cancelAnimationFrame(scrollFollowRaf);
+        if (smooth) {
+            scrollChatToBottomSmooth();
+        } else {
+            scrollChatToBottomInstant();
+        }
+    }
+
+    function onUserSendMessage() {
+        setScrollFollowing();
+        scrollChatToBottomInstant();
+    }
+
+    function clearAllStreamingMarkers() {
+        document.querySelectorAll('.progress-container.is-streaming, .process-details-container.is-streaming').forEach(function (el) {
+            el.classList.remove('is-streaming');
+        });
+    }
+
+    function markProgressStreaming(active, progressId) {
+        if (!active) {
+            clearAllStreamingMarkers();
+            return;
+        }
+        if (!progressId) return;
+        const progressEl = document.getElementById(progressId);
+        const container = progressEl && progressEl.querySelector('.progress-container');
+        if (container) container.classList.add('is-streaming');
+    }
+
+    function markProcessDetailsStreaming(active, assistantDomId) {
+        if (!active) {
+            document.querySelectorAll('.process-details-container.is-streaming').forEach(function (el) {
+                el.classList.remove('is-streaming');
+            });
+            return;
+        }
+        if (!assistantDomId) return;
+        const container = document.getElementById('process-details-' + assistantDomId);
+        if (!container) return;
+        container.classList.add('is-streaming');
+        const timeline = container.querySelector('.progress-timeline');
+        if (timeline) timeline.classList.add('expanded');
+    }
+
+    function onStreamEnd() {
+        clearAllStreamingMarkers();
+        try {
+            window.__csTaskEventStream = { active: false, conversationId: null, assistantDomId: null, progressId: null };
+        } catch (e) { /* ignore */ }
+        updateScrollToBottomFab();
+    }
+
+    /** 刷新后会话 task-events 补流开始时，与 sendMessage 主流程对齐 */
+    function onTaskEventStreamBegin(conversationId, assistantDomId, progressId) {
+        try {
+            window.__csTaskEventStream = {
+                active: true,
+                conversationId: conversationId || null,
+                assistantDomId: assistantDomId || null,
+                progressId: progressId || null
+            };
+        } catch (e) { /* ignore */ }
+        markProcessDetailsStreaming(true, assistantDomId);
+        resumeFollowingIfAtBottom();
+        updateScrollToBottomFab();
+    }
+
+    function onTaskEventStreamEnd() {
+        onStreamEnd();
+    }
+
+    function applyMessageScrollOption(options) {
+        const opt = (options && options.scroll) || 'follow';
+        if (opt === 'none') return;
+        if (opt === 'force') {
+            forceScrollChatToBottom(false);
+            return;
+        }
+        scheduleChatScrollToBottomIfFollowing(captureScrollPinState());
+    }
+
+    /** 流式/用户未跟随时禁止 scrollIntoView 抢滚动 */
+    function scrollElementIntoViewIfFollowing(el, options) {
+        if (!el || !captureScrollPinState()) return;
+        el.scrollIntoView(options || { behavior: 'smooth', block: 'nearest' });
+    }
+
+    function onChatMessagesScroll() {
+        const el = getChatMessagesEl();
+        if (!el) return;
+
+        if (programmaticScroll) {
+            lastScrollTop = el.scrollTop;
+            return;
+        }
+
+        const st = el.scrollTop;
+        const scrolledUp = st < lastScrollTop - 1;
+
+        if (scrolledUp) {
+            setScrollDetached();
+        } else if (resumeFollowingIfAtBottom()) {
+            /* 拖滚动条/点击轨道跳到底部时也恢复跟随 */
+        }
+
+        lastScrollTop = st;
+        updateScrollToBottomFab();
+    }
+
+    function bindChatScrollListeners() {
+        if (listenersBound) return;
+        const el = getChatMessagesEl();
+        if (!el) return;
+        listenersBound = true;
+        lastScrollTop = el.scrollTop;
+
+        el.addEventListener('wheel', function (e) {
+            if (e.deltaY < -1) setScrollDetached();
+        }, { passive: true });
+
+        el.addEventListener('touchmove', function (e) {
+            if (e.touches && e.touches.length === 1) {
+                el._csTouchLastY = el._csTouchLastY != null ? el._csTouchLastY : e.touches[0].clientY;
+                if (e.touches[0].clientY > el._csTouchLastY + 4) {
+                    setScrollDetached();
+                }
+                el._csTouchLastY = e.touches[0].clientY;
+            }
+        }, { passive: true });
+        el.addEventListener('touchstart', function (e) {
+            if (e.touches && e.touches.length) {
+                el._csTouchLastY = e.touches[0].clientY;
+            }
+        }, { passive: true });
+        el.addEventListener('touchend', function () {
+            el._csTouchLastY = null;
+        }, { passive: true });
+
+        el.addEventListener('scroll', onChatMessagesScroll, { passive: true });
+
+        const fab = document.getElementById('chat-scroll-to-bottom');
+        if (fab) {
+            fab.addEventListener('click', function () {
+                forceScrollChatToBottom(true);
+            });
+        }
+    }
+
+    function initChatScroll() {
+        bindChatScrollListeners();
+        const el = getChatMessagesEl();
+        if (el) lastScrollTop = el.scrollTop;
+        updateScrollToBottomFab();
+    }
+
+    window.CyberStrikeChatScroll = {
+        init: initChatScroll,
+        onUserSendMessage: onUserSendMessage,
+        onStreamEnd: onStreamEnd,
+        onTaskEventStreamBegin: onTaskEventStreamBegin,
+        onTaskEventStreamEnd: onTaskEventStreamEnd,
+        captureScrollPinState: captureScrollPinState,
+        scheduleScroll: scheduleChatScrollToBottomIfFollowing,
+        scrollIfPinned: scrollChatMessagesToBottomIfPinned,
+        forceScrollToBottom: forceScrollChatToBottom,
+        applyMessageScroll: applyMessageScrollOption,
+        scrollIntoViewIfFollowing: scrollElementIntoViewIfFollowing,
+        isPinnedToBottom: isChatMessagesPinnedToBottom,
+        markProgressStreaming: markProgressStreaming,
+        markProcessDetailsStreaming: markProcessDetailsStreaming,
+        setScrollFollowing: setScrollFollowing,
+        setScrollDetached: setScrollDetached,
+    };
+
+    window.isChatMessagesPinnedToBottom = isChatMessagesPinnedToBottom;
+    window.captureScrollPinState = captureScrollPinState;
+    window.scrollChatMessagesToBottomIfPinned = scrollChatMessagesToBottomIfPinned;
+
+    if (document.readyState === 'loading') {
+        document.addEventListener('DOMContentLoaded', initChatScroll);
+    } else {
+        initChatScroll();
+    }
+})();

web/static/js/chat.js

@@ -646,6 +646,9 @@ function toggleAgentModePanel() {
     if (typeof closeRoleSelectionPanel === 'function') {
         closeRoleSelectionPanel();
     }
+    if (typeof closeChatProjectPanel === 'function') {
+        closeChatProjectPanel();
+    }
     panel.style.display = 'flex';
     btn.classList.add('active');
     btn.setAttribute('aria-expanded', 'true');
@@ -869,7 +872,10 @@ async function sendMessage() {
     const displayMessage = hasAttachments
         ? message + '\n' + chatAttachments.map(a => '📎 ' + a.fileName).join('\n')
         : message;
-    addMessage('user', displayMessage);
+    if (window.CyberStrikeChatScroll) {
+        window.CyberStrikeChatScroll.onUserSendMessage();
+    }
+    addMessage('user', displayMessage, null, null, null, { scroll: 'none' });
     
     // 清除防抖定时器，防止在清空输入框后重新保存草稿
     if (draftSaveTimer) {
@@ -897,6 +903,10 @@ async function sendMessage() {
         conversationId: currentConversationId,
         role: typeof getCurrentRole === 'function' ? getCurrentRole() : ''
     };
+    if (!currentConversationId && typeof getActiveProjectId === 'function') {
+        const pid = getActiveProjectId();
+        if (pid) body.projectId = pid;
+    }
     const hitlCfg = readHitlConfigFromForm();
     if (normalizeHitlMode(hitlCfg.mode) !== HITL_MODE_OFF) {
         const sensitiveTools = hitlToolsSplitToArray(hitlCfg.sensitiveTools || '');
@@ -923,6 +933,10 @@ async function sendMessage() {
 
     // 创建进度消息容器（使用详细的进度展示）
     const progressId = addProgressMessage();
+    if (window.CyberStrikeChatScroll) {
+        window.CyberStrikeChatScroll.markProgressStreaming(true, progressId);
+        window.CyberStrikeChatScroll.onUserSendMessage();
+    }
     const progressElement = document.getElementById(progressId);
     registerProgressTask(progressId, currentConversationId);
     loadActiveTasks();
@@ -981,6 +995,8 @@ async function sendMessage() {
                     }
                 }
             }
+            // Flush decoder internal buffer to avoid losing the final partial UTF-8 code point.
+            buffer += decoder.decode();
 
             // 处理剩余的buffer
             if (buffer.trim()) {
@@ -1000,6 +1016,9 @@ async function sendMessage() {
             }
         } finally {
             window.__csAgentLiveStream = { active: false, conversationId: null, progressId: null };
+            if (window.CyberStrikeChatScroll) {
+                window.CyberStrikeChatScroll.onStreamEnd();
+            }
         }
 
         // 消息发送成功后，再次确保草稿被清除
@@ -2142,7 +2161,11 @@ function addMessage(role, content, mcpExecutionIds = null, progressId = null, cr
         messageDiv.setAttribute('data-system-ready-message', '1');
     }
     messagesDiv.appendChild(messageDiv);
-    messagesDiv.scrollTop = messagesDiv.scrollHeight;
+    if (window.CyberStrikeChatScroll) {
+        window.CyberStrikeChatScroll.applyMessageScroll(options);
+    } else {
+        messagesDiv.scrollTop = messagesDiv.scrollHeight;
+    }
     return id;
 }
 
@@ -2458,6 +2481,20 @@ function renderProcessDetails(messageId, processDetails) {
             itemTitle = agPx + execLine;
         } else if (eventType === 'eino_agent_reply') {
             itemTitle = agPx + '💬 ' + (typeof window.t === 'function' ? window.t('chat.einoAgentReplyTitle') : '子代理回复');
+        } else if (eventType === 'eino_run_retry') {
+            itemTitle = typeof window.t === 'function'
+                ? window.t('chat.einoRunRetryTitle')
+                : '🔁 临时错误重试';
+            const errRaw = data && data.error != null ? String(data.error).trim() : '';
+            if (errRaw) {
+                const detailLabel = typeof window.t === 'function'
+                    ? window.t('chat.einoRunRetryErrorDetail')
+                    : '错误详情';
+                if (!title || String(title).indexOf(errRaw) === -1) {
+                    const merged = title ? (String(title) + '\n' + detailLabel + '：' + errRaw) : (detailLabel + '：' + errRaw);
+                    detail.message = merged;
+                }
+            }
         } else if (eventType === 'knowledge_retrieval') {
             itemTitle = '📚 ' + (typeof window.t === 'function' ? window.t('chat.knowledgeRetrieval') : '知识检索');
         } else if (eventType === 'error') {
@@ -2900,10 +2937,17 @@ async function startNewConversation() {
     }
     
     currentConversationId = null;
+    window._loadedConversationProjectId = '';
     try {
         window.currentConversationId = '';
     } catch (e) { /* ignore */ }
     currentConversationGroupId = null; // 新对话不属于任何分组
+    if (typeof ensureDefaultActiveProjectForNewChat === 'function') {
+        ensureDefaultActiveProjectForNewChat().catch(() => {});
+    }
+    if (typeof refreshChatProjectSelector === 'function') {
+        refreshChatProjectSelector();
+    }
     document.getElementById('chat-messages').innerHTML = '';
     const readyMsgNew = typeof window.t === 'function' ? window.t('chat.systemReadyMessage') : '系统已就绪。请输入您的测试需求，系统将自动执行相应的安全测试。';
     addMessage('assistant', readyMsgNew, null, null, null, { systemReadyMessage: true });
@@ -3158,9 +3202,13 @@ async function loadConversation(conversationId) {
         
         // 更新当前对话ID
         currentConversationId = conversationId;
+        window._loadedConversationProjectId = conversation.projectId || conversation.project_id || '';
         try {
             window.currentConversationId = conversationId;
         } catch (e) { /* ignore */ }
+        if (typeof refreshChatProjectSelector === 'function') {
+            refreshChatProjectSelector();
+        }
         if (typeof window.syncHitlConfigFromServer === 'function') {
             await window.syncHitlConfigFromServer(conversationId);
         } else {
@@ -3278,7 +3326,11 @@ async function loadConversation(conversationId) {
                         if (offset < rest.length) {
                             requestAnimationFrame(renderNextBatch);
                         } else {
-                            messagesDiv.scrollTop = messagesDiv.scrollHeight;
+                            if (window.CyberStrikeChatScroll) {
+                                window.CyberStrikeChatScroll.forceScrollToBottom(false);
+                            } else {
+                                messagesDiv.scrollTop = messagesDiv.scrollHeight;
+                            }
                             resolve();
                         }
                     };
@@ -3286,7 +3338,11 @@ async function loadConversation(conversationId) {
                 });
             }
 
-            messagesDiv.scrollTop = messagesDiv.scrollHeight;
+            if (window.CyberStrikeChatScroll) {
+                window.CyberStrikeChatScroll.forceScrollToBottom(false);
+            } else {
+                messagesDiv.scrollTop = messagesDiv.scrollHeight;
+            }
             addAttackChainButton(conversationId);
             await pendingMessageBatches;
             if (seq !== loadConversationRequestSeq) {
@@ -3297,8 +3353,12 @@ async function loadConversation(conversationId) {
             }
         } else {
             const readyMsgEmpty = typeof window.t === 'function' ? window.t('chat.systemReadyMessage') : '系统已就绪。请输入您的测试需求，系统将自动执行相应的安全测试。';
-            addMessage('assistant', readyMsgEmpty, null, null, null, { systemReadyMessage: true });
-            messagesDiv.scrollTop = messagesDiv.scrollHeight;
+            addMessage('assistant', readyMsgEmpty, null, null, null, { systemReadyMessage: true, scroll: 'force' });
+            if (window.CyberStrikeChatScroll) {
+                window.CyberStrikeChatScroll.forceScrollToBottom(false);
+            } else {
+                messagesDiv.scrollTop = messagesDiv.scrollHeight;
+            }
             addAttackChainButton(conversationId);
             if (seq !== loadConversationRequestSeq) {
                 return;

web/static/js/info-collect.js

@@ -1028,7 +1028,12 @@ async function batchScanSelectedFofaRows() {
         const resp = await apiFetch('/api/batch-tasks', {
             method: 'POST',
             headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({ title, tasks, role })
+            body: JSON.stringify({
+                title,
+                tasks,
+                role,
+                projectId: typeof getActiveProjectId === 'function' ? getActiveProjectId() || '' : '',
+            })
         });
         const result = await resp.json().catch(() => ({}));
         if (!resp.ok) {

web/static/js/knowledge.js

@@ -2068,69 +2068,78 @@ function showToastNotification(message, type = 'info') {
     const toast = document.createElement('div');
     toast.className = `toast-notification toast-${type}`;
     
-    // 根据类型设置颜色
     const typeStyles = {
         success: {
-            background: '#28a745',
-            color: '#fff',
-            icon: '✅'
+            background: '#f4fbf6',
+            border: '1px solid #cce8d4',
+            color: '#3d6654',
+            iconColor: '#52a06a',
+            icon: '<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true"><circle cx="8" cy="8" r="7" stroke="currentColor" stroke-width="1.2"/><path d="M5 8l2 2 4-4" stroke="currentColor" stroke-width="1.4" stroke-linecap="round" stroke-linejoin="round"/></svg>'
         },
         error: {
-            background: '#dc3545',
-            color: '#fff',
-            icon: '❌'
+            background: '#fef7f7',
+            border: '1px solid #f3d0d0',
+            color: '#8b4444',
+            iconColor: '#c96a6a',
+            icon: '<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true"><circle cx="8" cy="8" r="7" stroke="currentColor" stroke-width="1.2"/><path d="M6 6l4 4M10 6l-4 4" stroke="currentColor" stroke-width="1.4" stroke-linecap="round"/></svg>'
         },
         info: {
-            background: '#17a2b8',
-            color: '#fff',
-            icon: 'ℹ️'
+            background: '#f5f9ff',
+            border: '1px solid #cfe0f5',
+            color: '#4a6078',
+            iconColor: '#6b8fbf',
+            icon: '<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true"><circle cx="8" cy="8" r="7" stroke="currentColor" stroke-width="1.2"/><path d="M8 7v4M8 5.5v.01" stroke="currentColor" stroke-width="1.4" stroke-linecap="round"/></svg>'
         },
         warning: {
-            background: '#ffc107',
-            color: '#000',
-            icon: '⚠️'
+            background: '#fffbf3',
+            border: '1px solid #f0dfc0',
+            color: '#7a6535',
+            iconColor: '#c4a04a',
+            icon: '<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true"><path d="M8 2.5l6 10.5H2L8 2.5z" stroke="currentColor" stroke-width="1.2" stroke-linejoin="round"/><path d="M8 7v2.5M8 11v.01" stroke="currentColor" stroke-width="1.4" stroke-linecap="round"/></svg>'
         }
     };
-    
+
     const style = typeStyles[type] || typeStyles.info;
-    
+
     toast.style.cssText = `
         background: ${style.background};
+        border: ${style.border};
         color: ${style.color};
-        padding: 14px 20px;
-        border-radius: 8px;
-        box-shadow: 0 4px 12px rgba(0, 0, 0, 0.15);
-        min-width: 300px;
-        max-width: 500px;
+        padding: 10px 14px;
+        border-radius: 10px;
+        box-shadow: 0 2px 8px rgba(15, 23, 42, 0.06);
+        min-width: 220px;
+        max-width: 420px;
         pointer-events: auto;
-        animation: slideInRight 0.3s ease-out;
+        animation: slideInRight 0.25s ease-out;
         display: flex;
         align-items: center;
-        gap: 12px;
-        font-size: 0.9375rem;
-        line-height: 1.5;
+        gap: 10px;
+        font-size: 0.875rem;
+        line-height: 1.45;
         word-wrap: break-word;
+        backdrop-filter: blur(8px);
     `;
-    
+
     toast.innerHTML = `
-        <span style="font-size: 1.2em; flex-shrink: 0;">${style.icon}</span>
+        <span style="color: ${style.iconColor}; flex-shrink: 0; display: flex; align-items: center;">${style.icon}</span>
         <span style="flex: 1;">${escapeHtml(message)}</span>
         <button onclick="this.parentElement.remove()" style="
             background: transparent;
             border: none;
             color: ${style.color};
             cursor: pointer;
-            font-size: 1.2em;
+            font-size: 1rem;
             padding: 0;
-            margin-left: 8px;
-            opacity: 0.7;
+            margin-left: 4px;
+            opacity: 0.45;
             flex-shrink: 0;
-            width: 24px;
-            height: 24px;
+            width: 20px;
+            height: 20px;
             display: flex;
             align-items: center;
             justify-content: center;
-        " onmouseover="this.style.opacity='1'" onmouseout="this.style.opacity='0.7'">×</button>
+        " onmouseover="this.style.opacity='0.75'" onmouseout="this.style.opacity='0.45'">×</button>
     `;
     
     container.appendChild(toast);
@@ -2156,7 +2165,7 @@ if (!document.getElementById('toast-notification-styles')) {
     style.textContent = `
         @keyframes slideInRight {
             from {
-                transform: translateX(100%);
+                transform: translateX(16px);
                 opacity: 0;
             }
             to {
@@ -2170,7 +2179,7 @@ if (!document.getElementById('toast-notification-styles')) {
                 opacity: 1;
             }
             to {
-                transform: translateX(100%);
+                transform: translateX(16px);
                 opacity: 0;
             }
         }

web/static/js/monitor.js

@@ -208,22 +208,83 @@ if (typeof window !== 'undefined') {
     window.formatTimelineStreamBody = formatTimelineStreamBody;
 }
 
-// 存储工具调用ID到DOM元素的映射，用于更新执行状态
+// 存储工具调用ID到DOM元素的映射，用于更新执行状态。
+// 键必须带 progressId 作用域，避免不同任务复用相同 toolCallId 时串线。
 const toolCallStatusMap = new Map();
 
+function toolCallMapKey(progressId, toolCallId) {
+    return String(progressId) + '::' + String(toolCallId);
+}
+
+function getToolCallMapping(progressId, toolCallId) {
+    if (!toolCallId) return null;
+    const scoped = toolCallStatusMap.get(toolCallMapKey(progressId, toolCallId));
+    if (scoped) return scoped;
+    // 兼容历史遗留：若 map 中还有旧格式 key（仅 toolCallId），兜底读取。
+    return toolCallStatusMap.get(String(toolCallId)) || null;
+}
+
 function finalizeOutstandingToolCallsForProgress(progressId, finalStatus) {
     if (!progressId) return;
     const pid = String(progressId);
-    for (const [toolCallId, mapping] of Array.from(toolCallStatusMap.entries())) {
+    for (const [mapKey, mapping] of Array.from(toolCallStatusMap.entries())) {
         if (!mapping) continue;
         if (mapping.progressId != null && String(mapping.progressId) !== pid) continue;
-        updateToolCallStatus(toolCallId, finalStatus);
-        toolCallStatusMap.delete(toolCallId);
+        const tcid = mapping.toolCallId || (String(mapKey).includes('::') ? String(mapKey).split('::').slice(1).join('::') : String(mapKey));
+        updateToolCallStatus(mapping.progressId || progressId, tcid, finalStatus);
+        toolCallStatusMap.delete(mapKey);
     }
 }
 
 // 模型流式输出缓存：progressId -> { assistantId, buffer }
 const responseStreamStateByProgressId = new Map();
+// 主通道当前迭代轮次缓存：progressId -> { iteration, orchestration }
+const mainIterationStateByProgressId = new Map();
+
+/** 同一段主通道流式输出（Eino 可能重复 response_start） */
+function sameMainResponseStreamMeta(a, b) {
+    if (!a || !b) return false;
+    const agentA = String(a.einoAgent != null ? a.einoAgent : '').trim();
+    const agentB = String(b.einoAgent != null ? b.einoAgent : '').trim();
+    if (!agentA || agentA !== agentB) return false;
+    const orchA = String(a.orchestration != null ? a.orchestration : '').trim();
+    const orchB = String(b.orchestration != null ? b.orchestration : '').trim();
+    return orchA === orchB;
+}
+
+function resolveMainIterationTag(progressId, responseData) {
+    const d = responseData || {};
+    if (d.iteration != null) {
+        return String(d.iteration);
+    }
+    const cached = mainIterationStateByProgressId.get(String(progressId));
+    if (!cached || cached.iteration == null) {
+        return '';
+    }
+    const cachedOrch = String(cached.orchestration != null ? cached.orchestration : '').trim();
+    const streamOrch = String(d.orchestration != null ? d.orchestration : '').trim();
+    if (cachedOrch && streamOrch && cachedOrch !== streamOrch) {
+        return '';
+    }
+    return String(cached.iteration);
+}
+
+function buildMainResponseStreamIdentity(progressId, responseData) {
+    const d = responseData || {};
+    const agent = String(d.einoAgent != null ? d.einoAgent : '').trim();
+    const orch = String(d.orchestration != null ? d.orchestration : '').trim();
+    const iterTag = resolveMainIterationTag(progressId, d);
+    return agent + '|' + orch + '|iter=' + iterTag;
+}
+
+function extractIterationTagFromStreamIdentity(identity) {
+    const s = String(identity || '');
+    const idx = s.lastIndexOf('|iter=');
+    if (idx < 0) {
+        return '';
+    }
+    return s.slice(idx + 6);
+}
 
 // AI 思考流式输出：progressId -> Map(streamId -> { itemId, buffer })
 const thinkingStreamStateByProgressId = new Map();
@@ -355,6 +416,118 @@ function _normalizeUnicodeBulletMarkersToMdDash(segment) {
         .replace(/^\s*\u00b7\s+/gm, '- ');
 }
 
+/**
+ * 修正模型常见的强调语法偏差：
+ * 1) 把 `\*\*文本\*\*` 还原为 `**文本**`（常见于多层转义输出）
+ * 2) 把 `** 文本 **` 收敛为 `**文本**`（避免分隔符内空格导致不生效）
+ * 仅处理单行内容，避免跨段落误匹配。
+ */
+function _normalizeEmphasisMarkersForMarkdown(segment) {
+    const raw = String(segment);
+    const maskInlineCode = (input) => {
+        const blocks = [];
+        const masked = input.replace(/`[^`\n]*`/g, (m) => {
+            const token = '__CS_INLINE_CODE_' + blocks.length + '__';
+            blocks.push(m);
+            return token;
+        });
+        return { masked, blocks };
+    };
+    const unmaskInlineCode = (input, blocks) => {
+        let out = input;
+        for (let i = 0; i < blocks.length; i++) {
+            out = out.replace('__CS_INLINE_CODE_' + i + '__', blocks[i]);
+        }
+        return out;
+    };
+    const isWordLike = (ch) => /[\u4e00-\u9fffA-Za-z0-9]/.test(ch || '');
+    const countUnescapedStrongMarkers = (text) => {
+        let count = 0;
+        for (let i = 0; i < text.length - 1; i++) {
+            if (text.charAt(i) === '*' && text.charAt(i + 1) === '*') {
+                if (i > 0 && text.charAt(i - 1) === '\\') {
+                    continue;
+                }
+                count++;
+                i++;
+            }
+        }
+        return count;
+    };
+    const normalizeLine = (line) => {
+        let lineWork = line;
+        // 奇数个 `**` 往往意味着有一个孤立标记；仅清理「空白夹着的 **」这类高置信噪声。
+        while (countUnescapedStrongMarkers(lineWork) % 2 === 1) {
+            const next = lineWork.replace(/\s\*\*\s/g, ' ');
+            if (next === lineWork) break;
+            lineWork = next;
+        }
+        let out = '';
+        let cursor = 0;
+        while (cursor < lineWork.length) {
+            const open = lineWork.indexOf('**', cursor);
+            if (open < 0) {
+                out += lineWork.slice(cursor);
+                break;
+            }
+            // 允许 `\*\*text\*\*` 先还原，escaped 星号本身不作为强调标记。
+            if (open > 0 && lineWork.charAt(open - 1) === '\\') {
+                out += lineWork.slice(cursor, open + 2);
+                cursor = open + 2;
+                continue;
+            }
+            let close = open + 2;
+            while (true) {
+                close = lineWork.indexOf('**', close);
+                if (close < 0) break;
+                if (close > 0 && lineWork.charAt(close - 1) === '\\') {
+                    close += 2;
+                    continue;
+                }
+                break;
+            }
+            if (close < 0) {
+                out += lineWork.slice(cursor);
+                break;
+            }
+
+            let prefix = lineWork.slice(cursor, open);
+            const innerRaw = lineWork.slice(open + 2, close);
+            const inner = innerRaw.trim();
+            const next = lineWork.charAt(close + 2);
+            const prevTail = prefix.charAt(prefix.length - 1);
+
+            // 内部为空时不改写，避免把 `****` 等异常输入改坏。
+            if (!inner) {
+                out += lineWork.slice(cursor, close + 2);
+                cursor = close + 2;
+                continue;
+            }
+
+            // CJK/字母数字与强调标记紧邻时补边界空格，提升解析稳定性。
+            if (isWordLike(prevTail) && !/\s$/.test(prefix)) {
+                prefix += ' ';
+            }
+            out += prefix + '**' + inner + '**';
+            if (isWordLike(next)) {
+                out += ' ';
+            }
+            cursor = close + 2;
+        }
+        return out;
+    };
+
+    // 先还原常见 escaped strong，再做成对规范化。
+    let s = raw.replace(/\\\*\*([^\n*][^\n]*?[^\n*])\\\*\*/g, '**$1**');
+    const masked = maskInlineCode(s);
+    s = masked.masked
+        .split('\n')
+        .map(normalizeLine)
+        .join('\n');
+    s = unmaskInlineCode(s, masked.blocks);
+    return s;
+}
+
 /**
  * 解析前归一化助手 Markdown：去掉零宽字符，NFKC 将全角 * ` _ 等转为 ASCII，
  * 避免 marked 无法识别强调/行内代码而原样显示 **、反引号；
@@ -371,6 +544,7 @@ function normalizeAssistantMarkdownSource(text) {
     } catch (e) {
         /* ignore */
     }
+    s = _normalizeEmphasisMarkersForMarkdown(s);
     s = _stripXmlReasoningWrappersForMarkdown(s);
     const fb = _maskFencedCodeBlocksForMdPreprocess(s);
     s = _unwrapHtmlBlockWrappersForMarkdown(fb.masked);
@@ -519,23 +693,6 @@ function isConversationTaskRunning(conversationId) {
     return conversationExecutionTracker.isRunning(conversationId);
 }
 
-/** 距底部该像素内视为「跟随底部」；流式输出时仅在此情况下自动滚到底部，避免用户上滑查看历史时被强制拉回 */
-const CHAT_SCROLL_PIN_THRESHOLD_PX = 120;
-
-/** wasPinned 须在 DOM 追加内容之前计算，否则 scrollHeight 变大后会误判 */
-function scrollChatMessagesToBottomIfPinned(wasPinned) {
-    const messagesDiv = document.getElementById('chat-messages');
-    if (!messagesDiv || !wasPinned) return;
-    messagesDiv.scrollTop = messagesDiv.scrollHeight;
-}
-
-function isChatMessagesPinnedToBottom() {
-    const messagesDiv = document.getElementById('chat-messages');
-    if (!messagesDiv) return true;
-    const { scrollTop, scrollHeight, clientHeight } = messagesDiv;
-    return scrollHeight - clientHeight - scrollTop <= CHAT_SCROLL_PIN_THRESHOLD_PX;
-}
-
 /** 顶栏「停止任务」与进度条按钮对齐时，用会话 ID 反查当前页的 progress 块 ID（无则弹窗内仍可按会话取消） */
 function findProgressIdByConversationId(conversationId) {
     if (!conversationId) {
@@ -777,8 +934,16 @@ function addProgressMessage() {
     messageDiv.appendChild(contentWrapper);
     messageDiv.dataset.conversationId = currentConversationId || '';
     messagesDiv.appendChild(messageDiv);
-    messagesDiv.scrollTop = messagesDiv.scrollHeight;
-    
+    bubble.classList.add('is-streaming');
+    const progressWasPinned = typeof window.captureScrollPinState === 'function'
+        ? window.captureScrollPinState()
+        : true;
+    if (typeof window.scrollChatMessagesToBottomIfPinned === 'function') {
+        window.scrollChatMessagesToBottomIfPinned(progressWasPinned);
+    } else if (progressWasPinned) {
+        messagesDiv.scrollTop = messagesDiv.scrollHeight;
+    }
+
     return id;
 }
 
@@ -1075,11 +1240,14 @@ function toggleProcessDetails(progressId, assistantMessageId) {
         }
     }
     
-    // 滚动到展开的详情位置，而不是滚动到底部
+    // 滚动到展开的详情位置（流式且用户上滑阅读时不抢主列表滚动）
     if (timeline && timeline.classList.contains('expanded')) {
         setTimeout(() => {
-            // 使用 scrollIntoView 滚动到详情容器位置
-            detailsContainer.scrollIntoView({ behavior: 'smooth', block: 'nearest' });
+            if (window.CyberStrikeChatScroll && typeof window.CyberStrikeChatScroll.scrollIntoViewIfFollowing === 'function') {
+                window.CyberStrikeChatScroll.scrollIntoViewIfFollowing(detailsContainer, { behavior: 'smooth', block: 'nearest' });
+            } else if (typeof window.captureScrollPinState === 'function' ? window.captureScrollPinState() : true) {
+                detailsContainer.scrollIntoView({ behavior: 'smooth', block: 'nearest' });
+            }
         }, 100);
     }
 }
@@ -1166,7 +1334,9 @@ function convertProgressToDetails(progressId, assistantMessageId) {
     
     // 将详情组件插入到助手消息之后
     const messagesDiv = document.getElementById('chat-messages');
-    const insertWasPinned = isChatMessagesPinnedToBottom();
+    const insertWasPinned = typeof window.captureScrollPinState === 'function'
+        ? window.captureScrollPinState()
+        : (typeof window.isChatMessagesPinnedToBottom === 'function' ? window.isChatMessagesPinnedToBottom() : true);
     // assistantElement 是消息div，需要插入到它的下一个兄弟节点之前
     if (assistantElement.nextSibling) {
         messagesDiv.insertBefore(detailsDiv, assistantElement.nextSibling);
@@ -1250,10 +1420,28 @@ function mergeMcpExecutionIDLists(prev, next) {
     return out;
 }
 
+function formatEinoRunRetryMessage(message, data) {
+    const d = data && typeof data === 'object' ? data : {};
+    const base = String(message || '').trim();
+    const errRaw = d.error != null ? String(d.error).trim() : '';
+    if (!errRaw) {
+        return base;
+    }
+    const detailLabel = typeof window.t === 'function'
+        ? window.t('chat.einoRunRetryErrorDetail')
+        : '错误详情';
+    if (base && base.indexOf(errRaw) !== -1) {
+        return base;
+    }
+    return base ? (base + '\n' + detailLabel + '：' + errRaw) : (detailLabel + '：' + errRaw);
+}
+
 // 处理流式事件
 function handleStreamEvent(event, progressElement, progressId, 
                           getAssistantId, setAssistantId, getMcpIds, setMcpIds) {
-    const streamScrollWasPinned = isChatMessagesPinnedToBottom();
+    const streamScrollWasPinned = typeof window.captureScrollPinState === 'function'
+        ? window.captureScrollPinState()
+        : (typeof window.isChatMessagesPinnedToBottom === 'function' ? window.isChatMessagesPinnedToBottom() : true);
 
     // 不依赖进度时间线；在首条 SSE 即可绑定用户消息 ID
     if (event.type === 'message_saved') {
@@ -1333,6 +1521,13 @@ function handleStreamEvent(event, progressElement, progressId,
         case 'iteration': {
             const d = event.data || {};
             const n = d.iteration != null ? d.iteration : 1;
+            const scope = d.einoScope != null ? String(d.einoScope).trim() : '';
+            if (scope !== 'sub') {
+                mainIterationStateByProgressId.set(String(progressId), {
+                    iteration: n,
+                    orchestration: d.orchestration != null ? d.orchestration : ''
+                });
+            }
             let iterTitle;
             if (d.orchestration === 'plan_execute' && d.einoScope === 'main') {
                 const phase = translatePlanExecuteAgentName(d.einoAgent != null ? d.einoAgent : '');
@@ -1559,6 +1754,20 @@ function handleStreamEvent(event, progressElement, progressId,
             break;
         }
 
+        case 'eino_run_retry': {
+            const d = event.data || {};
+            const title = typeof window.t === 'function'
+                ? window.t('chat.einoRunRetryTitle')
+                : '🔁 临时错误重试';
+            const msg = formatEinoRunRetryMessage(event.message, d);
+            addTimelineItem(timeline, 'warning', {
+                title: title,
+                message: msg,
+                data: d
+            });
+            break;
+        }
+
         case 'iteration_limit_reached': {
             addTimelineItem(timeline, 'warning', {
                 title: typeof window.t === 'function' ? window.t('chat.iterationLimitReachedTitle') : '⛔ 达到迭代上限',
@@ -1592,6 +1801,17 @@ function handleStreamEvent(event, progressElement, progressId,
             const index = toolInfo.index || 0;
             const total = toolInfo.total || 0;
             const toolCallId = toolInfo.toolCallId || null;
+            if (toolCallId) {
+                const existing = getToolCallMapping(progressId, toolCallId);
+                if (existing && existing.itemId) {
+                    const existingItem = document.getElementById(existing.itemId);
+                    if (existingItem) {
+                        // 同一 toolCallId 的重复 tool_call（重试/补发）只更新状态，不重复追加条目。
+                        updateToolCallStatus(progressId, toolCallId, 'running');
+                        break;
+                    }
+                }
+            }
             const toolCallTitle = formatToolCallTimelineTitle(toolName, index, total);
             const toolCallItemId = addTimelineItem(timeline, 'tool_call', {
                 title: timelineAgentBracketPrefix(toolInfo) + '🔧 ' + toolCallTitle,
@@ -1602,14 +1822,16 @@ function handleStreamEvent(event, progressElement, progressId,
             
             // 如果有toolCallId，存储映射关系以便后续更新状态
             if (toolCallId && toolCallItemId) {
-                toolCallStatusMap.set(toolCallId, {
+                const mapKey = toolCallMapKey(progressId, toolCallId);
+                toolCallStatusMap.set(mapKey, {
+                    toolCallId: toolCallId,
                     itemId: toolCallItemId,
                     timeline: timeline,
                     progressId: progressId
                 });
                 
                 // 添加执行中状态指示器
-                updateToolCallStatus(toolCallId, 'running');
+                updateToolCallStatus(progressId, toolCallId, 'running');
             }
             break;
 
@@ -1624,7 +1846,7 @@ function handleStreamEvent(event, progressElement, progressId,
             if (!deltaText) break;
 
             if (!state) {
-                const mapping = toolCallStatusMap.get(toolCallId);
+                const mapping = getToolCallMapping(progressId, toolCallId);
                 let callItemId = mapping && mapping.itemId ? mapping.itemId : null;
                 if (callItemId) {
                     const callItem = document.getElementById(callItemId);
@@ -1670,24 +1892,26 @@ function handleStreamEvent(event, progressElement, progressId,
                         mergeToolResultIntoCallItem(streamCallItem, resultInfo);
                     }
                     toolResultStreamStateByKey.delete(key);
-                    if (toolCallStatusMap.has(resultToolCallId)) {
-                        updateToolCallStatus(resultToolCallId, success ? 'completed' : 'failed');
-                        toolCallStatusMap.delete(resultToolCallId);
+                    const mapKey = toolCallMapKey(progressId, resultToolCallId);
+                    if (toolCallStatusMap.has(mapKey)) {
+                        updateToolCallStatus(progressId, resultToolCallId, success ? 'completed' : 'failed');
+                        toolCallStatusMap.delete(mapKey);
                     }
                     break;
                 }
-                if (attachToolResultToCall(resultToolCallId, resultInfo)) {
-                    if (toolCallStatusMap.has(resultToolCallId)) {
-                        updateToolCallStatus(resultToolCallId, success ? 'completed' : 'failed');
-                        toolCallStatusMap.delete(resultToolCallId);
+                if (attachToolResultToCall(progressId, resultToolCallId, resultInfo)) {
+                    const mapKey = toolCallMapKey(progressId, resultToolCallId);
+                    if (toolCallStatusMap.has(mapKey)) {
+                        updateToolCallStatus(progressId, resultToolCallId, success ? 'completed' : 'failed');
+                        toolCallStatusMap.delete(mapKey);
                     }
                     break;
                 }
             }
 
-            if (resultToolCallId && toolCallStatusMap.has(resultToolCallId)) {
-                updateToolCallStatus(resultToolCallId, success ? 'completed' : 'failed');
-                toolCallStatusMap.delete(resultToolCallId);
+            if (resultToolCallId && toolCallStatusMap.has(toolCallMapKey(progressId, resultToolCallId))) {
+                updateToolCallStatus(progressId, resultToolCallId, success ? 'completed' : 'failed');
+                toolCallStatusMap.delete(toolCallMapKey(progressId, resultToolCallId));
             }
             addTimelineItem(timeline, 'tool_result', {
                 title: timelineAgentBracketPrefix(resultInfo) + statusIcon + ' ' + resultExecText,
@@ -1871,6 +2095,8 @@ function handleStreamEvent(event, progressElement, progressId,
             const responseOriginalConversationId = responseTaskState?.conversationId;
 
             const responseData = event.data || {};
+            const streamIdentity = buildMainResponseStreamIdentity(progressId, responseData);
+            const streamIterTag = extractIterationTagFromStreamIdentity(streamIdentity);
             const mcpIds = responseData.mcpExecutionIds || [];
             setMcpIds(mergeMcpExecutionIDLists(typeof getMcpIds === 'function' ? (getMcpIds() || []) : [], mcpIds));
 
@@ -1889,16 +2115,34 @@ function handleStreamEvent(event, progressElement, progressId,
             }
 
             // 多代理模式下，迭代过程中的输出只显示在时间线中，不创建助手消息气泡
-            // 同一 progressId 再次 response_start 时先移除旧占位，避免多条「助手输出」卡片且仅最后一条收 delta
-            // 改为保留旧占位，让每一段 response_start 都能在时间线中完整展示。
-            // 创建时间线条目用于显示迭代过程中的输出
+            const prevStream = responseStreamStateByProgressId.get(progressId);
+            const prevIterTag = extractIterationTagFromStreamIdentity(prevStream && prevStream.streamIdentity ? prevStream.streamIdentity : '');
+            const compatibleIterTag = !prevIterTag || !streamIterTag || prevIterTag === streamIterTag;
+            if (
+                prevStream &&
+                prevStream.itemId &&
+                sameMainResponseStreamMeta(prevStream.streamMeta, responseData) &&
+                compatibleIterTag
+            ) {
+                // Eino 可能对同一段流重复发 response_start；复用已有条目与 buffer，避免多条「助手输出」
+                prevStream.streamMeta = Object.assign({}, prevStream.streamMeta || {}, responseData);
+                // 若此前轮次未知（空），在后续事件带来轮次后升级 identity，避免跨轮误复用。
+                prevStream.streamIdentity = streamIdentity;
+                responseStreamStateByProgressId.set(progressId, prevStream);
+                break;
+            }
             const title = einoMainStreamPlanningTitle(responseData);
             const itemId = addTimelineItem(timeline, 'thinking', {
                 title: title,
                 message: ' ',
                 data: Object.assign({}, responseData, { responseStreamPlaceholder: true })
             });
-            responseStreamStateByProgressId.set(progressId, { itemId: itemId, buffer: '', streamMeta: responseData });
+            responseStreamStateByProgressId.set(progressId, {
+                itemId: itemId,
+                buffer: '',
+                streamMeta: responseData,
+                streamIdentity: streamIdentity
+            });
             break;
         }
 
@@ -2067,11 +2311,13 @@ function handleStreamEvent(event, progressElement, progressId,
             loadActiveTasks();
             // Close any remaining running tool calls for this progress.
             finalizeOutstandingToolCallsForProgress(progressId, 'failed');
+            mainIterationStateByProgressId.delete(String(progressId));
             break;
             
         case 'done':
             // 清理流式输出状态
             responseStreamStateByProgressId.delete(progressId);
+            mainIterationStateByProgressId.delete(String(progressId));
             thinkingStreamStateByProgressId.delete(progressId);
             einoAgentReplyStreamStateByProgressId.delete(progressId);
             // 清理工具流式输出占位
@@ -2256,7 +2502,11 @@ function expandProcessDetailsTimeline(assistantMessageId) {
         btn.innerHTML = '<span>' + collapseT + '</span>';
     });
     setTimeout(function () {
-        detailsContainer.scrollIntoView({ behavior: 'smooth', block: 'nearest' });
+        if (window.CyberStrikeChatScroll && typeof window.CyberStrikeChatScroll.scrollIntoViewIfFollowing === 'function') {
+            window.CyberStrikeChatScroll.scrollIntoViewIfFollowing(detailsContainer, { behavior: 'smooth', block: 'nearest' });
+        } else if (typeof window.captureScrollPinState === 'function' ? window.captureScrollPinState() : true) {
+            detailsContainer.scrollIntoView({ behavior: 'smooth', block: 'nearest' });
+        }
     }, 100);
 }
 
@@ -2442,6 +2692,10 @@ async function attachRunningTaskEventStream(conversationId) {
             const progressId = taskReplayProgressId(conversationId);
             beginCsTaskReplay(progressId, asEl.id, conversationId);
 
+            if (window.CyberStrikeChatScroll && typeof window.CyberStrikeChatScroll.onTaskEventStreamBegin === 'function') {
+                window.CyberStrikeChatScroll.onTaskEventStreamBegin(conversationId, asEl.id, progressId);
+            }
+
             const url = '/api/agent-loop/task-events?conversationId=' + encodeURIComponent(conversationId);
             const response = await apiFetch(url, {
                 method: 'GET',
@@ -2452,6 +2706,9 @@ async function attachRunningTaskEventStream(conversationId) {
                 if (progressTaskState.has(progressId)) {
                     progressTaskState.delete(progressId);
                 }
+                if (window.CyberStrikeChatScroll && typeof window.CyberStrikeChatScroll.onTaskEventStreamEnd === 'function') {
+                    window.CyberStrikeChatScroll.onTaskEventStreamEnd();
+                }
                 return false;
             }
 
@@ -2481,12 +2738,31 @@ async function attachRunningTaskEventStream(conversationId) {
                     }
                 }
             }
+            // Flush decoder internal buffer to avoid dropping trailing partial UTF-8 bytes.
+            buffer += decoder.decode();
+            if (buffer.trim()) {
+                const lines = buffer.split('\n');
+                for (let li = 0; li < lines.length; li++) {
+                    const line = lines[li];
+                    if (line.indexOf('data: ') === 0) {
+                        try {
+                            const eventData = JSON.parse(line.slice(6));
+                            handleStreamEvent(eventData, null, progressId, getAssistantIdFn, setAssistantIdFn, function () { return mcpIds; }, function (ids) { mcpIds = mergeMcpExecutionIDLists(mcpIds, ids || []); });
+                        } catch (e) {
+                            console.error('task-events parse', e);
+                        }
+                    }
+                }
+            }
             if (window.csTaskReplay && window.csTaskReplay.progressId === progressId) {
                 clearCsTaskReplay();
             }
             if (progressTaskState.has(progressId)) {
                 finalizeProgressTask(progressId, typeof window.t === 'function' ? window.t('tasks.statusCompleted') : '已完成');
             }
+            if (window.CyberStrikeChatScroll && typeof window.CyberStrikeChatScroll.onTaskEventStreamEnd === 'function') {
+                window.CyberStrikeChatScroll.onTaskEventStreamEnd();
+            }
             if (typeof loadActiveTasks === 'function') loadActiveTasks();
             if (typeof window.loadConversation === 'function' && window.currentConversationId === conversationId) {
                 await window.loadConversation(conversationId);
@@ -2495,6 +2771,9 @@ async function attachRunningTaskEventStream(conversationId) {
         } catch (e) {
             console.warn('attachRunningTaskEventStream', e);
             clearCsTaskReplay();
+            if (window.CyberStrikeChatScroll && typeof window.CyberStrikeChatScroll.onTaskEventStreamEnd === 'function') {
+                window.CyberStrikeChatScroll.onTaskEventStreamEnd();
+            }
             return false;
         } finally {
             if (taskEventReplayAttachState.inFlightPromise === attachPromise) {
@@ -2640,9 +2919,9 @@ function findToolCallItemById(root, toolCallId) {
     }
 }
 
-function attachToolResultToCall(toolCallId, data, options) {
+function attachToolResultToCall(progressId, toolCallId, data, options) {
     if (!toolCallId || !data) return false;
-    const mapping = toolCallStatusMap.get(toolCallId);
+    const mapping = getToolCallMapping(progressId, toolCallId);
     let item = null;
     if (mapping && mapping.itemId) {
         item = document.getElementById(mapping.itemId);
@@ -2719,8 +2998,8 @@ window.parseToolCallArgsFromData = parseToolCallArgsFromData;
 window.buildToolResultSectionHtml = buildToolResultSectionHtml;
 
 // 更新工具调用状态
-function updateToolCallStatus(toolCallId, status) {
-    const mapping = toolCallStatusMap.get(toolCallId);
+function updateToolCallStatus(progressId, toolCallId, status) {
+    const mapping = getToolCallMapping(progressId, toolCallId);
     if (!mapping) return;
     
     const item = document.getElementById(mapping.itemId);
@@ -2901,6 +3180,11 @@ function addTimelineItem(timeline, type, options) {
                 ${escapeHtml(options.message || taskCancelledLabel)}
             </div>
         `;
+    } else if (type === 'warning' && options.message) {
+        const streamBody = typeof formatTimelineStreamBody === 'function'
+            ? formatTimelineStreamBody(options.message, options.data)
+            : options.message;
+        content += `<div class="timeline-item-content">${formatMarkdown(streamBody)}</div>`;
     } else if (type === 'progress' && options.message) {
         content += `<div class="timeline-item-content timeline-eino-trace"><pre class="tool-result">${escapeHtml(options.message)}</pre></div>`;
     } else if (type === 'user_interrupt_continue' && options.message) {

web/static/js/roles.js

@@ -244,30 +244,46 @@ function selectRole(roleName) {
     renderRoleSelectionSidebar(); // 重新渲染以更新选中状态
 }
 
+function getChatRoleSelectorWrapper() {
+    return document.getElementById('role-selector-wrapper')
+        || document.getElementById('role-selector-btn')?.closest('.role-selector-wrapper:not(.project-selector-wrapper)');
+}
+
+function isRoleSelectionPanelOpen() {
+    const panel = document.getElementById('role-selection-panel');
+    if (!panel) return false;
+    return panel.style.display !== 'none' && panel.style.display !== '';
+}
+
 // 切换角色选择面板显示/隐藏
 function toggleRoleSelectionPanel() {
     const panel = document.getElementById('role-selection-panel');
     const roleSelectorBtn = document.getElementById('role-selector-btn');
     if (!panel) return;
     
-    const isHidden = panel.style.display === 'none' || !panel.style.display;
+    const isHidden = !isRoleSelectionPanelOpen();
     
     if (isHidden) {
         if (typeof closeAgentModePanel === 'function') {
             closeAgentModePanel();
         }
+        if (typeof closeChatProjectPanel === 'function') {
+            closeChatProjectPanel();
+        }
         if (typeof closeChatReasoningPanel === 'function') {
             closeChatReasoningPanel();
         }
+        renderRoleSelectionSidebar();
         panel.style.display = 'flex'; // 使用flex布局
         // 添加打开状态的视觉反馈
         if (roleSelectorBtn) {
             roleSelectorBtn.classList.add('active');
+            roleSelectorBtn.setAttribute('aria-expanded', 'true');
         }
         
         // 确保面板渲染后再检查位置
         setTimeout(() => {
-            const wrapper = document.querySelector('.role-selector-wrapper');
+            const wrapper = getChatRoleSelectorWrapper();
             if (wrapper) {
                 const rect = wrapper.getBoundingClientRect();
                 const panelHeight = panel.offsetHeight || 400;
@@ -281,11 +297,7 @@ function toggleRoleSelectionPanel() {
             }
         }, 10);
     } else {
-        panel.style.display = 'none';
-        // 移除打开状态的视觉反馈
-        if (roleSelectorBtn) {
-            roleSelectorBtn.classList.remove('active');
-        }
+        closeRoleSelectionPanel();
     }
 }
 
@@ -298,6 +310,7 @@ function closeRoleSelectionPanel() {
     }
     if (roleSelectorBtn) {
         roleSelectorBtn.classList.remove('active');
+        roleSelectorBtn.setAttribute('aria-expanded', 'false');
     }
 }
 
@@ -1568,9 +1581,9 @@ async function deleteRole(roleName) {
 }
 
 // 在页面切换时初始化角色列表
-if (typeof switchPage === 'function') {
-    const originalSwitchPage = switchPage;
-    switchPage = function(page) {
+if (typeof window.switchPage === 'function') {
+    const originalSwitchPage = window.switchPage;
+    window.switchPage = function(page) {
         originalSwitchPage(page);
         if (page === 'roles-management') {
             loadRoles().then(() => renderRolesList());
@@ -1590,11 +1603,9 @@ document.addEventListener('click', (e) => {
         closeRoleModal();
     }
 
-    // 点击角色选择面板外部关闭面板（但不包括角色选择按钮和面板本身）
-    const roleSelectionPanel = document.getElementById('role-selection-panel');
-    const roleSelectorWrapper = document.querySelector('.role-selector-wrapper');
-    if (roleSelectionPanel && roleSelectionPanel.style.display !== 'none' && roleSelectionPanel.style.display) {
-        // 检查点击是否在面板或包装器上
+    // 点击角色选择面板外部关闭（须用 #role-selector-wrapper，勿用 .role-selector-wrapper：项目选择器也带该类）
+    if (isRoleSelectionPanelOpen()) {
+        const roleSelectorWrapper = getChatRoleSelectorWrapper();
         if (!roleSelectorWrapper?.contains(e.target)) {
             closeRoleSelectionPanel();
         }

web/static/js/router.js

@@ -25,6 +25,13 @@ function scheduleChatConversationFromHash(delayMs) {
     }
     const params = new URLSearchParams(hashParts.slice(1).join('?'));
     const conversationId = params.get('conversation');
+    const projectId = params.get('project');
+    if (projectId && typeof setActiveProjectId === 'function') {
+        setActiveProjectId(projectId);
+        if (typeof refreshChatProjectSelector === 'function') {
+            refreshChatProjectSelector();
+        }
+    }
     if (!conversationId) {
         return;
     }
@@ -50,7 +57,7 @@ function initRouter() {
     if (hash) {
         const hashParts = hash.split('?');
         const pageId = hashParts[0];
-        if (pageId && ['dashboard', 'chat', 'hitl', 'info-collect', 'vulnerabilities', 'webshell', 'chat-files', 'mcp-monitor', 'mcp-management', 'knowledge-management', 'knowledge-retrieval-logs', 'roles-management', 'skills-monitor', 'skills-management', 'agents-management', 'settings', 'tasks', 'c2', 'c2-listeners', 'c2-sessions', 'c2-tasks', 'c2-payloads', 'c2-events', 'c2-profiles'].includes(pageId)) {
+        if (pageId && ['dashboard', 'chat', 'hitl', 'info-collect', 'projects', 'vulnerabilities', 'webshell', 'chat-files', 'mcp-monitor', 'mcp-management', 'knowledge-management', 'knowledge-retrieval-logs', 'roles-management', 'skills-monitor', 'skills-management', 'agents-management', 'settings', 'tasks', 'c2', 'c2-listeners', 'c2-sessions', 'c2-tasks', 'c2-payloads', 'c2-events', 'c2-profiles'].includes(pageId)) {
             switchPage(pageId);
             if (pageId === 'chat') {
                 scheduleChatConversationFromHash(500);
@@ -187,6 +194,24 @@ function updateNavState(pageId) {
     }
 }
 
+/** 读取侧栏子菜单项（仅 .nav-submenu 内，避免误匹配） */
+function getNavSubmenuItems(navItem) {
+    if (!navItem) return [];
+    const submenu = navItem.querySelector('.nav-submenu');
+    if (!submenu) return [];
+    return Array.from(submenu.querySelectorAll('.nav-submenu-item'));
+}
+
+/** 仅一个子页时直接进入，避免展开后菜单在侧栏底部不可见 */
+function navigateSingleSubmenuPage(navItem) {
+    const items = getNavSubmenuItems(navItem);
+    if (items.length !== 1) return false;
+    const pageId = items[0].getAttribute('data-page');
+    if (!pageId) return false;
+    switchPage(pageId);
+    return true;
+}
+
 // 切换子菜单
 function toggleSubmenu(menuId) {
     const sidebar = document.getElementById('main-sidebar');
@@ -194,24 +219,50 @@ function toggleSubmenu(menuId) {
     
     if (!navItem) return;
     
+    const collapsed = sidebar && sidebar.classList.contains('collapsed');
+
     // 检查侧边栏是否折叠
-    if (sidebar && sidebar.classList.contains('collapsed')) {
+    if (collapsed) {
         // 折叠状态下显示弹出菜单
         showSubmenuPopup(navItem, menuId);
-    } else {
-        // 展开状态下正常切换子菜单
-        navItem.classList.toggle('expanded');
+        return;
+    }
+
+    // 展开侧栏且仅一个子项（角色、Agents 等）：单击直接进入，无需再点二级菜单
+    if (navigateSingleSubmenuPage(navItem)) {
+        return;
+    }
+
+    // 展开状态下切换子菜单，并滚入视口以便看到子项
+    const willExpand = !navItem.classList.contains('expanded');
+    navItem.classList.toggle('expanded');
+    if (willExpand) {
+        requestAnimationFrame(() => {
+            navItem.scrollIntoView({ block: 'nearest', behavior: 'smooth' });
+            const items = getNavSubmenuItems(navItem);
+            const last = items[items.length - 1];
+            if (last) {
+                last.scrollIntoView({ block: 'nearest', behavior: 'smooth' });
+            }
+        });
     }
 }
 window.toggleSubmenu = toggleSubmenu;
 
 // 显示子菜单弹出框
 function showSubmenuPopup(navItem, menuId) {
-    // 移除其他已打开的弹出菜单
     const existingPopup = document.querySelector('.submenu-popup');
     if (existingPopup) {
+        const sameMenu = existingPopup.dataset.menuId === menuId;
         existingPopup.remove();
-        return; // 如果已经打开，点击时关闭
+        // 再次点击同一项：仅关闭；点击另一项：继续打开新菜单
+        if (sameMenu) {
+            return;
+        }
+    }
+
+    if (navigateSingleSubmenuPage(navItem)) {
+        return;
     }
     
     const navItemContent = navItem.querySelector('.nav-item-content');
@@ -225,6 +276,7 @@ function showSubmenuPopup(navItem, menuId) {
     // 创建弹出菜单
     const popup = document.createElement('div');
     popup.className = 'submenu-popup';
+    popup.dataset.menuId = menuId;
     popup.style.position = 'fixed';
     popup.style.left = (rect.right + 8) + 'px';
     popup.style.top = rect.top + 'px';
@@ -289,6 +341,12 @@ async function initPage(pageId) {
         case 'chat':
             // 恢复对话列表折叠状态（从其他页返回时保持用户选择）
             initConversationSidebarState();
+            if (typeof prefetchProjectsForChat === 'function') {
+                prefetchProjectsForChat();
+            }
+            if (typeof refreshChatProjectSelector === 'function') {
+                refreshChatProjectSelector();
+            }
             break;
         case 'hitl':
             if (typeof refreshHitlPending === 'function') {
@@ -348,6 +406,11 @@ async function initPage(pageId) {
                 });
             }
             break;
+        case 'projects':
+            if (typeof initProjectsPage === 'function') {
+                initProjectsPage();
+            }
+            break;
         case 'vulnerabilities':
             // 初始化漏洞管理页面
             if (typeof initVulnerabilityPage === 'function') {

web/static/js/tasks.js

@@ -812,12 +812,44 @@ const batchQueuesState = {
     totalPages: 1
 };
 
+async function refreshBatchProjectSelectOptions() {
+    const projectSelect = document.getElementById('batch-queue-project-id');
+    if (!projectSelect) return;
+
+    const noneLabel = _t('batchImportModal.projectNone');
+    projectSelect.innerHTML = `<option value="">${escapeHtml(noneLabel)}</option>`;
+
+    try {
+        const response = await apiFetch('/api/projects?status=active&limit=200');
+        if (!response.ok) {
+            throw new Error(_t('projects.loadProjectsFailed'));
+        }
+        const projects = await response.json();
+        const list = Array.isArray(projects) ? projects : [];
+        const activeProjectId = typeof getActiveProjectId === 'function' ? getActiveProjectId() || '' : '';
+
+        list.forEach((project) => {
+            if (!project || !project.id) return;
+            const option = document.createElement('option');
+            option.value = project.id;
+            option.textContent = project.name || project.id;
+            if (activeProjectId && project.id === activeProjectId) {
+                option.selected = true;
+            }
+            projectSelect.appendChild(option);
+        });
+    } catch (error) {
+        console.warn('加载项目列表失败:', error);
+    }
+}
+
 // 显示新建任务模态框
 async function showBatchImportModal() {
     const modal = document.getElementById('batch-import-modal');
     const input = document.getElementById('batch-tasks-input');
     const titleInput = document.getElementById('batch-queue-title');
     const roleSelect = document.getElementById('batch-queue-role');
+    const projectSelect = document.getElementById('batch-queue-project-id');
     const agentModeSelect = document.getElementById('batch-queue-agent-mode');
     const scheduleModeSelect = document.getElementById('batch-queue-schedule-mode');
     const cronExprInput = document.getElementById('batch-queue-cron-expr');
@@ -831,6 +863,9 @@ async function showBatchImportModal() {
         if (roleSelect) {
             roleSelect.value = '';
         }
+        if (projectSelect) {
+            projectSelect.value = '';
+        }
         if (agentModeSelect) {
             agentModeSelect.value = 'single';
         }
@@ -872,6 +907,7 @@ async function showBatchImportModal() {
                 console.error('加载角色列表失败:', error);
             }
         }
+        await refreshBatchProjectSelectOptions();
         
         modal.style.display = 'block';
         input.focus();
@@ -935,6 +971,7 @@ async function createBatchQueue() {
     const input = document.getElementById('batch-tasks-input');
     const titleInput = document.getElementById('batch-queue-title');
     const roleSelect = document.getElementById('batch-queue-role');
+    const projectSelect = document.getElementById('batch-queue-project-id');
     const agentModeSelect = document.getElementById('batch-queue-agent-mode');
     const scheduleModeSelect = document.getElementById('batch-queue-schedule-mode');
     const cronExprInput = document.getElementById('batch-queue-cron-expr');
@@ -959,6 +996,7 @@ async function createBatchQueue() {
     
     // 获取角色（可选，空字符串表示默认角色）
     const role = roleSelect ? roleSelect.value || '' : '';
+    const projectId = projectSelect ? (projectSelect.value || '').trim() : '';
     const rawMode = agentModeSelect ? agentModeSelect.value : 'single';
     const agentMode = isBatchQueueAgentMode(rawMode) ? rawMode : 'single';
     const scheduleMode = scheduleModeSelect ? (scheduleModeSelect.value === 'cron' ? 'cron' : 'manual') : 'manual';
@@ -979,7 +1017,16 @@ async function createBatchQueue() {
             headers: {
                 'Content-Type': 'application/json',
             },
-            body: JSON.stringify({ title, tasks, role, agentMode, scheduleMode, cronExpr, executeNow }),
+            body: JSON.stringify({
+                title,
+                tasks,
+                role,
+                agentMode,
+                scheduleMode,
+                cronExpr,
+                executeNow,
+                projectId,
+            }),
         });
         
         if (!response.ok) {

web/static/js/vulnerability.js

@@ -48,6 +48,7 @@ let currentVulnerabilityId = null;
 let vulnerabilityFilters = {
     q: '',
     id: '',
+    project_id: '',
     conversation_id: '',
     task_id: '',
     conversation_tag: '',
@@ -77,6 +78,7 @@ const VULN_FILTER_CHIP_FIELDS = [
     { key: 'id', labelKey: 'vulnerabilityPage.vulnId' },
     { key: 'status', labelKey: null, format: 'status' },
     { key: 'severity', labelKey: null, format: 'severity' },
+    { key: 'project_id', labelKey: null },
     { key: 'conversation_id', labelKey: 'vulnerabilityPage.conversationId' },
     { key: 'task_id', labelKey: 'vulnerabilityPage.taskOrQueueId' },
     { key: 'conversation_tag', labelKey: 'vulnerabilityPage.conversationTag' },
@@ -98,13 +100,15 @@ function syncVulnerabilityFiltersFromLocationHash() {
     const st = (params.get('status') || '').trim();
     const convTag = (params.get('conversation_tag') || '').trim();
     const taskTag = (params.get('task_tag') || '').trim();
+    const pid = (params.get('project_id') || '').trim();
     const q = (params.get('q') || params.get('search') || '').trim();
-    if (!vid && !cid && !tid && !sev && !st && !convTag && !taskTag && !q) {
+    if (!vid && !cid && !tid && !sev && !st && !convTag && !taskTag && !q && !pid) {
         return;
     }
 
     vulnerabilityFilters.q = '';
     vulnerabilityFilters.id = '';
+    vulnerabilityFilters.project_id = '';
     vulnerabilityFilters.conversation_id = '';
     vulnerabilityFilters.task_id = '';
     vulnerabilityFilters.conversation_tag = '';
@@ -117,6 +121,7 @@ function syncVulnerabilityFiltersFromLocationHash() {
     const taskEl = document.getElementById('vulnerability-task-filter');
     const convTagEl = document.getElementById('vulnerability-conversation-tag-filter');
     const taskTagEl = document.getElementById('vulnerability-task-tag-filter');
+    const projEl = document.getElementById('vulnerability-project-filter');
     const sevEl = document.getElementById('vulnerability-severity-filter');
     const stEl = document.getElementById('vulnerability-status-filter');
     if (searchEl) searchEl.value = '';
@@ -125,6 +130,7 @@ function syncVulnerabilityFiltersFromLocationHash() {
     if (taskEl) taskEl.value = '';
     if (convTagEl) convTagEl.value = '';
     if (taskTagEl) taskTagEl.value = '';
+    if (projEl) projEl.value = '';
     if (sevEl) sevEl.value = '';
     if (stEl) stEl.value = '';
 
@@ -132,6 +138,10 @@ function syncVulnerabilityFiltersFromLocationHash() {
         vulnerabilityFilters.q = q;
         if (searchEl) searchEl.value = q;
     }
+    if (pid) {
+        vulnerabilityFilters.project_id = pid;
+        if (projEl) projEl.value = pid;
+    }
     if (vid) {
         vulnerabilityFilters.id = vid;
         if (exactIdEl) exactIdEl.value = vid;
@@ -167,12 +177,13 @@ function syncVulnerabilityFiltersFromLocationHash() {
 }
 
 // 初始化漏洞管理页面
-function initVulnerabilityPage() {
+async function initVulnerabilityPage() {
     // 从localStorage加载每页条数设置
     vulnerabilityPagination.pageSize = getVulnerabilityPageSize();
     initVulnerabilityStatCards();
     initVulnerabilityFilterPanel();
     syncVulnerabilityFiltersFromLocationHash();
+    await refreshVulnerabilityProjectFilter();
     updateVulnerabilityFilterPanelState();
     renderVulnerabilityFilterChips();
     loadVulnerabilityFilterOptions();
@@ -224,6 +235,7 @@ function applyVulnerabilitySeverityFilter(severity) {
 function readVulnerabilityFiltersFromForm() {
     vulnerabilityFilters.q = (document.getElementById('vulnerability-search-filter')?.value || '').trim();
     vulnerabilityFilters.id = (document.getElementById('vulnerability-exact-id-filter')?.value || '').trim();
+    vulnerabilityFilters.project_id = (document.getElementById('vulnerability-project-filter')?.value || '').trim();
     vulnerabilityFilters.conversation_id = (document.getElementById('vulnerability-conversation-filter')?.value || '').trim();
     vulnerabilityFilters.task_id = (document.getElementById('vulnerability-task-filter')?.value || '').trim();
     vulnerabilityFilters.conversation_tag = (document.getElementById('vulnerability-conversation-tag-filter')?.value || '').trim();
@@ -241,7 +253,7 @@ function hasVulnerabilityAdvancedFiltersActive() {
 function hasAnyVulnerabilityFilterActive() {
     const f = vulnerabilityFilters;
     return Boolean(
-        f.q || f.id || f.conversation_id || f.task_id || f.conversation_tag || f.task_tag || f.severity || f.status
+        f.q || f.id || f.project_id || f.conversation_id || f.task_id || f.conversation_tag || f.task_tag || f.severity || f.status
     );
 }
 
@@ -265,6 +277,7 @@ function updateVulnerabilityLocationHashFromFilters() {
     const pairs = [
         ['q', f.q],
         ['id', f.id],
+        ['project_id', f.project_id],
         ['conversation_id', f.conversation_id],
         ['task_id', f.task_id],
         ['conversation_tag', f.conversation_tag],
@@ -476,6 +489,10 @@ function updateVulnerabilityFilterPanelState() {
 function formatVulnerabilityFilterChipValue(key, value) {
     if (key === 'severity') return vulnSeverityLabel(value);
     if (key === 'status') return vulnStatusLabel(value);
+    if (key === 'project_id') {
+        const name = typeof getProjectName === 'function' ? getProjectName(value) : '';
+        return name && name !== value ? name : value;
+    }
     return value;
 }
 
@@ -489,7 +506,7 @@ function renderVulnerabilityFilterChips() {
     VULN_FILTER_CHIP_FIELDS.forEach(function (field) {
         const val = vulnerabilityFilters[field.key];
         if (!val) return;
-        const label = field.labelKey ? vulnT(field.labelKey) : '';
+        const label = field.labelKey ? vulnT(field.labelKey) : (field.key === 'project_id' ? '项目' : '');
         const displayVal = formatVulnerabilityFilterChipValue(field.key, val);
         const text = label ? label + ': ' + displayVal : displayVal;
         chips.push({ key: field.key, text: text });
@@ -529,6 +546,7 @@ function removeVulnerabilityFilterByKey(key) {
         task_id: 'vulnerability-task-filter',
         conversation_tag: 'vulnerability-conversation-tag-filter',
         task_tag: 'vulnerability-task-tag-filter',
+        project_id: 'vulnerability-project-filter',
         severity: 'vulnerability-severity-filter',
         status: 'vulnerability-status-filter'
     };
@@ -850,6 +868,12 @@ function renderVulnerabilities(vulnerabilities) {
         const severityText = vulnSeverityLabel(vuln.severity);
         const statusText = vulnStatusLabel(vuln.status);
         const createdDate = new Date(vuln.created_at).toLocaleString(vulnDateLocale());
+        const projectLabel = vuln.project_id
+            ? escapeHtml(typeof getProjectName === 'function' ? getProjectName(vuln.project_id) : vuln.project_id)
+            : escapeHtml(vulnT('vulnerabilityPage.projectUnbound'));
+        const projectBadge = vuln.project_id
+            ? `<span class="vulnerability-project-badge" title="${escapeHtml(vuln.project_id)}">${escapeHtml(vulnT('vulnerabilityPage.detailProject'))}: ${projectLabel}</span>`
+            : `<span class="vulnerability-project-badge vulnerability-project-badge--unbound">${escapeHtml(vulnT('vulnerabilityPage.projectUnbound'))}</span>`;
         const dlTitle = escapeHtml(vulnT('vulnerabilityPage.downloadMarkdownTitle'));
         const editTitle = escapeHtml(vulnT('common.edit'));
         const deleteTitle = escapeHtml(vulnT('common.delete'));
@@ -867,6 +891,7 @@ function renderVulnerabilities(vulnerabilities) {
                         <div class="vulnerability-meta">
                             <span class="severity-badge ${severityClass}">${severityText}</span>
                             <span class="status-badge status-${vuln.status}">${statusText}</span>
+                            ${projectBadge}
                             <span class="vulnerability-date">${createdDate}</span>
                         </div>
                     </div>
@@ -895,6 +920,7 @@ function renderVulnerabilities(vulnerabilities) {
                     ${vuln.description ? `<div class="vulnerability-description">${escapeHtml(vuln.description)}</div>` : ''}
                     <div class="vulnerability-details">
                         ${vulnDetailField(vulnT('vulnerabilityPage.detailVulnId'), vuln.id, true)}
+                        ${vulnDetailProjectField(vuln)}
                         ${vuln.type ? vulnDetailField(vulnT('vulnerabilityPage.detailType'), vuln.type, false) : ''}
                         ${vuln.target ? vulnDetailField(vulnT('vulnerabilityPage.detailTarget'), vuln.target, false) : ''}
                         ${vulnDetailField(vulnT('vulnerabilityPage.detailConversationId'), vuln.conversation_id, true)}
@@ -906,6 +932,7 @@ function renderVulnerabilities(vulnerabilities) {
                     ${vuln.proof ? `<div class="vulnerability-proof"><strong>${escapeHtml(vulnT('vulnerabilityPage.detailProof'))}:</strong><pre>${escapeHtml(vuln.proof)}</pre></div>` : ''}
                     ${vuln.impact ? `<div class="vulnerability-impact"><strong>${escapeHtml(vulnT('vulnerabilityPage.detailImpact'))}:</strong> ${escapeHtml(vuln.impact)}</div>` : ''}
                     ${vuln.recommendation ? `<div class="vulnerability-recommendation"><strong>${escapeHtml(vulnT('vulnerabilityPage.detailRecommendation'))}:</strong> ${escapeHtml(vuln.recommendation)}</div>` : ''}
+                    <div class="vulnerability-related-facts" id="vuln-related-facts-${vuln.id}" data-project-id="${escapeHtml(vuln.project_id || '')}" data-vuln-id="${escapeHtml(vuln.id)}" hidden></div>
                 </div>
             </div>
         `;
@@ -1005,11 +1032,50 @@ async function changeVulnerabilityPageSize() {
     await loadVulnerabilities();
 }
 
+function buildVulnerabilityProjectOptionsHtml(selectedId) {
+    const sel = (selectedId || '').trim();
+    let html = `<option value="">${escapeHtml(vulnT('vulnerabilityModal.projectNone'))}</option>`;
+    const entries = typeof projectNameById !== 'undefined' ? Object.entries(projectNameById) : [];
+    entries.sort((a, b) => (a[1] || '').localeCompare(b[1] || '', undefined, { sensitivity: 'base' }));
+    entries.forEach(([id, name]) => {
+        if (!id) return;
+        const selected = id === sel ? ' selected' : '';
+        html += `<option value="${escapeHtml(id)}"${selected}>${escapeHtml(name || id)}</option>`;
+    });
+    if (sel && !entries.some(([id]) => id === sel)) {
+        html += `<option value="${escapeHtml(sel)}" selected>${escapeHtml(sel)}</option>`;
+    }
+    return html;
+}
+
+async function populateVulnerabilityModalProjectSelect(selectedId) {
+    const sel = document.getElementById('vulnerability-project-id');
+    if (!sel) return;
+    try {
+        const res = await apiFetch('/api/projects?limit=200');
+        if (res.ok) {
+            const list = await res.json();
+            if (typeof rebuildProjectNameMap === 'function') {
+                rebuildProjectNameMap(list);
+            } else if (typeof projectNameById !== 'undefined') {
+                (list || []).forEach((p) => { if (p.id) projectNameById[p.id] = p.name || p.id; });
+            }
+        }
+    } catch (e) {
+        console.warn('加载项目列表失败', e);
+    }
+    sel.innerHTML = buildVulnerabilityProjectOptionsHtml(selectedId || '');
+    sel.value = selectedId || '';
+}
+
 // 显示添加漏洞模态框
-function showAddVulnerabilityModal() {
+async function showAddVulnerabilityModal() {
     currentVulnerabilityId = null;
     document.getElementById('vulnerability-modal-title').textContent = vulnT('vulnerability.addVuln');
     
+    const defaultProject = vulnerabilityFilters.project_id || '';
+    await populateVulnerabilityModalProjectSelect(defaultProject);
+
     // 清空表单
     document.getElementById('vulnerability-conversation-id').value = '';
     document.getElementById('vulnerability-conversation-tag').value = '';
@@ -1051,6 +1117,8 @@ async function editVulnerability(id) {
         document.getElementById('vulnerability-impact').value = vuln.impact || '';
         document.getElementById('vulnerability-recommendation').value = vuln.recommendation || '';
 
+        await populateVulnerabilityModalProjectSelect(vuln.project_id || '');
+
         document.getElementById('vulnerability-modal').style.display = 'block';
     } catch (error) {
         console.error('加载漏洞失败:', error);
@@ -1069,8 +1137,11 @@ async function saveVulnerability() {
         return;
     }
 
+    const projectId = (document.getElementById('vulnerability-project-id')?.value || '').trim();
+
     const data = {
         conversation_id: conversationId,
+        project_id: projectId,
         conversation_tag: document.getElementById('vulnerability-conversation-tag').value.trim(),
         task_tag: document.getElementById('vulnerability-task-tag').value.trim(),
         title: title,
@@ -1090,12 +1161,30 @@ async function saveVulnerability() {
             : '/api/vulnerabilities';
         const method = currentVulnerabilityId ? 'PUT' : 'POST';
 
+        let body = data;
+        if (currentVulnerabilityId) {
+            body = {
+                project_id: projectId,
+                conversation_tag: data.conversation_tag,
+                task_tag: data.task_tag,
+                title: data.title,
+                description: data.description,
+                severity: data.severity,
+                status: data.status,
+                type: data.type,
+                target: data.target,
+                proof: data.proof,
+                impact: data.impact,
+                recommendation: data.recommendation,
+            };
+        }
+
         const response = await apiFetch(url, {
             method: method,
             headers: {
                 'Content-Type': 'application/json'
             },
-            body: JSON.stringify(data)
+            body: JSON.stringify(body)
         });
 
         if (!response.ok) {
@@ -1167,6 +1256,7 @@ function clearVulnerabilityFilters() {
         'vulnerability-task-filter',
         'vulnerability-conversation-tag-filter',
         'vulnerability-task-tag-filter',
+        'vulnerability-project-filter',
         'vulnerability-severity-filter',
         'vulnerability-status-filter'
     ];
@@ -1178,6 +1268,7 @@ function clearVulnerabilityFilters() {
     vulnerabilityFilters = {
         q: '',
         id: '',
+        project_id: '',
         conversation_id: '',
         task_id: '',
         conversation_tag: '',
@@ -1205,12 +1296,76 @@ function toggleVulnerabilityDetails(id) {
     if (content.style.display === 'none') {
         content.style.display = 'block';
         icon.style.transform = 'rotate(90deg)';
+        loadVulnerabilityRelatedFacts(id).catch((e) => console.warn(e));
     } else {
         content.style.display = 'none';
         icon.style.transform = 'rotate(0deg)';
     }
 }
 
+/** 展开漏洞详情时加载关联项目事实 */
+async function loadVulnerabilityRelatedFacts(vulnId) {
+    const el = document.getElementById(`vuln-related-facts-${vulnId}`);
+    if (!el || el.dataset.loaded === '1') return;
+    const projectId = (el.dataset.projectId || '').trim();
+    if (!projectId) {
+        el.hidden = true;
+        el.dataset.loaded = '1';
+        return;
+    }
+    el.hidden = false;
+    el.innerHTML = '<span>加载关联事实…</span>';
+    try {
+        const res = await apiFetch(
+            `/api/projects/${encodeURIComponent(projectId)}/facts?related_vulnerability_id=${encodeURIComponent(vulnId)}&limit=20&exclude_deprecated=true`,
+        );
+        if (!res.ok) throw new Error('fetch failed');
+        const facts = await res.json();
+        if (!Array.isArray(facts) || !facts.length) {
+            el.innerHTML =
+                '<strong>关联事实</strong><p style="margin:6px 0 0;color:#64748b">暂无；可在「项目管理」事实详情中关联或生成漏洞草稿。</p>';
+            el.dataset.loaded = '1';
+            return;
+        }
+        const items = facts
+            .map((f) => {
+                const key = escapeHtml(f.fact_key);
+                const sum = escapeHtml((f.summary || '').slice(0, 120));
+                const pid = escapeHtml(projectId);
+                const rawKey = escapeHtml(f.fact_key);
+                return `<li><a role="button" href="#" data-project-id="${pid}" data-fact-key="${rawKey}" onclick="event.preventDefault();openProjectFactFromVulnerability(this.dataset.projectId,this.dataset.factKey)"><code>${key}</code></a> — ${sum}</li>`;
+            })
+            .join('');
+        el.innerHTML = `<strong>关联事实（${facts.length}）</strong><ul>${items}</ul>`;
+        el.dataset.loaded = '1';
+    } catch (e) {
+        el.innerHTML = '<strong>关联事实</strong><p style="margin:6px 0 0;color:#b91c1c">加载失败</p>';
+    }
+}
+
+function openProjectFactFromVulnerability(projectId, factKey) {
+    if (!projectId || !factKey) return;
+    if (typeof switchPage === 'function') {
+        switchPage('projects');
+    }
+    setTimeout(async () => {
+        if (typeof window.initProjectsPage === 'function') {
+            await window.initProjectsPage();
+        }
+        if (typeof window.selectProject === 'function') {
+            await window.selectProject(projectId);
+        }
+        if (typeof window.switchProjectTab === 'function') {
+            window.switchProjectTab('facts');
+        }
+        if (typeof window.viewProjectFactBody === 'function') {
+            window.viewProjectFactBody(factKey);
+        }
+    }, 350);
+}
+
+window.openProjectFactFromVulnerability = openProjectFactFromVulnerability;
+
 // HTML转义
 function escapeHtml(text) {
     const div = document.createElement('div');
@@ -1272,6 +1427,21 @@ function vulnerabilityCopyEncoded(evt, encoded) {
     }
 }
 
+function vulnDetailProjectField(vuln) {
+    const label = vulnT('vulnerabilityPage.detailProject');
+    const hint = escapeHtml(vulnT('vulnerabilityPage.projectBindHint'));
+    return `<div class="vuln-detail-field">
+<div class="vuln-detail-field__label">${escapeHtml(label)}</div>
+<div class="vuln-detail-field__row">
+<select class="vuln-detail-field-select vulnerability-project-bind-select" data-vuln-id="${escapeHtml(vuln.id)}"
+    onchange="bindVulnerabilityProject(this.dataset.vulnId, this.value, true)" onclick="event.stopPropagation();"
+    title="${hint}" aria-label="${escapeHtml(label)}">
+${buildVulnerabilityProjectOptionsHtml(vuln.project_id || '')}
+</select>
+</div>
+</div>`;
+}
+
 function vulnDetailField(label, value, asCode) {
     if (value === undefined || value === null || String(value) === '') {
         return '';
@@ -1352,7 +1522,7 @@ function buildVulnerabilityFilterParams() {
     if (vulnerabilityFilters.q) {
         params.append('q', vulnerabilityFilters.q);
     }
-    const keys = ['id', 'conversation_id', 'task_id', 'conversation_tag', 'task_tag', 'severity', 'status'];
+    const keys = ['id', 'project_id', 'conversation_id', 'task_id', 'conversation_tag', 'task_tag', 'severity', 'status'];
     keys.forEach(function (k) {
         if (vulnerabilityFilters[k]) {
             params.append(k, vulnerabilityFilters[k]);
@@ -1470,3 +1640,80 @@ document.addEventListener('languagechange', function () {
     }
 });
 
+async function bindVulnerabilityProject(vulnId, projectId, silent) {
+    if (!vulnId) return;
+    try {
+        const response = await apiFetch(`/api/vulnerabilities/${encodeURIComponent(vulnId)}`, {
+            method: 'PUT',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ project_id: projectId || '' }),
+        });
+        if (!response.ok) {
+            const err = await response.json().catch(() => ({}));
+            throw new Error(err.error || vulnT('vulnerabilityPage.projectBindFailed'));
+        }
+        if (!silent) {
+            alert(vulnT('vulnerabilityPage.projectBindOk'));
+        }
+        loadVulnerabilityStats();
+        loadVulnerabilities();
+    } catch (error) {
+        console.error('绑定项目失败:', error);
+        alert(vulnT('vulnerabilityPage.projectBindFailed') + ': ' + error.message);
+        loadVulnerabilities();
+    }
+}
+
+async function refreshVulnerabilityProjectFilter() {
+    const sel = document.getElementById('vulnerability-project-filter');
+    if (!sel) return;
+    try {
+        const res = await apiFetch('/api/projects?limit=200');
+        if (!res.ok) return;
+        const list = await res.json();
+        if (typeof rebuildProjectNameMap === 'function') {
+            rebuildProjectNameMap(list);
+        } else if (typeof projectNameById !== 'undefined') {
+            list.forEach((p) => { if (p.id) projectNameById[p.id] = p.name || p.id; });
+        }
+        const cur = vulnerabilityFilters.project_id || sel.value || '';
+        let html = '<option value="">全部项目</option>';
+        (list || []).forEach((p) => {
+            if (!p.id) return;
+            const selected = p.id === cur ? ' selected' : '';
+            const arch = p.status === 'archived' ? ' [归档]' : '';
+            html += `<option value="${escapeHtml(p.id)}"${selected}>${escapeHtml(p.name || p.id)}${arch}</option>`;
+        });
+        sel.innerHTML = html;
+        if (cur) sel.value = cur;
+        const modalSel = document.getElementById('vulnerability-project-id');
+        if (modalSel && document.getElementById('vulnerability-modal')?.style.display === 'block') {
+            const modalCur = modalSel.value || '';
+            modalSel.innerHTML = buildVulnerabilityProjectOptionsHtml(modalCur);
+            modalSel.value = modalCur;
+        }
+    } catch (e) {
+        console.warn('加载项目筛选列表失败', e);
+    }
+}
+
+function setVulnerabilityProjectFilter(projectId) {
+    vulnerabilityFilters.project_id = projectId || '';
+    const sel = document.getElementById('vulnerability-project-filter');
+    if (sel) sel.value = projectId || '';
+    applyVulnerabilityFilters();
+}
+
+function setVulnerabilityIdFilter(vulnId) {
+    vulnerabilityFilters.id = vulnId || '';
+    const el = document.getElementById('vulnerability-exact-id-filter');
+    if (el) el.value = vulnId || '';
+    applyVulnerabilityFilters();
+}
+
+window.refreshVulnerabilityProjectFilter = refreshVulnerabilityProjectFilter;
+window.setVulnerabilityProjectFilter = setVulnerabilityProjectFilter;
+window.setVulnerabilityIdFilter = setVulnerabilityIdFilter;
+window.bindVulnerabilityProject = bindVulnerabilityProject;
+window.buildVulnerabilityProjectOptionsHtml = buildVulnerabilityProjectOptionsHtml;
+

web/static/js/webshell.js

@@ -34,6 +34,7 @@ let webshellDbConfigByConn = {};
 let webshellDirTreeByConn = {};
 let webshellDirExpandedByConn = {};
 let webshellDirLoadedByConn = {};
+let webshellSelectedFileByConn = {};
 // 流式打字机效果：当前会话的 response 序号，用于中止过期的打字
 let webshellStreamingTypingId = 0;
 let webshellProbeStatusById = {};
@@ -70,6 +71,23 @@ function webshellConnOS(conn) {
     return normalizeWebshellOS(conn && conn.os);
 }
 
+/** 生成一次性探活 token，避免固定回显值被包装时误判 */
+function buildWebshellProbeToken() {
+    return '__CSAI_PROBE_' + Math.random().toString(36).slice(2, 10) + '_' + Date.now().toString(36) + '__';
+}
+
+/** 构造跨 Windows/Linux 都可执行的探活命令 */
+function buildWebshellProbeCommand(token) {
+    return 'echo ' + token;
+}
+
+/** 探活成功判定：HTTP 成功且输出中包含本次 token */
+function isWebshellProbeOutputMatched(output, token) {
+    if (!token) return false;
+    var text = (output == null) ? '' : String(output);
+    return text.indexOf(token) !== -1;
+}
+
 /**
  * 组装 /api/webshell/file 的公共请求体。
  * 所有文件管理调用点都应走此函数，避免遗漏字段（如 connection_id）。
@@ -816,6 +834,7 @@ function probeWebshellConnection(conn) {
     if (!conn || typeof apiFetch === 'undefined') {
         return Promise.resolve({ ok: false, message: wsT('webshell.testFailed') || '连通性测试失败' });
     }
+    var probeToken = buildWebshellProbeToken();
     return apiFetch('/api/webshell/exec', {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
@@ -827,13 +846,13 @@ function probeWebshellConnection(conn) {
             cmd_param: conn.cmdParam || '',
             encoding: webshellConnEncoding(conn),
             os: webshellConnOS(conn),
-            command: 'echo 1'
+            command: buildWebshellProbeCommand(probeToken)
         })
     })
         .then(function (r) { return r.json(); })
         .then(function (data) {
-            var output = (data && data.output != null) ? String(data.output).trim() : '';
-            var ok = !!(data && data.ok && output === '1');
+            var output = (data && data.output != null) ? String(data.output) : '';
+            var ok = !!(data && data.ok && isWebshellProbeOutputMatched(output, probeToken));
             if (ok) return { ok: true, message: wsT('webshell.testSuccess') || '连通性正常，Shell 可访问' };
             var msg = (data && data.error) ? data.error : (wsT('webshell.testFailed') || '连通性测试失败');
             return { ok: false, message: msg };
@@ -931,11 +950,61 @@ function normalizeWebshellPath(path) {
     var p = path == null ? '.' : String(path).trim();
     if (!p || p === '/') return '.';
     p = p.replace(/\\/g, '/').replace(/^\/+/, '').replace(/\/+/g, '/');
+    // Windows 盘符根目录保持为 "C:/"，避免被裁成 "C:" 后父级计算异常
+    if (/^[A-Za-z]:\/?$/.test(p)) {
+        return p.slice(0, 2) + '/';
+    }
     if (!p || p === '.') return '.';
     if (p.endsWith('/')) p = p.slice(0, -1);
     return p || '.';
 }
 
+function getWebshellSelectedFile(conn) {
+    if (!conn || !conn.id) return '';
+    var p = webshellSelectedFileByConn[conn.id];
+    if (!p) return '';
+    return normalizeWebshellPath(p);
+}
+
+function setWebshellSelectedFile(conn, path) {
+    if (!conn || !conn.id) return;
+    if (!path) {
+        delete webshellSelectedFileByConn[conn.id];
+        return;
+    }
+    webshellSelectedFileByConn[conn.id] = normalizeWebshellPath(path);
+}
+
+function getWebshellParentPath(path) {
+    var p = normalizeWebshellPath(path);
+    // Windows 盘符根目录不可再上探
+    if (/^[A-Za-z]:\/$/.test(p)) return p;
+    // 允许从当前目录持续上探：. -> .. -> ../.. -> ../../..
+    if (p === '.') return '..';
+    if (/^(?:\.\.\/)*\.\.$/.test(p)) return p + '/..';
+    // 已经是相对上探时，先维持链路；后续 list 成功后会用远端真实路径回填
+    var idx = p.lastIndexOf('/');
+    if (idx < 0) return '.';
+    var parent = p.slice(0, idx) || '.';
+    if (/^[A-Za-z]:$/.test(parent)) return parent + '/';
+    return parent;
+}
+
+function inferPathFromWindowsDirOutput(rawOutput) {
+    var text = String(rawOutput || '').replace(/\r/g, '');
+    var lines = text.split('\n');
+    for (var i = 0; i < lines.length; i++) {
+        var line = String(lines[i] || '').trim();
+        // 中文: C:\xxx 的目录
+        var zh = line.match(/^([A-Za-z]:\\.*)\s+的目录$/);
+        if (zh && zh[1]) return normalizeWebshellPath(zh[1]);
+        // 英文: Directory of C:\xxx
+        var en = line.match(/^Directory of\s+([A-Za-z]:\\.*)$/i);
+        if (en && en[1]) return normalizeWebshellPath(en[1]);
+    }
+    return '';
+}
+
 function getWebshellTerminalSessionKey(connId, sessionId) {
     if (!connId || !sessionId) return '';
     return String(connId) + '::' + String(sessionId);
@@ -2047,11 +2116,7 @@ function selectWebshell(id, stateReady) {
     });
     document.getElementById('webshell-parent-dir').addEventListener('click', function () {
         const p = (pathInput && pathInput.value.trim()) || '.';
-        if (p === '.' || p === '/') {
-            pathInput.value = '..';
-        } else {
-            pathInput.value = p.replace(/\/[^/]+$/, '') || '.';
-        }
+        pathInput.value = getWebshellParentPath(p);
         webshellFileListDir(webshellCurrentConn, pathInput.value || '.');
     });
 
@@ -3578,9 +3643,14 @@ function webshellFileListDir(conn, path) {
                 listEl.innerHTML = '<div class="webshell-file-error">' + escapeHtml(data.error) + '</div><pre class="webshell-file-raw">' + escapeHtml(data.output || '') + '</pre>';
                 return;
             }
-            listEl.dataset.currentPath = path;
+            var normalizedPath = normalizeWebshellPath(path);
+            var inferredPath = inferPathFromWindowsDirOutput(data.output || '');
+            var displayPath = inferredPath || normalizedPath;
+            listEl.dataset.currentPath = displayPath;
             listEl.dataset.rawOutput = data.output || '';
-            renderFileList(listEl, path, data.output || '', conn);
+            var pathInput = document.getElementById('webshell-file-path');
+            if (pathInput) pathInput.value = displayPath;
+            renderFileList(listEl, displayPath, data.output || '', conn);
         })
         .catch(function (err) {
             listEl.innerHTML = '<div class="webshell-file-error">' + escapeHtml(err && err.message ? err.message : wsT('webshell.execError')) + '</div>';
@@ -3619,6 +3689,27 @@ function modeToType(mode) {
     return c;
 }
 
+function parseWindowsDirEntry(line) {
+    var m = String(line || '').match(/^(\d{4}[\/-]\d{1,2}[\/-]\d{1,2})\s+(\d{1,2}:\d{2})(?:\s*(AM|PM))?\s+(<[^>]+>|[\d,]+)\s+(.+?)\s*$/i);
+    if (!m) return null;
+    var kind = (m[4] || '').trim();
+    var name = (m[5] || '').trim();
+    if (!name || name === '.' || name === '..') return null;
+    var isDir = /^<(dir|junction|symlinkd)>$/i.test(kind);
+    var size = isDir ? '' : kind.replace(/,/g, '');
+    var mtime = (m[1] + ' ' + m[2] + (m[3] ? (' ' + m[3].toUpperCase()) : '')).trim();
+    return {
+        name: name,
+        isDir: isDir,
+        size: size,
+        mtime: mtime,
+        mode: isDir ? 'd' : '-',
+        owner: '',
+        group: '',
+        type: isDir ? 'dir' : 'file'
+    };
+}
+
 function parseWebshellListItems(rawOutput) {
     var lines = (rawOutput || '').split(/\n/).filter(function (l) { return l.trim(); });
     var items = [];
@@ -3627,6 +3718,12 @@ function parseWebshellListItems(rawOutput) {
         var trimmedLine = String(line || '').trim();
         // `ls -la` 首行常见 "total 12"（中文环境为 "总计 12"），不是文件项。
         if (/^(total|总计)\s+\d+$/i.test(trimmedLine)) continue;
+        // `dir` 头尾信息（中英文）与 shell 提示符，不是目录项。
+        if (/^(驱动器|卷的序列号是|volume in drive|volume serial number is|directory of)/i.test(trimmedLine)) continue;
+        if (/^[A-Za-z]:\\.*\s+的目录$/i.test(trimmedLine)) continue;
+        if (/^\d+\s+(个文件|file\(s\))\s+[\d,]+\s+(字节|bytes?)$/i.test(trimmedLine)) continue;
+        if (/^\d+\s+(个目录|dir\(s\))\s+[\d,]+\s+(可用字节|bytes free)$/i.test(trimmedLine)) continue;
+        if (/^[^>\n]*>\s*dir(?:\s|$)/i.test(trimmedLine)) continue;
         var name = '';
         var isDir = false;
         var size = '';
@@ -3646,16 +3743,38 @@ function parseWebshellListItems(rawOutput) {
             isDir = mode && mode.startsWith('d');
             type = modeToType(mode);
         } else {
-            var mName = line.match(/\s*(\S+)\s*$/);
-            name = mName ? mName[1].trim() : line.trim();
-            if (name === '.' || name === '..') continue;
-            isDir = line.startsWith('d') || line.toLowerCase().indexOf('<dir>') !== -1;
-            if (line.startsWith('-') || line.startsWith('d')) {
-                var parts = line.split(/\s+/);
+            var winItem = parseWindowsDirEntry(line);
+            if (winItem) {
+                items.push({
+                    name: winItem.name,
+                    isDir: winItem.isDir,
+                    line: line,
+                    size: winItem.size,
+                    mode: winItem.mode,
+                    mtime: winItem.mtime,
+                    owner: winItem.owner,
+                    group: winItem.group,
+                    type: winItem.type
+                });
+                continue;
+            }
+            // 仅兜底解析 Unix 权限格式，避免把 `dir` 统计行误识别为文件。
+            if (/^[-dlcbsp]/.test(line)) {
+                var parts = line.trim().split(/\s+/);
+                if (parts.length >= 9) {
+                    name = parts.slice(8).join(' ').trim();
+                } else {
+                    name = parts.length ? parts[parts.length - 1].trim() : line.trim();
+                }
+                if (name === '.' || name === '..') continue;
+                isDir = line.startsWith('d');
+                parts = line.split(/\s+/);
                 if (parts.length >= 5) { mode = parts[0]; size = parts[4]; }
                 if (parts.length >= 4) { owner = parts[2] || ''; group = parts[3] || ''; }
                 if (parts.length >= 8 && /^[A-Za-z]{3}$/.test(parts[5])) mtime = normalizeLsMtime(parts[5], parts[6], parts[7]);
                 type = modeToType(mode);
+            } else {
+                continue;
             }
         }
         if (name === '.' || name === '..') continue;
@@ -3680,7 +3799,9 @@ function fetchWebshellDirectoryItems(conn, path) {
 }
 
 function renderFileList(listEl, currentPath, rawOutput, conn, nameFilter) {
+    currentPath = normalizeWebshellPath(currentPath);
     var items = parseWebshellListItems(rawOutput);
+    var selectedPath = getWebshellSelectedFile(conn || webshellCurrentConn);
     if (nameFilter && nameFilter.trim()) {
         var f = nameFilter.trim().toLowerCase();
         items = items.filter(function (item) { return item.name.toLowerCase().indexOf(f) !== -1; });
@@ -3713,10 +3834,11 @@ function renderFileList(listEl, currentPath, rawOutput, conn, nameFilter) {
         }
         items.forEach(function (item) {
             var pathNext = currentPath === '.' ? item.name : currentPath + '/' + item.name;
+            var pathNextNorm = normalizeWebshellPath(pathNext);
             var nameClass = item.isDir ? 'is-dir' : 'is-file';
-            html += '<tr><td class="webshell-col-check">';
+            html += '<tr class="' + (!item.isDir && selectedPath === pathNextNorm ? 'webshell-file-row-selected' : '') + '"><td class="webshell-col-check">';
             if (!item.isDir) html += '<input type="checkbox" class="webshell-file-cb" data-path="' + escapeHtml(pathNext) + '" />';
-            html += '</td><td><a href="#" class="webshell-file-link ' + nameClass + '" data-path="' + escapeHtml(pathNext) + '" data-isdir="' + (item.isDir ? '1' : '0') + '">' + escapeHtml(item.name) + (item.isDir ? '/' : '') + '</a></td>';
+            html += '</td><td class="webshell-col-name"><a href="#" class="webshell-file-link ' + nameClass + '" title="' + escapeHtml(item.name) + '" data-path="' + escapeHtml(pathNext) + '" data-isdir="' + (item.isDir ? '1' : '0') + '">' + escapeHtml(item.name) + (item.isDir ? '/' : '') + '</a></td>';
             html += '<td class="webshell-col-size">' + escapeHtml(item.size) + '</td>';
             html += '<td class="webshell-col-mtime">' + escapeHtml(item.mtime || '') + '</td>';
             html += '<td class="webshell-col-owner">' + escapeHtml(item.owner || '') + '</td>';
@@ -3748,10 +3870,13 @@ function renderFileList(listEl, currentPath, rawOutput, conn, nameFilter) {
             const isDir = a.getAttribute('data-isdir') === '1';
             const pathInput = document.getElementById('webshell-file-path');
             if (isDir) {
+                setWebshellSelectedFile(webshellCurrentConn, '');
                 if (pathInput) pathInput.value = path;
                 webshellFileListDir(webshellCurrentConn, path);
             } else {
                 // 打开文件时保留当前“浏览目录”上下文，避免返回时落到单文件视图
+                setWebshellSelectedFile(webshellCurrentConn, path);
+                renderDirectoryTree(currentPath, items, conn || webshellCurrentConn);
                 webshellFileRead(webshellCurrentConn, path, listEl, currentPath);
             }
         });
@@ -3759,7 +3884,10 @@ function renderFileList(listEl, currentPath, rawOutput, conn, nameFilter) {
     listEl.querySelectorAll('.webshell-file-read').forEach(function (btn) {
         btn.addEventListener('click', function (e) {
             e.preventDefault();
-            webshellFileRead(webshellCurrentConn, btn.getAttribute('data-path'), listEl, currentPath);
+            var filePath = btn.getAttribute('data-path');
+            setWebshellSelectedFile(webshellCurrentConn, filePath);
+            renderDirectoryTree(currentPath, items, conn || webshellCurrentConn);
+            webshellFileRead(webshellCurrentConn, filePath, listEl, currentPath);
         });
     });
     listEl.querySelectorAll('.webshell-file-download').forEach(function (btn) {
@@ -3821,6 +3949,7 @@ function renderDirectoryTree(currentPath, items, conn) {
     var tree = state.tree;
     var expanded = state.expanded;
     var loaded = state.loaded;
+    var selectedPath = getWebshellSelectedFile(conn || webshellCurrentConn);
     if (!tree['.']) tree['.'] = [];
     if (expanded['.'] !== false) expanded['.'] = true;
 
@@ -3844,26 +3973,29 @@ function renderDirectoryTree(currentPath, items, conn) {
         if (node.isDir && !tree[node.path]) tree[node.path] = [];
     });
 
-    // 确保当前路径祖先链存在并展开
+    // 仅对“真实路径”补祖先链；相对上探链（../..）不构建，避免出现假层级。
+    var isRelativeUpChain = /^(?:\.\.\/)*\.\.$/.test(curr);
     var parts = curr === '.' ? [] : curr.split('/');
     var parentPath = '.';
-    for (var i = 0; i < parts.length; i++) {
-        var nextPath = parentPath === '.' ? parts[i] : parentPath + '/' + parts[i];
-        if (!tree[parentPath]) tree[parentPath] = [];
-        var parentChildren = tree[parentPath];
-        var hasAncestorNode = parentChildren.some(function (n) { return n && n.path === nextPath; });
-        if (!hasAncestorNode) {
-            parentChildren.push({ path: nextPath, name: parts[i], isDir: true });
-            parentChildren.sort(function (a, b) {
-                if (!!a.isDir !== !!b.isDir) return a.isDir ? -1 : 1;
-                return (a.name || '').localeCompare(b.name || '');
-            });
+    if (!isRelativeUpChain) {
+        for (var i = 0; i < parts.length; i++) {
+            var nextPath = parentPath === '.' ? parts[i] : parentPath + '/' + parts[i];
+            if (!tree[parentPath]) tree[parentPath] = [];
+            var parentChildren = tree[parentPath];
+            var hasAncestorNode = parentChildren.some(function (n) { return n && n.path === nextPath; });
+            if (!hasAncestorNode) {
+                parentChildren.push({ path: nextPath, name: parts[i], isDir: true });
+                parentChildren.sort(function (a, b) {
+                    if (!!a.isDir !== !!b.isDir) return a.isDir ? -1 : 1;
+                    return (a.name || '').localeCompare(b.name || '');
+                });
+            }
+            if (!tree[nextPath]) tree[nextPath] = [];
+            expanded[parentPath] = true;
+            parentPath = nextPath;
         }
-        if (!tree[nextPath]) tree[nextPath] = [];
-        expanded[parentPath] = true;
-        parentPath = nextPath;
     }
-    expanded[curr] = true;
+    if (expanded[curr] == null) expanded[curr] = true;
 
     function renderNode(node, depth) {
         var path = node.path;
@@ -3872,15 +4004,16 @@ function renderDirectoryTree(currentPath, items, conn) {
         var hasLoadedChildren = isDir ? (loaded[path] === true) : true;
         var canExpand = isDir && (path === '.' || !hasLoadedChildren || children.length > 0);
         var hasChildren = children.length > 0;
-        var isExpanded = isDir ? (expanded[path] !== false) : false;
+        var isExpanded = isDir ? (expanded[path] === true) : false;
         var isActive = path === curr;
+        var isSelectedFile = !isDir && path === selectedPath;
         var name = node.name;
         var icon = isDir ? (path === '.' ? '🗂' : '📁') : '📄';
         var nodeHtml =
             '<div class="webshell-tree-node" data-depth="' + depth + '">' +
-            '<div class="webshell-tree-row' + (isActive ? ' active' : '') + '">' +
+            '<div class="webshell-tree-row' + (isActive ? ' active' : '') + (isSelectedFile ? ' selected-file' : '') + '">' +
             '<button type="button" class="webshell-tree-toggle' + (canExpand ? '' : ' empty') + '" data-path="' + escapeHtml(path) + '">' + (canExpand ? (isExpanded ? '▾' : '▸') : '·') + '</button>' +
-            '<button type="button" class="webshell-dir-item' + (isDir ? ' is-dir' : ' is-file') + '" data-path="' + escapeHtml(path) + '" data-isdir="' + (isDir ? '1' : '0') + '"><span class="webshell-tree-icon">' + icon + '</span><span class="webshell-tree-name">' + escapeHtml(name) + '</span></button>' +
+            '<button type="button" class="webshell-dir-item' + (isDir ? ' is-dir' : ' is-file') + '" title="' + escapeHtml(name) + '" data-path="' + escapeHtml(path) + '" data-isdir="' + (isDir ? '1' : '0') + '"><span class="webshell-tree-icon">' + icon + '</span><span class="webshell-tree-name">' + escapeHtml(name) + '</span></button>' +
             '</div>';
         if (isDir && hasChildren && isExpanded) {
             nodeHtml += '<div class="webshell-tree-children">';
@@ -3899,7 +4032,7 @@ function renderDirectoryTree(currentPath, items, conn) {
             e.preventDefault();
             e.stopPropagation();
             var p = normalizeWebshellPath(btn.getAttribute('data-path') || '.');
-            if (expanded[p] !== false) {
+            if (expanded[p] === true) {
                 expanded[p] = false;
                 renderDirectoryTree(curr, items, conn || webshellCurrentConn);
                 return;
@@ -3939,12 +4072,15 @@ function renderDirectoryTree(currentPath, items, conn) {
             var isDir = btn.getAttribute('data-isdir') === '1';
             var pathInput = document.getElementById('webshell-file-path');
             if (isDir) {
+                setWebshellSelectedFile(webshellCurrentConn, '');
                 if (pathInput) pathInput.value = p;
                 webshellFileListDir(webshellCurrentConn, p);
                 return;
             }
             var listEl = document.getElementById('webshell-file-list');
             var browsePath = p.replace(/\/[^/]+$/, '') || '.';
+            setWebshellSelectedFile(webshellCurrentConn, p);
+            renderDirectoryTree(curr, items, conn || webshellCurrentConn);
             if (listEl) webshellFileRead(webshellCurrentConn, p, listEl, browsePath);
         });
     });
@@ -4101,7 +4237,7 @@ function webshellFileRead(conn, path, listEl, browsePath) {
                 // 兜底：若路径被污染成文件路径，回退到父目录
                 backPath = path.replace(/\/[^/]+$/, '') || '.';
             }
-            listEl.innerHTML = '<div class="webshell-file-content"><pre>' + escapeHtml(out) + '</pre><button type="button" class="btn-ghost" id="webshell-file-back-btn" data-back-path="' + escapeHtml(backPath) + '">' + wsT('webshell.back') + '</button></div>';
+            listEl.innerHTML = '<div class="webshell-file-content"><div class="webshell-file-content-path">' + escapeHtml(path) + '</div><pre>' + escapeHtml(out) + '</pre><button type="button" class="btn-ghost" id="webshell-file-back-btn" data-back-path="' + escapeHtml(backPath) + '">' + wsT('webshell.back') + '</button></div>';
             var backBtn = document.getElementById('webshell-file-back-btn');
             if (backBtn) {
                 backBtn.addEventListener('click', function () {
@@ -4467,7 +4603,7 @@ document.addEventListener('conversation-deleted', function (e) {
     }
 });
 
-// 测试连通性（不保存，仅用当前表单参数请求 Shell 执行 echo 1）
+// 测试连通性（不保存，仅用当前表单参数请求 Shell 执行一次性探活命令）
 function testWebshellConnection() {
     var url = (document.getElementById('webshell-url') || {}).value;
     if (url && typeof url.trim === 'function') url = url.trim();
@@ -4484,13 +4620,14 @@ function testWebshellConnection() {
     var osTag = normalizeWebshellOS((document.getElementById('webshell-os') || {}).value);
     var encoding = normalizeWebshellEncoding((document.getElementById('webshell-encoding') || {}).value);
     var btn = document.getElementById('webshell-test-btn');
+    var probeToken = buildWebshellProbeToken();
     if (btn) { btn.disabled = true; btn.textContent = (typeof wsT === 'function' ? wsT('common.refresh') : '刷新') + '...'; }
     if (typeof apiFetch === 'undefined') {
         if (btn) { btn.disabled = false; btn.textContent = wsT('webshell.testConnectivity'); }
         alert(wsT('webshell.testFailed') || '连通性测试失败');
         return;
     }
-    // 连通性使用 Windows/Linux 都识别的最小内建命令作为探测（echo 1 在 cmd 和 sh 下行为等价）
+    // 连通性使用 Windows/Linux 都识别的最小内建命令作为探测（echo token 在 cmd 和 sh 下行为等价）
     apiFetch('/api/webshell/exec', {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
@@ -4502,7 +4639,7 @@ function testWebshellConnection() {
             cmd_param: cmdParam || '',
             encoding: encoding,
             os: osTag,
-            command: 'echo 1'
+            command: buildWebshellProbeCommand(probeToken)
         })
     })
         .then(function (r) { return r.json(); })
@@ -4512,14 +4649,14 @@ function testWebshellConnection() {
                 alert(wsT('webshell.testFailed') || '连通性测试失败');
                 return;
             }
-            // 仅 HTTP 200 不算通过，需校验是否真的执行了 echo 1（响应体 trim 后应为 "1"）
-            var output = (data.output != null) ? String(data.output).trim() : '';
-            var reallyOk = data.ok && output === '1';
+            // 仅 HTTP 200 不算通过，需校验响应中是否包含本次一次性探活 token
+            var output = (data.output != null) ? String(data.output) : '';
+            var reallyOk = data.ok && isWebshellProbeOutputMatched(output, probeToken);
             if (reallyOk) {
                 alert(wsT('webshell.testSuccess') || '连通性正常，Shell 可访问');
             } else {
                 var msg;
-                if (data.ok && output !== '1')
+                if (data.ok && !isWebshellProbeOutputMatched(output, probeToken))
                     msg = wsT('webshell.testNoExpectedOutput') || 'Shell 返回了响应但未得到预期输出，请检查连接密码与命令参数名';
                 else
                     msg = (data.error) ? data.error : (wsT('webshell.testFailed') || '连通性测试失败');

web/templates/index.html

@@ -14,7 +14,13 @@
     <div id="login-overlay" class="login-overlay" style="display: none;">
         <div class="login-card">
             <div class="login-brand">
-                <h2 data-i18n="login.title">登录 CyberStrikeAI</h2>
+                <img src="/static/logo.png" alt="" class="login-brand-logo" width="56" height="56">
+                <h2 class="login-title">
+                    <span data-i18n="login.titlePrefix">登录</span>
+                    <span class="brand-wordmark brand-wordmark--sm" aria-label="CyberStrikeAI">
+                        <span class="brand-wordmark__core">CyberStrike</span><span class="brand-wordmark__ai">AI</span>
+                    </span>
+                </h2>
                 <p class="login-subtitle" data-i18n="login.subtitle">请输入配置中的访问密码</p>
             </div>
             <form id="login-form" class="login-form">
@@ -34,8 +40,10 @@
         <header>
             <div class="header-content">
                 <div class="logo header-logo-link" onclick="switchPage('dashboard')" role="button" data-i18n="header.backToDashboard" data-i18n-attr="title" data-i18n-skip-text="true" title="返回仪表盘">
-                    <img src="/static/logo.png" alt="CyberStrikeAI Logo" style="width: 32px; height: 32px; margin-right: 8px;">
-                    <h1>CyberStrikeAI</h1>
+                    <img src="/static/logo.png" alt="CyberStrikeAI Logo" class="brand-logo" width="36" height="36">
+                    <h1 class="brand-wordmark brand-wordmark--lg">
+                        <span class="brand-wordmark__core">CyberStrike</span><span class="brand-wordmark__ai">AI</span>
+                    </h1>
                     <span class="version-badge" data-i18n="header.version" data-i18n-attr="title" data-i18n-skip-text="true" title="当前版本">{{.Version}}</span>
                 </div>
                 <div class="header-right">
@@ -161,6 +169,16 @@
                             <span data-i18n="nav.tasks">任务管理</span>
                         </div>
                     </div>
+                    <div class="nav-item" data-page="projects">
+                        <div class="nav-item-content" data-title="项目管理" onclick="switchPage('projects')" data-i18n="nav.projects" data-i18n-attr="data-title" data-i18n-skip-text="true">
+                            <svg width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
+                                <polygon points="12 2 2 7 12 12 22 7 12 2"></polygon>
+                                <polyline points="2 17 12 22 22 17"></polyline>
+                                <polyline points="2 12 12 17 22 12"></polyline>
+                            </svg>
+                            <span data-i18n="nav.projects">项目管理</span>
+                        </div>
+                    </div>
                     <div class="nav-item" data-page="vulnerabilities">
                         <div class="nav-item-content" data-title="漏洞管理" onclick="switchPage('vulnerabilities')" data-i18n="nav.vulnerabilities" data-i18n-attr="data-title" data-i18n-skip-text="true">
                             <svg width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
@@ -941,11 +959,40 @@
                             </div>
                             <div id="active-tasks-bar" class="active-tasks-bar"></div>
                             <div id="chat-messages" class="chat-messages"></div>
+                            <button type="button" id="chat-scroll-to-bottom" class="chat-scroll-to-bottom" aria-label="回到底部" title="回到底部">↓ 回到底部</button>
                             <div id="chat-input-container" class="chat-input-container">
                                 <div class="chat-input-primary-row">
                                 <div class="chat-input-leading">
-                                <div class="role-selector-wrapper">
-                                    <button id="role-selector-btn" class="role-selector-btn" onclick="toggleRoleSelectionPanel()" data-i18n="chat.selectRole" data-i18n-attr="title" title="选择角色">
+                                <div class="role-selector-wrapper project-selector-wrapper">
+                                    <button type="button" id="chat-project-btn" class="role-selector-btn" onclick="toggleChatProjectPanel()" aria-label="选择项目" aria-haspopup="listbox" aria-expanded="false" title="绑定项目后共享事实黑板（跨对话）" data-i18n="projects.chatSelectorButton" data-i18n-attr="aria-label,title">
+                                        <span class="role-selector-icon" aria-hidden="true">📁</span>
+                                        <span id="chat-project-text" class="role-selector-text" data-i18n="projects.noProject">无项目</span>
+                                        <svg class="role-selector-arrow" width="10" height="10" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true">
+                                            <path d="M6 9l6 6 6-6" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+                                        </svg>
+                                    </button>
+                                    <div id="chat-project-panel" class="role-selection-panel chat-project-panel" style="display: none;" role="listbox" aria-labelledby="chat-project-panel-title">
+                                        <div class="role-selection-panel-header">
+                                            <h3 id="chat-project-panel-title" class="role-selection-panel-title" data-i18n="projects.selectProject">选择项目</h3>
+                                            <button type="button" class="role-selection-panel-close" onclick="closeChatProjectPanel()" title="关闭" aria-label="关闭">
+                                                <svg width="16" height="16" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
+                                                    <path d="M18 6L6 18M6 6l12 12" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+                                                </svg>
+                                            </button>
+                                        </div>
+                                        <div class="chat-project-panel-body">
+                                            <div id="chat-project-list" class="role-selection-list-main"></div>
+                                            <div class="chat-project-panel-footer">
+                                                <button type="button" class="role-selection-item-main chat-project-panel-create-btn" onclick="showNewProjectModalFromChat()">
+                                                    <span class="chat-project-panel-create-icon" aria-hidden="true">+</span>
+                                                    <span class="chat-project-panel-create-label" data-i18n="projects.newProject">新建项目</span>
+                                                </button>
+                                            </div>
+                                        </div>
+                                    </div>
+                                </div>
+                                <div id="role-selector-wrapper" class="role-selector-wrapper">
+                                    <button type="button" id="role-selector-btn" class="role-selector-btn" onclick="toggleRoleSelectionPanel()" data-i18n="chat.selectRole" data-i18n-attr="title" title="选择角色">
                                         <span id="role-selector-icon" class="role-selector-icon">🔵</span>
                                         <span id="role-selector-text" class="role-selector-text" data-i18n="chat.defaultRole">默认</span>
                                         <svg class="role-selector-arrow" width="10" height="10" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
@@ -1384,6 +1431,289 @@
                     </div>
                 </div>
 
+                <!-- 项目管理页面 -->
+                <div id="page-projects" class="page projects-page">
+                    <div class="page-header">
+                        <h2 data-i18n="projects.title">项目管理</h2>
+                        <div class="page-header-actions">
+                            <label class="projects-show-archived-label"><input type="checkbox" id="projects-show-archived" onchange="loadProjectsList()"> <span data-i18n="projects.showArchived">显示已归档</span></label>
+                            <button class="btn-secondary" type="button" onclick="loadProjectsList()" data-i18n="common.refresh">刷新</button>
+                            <button class="btn-primary" type="button" onclick="showNewProjectModal()" data-i18n="projects.newProjectCta">+ 新建项目</button>
+                        </div>
+                    </div>
+                    <div class="page-content projects-page-layout">
+                        <aside class="projects-sidebar-card">
+                            <div class="projects-sidebar-head">
+                                <span class="projects-sidebar-title" data-i18n="projects.projectList">项目列表</span>
+                                <span class="projects-sidebar-count" id="projects-list-count">0</span>
+                            </div>
+                            <div class="projects-sidebar-search">
+                                <input type="search" id="projects-list-search" class="form-input" placeholder="搜索项目…" oninput="filterProjectsList()" autocomplete="off" data-i18n="projects.searchProjectsPlaceholder" data-i18n-attr="placeholder">
+                            </div>
+                            <div id="projects-list" class="projects-list"></div>
+                        </aside>
+                        <main class="projects-detail" id="projects-detail-main">
+                            <div class="projects-detail-placeholder" id="projects-detail-placeholder">
+                                <h3 data-i18n="projects.selectOrCreateTitle">选择或创建项目</h3>
+                                <p data-i18n="projects.selectOrCreateHint">项目用于跨对话共享「事实黑板」：目标、环境、认证等信息会在绑定项目的对话中自动注入。</p>
+                                <button class="btn-primary" type="button" onclick="showNewProjectModal()" data-i18n="projects.createFirstProject">创建第一个项目</button>
+                            </div>
+                            <div class="projects-detail-inner" id="projects-detail-inner" hidden>
+                                <header class="projects-detail-header">
+                                    <div class="projects-detail-header-main">
+                                        <div class="projects-detail-title-row">
+                                            <h3 id="projects-detail-title" class="projects-detail-title" data-i18n="projects.defaultProjectName">项目</h3>
+                                            <span id="projects-detail-status" class="projects-status-pill projects-status-pill--active" data-i18n="projects.statusActive">进行中</span>
+                                        </div>
+                                        <p id="projects-detail-meta" class="projects-detail-meta"></p>
+                                        <p id="projects-detail-desc" class="projects-detail-desc"></p>
+                                        <div class="projects-detail-stats" id="projects-detail-stats">
+                                            <span class="projects-stat-chip" id="project-stat-facts">0 条事实</span>
+                                            <span class="projects-stat-chip" id="project-stat-vulns">0 个漏洞</span>
+                                            <span class="projects-stat-chip" id="project-stat-conversations">0 个对话</span>
+                                            <span class="projects-stat-chip projects-stat-chip--warn" id="project-stat-sparse" hidden>0 待补全</span>
+                                        </div>
+                                    </div>
+                                    <div class="projects-detail-header-actions">
+                                        <button type="button" class="btn-secondary btn-small" onclick="openVulnerabilitiesForProject()" data-i18n="projects.vulnerabilityManagement">漏洞管理</button>
+                                        <button type="button" class="btn-primary btn-small" onclick="showAddFactModal()" data-i18n="projects.addFactCta">+ 添加事实</button>
+                                    </div>
+                                </header>
+                                <nav class="projects-tabs" role="tablist">
+                                    <button type="button" id="project-tab-facts" class="projects-tab is-active" role="tab" onclick="switchProjectTab('facts')" data-i18n="projects.tabFacts">事实黑板</button>
+                                    <button type="button" id="project-tab-conversations" class="projects-tab" role="tab" onclick="switchProjectTab('conversations')" data-i18n="projects.tabConversations">关联对话</button>
+                                    <button type="button" id="project-tab-vulns" class="projects-tab" role="tab" onclick="switchProjectTab('vulns')" data-i18n="projects.tabVulns">关联漏洞</button>
+                                    <button type="button" id="project-tab-settings" class="projects-tab" role="tab" onclick="switchProjectTab('settings')" data-i18n="projects.tabSettings">设置</button>
+                                </nav>
+                                <div id="project-panel-facts" class="projects-panel" role="tabpanel">
+                                    <div class="projects-fact-toolbar">
+                                        <p class="projects-fact-toolbar-hint" role="note">
+                                            <svg class="projects-fact-toolbar-hint-icon" width="16" height="16" viewBox="0 0 24 24" fill="none" aria-hidden="true" xmlns="http://www.w3.org/2000/svg">
+                                                <circle cx="12" cy="12" r="9" stroke="currentColor" stroke-width="2"/>
+                                                <path d="M12 10v6M12 8h.01" stroke="currentColor" stroke-width="2" stroke-linecap="round"/>
+                                            </svg>
+                                            <span data-i18n="projects.factToolbarHint">索引仅含 key 与摘要（须含「什么 + 在哪 + 如何验证」）；攻击链 / POC 写在 body，Agent 通过 get_project_fact 复现</span>
+                                        </p>
+                                        <div class="projects-fact-toolbar-filters" role="search">
+                                            <label class="projects-fact-filter-field projects-fact-filter-field--search">
+                                                <span class="sr-only" data-i18n="projects.searchFactsSr">搜索事实</span>
+                                                <svg class="projects-fact-search-icon" width="16" height="16" viewBox="0 0 24 24" fill="none" aria-hidden="true" xmlns="http://www.w3.org/2000/svg">
+                                                    <circle cx="11" cy="11" r="7" stroke="currentColor" stroke-width="2"/>
+                                                    <path d="M20 20L16 16" stroke="currentColor" stroke-width="2" stroke-linecap="round"/>
+                                                </svg>
+                                                <input type="search" id="project-facts-search" placeholder="搜索 key、摘要、body…" oninput="debouncedLoadProjectFacts()" autocomplete="off" data-i18n="projects.searchFactsPlaceholder" data-i18n-attr="placeholder">
+                                            </label>
+                                            <label class="projects-fact-filter-field">
+                                                <span class="projects-fact-filter-label" data-i18n="projects.category">分类</span>
+                                                <select id="project-facts-filter-category" onchange="loadProjectFacts()">
+                                                    <option value="" data-i18n="projects.all">全部</option>
+                                                    <option value="target">target</option>
+                                                    <option value="auth">auth</option>
+                                                    <option value="infra">infra</option>
+                                                    <option value="business">business</option>
+                                                    <option value="finding">finding</option>
+                                                    <option value="chain">chain</option>
+                                                    <option value="exploit">exploit</option>
+                                                    <option value="poc">poc</option>
+                                                    <option value="note">note</option>
+                                                </select>
+                                            </label>
+                                            <label class="projects-fact-filter-field">
+                                                <span class="projects-fact-filter-label" data-i18n="projects.confidence">置信度</span>
+                                                <select id="project-facts-filter-confidence" onchange="loadProjectFacts()">
+                                                    <option value="" data-i18n="projects.all">全部</option>
+                                                    <option value="confirmed" data-i18n="projects.confidenceConfirmed">已确认</option>
+                                                    <option value="tentative" data-i18n="projects.confidenceTentative">待确认</option>
+                                                    <option value="deprecated" data-i18n="projects.confidenceDeprecated">已废弃</option>
+                                                </select>
+                                            </label>
+                                            <div class="projects-fact-filter-toggles" role="group" aria-label="显示选项" data-i18n="projects.displayOptions" data-i18n-attr="aria-label">
+                                                <label class="projects-fact-toggle">
+                                                    <input type="checkbox" id="project-facts-filter-sparse" onchange="loadProjectFacts()">
+                                                    <span data-i18n="projects.sparseOnly">仅待补全</span>
+                                                </label>
+                                                <label class="projects-fact-toggle">
+                                                    <input type="checkbox" id="project-facts-filter-hide-deprecated" checked onchange="loadProjectFacts()">
+                                                    <span data-i18n="projects.hideDeprecated">隐藏废弃</span>
+                                                </label>
+                                            </div>
+                                        </div>
+                                    </div>
+                                    <div class="projects-table-wrap">
+                                        <table class="data-table data-table--projects">
+                                            <thead><tr><th>Key</th><th data-i18n="projects.category">分类</th><th data-i18n="projects.summary">摘要</th><th>Body</th><th data-i18n="projects.confidence">置信度</th><th data-i18n="projects.updated">更新</th><th class="col-actions" data-i18n="common.actions">操作</th></tr></thead>
+                                            <tbody id="project-facts-tbody"></tbody>
+                                        </table>
+                                    </div>
+                                </div>
+                                <div id="project-panel-conversations" class="projects-panel" role="tabpanel" hidden>
+                                    <div class="projects-panel-toolbar projects-panel-toolbar--hint">
+                                        <p class="projects-fact-toolbar-hint" role="note">
+                                            <svg class="projects-fact-toolbar-hint-icon" width="16" height="16" viewBox="0 0 24 24" fill="none" aria-hidden="true" xmlns="http://www.w3.org/2000/svg">
+                                                <circle cx="12" cy="12" r="9" stroke="currentColor" stroke-width="2"/>
+                                                <path d="M12 10v6M12 8h.01" stroke="currentColor" stroke-width="2" stroke-linecap="round"/>
+                                            </svg>
+                                            <span data-i18n="projects.boundConversationsHint">绑定到本项目的对话；点击可打开会话</span>
+                                        </p>
+                                    </div>
+                                    <div class="projects-table-wrap">
+                                        <table class="data-table data-table--projects">
+                                            <thead><tr><th data-i18n="projects.titleLabel">标题</th><th data-i18n="projects.updated">更新</th><th class="col-actions" data-i18n="common.actions">操作</th></tr></thead>
+                                            <tbody id="project-conversations-tbody"></tbody>
+                                        </table>
+                                    </div>
+                                </div>
+                                <div id="project-panel-vulns" class="projects-panel" role="tabpanel" hidden>
+                                    <div class="projects-fact-toolbar">
+                                        <div class="projects-vuln-toolbar-top">
+                                            <p class="projects-fact-toolbar-hint" role="note">
+                                                <svg class="projects-fact-toolbar-hint-icon" width="16" height="16" viewBox="0 0 24 24" fill="none" aria-hidden="true" xmlns="http://www.w3.org/2000/svg">
+                                                    <circle cx="12" cy="12" r="9" stroke="currentColor" stroke-width="2"/>
+                                                    <path d="M12 10v6M12 8h.01" stroke="currentColor" stroke-width="2" stroke-linecap="round"/>
+                                                </svg>
+                                                <span data-i18n="projects.projectVulnSummaryHint">本项目下记录的漏洞汇总</span>
+                                            </p>
+                                            <button type="button" class="btn-secondary btn-small" onclick="openVulnerabilitiesForProject()" data-i18n="projects.viewInVulnerabilityManagement">在漏洞管理中查看</button>
+                                        </div>
+                                        <div class="projects-fact-toolbar-filters" role="search">
+                                            <label class="projects-fact-filter-field projects-fact-filter-field--search">
+                                                <span class="sr-only" data-i18n="projects.searchVulnsSr">搜索漏洞</span>
+                                                <svg class="projects-fact-search-icon" width="16" height="16" viewBox="0 0 24 24" fill="none" aria-hidden="true" xmlns="http://www.w3.org/2000/svg">
+                                                    <circle cx="11" cy="11" r="7" stroke="currentColor" stroke-width="2"/>
+                                                    <path d="M20 20L16 16" stroke="currentColor" stroke-width="2" stroke-linecap="round"/>
+                                                </svg>
+                                                <input type="search" id="project-vulns-search" placeholder="搜索标题、描述、类型、目标…" oninput="debouncedLoadProjectVulnerabilities()" autocomplete="off" data-i18n="projects.searchVulnsPlaceholder" data-i18n-attr="placeholder">
+                                            </label>
+                                            <label class="projects-fact-filter-field">
+                                                <span class="projects-fact-filter-label" data-i18n="projects.severity">严重度</span>
+                                                <select id="project-vulns-filter-severity" onchange="loadProjectVulnerabilities()">
+                                                    <option value="" data-i18n="projects.all">全部</option>
+                                                    <option value="critical">critical</option>
+                                                    <option value="high">high</option>
+                                                    <option value="medium">medium</option>
+                                                    <option value="low">low</option>
+                                                    <option value="info">info</option>
+                                                </select>
+                                            </label>
+                                            <label class="projects-fact-filter-field">
+                                                <span class="projects-fact-filter-label" data-i18n="projects.status">状态</span>
+                                                <select id="project-vulns-filter-status" onchange="loadProjectVulnerabilities()">
+                                                    <option value="" data-i18n="projects.all">全部</option>
+                                                    <option value="open" data-i18n="vulnerabilityPage.statusOpen">待处理</option>
+                                                    <option value="confirmed" data-i18n="vulnerabilityPage.statusConfirmed">已确认</option>
+                                                    <option value="fixed" data-i18n="vulnerabilityPage.statusFixed">已修复</option>
+                                                    <option value="false_positive" data-i18n="vulnerabilityPage.statusFalsePositive">误报</option>
+                                                </select>
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="projects-table-wrap">
+                                        <table class="data-table data-table--projects">
+                                            <thead><tr><th data-i18n="projects.titleLabel">标题</th><th data-i18n="projects.severity">严重度</th><th data-i18n="projects.status">状态</th><th class="col-actions" data-i18n="common.actions">操作</th></tr></thead>
+                                            <tbody id="project-vulns-tbody"></tbody>
+                                        </table>
+                                    </div>
+                                </div>
+                                <div id="project-panel-settings" class="projects-panel projects-panel--settings" role="tabpanel" hidden>
+                                    <div class="projects-settings-layout">
+                                        <header class="projects-settings-intro">
+                                            <div class="projects-settings-intro-text">
+                                                <h4 class="projects-settings-intro-title" data-i18n="projects.settingsIntroTitle">项目设置</h4>
+                                                <p class="projects-settings-intro-hint" data-i18n="projects.settingsIntroHint">配置项目元数据与 Agent 授权边界，保存后即时生效于绑定对话。</p>
+                                            </div>
+                                        </header>
+                                        <div class="projects-settings-grid">
+                                            <section class="projects-settings-card projects-settings-card--basic">
+                                                <div class="projects-settings-card-head">
+                                                    <div class="projects-settings-card-head-left">
+                                                        <span class="projects-settings-icon projects-settings-icon--blue" aria-hidden="true">
+                                                            <svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M14 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8z"/><polyline points="14 2 14 8 20 8"/><line x1="16" y1="13" x2="8" y2="13"/><line x1="16" y1="17" x2="8" y2="17"/></svg>
+                                                        </span>
+                                                        <div>
+                                                            <h4 class="projects-settings-card-title" data-i18n="projects.basicInfoTitle">基本信息</h4>
+                                                            <p class="projects-settings-card-hint" data-i18n="projects.basicInfoHint">名称与描述会显示在项目详情中</p>
+                                                        </div>
+                                                    </div>
+                                                </div>
+                                                <div class="projects-settings-card-body">
+                                                    <div class="projects-form-row projects-form-row--2">
+                                                        <div class="projects-form-field">
+                                                            <label for="project-edit-name" data-i18n="projects.projectName">项目名称</label>
+                                                            <input type="text" id="project-edit-name" class="form-input" placeholder="例如：某客户 Web 渗透" data-i18n="projects.projectNamePlaceholder" data-i18n-attr="placeholder">
+                                                        </div>
+                                                        <div class="projects-form-field">
+                                                            <label for="project-edit-status" data-i18n="projects.status">状态</label>
+                                                            <div class="projects-status-select-wrap">
+                                                                <select id="project-edit-status" class="form-input projects-status-select">
+                                                                    <option value="active" data-i18n="projects.statusActive">进行中</option>
+                                                                    <option value="archived" data-i18n="projects.statusArchived">已归档</option>
+                                                                </select>
+                                                            </div>
+                                                        </div>
+                                                    </div>
+                                                    <div class="projects-form-field">
+                                                        <label class="projects-filter-check projects-pin-toggle">
+                                                            <input type="checkbox" id="project-edit-pinned"> <span data-i18n="projects.pinProject">置顶项目（列表优先显示）</span>
+                                                        </label>
+                                                    </div>
+                                                    <div class="projects-form-field">
+                                                        <label for="project-edit-description" data-i18n="projects.projectDescription">描述</label>
+                                                        <textarea id="project-edit-description" class="form-input" rows="3" placeholder="测试目标、授权范围、联系人、注意事项…" data-i18n="projects.editDescriptionPlaceholder" data-i18n-attr="placeholder"></textarea>
+                                                    </div>
+                                                </div>
+                                            </section>
+                                            <section class="projects-settings-card projects-settings-card--scope">
+                                                <div class="projects-settings-card-head">
+                                                    <div class="projects-settings-card-head-left">
+                                                        <span class="projects-settings-icon projects-settings-icon--violet" aria-hidden="true">
+                                                            <svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="10"/><line x1="2" y1="12" x2="22" y2="12"/><path d="M12 2a15.3 15.3 0 0 1 4 10 15.3 15.3 0 0 1-4 10 15.3 15.3 0 0 1-4-10 15.3 15.3 0 0 1 4-10z"/></svg>
+                                                        </span>
+                                                        <div>
+                                                            <h4 class="projects-settings-card-title" data-i18n="projects.scopeTitle">测试范围</h4>
+                                                            <p class="projects-settings-card-hint" data-i18n="projects.scopeHint">JSON 格式，供 Agent 理解授权边界与目标资产</p>
+                                                        </div>
+                                                    </div>
+                                                    <div class="projects-scope-toolbar">
+                                                        <button type="button" class="btn-ghost btn-small" onclick="formatProjectScopeJson()" title="格式化 JSON" data-i18n="projects.formatJson" data-i18n-attr="title">格式化</button>
+                                                        <button type="button" class="btn-ghost btn-small" onclick="insertProjectScopeExample()" title="插入示例" data-i18n="projects.example" data-i18n-attr="title">示例</button>
+                                                    </div>
+                                                </div>
+                                                <div class="projects-settings-card-body projects-settings-card-body--fill">
+                                                    <div class="projects-scope-editor">
+                                                        <label for="project-edit-scope" class="sr-only" data-i18n="projects.scopeJsonLabel">范围 JSON</label>
+                                                        <textarea id="project-edit-scope" class="form-input form-input--mono projects-scope-textarea" spellcheck="false" placeholder='{"targets":["https://example.com"],"exclude":["*.cdn.example.com"]}'></textarea>
+                                                    </div>
+                                                    <p class="projects-scope-footnote" data-i18n="projects.scopeFootnote">支持 targets、exclude、notes 等字段，留空表示不限制范围。</p>
+                                                </div>
+                                            </section>
+                                        </div>
+                                        <section class="projects-settings-card projects-settings-card--danger">
+                                            <div class="projects-settings-danger-main">
+                                                <span class="projects-settings-icon projects-settings-icon--red" aria-hidden="true">
+                                                    <svg width="18" height="18" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z"/><line x1="12" y1="9" x2="12" y2="13"/><line x1="12" y1="17" x2="12.01" y2="17"/></svg>
+                                                </span>
+                                                <div>
+                                                    <h4 class="projects-settings-card-title" data-i18n="projects.dangerZoneTitle">危险操作</h4>
+                                                    <p class="projects-settings-card-hint" data-i18n="projects.dangerZoneHint">归档后需在列表勾选「显示已归档」才能查看；删除将清除全部事实且不可恢复。</p>
+                                                </div>
+                                            </div>
+                                            <div class="projects-settings-danger-actions">
+                                                <button class="btn-secondary btn-small" type="button" onclick="archiveCurrentProject()" data-i18n="projects.archiveRestore">归档 / 恢复</button>
+                                                <button class="btn-secondary btn-small btn-danger-outline" type="button" onclick="deleteCurrentProject()" data-i18n="projects.deleteProject">删除项目</button>
+                                            </div>
+                                        </section>
+                                    </div>
+                                    <footer class="projects-settings-footer">
+                                        <span class="projects-settings-footer-hint" data-i18n="projects.saveChangesHint">修改后请点击保存以同步到服务器</span>
+                                        <button class="btn-primary" type="button" onclick="saveProjectSettings()">
+                                            <span data-i18n="projects.saveSettings">保存更改</span>
+                                        </button>
+                                    </footer>
+                                </div>
+                            </div>
+                        </main>
+                    </div>
+                </div>
                 <!-- 漏洞管理页面 -->
                 <div id="page-vulnerabilities" class="page">
                     <div class="page-header">
@@ -1456,6 +1786,12 @@
                                         <input type="search" id="vulnerability-search-filter" autocomplete="off"
                                             data-i18n="vulnerabilityPage.searchKeyword" data-i18n-attr="placeholder" placeholder="搜索标题、描述、类型、目标…" />
                                     </label>
+                                    <label class="vulnerability-filter-field vulnerability-filter-field--project">
+                                        <span class="sr-only">项目</span>
+                                        <select id="vulnerability-project-filter" title="按项目筛选" onchange="scheduleVulnerabilityFilterApply(true)">
+                                            <option value="">全部项目</option>
+                                        </select>
+                                    </label>
                                     <label class="vulnerability-filter-field vulnerability-filter-field--status">
                                         <span class="sr-only" data-i18n="vulnerabilityPage.status">状态</span>
                                         <select id="vulnerability-status-filter" data-i18n-attr="title" title="状态">
@@ -2563,20 +2899,39 @@
                                 <div class="settings-subsection">
                                     <h4 data-i18n="settingsRobotsExtra.botCommandsTitle">机器人命令说明</h4>
                                     <p class="settings-description" data-i18n="settingsRobotsExtra.botCommandsDesc">在对话中可发送以下命令（支持中英文）：</p>
-                                    <ul style="color: var(--text-muted); font-size: 13px; line-height: 1.8; margin: 8px 0 0 16px;">
+
+                                    <p class="robot-cmd-category" data-i18n="settingsRobotsExtra.botCmdCategoryGeneral">通用</p>
+                                    <ul class="robot-cmd-list">
                                         <li><code>帮助</code> <code>help</code> — <span data-i18n="settingsRobotsExtra.botCmdHelp">显示本帮助 | Show this help</span></li>
+                                        <li><code>版本</code> <code>version</code> — <span data-i18n="settingsRobotsExtra.botCmdVersion">显示当前版本号 | Show version</span></li>
+                                    </ul>
+
+                                    <p class="robot-cmd-category" data-i18n="settingsRobotsExtra.botCmdCategoryConversation">对话</p>
+                                    <ul class="robot-cmd-list">
                                         <li><code>列表</code> <code>list</code> — <span data-i18n="settingsRobotsExtra.botCmdList">列出所有对话标题与 ID | List conversations</span></li>
                                         <li><code>切换 &lt;ID&gt;</code> <code>switch &lt;ID&gt;</code> — <span data-i18n="settingsRobotsExtra.botCmdSwitch">指定对话继续 | Switch to conversation</span></li>
                                         <li><code>新对话</code> <code>new</code> — <span data-i18n="settingsRobotsExtra.botCmdNew">开启新对话 | Start new conversation</span></li>
                                         <li><code>清空</code> <code>clear</code> — <span data-i18n="settingsRobotsExtra.botCmdClear">清空当前上下文 | Clear context</span></li>
-                                        <li><code>当前</code> <code>current</code> — <span data-i18n="settingsRobotsExtra.botCmdCurrent">显示当前对话 ID 与标题 | Show current conversation</span></li>
+                                        <li><code>当前</code> <code>current</code> — <span data-i18n="settingsRobotsExtra.botCmdCurrent">显示当前对话、角色与项目 | Show current conversation</span></li>
                                         <li><code>停止</code> <code>stop</code> — <span data-i18n="settingsRobotsExtra.botCmdStop">中断当前任务 | Stop running task</span></li>
+                                        <li><code>删除 &lt;ID&gt;</code> <code>delete &lt;ID&gt;</code> — <span data-i18n="settingsRobotsExtra.botCmdDelete">删除指定对话 | Delete conversation</span></li>
+                                    </ul>
+
+                                    <p class="robot-cmd-category" data-i18n="settingsRobotsExtra.botCmdCategoryRole">角色</p>
+                                    <ul class="robot-cmd-list">
                                         <li><code>角色</code> <code>roles</code> — <span data-i18n="settingsRobotsExtra.botCmdRoles">列出所有可用角色 | List roles</span></li>
                                         <li><code>角色 &lt;名&gt;</code> <code>role &lt;name&gt;</code> — <span data-i18n="settingsRobotsExtra.botCmdRole">切换当前角色 | Switch role</span></li>
-                                        <li><code>删除 &lt;ID&gt;</code> <code>delete &lt;ID&gt;</code> — <span data-i18n="settingsRobotsExtra.botCmdDelete">删除指定对话 | Delete conversation</span></li>
-                                        <li><code>版本</code> <code>version</code> — <span data-i18n="settingsRobotsExtra.botCmdVersion">显示当前版本号 | Show version</span></li>
                                     </ul>
-                                    <p class="settings-description" style="margin-top: 8px;" data-i18n="settingsRobotsExtra.botCommandsFooter">除以上命令外，直接输入内容将发送给 AI 进行渗透测试/安全分析。Otherwise, send any text for AI penetration testing / security analysis.</p>
+
+                                    <p class="robot-cmd-category" data-i18n="settingsRobotsExtra.botCmdCategoryProject">项目</p>
+                                    <ul class="robot-cmd-list">
+                                        <li><code>项目</code> <code>projects</code> — <span data-i18n="settingsRobotsExtra.botCmdProjects">列出所有项目 | List projects</span></li>
+                                        <li><code>新建项目 &lt;名称&gt;</code> <code>new project &lt;name&gt;</code> — <span data-i18n="settingsRobotsExtra.botCmdNewProject">创建项目并绑定当前对话 | Create &amp; bind project</span></li>
+                                        <li><code>绑定项目 &lt;ID或名称&gt;</code> <code>bind project &lt;ID|name&gt;</code> — <span data-i18n="settingsRobotsExtra.botCmdBindProject">将当前对话绑定到项目 | Bind conversation</span></li>
+                                        <li><code>解除项目</code> <code>unbind project</code> — <span data-i18n="settingsRobotsExtra.botCmdUnbindProject">解除当前对话的项目绑定 | Unbind project</span></li>
+                                    </ul>
+
+                                    <p class="settings-description robot-cmd-footer" data-i18n="settingsRobotsExtra.botCommandsFooter">除以上命令外，直接输入内容将发送给 AI 进行渗透测试/安全分析。Otherwise, send any text for AI penetration testing / security analysis.</p>
                                 </div>
 
                                 <div class="settings-actions">
@@ -3395,6 +3750,13 @@
                     </select>
                     <div class="form-hint" style="margin-top: 4px;" data-i18n="batchImportModal.roleHint">选择一个角色，所有任务将使用该角色的配置（提示词和工具）执行。</div>
                 </div>
+                <div class="form-group">
+                    <label for="batch-queue-project-id" data-i18n="batchImportModal.project">所属项目</label>
+                    <select id="batch-queue-project-id" style="width: 100%; padding: 8px; border: 1px solid #ddd; border-radius: 4px; font-size: 0.875rem;">
+                        <option value="" data-i18n="batchImportModal.projectNone">（未绑定）</option>
+                    </select>
+                    <div class="form-hint" style="margin-top: 4px;" data-i18n="batchImportModal.projectHint">可为队列绑定项目；留空则不绑定项目上下文。</div>
+                </div>
                 <div class="form-group">
                     <label for="batch-queue-agent-mode" data-i18n="batchImportModal.agentMode">代理模式</label>
                     <select id="batch-queue-agent-mode" style="width: 100%; padding: 8px; border: 1px solid #ddd; border-radius: 4px; font-size: 0.875rem;">
@@ -3492,6 +3854,13 @@
                 <span class="modal-close" onclick="closeVulnerabilityModal()">&times;</span>
             </div>
             <div class="modal-body">
+                <div class="form-group">
+                    <label for="vulnerability-project-id" data-i18n="vulnerabilityModal.project">所属项目</label>
+                    <select id="vulnerability-project-id" class="form-input">
+                        <option value="" data-i18n="vulnerabilityModal.projectNone">（未绑定）</option>
+                    </select>
+                    <p class="form-hint" data-i18n="vulnerabilityModal.projectHint">绑定后 Agent 在项目范围内可通过 list_vulnerabilities 看到本条记录；留空则尝试从会话自动关联。</p>
+                </div>
                 <div class="form-group">
                     <label for="vulnerability-conversation-id"><span data-i18n="vulnerabilityModal.conversationId">会话ID</span> <span style="color: red;">*</span></label>
                     <input type="text" id="vulnerability-conversation-id" data-i18n="vulnerabilityModal.conversationIdPlaceholder" data-i18n-attr="placeholder" placeholder="输入会话ID" required />
@@ -3724,6 +4093,135 @@
         </div>
     </div>
 
+    <!-- 项目管理弹窗（挂 body 下，避免被 .page overflow 裁剪） -->
+    <div id="project-modal" class="modal-overlay projects-modal-overlay" style="display:none;" role="dialog" aria-modal="true" aria-labelledby="project-modal-title" onclick="if(event.target===this)closeProjectModal()">
+        <div class="projects-modal-dialog" onclick="event.stopPropagation()">
+            <div class="projects-modal-header">
+                <div class="projects-modal-header-text">
+                    <div>
+                        <h3 id="project-modal-title" data-i18n="projects.modalNewTitle">新建项目</h3>
+                        <p id="project-modal-subtitle" class="projects-modal-subtitle" data-i18n="projects.modalNewSubtitle">创建后可绑定对话，跨会话共享事实黑板</p>
+                    </div>
+                </div>
+                <button type="button" class="projects-modal-close" onclick="closeProjectModal()" aria-label="关闭" data-i18n="common.close" data-i18n-attr="aria-label" data-i18n-skip-text="true">&times;</button>
+            </div>
+            <div class="projects-modal-body">
+                <div class="projects-form-field">
+                    <label for="project-modal-name" data-i18n="projects.projectName">项目名称 <span class="required">*</span></label>
+                    <input type="text" id="project-modal-name" class="form-input" placeholder="例如：某客户 Web 渗透" autocomplete="off" data-i18n="projects.projectNamePlaceholder" data-i18n-attr="placeholder">
+                </div>
+                <div class="projects-form-field">
+                    <label for="project-modal-description" data-i18n="projects.projectDescription">项目描述</label>
+                    <textarea id="project-modal-description" class="form-input" rows="4" placeholder="测试范围、授权边界、注意事项…" data-i18n="projects.projectDescriptionPlaceholder" data-i18n-attr="placeholder"></textarea>
+                </div>
+            </div>
+            <div class="projects-modal-footer">
+                <button class="btn-secondary" type="button" onclick="closeProjectModal()" data-i18n="common.cancel">取消</button>
+                <button class="btn-primary" type="button" id="project-modal-submit-btn" onclick="saveProjectModal()" data-i18n="projects.createProject">创建项目</button>
+            </div>
+        </div>
+    </div>
+    <div id="fact-modal" class="modal-overlay projects-modal-overlay" style="display:none;" role="dialog" aria-modal="true" onclick="if(event.target===this)closeFactModal()">
+        <div class="projects-modal-dialog projects-modal-dialog--wide" onclick="event.stopPropagation()">
+            <div class="projects-modal-header">
+                <div class="projects-modal-header-text">
+                    <div>
+                        <h3 id="fact-modal-title" data-i18n="projects.addFact">添加事实</h3>
+                        <p class="projects-modal-subtitle" data-i18n="projects.factModalSubtitle">摘要注入黑板索引；body 沉淀攻击链与 POC，供审计复现（与漏洞记录分工）</p>
+                    </div>
+                </div>
+                <button type="button" class="projects-modal-close" onclick="closeFactModal()" aria-label="关闭" data-i18n="common.close" data-i18n-attr="aria-label" data-i18n-skip-text="true">&times;</button>
+            </div>
+            <div class="projects-modal-body">
+                <div class="projects-form-field">
+                    <label for="fact-modal-key">fact_key</label>
+                    <input type="text" id="fact-modal-key" class="form-input" placeholder="target/primary_domain 或 finding/sqli-login" oninput="updateFactFormHints()">
+                    <p class="projects-field-hint">环境类：target/、auth/、infra/、business/；发现/利用：finding/、chain/、exploit/、poc/</p>
+                </div>
+                <div class="projects-form-row">
+                    <div class="projects-form-field">
+                        <label for="fact-modal-category" data-i18n="projects.category">分类</label>
+                        <select id="fact-modal-category" class="form-input" onchange="updateFactFormHints()">
+                            <option value="target">target（目标）</option>
+                            <option value="auth">auth（认证）</option>
+                            <option value="infra">infra（基础设施）</option>
+                            <option value="business">business（业务）</option>
+                            <option value="finding">finding（发现）</option>
+                            <option value="chain">chain（攻击链）</option>
+                            <option value="exploit">exploit（利用）</option>
+                            <option value="poc">poc（POC）</option>
+                            <option value="note" selected>note（备注）</option>
+                        </select>
+                    </div>
+                    <div class="projects-form-field">
+                        <label for="fact-modal-confidence" data-i18n="projects.confidence">置信度</label>
+                        <select id="fact-modal-confidence" class="form-input">
+                            <option value="tentative">待确认</option>
+                            <option value="confirmed">已确认</option>
+                            <option value="deprecated">已废弃</option>
+                        </select>
+                    </div>
+                </div>
+                <div class="projects-form-field">
+                    <label for="fact-modal-summary">摘要（索引一行）</label>
+                    <input type="text" id="fact-modal-summary" class="form-input" maxlength="400" placeholder="什么 + 在哪 + 如何验证（勿仅写「存在 XSS」）" oninput="updateFactFormHints()">
+                </div>
+                <div class="projects-form-field">
+                    <div class="projects-form-label-row">
+                        <label for="fact-modal-body">body（可复现详情）</label>
+                        <div class="projects-form-label-actions">
+                            <button type="button" class="btn-link btn-small" onclick="insertFactBodyTemplate('attack')">插入攻击链模板</button>
+                            <button type="button" class="btn-link btn-small" onclick="insertFactBodyTemplate('env')">插入环境模板</button>
+                        </div>
+                    </div>
+                    <textarea id="fact-modal-body" class="form-input fact-modal-body-input" rows="14" placeholder="攻击链步骤、HTTP/命令 POC、响应现象、证据…" oninput="updateFactFormHints()"></textarea>
+                    <p id="fact-modal-body-hint" class="projects-field-hint" role="status"></p>
+                </div>
+                <div class="projects-form-field">
+                    <label for="fact-modal-related-vuln" data-i18n="projects.relatedVulnIdLabel">关联漏洞 ID</label>
+                    <input type="text" id="fact-modal-related-vuln" class="form-input" placeholder="可选" data-i18n="projects.optional" data-i18n-attr="placeholder">
+                </div>
+            </div>
+            <div class="projects-modal-footer">
+                <button class="btn-secondary" type="button" onclick="closeFactModal()" data-i18n="common.cancel">取消</button>
+                <button class="btn-primary" type="button" id="fact-modal-submit-btn" onclick="saveFactModal()" data-i18n="projects.saveFact">保存事实</button>
+            </div>
+        </div>
+    </div>
+    <div id="fact-detail-modal" class="modal-overlay projects-modal-overlay" style="display:none;" role="dialog" aria-modal="true" onclick="if(event.target===this)closeFactDetailModal()">
+        <div class="projects-modal-dialog projects-modal-dialog--wide" onclick="event.stopPropagation()">
+            <div class="projects-modal-header">
+                <div class="projects-modal-header-text">
+                    <div>
+                        <h3 id="fact-detail-title" data-i18n="projects.factDetails">事实详情</h3>
+                        <p id="fact-detail-meta" class="projects-modal-subtitle"></p>
+                    </div>
+                </div>
+                <button type="button" class="projects-modal-close" onclick="closeFactDetailModal()" aria-label="关闭" data-i18n="common.close" data-i18n-attr="aria-label" data-i18n-skip-text="true">&times;</button>
+            </div>
+            <div class="projects-modal-body">
+                <p id="fact-detail-sparse-warn" class="projects-fact-sparse-warn" hidden></p>
+                <div id="fact-detail-prev-wrap" class="fact-detail-prev-wrap" hidden>
+                    <h4 class="fact-detail-prev-title" data-i18n="projects.previousVersion">上一版本</h4>
+                    <p id="fact-detail-prev-meta" class="projects-modal-subtitle"></p>
+                    <pre id="fact-detail-prev-body" class="fact-detail-body fact-detail-body--muted"></pre>
+                </div>
+                <h4 class="fact-detail-current-title" data-i18n="projects.currentVersion">当前版本</h4>
+                <pre id="fact-detail-body" class="fact-detail-body"></pre>
+            </div>
+            <div class="projects-modal-footer projects-modal-footer--split">
+                <div class="projects-modal-footer-left">
+                    <button class="btn-secondary btn-small" type="button" id="fact-detail-link-vuln-btn" onclick="linkFactToExistingVulnerability()" hidden data-i18n="projects.linkVulnerability">关联漏洞</button>
+                    <button class="btn-secondary btn-small" type="button" id="fact-detail-create-vuln-btn" onclick="createVulnerabilityFromCurrentFact()" hidden data-i18n="projects.createVulnerabilityDraft">生成漏洞草稿</button>
+                </div>
+                <div class="projects-modal-footer-right">
+                    <button class="btn-secondary" type="button" onclick="closeFactDetailModal()" data-i18n="common.close">关闭</button>
+                    <button class="btn-primary" type="button" id="fact-detail-edit-btn" onclick="editFactFromDetail()" data-i18n="common.edit">编辑</button>
+                </div>
+            </div>
+        </div>
+    </div>
+
     <script src="https://cdn.jsdelivr.net/npm/i18next@23.11.5/i18next.min.js"></script>
     <script src="/static/js/i18n.js"></script>
     <script src="/static/js/builtin-tools.js"></script>
@@ -3733,6 +4231,7 @@
     <script src="/static/js/router.js"></script>
     <script src="/static/js/agents.js"></script>
     <script src="/static/js/dashboard.js"></script>
+    <script src="/static/js/chat-scroll.js"></script>
     <script src="/static/js/monitor.js"></script>
     <script src="/static/js/chat.js"></script>
     <script src="/static/js/hitl.js"></script>
@@ -3744,6 +4243,7 @@
     <script src="/static/js/terminal.js"></script>
     <script src="/static/js/knowledge.js"></script>
     <script src="/static/js/skills.js"></script>
+    <script src="/static/js/projects.js"></script>
     <script src="/static/js/vulnerability.js?v=12"></script>
     <script src="/static/js/webshell.js"></script>
     <script src="/static/js/chat-files.js"></script>