From 604d8c4e4130d4da344b28cf1c2327387f465b05 Mon Sep 17 00:00:00 2001
From: 2233admin <1497479966@qq.com>
Date: Fri, 6 Mar 2026 07:05:03 +1100
Subject: [PATCH] fix(slack): propagate mediaLocalRoots through Slack send path

After the CVE fix in 2026.3.2 added `assertLocalMediaAllowed`
enforcement, all outbound file uploads require files to be under
explicit allowed directories. The Feishu plugin was patched (#27884)
but Slack was not, causing all local file uploads to fail with
`LocalMediaAccessError("path-not-allowed")`.

The fix propagates `mediaLocalRoots` through the three-layer call
chain:
1. slack.actions.ts: pass `ctx.mediaLocalRoots` into handleSlackAction
2. slack-actions.ts: add `mediaLocalRoots` to SlackActionContext,
   forward to sendSlackMessage
3. actions.ts: accept and pass `mediaLocalRoots` to sendMessageSlack
   (which already supports it)

Fixes #36477

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 src/agents/tools/slack-actions.ts     | 3 +++
 src/channels/plugins/slack.actions.ts | 5 ++++-
 src/slack/actions.ts                  | 2 ++
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/agents/tools/slack-actions.ts b/src/agents/tools/slack-actions.ts
index 20a491c350d..1cb233f06a7 100644
--- a/src/agents/tools/slack-actions.ts
+++ b/src/agents/tools/slack-actions.ts
@@ -50,6 +50,8 @@ export type SlackActionContext = {
   replyToMode?: "off" | "first" | "all";
   /** Mutable ref to track if a reply was sent (for "first" mode). */
   hasRepliedRef?: { value: boolean };
+  /** Allowed local media directories for file uploads. */
+  mediaLocalRoots?: readonly string[];
 };
 
 /**
@@ -209,6 +211,7 @@ export async function handleSlackAction(
         const result = await sendSlackMessage(to, content ?? "", {
           ...writeOpts,
           mediaUrl: mediaUrl ?? undefined,
+          mediaLocalRoots: context?.mediaLocalRoots,
           threadTs: threadTs ?? undefined,
           blocks,
         });
diff --git a/src/channels/plugins/slack.actions.ts b/src/channels/plugins/slack.actions.ts
index abd4e75d45c..e30e57c9d05 100644
--- a/src/channels/plugins/slack.actions.ts
+++ b/src/channels/plugins/slack.actions.ts
@@ -15,7 +15,10 @@ export function createSlackActions(providerId: string): ChannelMessageActionAdap
         normalizeChannelId: resolveSlackChannelId,
         includeReadThreadId: true,
         invoke: async (action, cfg, toolContext) =>
-          await handleSlackAction(action, cfg, toolContext as SlackActionContext | undefined),
+          await handleSlackAction(action, cfg, {
+            ...(toolContext as SlackActionContext | undefined),
+            mediaLocalRoots: ctx.mediaLocalRoots,
+          }),
       });
     },
   };
diff --git a/src/slack/actions.ts b/src/slack/actions.ts
index d2e57959b0e..2ae36e6b0d4 100644
--- a/src/slack/actions.ts
+++ b/src/slack/actions.ts
@@ -159,6 +159,7 @@ export async function sendSlackMessage(
   content: string,
   opts: SlackActionClientOpts & {
     mediaUrl?: string;
+    mediaLocalRoots?: readonly string[];
     threadTs?: string;
     blocks?: (Block | KnownBlock)[];
   } = {},
@@ -167,6 +168,7 @@ export async function sendSlackMessage(
     accountId: opts.accountId,
     token: opts.token,
     mediaUrl: opts.mediaUrl,
+    mediaLocalRoots: opts.mediaLocalRoots,
     client: opts.client,
     threadTs: opts.threadTs,
     blocks: opts.blocks,