chore: sync VERSION file with release v1.1.242 [skip ci]

Merge pull request #844 from dadongwo/antigravity
feat: 实现 Antigravity OAuth 账户支持与路径分流
2026-01-23 20:44:49 +00:00 · 2025-12-26 05:59:55 +00:00 · 2025-12-26 00:59:42 -05:00 · 2025-12-26 00:59:29 -05:00 · 2025-12-25 20:02:26 +08:00
30 changed files with 1788 additions and 2648 deletions
--- a/.env.example
+++ b/.env.example
@@ -53,38 +53,20 @@ CLAUDE_BETA_HEADER=claude-code-20250219,oauth-2025-04-20,interleaved-thinking-20
 # - /antigravity/api  -> Antigravity OAuth
 # - /gemini-cli/api   -> Gemini CLI OAuth

-# ============================================================================
-# 🐛 调试 Dump 配置（可选）
-# ============================================================================
-# 以下开启后会在项目根目录写入 .jsonl 调试文件，便于排查问题。
-# ⚠️ 生产环境建议关闭，避免磁盘占用。
-#
-# 📄 输出文件列表：
-#   - anthropic-requests-dump.jsonl      (客户端请求)
-#   - anthropic-responses-dump.jsonl     (返回给客户端的响应)
-#   - anthropic-tools-dump.jsonl         (工具定义快照)
-#   - antigravity-upstream-requests-dump.jsonl   (发往上游的请求)
-#   - antigravity-upstream-responses-dump.jsonl  (上游 SSE 响应)
-#
-# 📌 开关配置：
+# （可选）Claude Code 调试 Dump：会在项目根目录写入 jsonl 文件，便于排查 tools/schema/回包问题
+# - anthropic-requests-dump.jsonl
+# - anthropic-responses-dump.jsonl
+# - anthropic-tools-dump.jsonl
 # ANTHROPIC_DEBUG_REQUEST_DUMP=true
-# ANTHROPIC_DEBUG_RESPONSE_DUMP=true
-# ANTHROPIC_DEBUG_TOOLS_DUMP=true
-# ANTIGRAVITY_DEBUG_UPSTREAM_REQUEST_DUMP=true
-# ANTIGRAVITY_DEBUG_UPSTREAM_RESPONSE_DUMP=true
-#
-# 📏 单条记录大小上限（字节），默认 2MB：
 # ANTHROPIC_DEBUG_REQUEST_DUMP_MAX_BYTES=2097152
+# ANTHROPIC_DEBUG_RESPONSE_DUMP=true
 # ANTHROPIC_DEBUG_RESPONSE_DUMP_MAX_BYTES=2097152
+# ANTHROPIC_DEBUG_TOOLS_DUMP=true
+#
+# （可选）Antigravity 上游请求 Dump：会在项目根目录写入 jsonl 文件，便于核对最终发往上游的 payload（含 tools/schema 清洗后的结果）
+# - antigravity-upstream-requests-dump.jsonl
+# ANTIGRAVITY_DEBUG_UPSTREAM_REQUEST_DUMP=true
 # ANTIGRAVITY_DEBUG_UPSTREAM_REQUEST_DUMP_MAX_BYTES=2097152
-#
-# 📦 整个 Dump 文件大小上限（字节），超过后自动轮转为 .bak 文件，默认 10MB：
-# DUMP_MAX_FILE_SIZE_BYTES=10485760
-#
-# 🔧 工具失败继续：当 tool_result 标记 is_error=true 时，提示模型不要中断任务
-# （仅 /antigravity/api 分流生效）
-# ANTHROPIC_TOOL_ERROR_CONTINUE=true
-

 # 🚫 529错误处理配置
 # 启用529错误处理，0表示禁用，>0表示过载状态持续时间（分钟）
@@ -184,3 +166,7 @@ DEFAULT_USER_ROLE=user
 USER_SESSION_TIMEOUT=86400000
 MAX_API_KEYS_PER_USER=1
 ALLOW_USER_DELETE_API_KEYS=false
+
+# Pass through incoming OpenAI-format system prompts to Claude.
+# Enable this when using generic OpenAI-compatible clients (e.g. MineContext) that rely on system prompts.
+# CRS_PASSTHROUGH_SYSTEM_PROMPT=true
--- a/README.md
+++ b/README.md
--- a/README_EN.md
+++ b/README_EN.md
@@ -1,124 +1,630 @@
-# Claude Relay Service (Antigravity Edition)
-
+# Claude Relay Service

 > [!CAUTION]
-> **Security Update**: v1.1.248 and below contain a critical admin authentication bypass vulnerability allowing unauthorized access to the admin panel.
+> **Security Update**: v1.1.240 and below contain a critical admin authentication bypass vulnerability allowing unauthorized access to the admin panel.
 >
-> **Please update to v1.1.249+ immediately**, or migrate to the next-generation project **[CRS 2.0 (sub2api)](https://github.com/Wei-Shaw/sub2api)**
+> **Please update to v1.1.241+ immediately**, or migrate to the next-generation project **[CRS 2.0 (sub2api)](https://github.com/Wei-Shaw/sub2api)**

 <div align="center">

-This fork focuses on:
- Native compatibility for `claude` (Claude Code CLI)
- Antigravity OAuth integration + path-based routing
- Better stability for streaming (SSE) workloads
- Optional request/response dumps for debugging
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+[![Node.js](https://img.shields.io/badge/Node.js-18+-green.svg)](https://nodejs.org/)
+[![Redis](https://img.shields.io/badge/Redis-6+-red.svg)](https://redis.io/)
+[![Docker](https://img.shields.io/badge/Docker-Ready-blue.svg)](https://www.docker.com/)
+
+**🔐 Self-hosted Claude API relay service with multi-account management** 
+
+[中文文档](README.md) • [Preview](https://demo.pincc.ai/admin-next/login) • [Telegram Channel](https://t.me/claude_relay_service)
+
+</div>

 ---

-## Highlights
+## ⭐ If You Find It Useful, Please Give It a Star!

- **Claude Code protocol compatibility**: `thoughtSignature` fallback + cache, tool_result passthrough, and message ordering fixes.
- **Antigravity OAuth**: account type `gemini-antigravity` with permission checks.
- **Path-based routing (Anthropic Messages API)**:
-  - `/api` -> Claude account pool (default)
-  - `/antigravity/api` -> Antigravity OAuth account pool
-  - `/gemini-cli/api` -> Gemini OAuth account pool
- **Stability**:
-  - Zombie stream watchdog (disconnect after 45s without valid data)
-  - Auto retry + account switching for Antigravity `429 Resource Exhausted` (streaming and non-streaming)
- **Observability**: JSONL dumps for request/response/tools/upstream (with size limit + rotation)
+> Open source is not easy, your Star is my motivation to continue updating 🚀  
+> Join [Telegram Channel](https://t.me/claude_relay_service) for the latest updates

 ---

-## Quick Start
+## ⚠️ Important Notice

-### Requirements
- Node.js 18+ (or Docker)
- Redis 6+/7+
+**Please read carefully before using this project:**

-### Docker Compose (recommended)
+🚨 **Terms of Service Risk**: Using this project may violate Anthropic's terms of service. Please carefully read Anthropic's user agreement before use. All risks from using this project are borne by the user.

+📖 **Disclaimer**: This project is for technical learning and research purposes only. The author is not responsible for any account bans, service interruptions, or other losses caused by using this project.
+
+## 🤔 Is This Project Right for You?
+
+- 🌍 **Regional Restrictions**: Can't directly access Claude Code service in your region?
+- 🔒 **Privacy Concerns**: Worried about third-party mirror services logging or leaking your conversation content?
+- 👥 **Cost Sharing**: Want to share Claude Code Max subscription costs with friends?
+- ⚡ **Stability Issues**: Third-party mirror sites often fail and are unstable, affecting efficiency?
+
+If you have any of these concerns, this project might be suitable for you.
+
+### Suitable Scenarios
+
+✅ **Cost Sharing with Friends**: 3-5 friends sharing Claude Code Max subscription, enjoying Opus freely  
+✅ **Privacy Sensitive**: Don't want third-party mirrors to see your conversation content  
+✅ **Technical Tinkering**: Have basic technical skills, willing to build and maintain yourself  
+✅ **Stability Needs**: Need long-term stable Claude access, don't want to be restricted by mirror sites  
+✅ **Regional Restrictions**: Cannot directly access Claude official service  
+
+### Unsuitable Scenarios
+
+❌ **Complete Beginner**: Don't understand technology at all, don't even know how to buy a server  
+❌ **Occasional Use**: Use it only a few times a month, not worth the hassle  
+❌ **Registration Issues**: Cannot register Claude account yourself  
+❌ **Payment Issues**: No payment method to subscribe to Claude Code  
+
+**If you're just an ordinary user with low privacy requirements, just want to casually play around and quickly experience Claude, then choosing a mirror site you're familiar with would be more suitable.**
+
+---
+
+## 💭 Why Build Your Own?
+
+### Potential Issues with Existing Mirror Sites
+
+- 🕵️ **Privacy Risk**: Your conversation content is completely visible to others, forget about business secrets
+- 🐌 **Performance Instability**: Slow when many people use it, often crashes during peak hours
+- 💰 **Price Opacity**: Don't know the actual costs
+
+### Benefits of Self-hosting
+
+- 🔐 **Data Security**: All API requests only go through your own server, direct connection to Anthropic API
+- ⚡ **Controllable Performance**: Only a few of you using it, Max $200 package basically allows you to enjoy Opus freely
+- 💰 **Cost Transparency**: Clear view of how many tokens used, specific costs calculated at official prices
+- 📊 **Complete Monitoring**: Usage statistics, cost analysis, performance monitoring all available
+
+---
+
+## 🚀 Core Features
+
+> 📸 **[Click to view interface preview](docs/preview.md)** - See detailed screenshots of the Web management interface
+
+### Basic Features
+- ✅ **Multi-account Management**: Add multiple Claude accounts for automatic rotation
+- ✅ **Custom API Keys**: Assign independent keys to each person
+- ✅ **Usage Statistics**: Detailed records of how many tokens each person used
+
+### Advanced Features
+- 🔄 **Smart Switching**: Automatically switch to next account when one has issues
+- 🚀 **Performance Optimization**: Connection pooling, caching to reduce latency
+- 📊 **Monitoring Dashboard**: Web interface to view all data
+- 🛡️ **Security Control**: Access restrictions, rate limiting
+- 🌐 **Proxy Support**: Support for HTTP/SOCKS5 proxies
+
+---
+
+## 📋 Deployment Requirements
+
+### Hardware Requirements (Minimum Configuration)
+- **CPU**: 1 core is sufficient
+- **Memory**: 512MB (1GB recommended)
+- **Storage**: 30GB available space
+- **Network**: Access to Anthropic API (recommend US region servers)
+- **Recommendation**: 2 cores 4GB is basically enough, choose network with good return routes to your country (to improve speed, recommend not using proxy or setting server IP for direct connection)
+
+### Software Requirements
+- **Node.js** 18 or higher
+- **Redis** 6 or higher
+- **Operating System**: Linux recommended
+
+### Cost Estimation
+- **Server**: Light cloud server, $5-10 per month
+- **Claude Subscription**: Depends on how you share costs
+- **Others**: Domain name (optional)
+
+---
+
+## 📦 Manual Deployment
+
+### Step 1: Environment Setup
+
+**Ubuntu/Debian users:**
 ```bash
-cp .env.example .env
-cp config/config.example.js config/config.js
+# Install Node.js
+curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
+sudo apt-get install -y nodejs

-# Edit .env at least:
-# JWT_SECRET=... (random string)
-# ENCRYPTION_KEY=... (32-char random string)
-
-docker-compose up -d
+# Install Redis
+sudo apt update
+sudo apt install redis-server
+sudo systemctl start redis-server
 ```

-### Node (no Docker)
+**CentOS/RHEL users:**
+```bash
+# Install Node.js
+curl -fsSL https://rpm.nodesource.com/setup_18.x | sudo bash -
+sudo yum install -y nodejs
+
+# Install Redis
+sudo yum install redis
+sudo systemctl start redis
+```
+
+### Step 2: Download and Configure

 ```bash
+# Download project
+git clone https://github.com/Wei-Shaw/claude-relay-service.git
+cd claude-relay-service
+
+# Install dependencies
 npm install
-cp .env.example .env
+
+# Copy configuration files (Important!)
 cp config/config.example.js config/config.js
-npm run setup
-npm run service:start:daemon
+cp .env.example .env
 ```

-### Admin UI
+### Step 3: Configuration File Setup

- URL: `http://<host>:3000/web`
- Initial credentials: generated by `npm run setup` and saved to `data/init.json` (Docker users can also inspect container logs).
+**Edit `.env` file:**
+```bash
+# Generate these two keys randomly, but remember them
+JWT_SECRET=your-super-secret-key
+ENCRYPTION_KEY=32-character-encryption-key-write-randomly
+
+# Redis configuration
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_PASSWORD=
+```
+
+**Edit `config/config.js` file:**
+```javascript
+module.exports = {
+  server: {
+    port: 3000,          // Service port, can be changed
+    host: '0.0.0.0'     // Don't change
+  },
+  redis: {
+    host: '127.0.0.1',  // Redis address
+    port: 6379          // Redis port
+  },
+  // Keep other configurations as default
+}
+```
+
+### Step 4: Start Service
+
+```bash
+# Initialize
+npm run setup # Will randomly generate admin account password info, stored in data/init.json
+
+# Start service
+npm run service:start:daemon   # Run in background (recommended)
+
+# Check status
+npm run service:status
+```

 ---

-## Using with Claude Code (CLI)
+## 🎮 Getting Started

-### Antigravity pool (recommended)
+### 1. Open Management Interface
+
+Browser visit: `http://your-server-IP:3000/web`
+
+Default admin account: Look in data/init.json
+
+### 2. Add Claude Account
+
+This step is quite important, requires OAuth authorization:
+
+1. Click "Claude Accounts" tab
+2. If you're worried about multiple accounts sharing 1 IP getting banned, you can optionally set a static proxy IP
+3. Click "Add Account"
+4. Click "Generate Authorization Link", will open a new page
+5. Complete Claude login and authorization in the new page
+6. Copy the returned Authorization Code
+7. Paste to page to complete addition
+
+**Note**: If you're in China, this step may require VPN.
+
+### 3. Create API Key
+
+Assign a key to each user:
+
+1. Click "API Keys" tab
+2. Click "Create New Key"
+3. Give the key a name, like "Zhang San's Key"
+4. Set usage limits (optional)
+5. Save, note down the generated key
+
+### 4. Start Using Claude Code and Gemini CLI
+
+Now you can replace the official API with your own service:
+
+**Claude Code Set Environment Variables:**
+
+Default uses standard Claude account pool (Claude/Console/Bedrock/CCR):

 ```bash
-export ANTHROPIC_BASE_URL="http://<host>:3000/antigravity/api/"
-export ANTHROPIC_AUTH_TOKEN="cr_xxxxxxxxxxxx"
+export ANTHROPIC_BASE_URL="http://127.0.0.1:3000/api/" # Fill in your server's IP address or domain
+export ANTHROPIC_AUTH_TOKEN="API key created in the backend"
+```
+
+If you want Claude Code to use Gemini OAuth accounts via the Anthropic protocol (path-based routing, no vendor prefix in `model`):
+
+Antigravity OAuth (supports `claude-opus-4-5` and other Antigravity models):
+
+```bash
+export ANTHROPIC_BASE_URL="http://127.0.0.1:3000/antigravity/api/"
+export ANTHROPIC_AUTH_TOKEN="API key created in the backend (permissions must be all or gemini)"
 export ANTHROPIC_MODEL="claude-opus-4-5"
-claude
 ```

-### Gemini pool
+Gemini CLI OAuth (Gemini models):

 ```bash
-export ANTHROPIC_BASE_URL="http://<host>:3000/gemini-cli/api/"
-export ANTHROPIC_AUTH_TOKEN="cr_xxxxxxxxxxxx"
+export ANTHROPIC_BASE_URL="http://127.0.0.1:3000/gemini-cli/api/"
+export ANTHROPIC_AUTH_TOKEN="API key created in the backend (permissions must be all or gemini)"
 export ANTHROPIC_MODEL="gemini-2.5-pro"
-claude
 ```

-### Standard Claude pool
+**VSCode Claude Plugin Configuration:**
+
+If using VSCode Claude plugin, configure in `~/.claude/config.json`:
+
+```json
+{
+    "primaryApiKey": "crs"
+}
+```
+
+If the file doesn't exist, create it manually. Windows users path is `C:\Users\YourUsername\.claude\config.json`.
+
+**Gemini CLI Set Environment Variables:**
+
+**Method 1 (Recommended): Via Gemini Assist API**
+
+Each account enjoys 1000 requests per day, 60 requests per minute free quota.
+
+```bash
+CODE_ASSIST_ENDPOINT="http://127.0.0.1:3000/gemini"  # Fill in your server's IP address or domain
+GOOGLE_CLOUD_ACCESS_TOKEN="API key created in the backend"
+GOOGLE_GENAI_USE_GCA="true"
+GEMINI_MODEL="gemini-2.5-pro"
+```
+
+> **Note**: gemini-cli console will show `Failed to fetch user info: 401 Unauthorized`, but this doesn't affect usage.
+
+**Method 2: Via Gemini API**
+
+Very limited free quota, easily triggers 429 errors.
+
+```bash
+GOOGLE_GEMINI_BASE_URL="http://127.0.0.1:3000/gemini"  # Fill in your server's IP address or domain
+GEMINI_API_KEY="API key created in the backend"
+GEMINI_MODEL="gemini-2.5-pro"
+```
+
+**Use Claude Code:**

 ```bash
-export ANTHROPIC_BASE_URL="http://<host>:3000/api/"
-export ANTHROPIC_AUTH_TOKEN="cr_xxxxxxxxxxxx"
 claude
 ```

+**Use Gemini CLI:**
+
+```bash
+gemini
+```
+
 ---

-## Antigravity Quota & Models
+## 🔧 Daily Maintenance

- Quota display: in Admin UI -> Accounts -> `gemini-antigravity` -> click **Test/Refresh**.
- Dynamic models list:
-  - Anthropic/Claude Code routing: `GET /antigravity/api/v1/models` (proxies Antigravity `fetchAvailableModels`)
-  - OpenAI-compatible routing: `GET /openai/gemini/models` (or `GET /openai/gemini/v1/models`)
+### Service Management
+
+```bash
+# Check service status
+npm run service:status
+
+# View logs
+npm run service:logs
+
+# Restart service
+npm run service:restart:daemon
+
+# Stop service
+npm run service:stop
+```
+
+### Monitor Usage
+
+- **Web Interface**: `http://your-domain:3000/web` - View usage statistics
+- **Health Check**: `http://your-domain:3000/health` - Confirm service is normal
+- **Log Files**: Various log files in `logs/` directory
+
+### Upgrade Guide
+
+When a new version is released, follow these steps to upgrade the service:
+
+```bash
+# 1. Navigate to project directory
+cd claude-relay-service
+
+# 2. Pull latest code
+git pull origin main
+
+# If you encounter package-lock.json conflicts, use the remote version
+git checkout --theirs package-lock.json
+git add package-lock.json
+
+# 3. Install new dependencies (if any)
+npm install
+
+# 4. Restart service
+npm run service:restart:daemon
+
+# 5. Check service status
+npm run service:status
+```
+
+**Important Notes:**
+- Before upgrading, it's recommended to backup important configuration files (.env, config/config.js)
+- Check the changelog to understand if there are any breaking changes
+- Database structure changes will be migrated automatically if needed
+
+### Common Issue Resolution
+
+**Can't connect to Redis?**
+```bash
+# Check if Redis is running
+redis-cli ping
+
+# Should return PONG
+```
+
+**OAuth authorization failed?**
+- Check if proxy settings are correct
+- Ensure normal access to claude.ai
+- Clear browser cache and retry
+
+**API request failed?**
+- Check if API Key is correct
+- View log files for error information
+- Confirm Claude account status is normal

 ---

-## Debug Dumps (optional)
+## 🛠️ Advanced Usage

-See `.env.example` for the full list. Common toggles:
+### Reverse Proxy Deployment Guide

- `ANTHROPIC_DEBUG_REQUEST_DUMP=true`
- `ANTHROPIC_DEBUG_RESPONSE_DUMP=true`
- `ANTIGRAVITY_DEBUG_UPSTREAM_REQUEST_DUMP=true`
- `ANTIGRAVITY_DEBUG_UPSTREAM_RESPONSE_DUMP=true`
- `DUMP_MAX_FILE_SIZE_BYTES=10485760`
+For production environments, it is recommended to use a reverse proxy for automatic HTTPS, security headers, and performance optimization. Two common solutions are provided below: **Caddy** and **Nginx Proxy Manager (NPM)**.

 ---

-## License
+## Caddy Solution

-This project is licensed under the [MIT License](LICENSE).
+Caddy is a web server that automatically manages HTTPS certificates, with simple configuration and excellent performance, ideal for deployments without Docker environments.

+**1. Install Caddy**
+
+```bash
+# Ubuntu/Debian
+sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
+sudo apt update
+sudo apt install caddy
+
+# CentOS/RHEL/Fedora
+sudo yum install yum-plugin-copr
+sudo yum copr enable @caddy/caddy
+sudo yum install caddy
+```
+
+**2. Caddy Configuration**
+
+Edit `/etc/caddy/Caddyfile`:
+
+```caddy
+your-domain.com {
+    # Reverse proxy to local service
+    reverse_proxy 127.0.0.1:3000 {
+        # Support streaming responses or SSE
+        flush_interval -1
+
+        # Pass real IP
+        header_up X-Real-IP {remote_host}
+        header_up X-Forwarded-For {remote_host}
+        header_up X-Forwarded-Proto {scheme}
+
+        # Long read/write timeout configuration
+        transport http {
+            read_timeout 300s
+            write_timeout 300s
+            dial_timeout 30s
+        }
+    }
+
+    # Security headers
+    header {
+        Strict-Transport-Security "max-age=31536000; includeSubDomains"
+        X-Frame-Options "DENY"
+        X-Content-Type-Options "nosniff"
+        -Server
+    }
+}
+```
+
+**3. Start Caddy**
+
+```bash
+sudo caddy validate --config /etc/caddy/Caddyfile
+sudo systemctl start caddy
+sudo systemctl enable caddy
+sudo systemctl status caddy
+```
+
+**4. Service Configuration**
+
+Since Caddy automatically manages HTTPS, you can restrict the service to listen locally only:
+
+```javascript
+// config/config.js
+module.exports = {
+  server: {
+    port: 3000,
+    host: '127.0.0.1' // Listen locally only
+  }
+}
+```
+
+**Caddy Features**
+
+* 🔒 Automatic HTTPS with zero-configuration certificate management
+* 🛡️ Secure default configuration with modern TLS suites
+* ⚡ HTTP/2 and streaming support
+* 🔧 Concise configuration files, easy to maintain
+
+---
+
+## Nginx Proxy Manager (NPM) Solution
+
+Nginx Proxy Manager manages reverse proxies and HTTPS certificates through a graphical interface, deployed as a Docker container.
+
+**1. Create a New Proxy Host in NPM**
+
+Configure the Details as follows:
+
+| Item                  | Setting                  |
+| --------------------- | ------------------------ |
+| Domain Names          | relay.example.com        |
+| Scheme                | http                     |
+| Forward Hostname / IP | 192.168.0.1 (docker host IP) |
+| Forward Port          | 3000                     |
+| Block Common Exploits | ☑️                       |
+| Websockets Support    | ❌ **Disable**            |
+| Cache Assets          | ❌ **Disable**            |
+| Access List           | Publicly Accessible      |
+
+> Note:
+> - Ensure Claude Relay Service **listens on `0.0.0.0`, container IP, or host IP** to allow NPM internal network connections.
+> - **Websockets Support and Cache Assets must be disabled**, otherwise SSE / streaming responses will fail.
+
+**2. Custom locations**
+
+No content needed, keep it empty.
+
+**3. SSL Settings**
+
+* **SSL Certificate**: Request a new SSL Certificate (Let's Encrypt) or existing certificate
+* ☑️ **Force SSL**
+* ☑️ **HTTP/2 Support**
+* ☑️ **HSTS Enabled**
+* ☑️ **HSTS Subdomains**
+
+**4. Advanced Configuration**
+
+Add the following to Custom Nginx Configuration:
+
+```nginx
+# Pass real user IP
+proxy_set_header X-Real-IP $remote_addr;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-Proto $scheme;
+
+# Support WebSocket / SSE streaming
+proxy_http_version 1.1;
+proxy_set_header Upgrade $http_upgrade;
+proxy_set_header Connection "upgrade";
+proxy_buffering off;
+
+# Long connection / timeout settings (for AI chat streaming)
+proxy_read_timeout 300s;
+proxy_send_timeout 300s;
+proxy_connect_timeout 30s;
+
+# ---- Security Settings ----
+# Strict HTTPS policy (HSTS)
+add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+# Block clickjacking and content sniffing
+add_header X-Frame-Options "DENY" always;
+add_header X-Content-Type-Options "nosniff" always;
+
+# Referrer / Permissions restriction policies
+add_header Referrer-Policy "no-referrer-when-downgrade" always;
+add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
+
+# Hide server information (equivalent to Caddy's `-Server`)
+proxy_hide_header Server;
+
+# ---- Performance Tuning ----
+# Disable proxy caching for real-time responses (SSE / Streaming)
+proxy_cache_bypass $http_upgrade;
+proxy_no_cache $http_upgrade;
+proxy_request_buffering off;
+```
+
+**5. Launch and Verify**
+
+* After saving, wait for NPM to automatically request Let's Encrypt certificate (if applicable).
+* Check Proxy Host status in Dashboard to ensure it shows "Online".
+* Visit `https://relay.example.com`, if the green lock icon appears, HTTPS is working properly.
+
+**NPM Features**
+
+* 🔒 Automatic certificate application and renewal
+* 🔧 Graphical interface for easy multi-service management
+* ⚡ Native HTTP/2 / HTTPS support
+* 🚀 Ideal for Docker container deployments
+
+---
+
+Both solutions are suitable for production deployment. If you use a Docker environment, **Nginx Proxy Manager is more convenient**; if you want to keep software lightweight and automated, **Caddy is a better choice**.
+
+---
+
+## 💡 Usage Recommendations
+
+### Account Management
+- **Regular Checks**: Check account status weekly, handle exceptions promptly
+- **Reasonable Allocation**: Can assign different API keys to different people, analyze usage based on different API keys
+
+### Security Recommendations
+- **Use HTTPS**: Strongly recommend using Caddy reverse proxy (automatic HTTPS) to ensure secure data transmission
+- **Regular Backups**: Back up important configurations and data
+- **Monitor Logs**: Regularly check exception logs
+- **Update Keys**: Regularly change JWT and encryption keys
+- **Firewall Settings**: Only open necessary ports (80, 443), hide direct service ports
+
+---
+
+## 🆘 What to Do When You Encounter Problems?
+
+### Self-troubleshooting
+1. **Check Logs**: Log files in `logs/` directory
+2. **Check Configuration**: Confirm configuration files are set correctly
+3. **Test Connectivity**: Use curl to test if API is normal
+4. **Restart Service**: Sometimes restarting fixes it
+
+### Seeking Help
+- **GitHub Issues**: Submit detailed error information
+- **Read Documentation**: Carefully read error messages and documentation
+- **Community Discussion**: See if others have encountered similar problems
+
+---
+
+## 📄 License
+This project uses the [MIT License](LICENSE).
+
+---
+
+<div align="center">
+
+**⭐ If you find it useful, please give it a Star, this is the greatest encouragement to the author!**
+
+**🤝 Feel free to submit Issues for problems, welcome PRs for improvement suggestions**
+
+</div>
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,21 +0,0 @@
-# Security Policy
-
-## Supported Versions
-
-Use this section to tell people about which versions of your project are
-currently being supported with security updates.
-
-| Version | Supported          |
-| ------- | ------------------ |
-| 5.1.x   | :white_check_mark: |
-| 5.0.x   | :x:                |
-| 4.0.x   | :white_check_mark: |
-| < 4.0   | :x:                |
-
-## Reporting a Vulnerability
-
-Use this section to tell people how to report a vulnerability.
-
-Tell them where to go, how often they can expect to get an update on a
-reported vulnerability, what to expect if the vulnerability is accepted or
-declined, etc.
--- a/2
+++ b/2
@@ -1 +1 @@
-1.1.253
+1.1.242
--- a/src/app.js
+++ b/src/app.js
@@ -179,7 +179,7 @@ class Application {
      // 🔧 基础中间件
      this.app.use(
        express.json({
-          limit: '100mb',
+          limit: '10mb',
          verify: (req, res, buf, encoding) => {
            // 验证JSON格式
            if (buf && buf.length && !buf.toString(encoding || 'utf8').trim()) {
@@ -188,7 +188,7 @@ class Application {
          }
        })
      )
-      this.app.use(express.urlencoded({ extended: true, limit: '100mb' }))
+      this.app.use(express.urlencoded({ extended: true, limit: '10mb' }))
      this.app.use(securityMiddleware)

      // 🎯 信任代理
--- a/src/middleware/auth.js
+++ b/src/middleware/auth.js
@@ -1434,6 +1434,7 @@ const authenticateAdmin = async (req, res, next) => {

    // 设置管理员信息（只包含必要信息）
    req.admin = {
+      id: adminSession.adminId || 'admin',
      username: adminSession.username,
      sessionId: token,
      loginTime: adminSession.loginTime
@@ -1566,25 +1567,17 @@ const authenticateUserOrAdmin = async (req, res, next) => {
      try {
        const adminSession = await redis.getSession(adminToken)
        if (adminSession && Object.keys(adminSession).length > 0) {
-          // 🔒 安全修复：验证会话必须字段（与 authenticateAdmin 保持一致）
-          if (!adminSession.username || !adminSession.loginTime) {
-            logger.security(
-              `🔒 Corrupted admin session in authenticateUserOrAdmin from ${req.ip || 'unknown'} - missing required fields (username: ${!!adminSession.username}, loginTime: ${!!adminSession.loginTime})`
-            )
-            await redis.deleteSession(adminToken) // 清理无效/伪造的会话
-            // 不返回 401，继续尝试用户认证
-          } else {
-            req.admin = {
-              username: adminSession.username,
-              sessionId: adminToken,
-              loginTime: adminSession.loginTime
-            }
-            req.userType = 'admin'
-
-            const authDuration = Date.now() - startTime
-            logger.security(`🔐 Admin authenticated: ${adminSession.username} in ${authDuration}ms`)
-            return next()
+          req.admin = {
+            id: adminSession.adminId || 'admin',
+            username: adminSession.username,
+            sessionId: adminToken,
+            loginTime: adminSession.loginTime
          }
+          req.userType = 'admin'
+
+          const authDuration = Date.now() - startTime
+          logger.security(`🔐 Admin authenticated: ${adminSession.username} in ${authDuration}ms`)
+          return next()
        }
      } catch (error) {
        logger.debug('Admin authentication failed, trying user authentication:', error.message)
@@ -2050,7 +2043,7 @@ const globalRateLimit = async (req, res, next) =>

 // 📊 请求大小限制中间件
 const requestSizeLimit = (req, res, next) => {
-  const MAX_SIZE_MB = parseInt(process.env.REQUEST_MAX_SIZE_MB || '100', 10)
+  const MAX_SIZE_MB = parseInt(process.env.REQUEST_MAX_SIZE_MB || '60', 10)
  const maxSize = MAX_SIZE_MB * 1024 * 1024
  const contentLength = parseInt(req.headers['content-length'] || '0')

@@ -2059,7 +2052,7 @@ const requestSizeLimit = (req, res, next) => {
    return res.status(413).json({
      error: 'Payload Too Large',
      message: 'Request body size exceeds limit',
-      limit: `${MAX_SIZE_MB}MB`
+      limit: '10MB'
    })
  }

--- a/src/routes/api.js
+++ b/src/routes/api.js
@@ -122,18 +122,12 @@ async function handleMessagesRequest(req, res) {
  try {
    const startTime = Date.now()

-    const forcedVendor = req._anthropicVendor || null
-    const requiredService =
-      forcedVendor === 'gemini-cli' || forcedVendor === 'antigravity' ? 'gemini' : 'claude'
-
-    if (!apiKeyService.hasPermission(req.apiKey?.permissions, requiredService)) {
+    // Claude 服务权限校验，阻止未授权的 Key
+    if (!apiKeyService.hasPermission(req.apiKey.permissions, 'claude')) {
      return res.status(403).json({
        error: {
          type: 'permission_error',
-          message:
-            requiredService === 'gemini'
-              ? '此 API Key 无权访问 Gemini 服务'
-              : '此 API Key 无权访问 Claude 服务'
+          message: '此 API Key 无权访问 Claude 服务'
        }
      })
    }
@@ -182,6 +176,7 @@ async function handleMessagesRequest(req, res) {
      }
    }

+    const forcedVendor = req._anthropicVendor || null
    logger.api('📥 /v1/messages request received', {
      model: req.body.model || null,
      forcedVendor,
@@ -197,10 +192,34 @@ async function handleMessagesRequest(req, res) {

    // /v1/messages 的扩展：按路径强制分流到 Gemini OAuth 账户（避免 model 前缀混乱）
    if (forcedVendor === 'gemini-cli' || forcedVendor === 'antigravity') {
+      const permissions = req.apiKey?.permissions || 'all'
+      if (permissions !== 'all' && permissions !== 'gemini') {
+        return res.status(403).json({
+          error: {
+            type: 'permission_error',
+            message: '此 API Key 无权访问 Gemini 服务'
+          }
+        })
+      }
+
      const baseModel = (req.body.model || '').trim()
      return await handleAnthropicMessagesToGemini(req, res, { vendor: forcedVendor, baseModel })
    }

+    // Claude 服务权限校验，阻止未授权的 Key（默认路径保持不变）
+    if (
+      req.apiKey.permissions &&
+      req.apiKey.permissions !== 'all' &&
+      req.apiKey.permissions !== 'claude'
+    ) {
+      return res.status(403).json({
+        error: {
+          type: 'permission_error',
+          message: '此 API Key 无权访问 Claude 服务'
+        }
+      })
+    }
+
    // 检查是否为流式请求
    const isStream = req.body.stream === true

@@ -1231,7 +1250,8 @@ router.get('/v1/models', authenticateApiKey, async (req, res) => {
    //（通过 v1internal:fetchAvailableModels），避免依赖静态 modelService 列表。
    const forcedVendor = req._anthropicVendor || null
    if (forcedVendor === 'antigravity') {
-      if (!apiKeyService.hasPermission(req.apiKey?.permissions, 'gemini')) {
+      const permissions = req.apiKey?.permissions || 'all'
+      if (permissions !== 'all' && permissions !== 'gemini') {
        return res.status(403).json({
          error: {
            type: 'permission_error',
@@ -1424,25 +1444,34 @@ router.get('/v1/organizations/:org_id/usage', authenticateApiKey, async (req, re
 router.post('/v1/messages/count_tokens', authenticateApiKey, async (req, res) => {
  // 按路径强制分流到 Gemini OAuth 账户（避免 model 前缀混乱）
  const forcedVendor = req._anthropicVendor || null
-  const requiredService =
-    forcedVendor === 'gemini-cli' || forcedVendor === 'antigravity' ? 'gemini' : 'claude'
+  if (forcedVendor === 'gemini-cli' || forcedVendor === 'antigravity') {
+    const permissions = req.apiKey?.permissions || 'all'
+    if (permissions !== 'all' && permissions !== 'gemini') {
+      return res.status(403).json({
+        error: {
+          type: 'permission_error',
+          message: 'This API key does not have permission to access Gemini'
+        }
+      })
+    }

-  if (!apiKeyService.hasPermission(req.apiKey?.permissions, requiredService)) {
+    return await handleAnthropicCountTokensToGemini(req, res, { vendor: forcedVendor })
+  }
+
+  // 检查权限
+  if (
+    req.apiKey.permissions &&
+    req.apiKey.permissions !== 'all' &&
+    req.apiKey.permissions !== 'claude'
+  ) {
    return res.status(403).json({
      error: {
        type: 'permission_error',
-        message:
-          requiredService === 'gemini'
-            ? 'This API key does not have permission to access Gemini'
-            : 'This API key does not have permission to access Claude'
+        message: 'This API key does not have permission to access Claude'
      }
    })
  }

-  if (requiredService === 'gemini') {
-    return await handleAnthropicCountTokensToGemini(req, res, { vendor: forcedVendor })
-  }
-
  // 🔗 会话绑定验证（与 messages 端点保持一致）
  const originalSessionId = claudeRelayConfigService.extractOriginalSessionId(req.body)
  const sessionValidation = await claudeRelayConfigService.validateNewSession(
--- a/src/routes/openaiClaudeRoutes.js
+++ b/src/routes/openaiClaudeRoutes.js
@@ -402,29 +402,16 @@ async function handleChatCompletion(req, res, apiKeyData) {
    const duration = Date.now() - startTime
    logger.info(`✅ OpenAI-Claude request completed in ${duration}ms`)
  } catch (error) {
-    // 客户端主动断开连接是正常情况，使用 INFO 级别
-    if (error.message === 'Client disconnected') {
-      logger.info('🔌 OpenAI-Claude stream ended: Client disconnected')
-    } else {
-      logger.error('❌ OpenAI-Claude request error:', error)
-    }
+    logger.error('❌ OpenAI-Claude request error:', error)

-    // 检查响应是否已发送（流式响应场景），避免 ERR_HTTP_HEADERS_SENT
-    if (!res.headersSent) {
-      // 客户端断开使用 499 状态码 (Client Closed Request)
-      if (error.message === 'Client disconnected') {
-        res.status(499).end()
-      } else {
-        const status = error.status || 500
-        res.status(status).json({
-          error: {
-            message: error.message || 'Internal server error',
-            type: 'server_error',
-            code: 'internal_error'
-          }
-        })
+    const status = error.status || 500
+    res.status(status).json({
+      error: {
+        message: error.message || 'Internal server error',
+        type: 'server_error',
+        code: 'internal_error'
      }
-    }
+    })
  } finally {
    // 清理资源
    if (abortController) {
--- a/src/routes/openaiGeminiRoutes.js
+++ b/src/routes/openaiGeminiRoutes.js
@@ -673,24 +673,17 @@ router.post('/v1/chat/completions', authenticateApiKey, async (req, res) => {
      }
    }

-    // 检查响应是否已发送（流式响应场景），避免 ERR_HTTP_HEADERS_SENT
-    if (!res.headersSent) {
-      // 客户端断开使用 499 状态码 (Client Closed Request)
-      if (error.message === 'Client disconnected') {
-        res.status(499).end()
-      } else {
-        // 返回 OpenAI 格式的错误响应
-        const status = error.status || 500
-        const errorResponse = {
-          error: error.error || {
-            message: error.message || 'Internal server error',
-            type: 'server_error',
-            code: 'internal_error'
-          }
-        }
-        res.status(status).json(errorResponse)
+    // 返回 OpenAI 格式的错误响应
+    const status = error.status || 500
+    const errorResponse = {
+      error: error.error || {
+        message: error.message || 'Internal server error',
+        type: 'server_error',
+        code: 'internal_error'
      }
    }
+
+    res.status(status).json(errorResponse)
  } finally {
    // 清理资源
    if (abortController) {
@@ -700,8 +693,8 @@ router.post('/v1/chat/completions', authenticateApiKey, async (req, res) => {
  return undefined
 })

-// 获取可用模型列表的共享处理器
-async function handleGetModels(req, res) {
+// OpenAI 兼容的模型列表端点
+router.get('/v1/models', authenticateApiKey, async (req, res) => {
  try {
    const apiKeyData = req.apiKey

@@ -789,13 +782,8 @@ async function handleGetModels(req, res) {
      }
    })
  }
-}
-
-// OpenAI 兼容的模型列表端点 (带 v1 版)
-router.get('/v1/models', authenticateApiKey, handleGetModels)
-
-// OpenAI 兼容的模型列表端点 (根路径版，方便第三方加载)
-router.get('/models', authenticateApiKey, handleGetModels)
+  return undefined
+})

 // OpenAI 兼容的模型详情端点
 router.get('/v1/models/:model', authenticateApiKey, async (req, res) => {
--- a/src/routes/unified.js
+++ b/src/routes/unified.js
@@ -46,11 +46,11 @@ async function routeToBackend(req, res, requestedModel) {
  logger.info(`🔀 Routing request - Model: ${requestedModel}, Backend: ${backend}`)

  // 检查权限
-  const { permissions } = req.apiKey
+  const permissions = req.apiKey.permissions || 'all'

  if (backend === 'claude') {
    // Claude 后端：通过 OpenAI 兼容层
-    if (!apiKeyService.hasPermission(permissions, 'claude')) {
+    if (permissions !== 'all' && permissions !== 'claude') {
      return res.status(403).json({
        error: {
          message: 'This API key does not have permission to access Claude',
@@ -62,7 +62,7 @@ async function routeToBackend(req, res, requestedModel) {
    await handleChatCompletion(req, res, req.apiKey)
  } else if (backend === 'openai') {
    // OpenAI 后端
-    if (!apiKeyService.hasPermission(permissions, 'openai')) {
+    if (permissions !== 'all' && permissions !== 'openai') {
      return res.status(403).json({
        error: {
          message: 'This API key does not have permission to access OpenAI',
--- a/src/services/accountBalanceService.js
+++ b/src/services/accountBalanceService.js
@@ -270,7 +270,7 @@ class AccountBalanceService {
  }

  async _getAccountBalanceForAccount(account, platform, options = {}) {
-    const queryMode = this._parseQueryMode(options.queryApi)
+    const queryApi = this._parseBoolean(options.queryApi) || false
    const useCache = options.useCache !== false

    const accountId = account?.id
@@ -297,14 +297,8 @@ class AccountBalanceService {

    const quotaFromLocal = this._buildQuotaFromLocal(account, localStatistics)

-    // 安全限制：queryApi=auto 仅用于 Antigravity（gemini + oauthProvider=antigravity）账户
-    const effectiveQueryMode =
-      queryMode === 'auto' && !(platform === 'gemini' && account?.oauthProvider === 'antigravity')
-        ? 'local'
-        : queryMode
-
-    // local: 仅本地统计/缓存；auto: 优先缓存，无缓存则尝试远程 Provider（并缓存结果）
-    if (effectiveQueryMode !== 'api') {
+    // 非强制查询：优先读缓存
+    if (!queryApi) {
      if (useCache) {
        const cached = await this.redis.getAccountBalance(platform, accountId)
        if (cached && cached.status === 'success') {
@@ -327,24 +321,22 @@ class AccountBalanceService {
        }
      }

-      if (effectiveQueryMode === 'local') {
-        return this._buildResponse(
-          {
-            status: 'success',
-            errorMessage: null,
-            balance: quotaFromLocal.balance,
-            currency: quotaFromLocal.currency || 'USD',
-            quota: quotaFromLocal.quota,
-            statistics: localStatistics,
-            lastRefreshAt: localBalance.lastCalculated
-          },
-          accountId,
-          platform,
-          'local',
-          null,
-          scriptMeta
-        )
-      }
+      return this._buildResponse(
+        {
+          status: 'success',
+          errorMessage: null,
+          balance: quotaFromLocal.balance,
+          currency: quotaFromLocal.currency || 'USD',
+          quota: quotaFromLocal.quota,
+          statistics: localStatistics,
+          lastRefreshAt: localBalance.lastCalculated
+        },
+        accountId,
+        platform,
+        'local',
+        null,
+        scriptMeta
+      )
    }

    // 强制查询：优先脚本（如启用且已配置），否则调用 Provider；失败自动降级到本地统计
@@ -731,14 +723,6 @@ class AccountBalanceService {
    return null
  }

-  _parseQueryMode(value) {
-    if (value === 'auto') {
-      return 'auto'
-    }
-    const parsed = this._parseBoolean(value)
-    return parsed ? 'api' : 'local'
-  }
-
  async _mapWithConcurrency(items, limit, mapper) {
    const concurrency = Math.max(1, Number(limit) || 1)
    const list = Array.isArray(items) ? items : []
--- a/src/services/anthropicGeminiBridgeService.js
+++ b/src/services/anthropicGeminiBridgeService.js
--- a/src/services/antigravityClient.js
+++ b/src/services/antigravityClient.js
@@ -304,11 +304,6 @@ async function request({
  }

  const isRetryable = (error) => {
-    // 处理网络层面的连接重置或超时（常见于长请求被中间节点切断）
-    if (error.code === 'ECONNRESET' || error.code === 'ETIMEDOUT') {
-      return true
-    }
-
    const status = error?.response?.status
    if (status === 429) {
      return true
@@ -434,37 +429,7 @@ async function request({
    const status = error?.response?.status
    if (status === 429 && !retriedAfterDelay && !signal?.aborted) {
      const data = error?.response?.data
-
-      // 安全地将 data 转为字符串，避免 stream 对象导致循环引用崩溃
-      const safeDataToString = (value) => {
-        if (typeof value === 'string') {
-          return value
-        }
-        if (value === null || value === undefined) {
-          return ''
-        }
-        // stream 对象存在循环引用，不能 JSON.stringify
-        if (typeof value === 'object' && typeof value.pipe === 'function') {
-          return ''
-        }
-        if (Buffer.isBuffer(value)) {
-          try {
-            return value.toString('utf8')
-          } catch (_) {
-            return ''
-          }
-        }
-        if (typeof value === 'object') {
-          try {
-            return JSON.stringify(value)
-          } catch (_) {
-            return ''
-          }
-        }
-        return String(value)
-      }
-
-      const msg = safeDataToString(data)
+      const msg = typeof data === 'string' ? data : JSON.stringify(data || '')
      if (
        msg.toLowerCase().includes('resource_exhausted') ||
        msg.toLowerCase().includes('no capacity')
--- a/src/services/balanceProviders/geminiBalanceProvider.js
+++ b/src/services/balanceProviders/geminiBalanceProvider.js
@@ -1,250 +0,0 @@
-const BaseBalanceProvider = require('./baseBalanceProvider')
-const antigravityClient = require('../antigravityClient')
-const geminiAccountService = require('../geminiAccountService')
-
-const OAUTH_PROVIDER_ANTIGRAVITY = 'antigravity'
-
-function clamp01(value) {
-  if (typeof value !== 'number' || !Number.isFinite(value)) {
-    return null
-  }
-  if (value < 0) {
-    return 0
-  }
-  if (value > 1) {
-    return 1
-  }
-  return value
-}
-
-function round2(value) {
-  if (typeof value !== 'number' || !Number.isFinite(value)) {
-    return null
-  }
-  return Math.round(value * 100) / 100
-}
-
-function normalizeQuotaCategory(displayName, modelId) {
-  const name = String(displayName || '')
-  const id = String(modelId || '')
-
-  if (name.includes('Gemini') && name.includes('Pro')) {
-    return 'Gemini Pro'
-  }
-  if (name.includes('Gemini') && name.includes('Flash')) {
-    return 'Gemini Flash'
-  }
-  if (name.includes('Gemini') && name.toLowerCase().includes('image')) {
-    return 'Gemini Image'
-  }
-
-  if (name.includes('Claude') || name.includes('GPT-OSS')) {
-    return 'Claude'
-  }
-
-  if (id.startsWith('gemini-3-pro-') || id.startsWith('gemini-2.5-pro')) {
-    return 'Gemini Pro'
-  }
-  if (id.startsWith('gemini-3-flash') || id.startsWith('gemini-2.5-flash')) {
-    return 'Gemini Flash'
-  }
-  if (id.includes('image')) {
-    return 'Gemini Image'
-  }
-  if (id.includes('claude') || id.includes('gpt-oss')) {
-    return 'Claude'
-  }
-
-  return name || id || 'Unknown'
-}
-
-function buildAntigravityQuota(modelsResponse) {
-  const models = modelsResponse && typeof modelsResponse === 'object' ? modelsResponse.models : null
-
-  if (!models || typeof models !== 'object') {
-    return null
-  }
-
-  const parseRemainingFraction = (quotaInfo) => {
-    if (!quotaInfo || typeof quotaInfo !== 'object') {
-      return null
-    }
-
-    const raw =
-      quotaInfo.remainingFraction ??
-      quotaInfo.remaining_fraction ??
-      quotaInfo.remaining ??
-      undefined
-
-    const num = typeof raw === 'number' ? raw : typeof raw === 'string' ? Number(raw) : NaN
-    if (!Number.isFinite(num)) {
-      return null
-    }
-
-    return clamp01(num)
-  }
-
-  const allowedCategories = new Set(['Gemini Pro', 'Claude', 'Gemini Flash', 'Gemini Image'])
-  const fixedOrder = ['Gemini Pro', 'Claude', 'Gemini Flash', 'Gemini Image']
-
-  const categoryMap = new Map()
-
-  for (const [modelId, modelDataRaw] of Object.entries(models)) {
-    if (!modelDataRaw || typeof modelDataRaw !== 'object') {
-      continue
-    }
-
-    const displayName = modelDataRaw.displayName || modelDataRaw.display_name || modelId
-    const quotaInfo = modelDataRaw.quotaInfo || modelDataRaw.quota_info || null
-
-    const remainingFraction = parseRemainingFraction(quotaInfo)
-    if (remainingFraction === null) {
-      continue
-    }
-
-    const remainingPercent = round2(remainingFraction * 100)
-    const usedPercent = round2(100 - remainingPercent)
-    const resetAt = quotaInfo?.resetTime || quotaInfo?.reset_time || null
-
-    const category = normalizeQuotaCategory(displayName, modelId)
-    if (!allowedCategories.has(category)) {
-      continue
-    }
-    const entry = {
-      category,
-      modelId,
-      displayName: String(displayName || modelId || category),
-      remainingPercent,
-      usedPercent,
-      resetAt: typeof resetAt === 'string' && resetAt.trim() ? resetAt : null
-    }
-
-    const existing = categoryMap.get(category)
-    if (!existing || entry.remainingPercent < existing.remainingPercent) {
-      categoryMap.set(category, entry)
-    }
-  }
-
-  const buckets = fixedOrder.map((category) => {
-    const existing = categoryMap.get(category) || null
-    if (existing) {
-      return existing
-    }
-    return {
-      category,
-      modelId: '',
-      displayName: category,
-      remainingPercent: null,
-      usedPercent: null,
-      resetAt: null
-    }
-  })
-
-  if (buckets.length === 0) {
-    return null
-  }
-
-  const critical = buckets
-    .filter((item) => item.remainingPercent !== null)
-    .reduce((min, item) => {
-      if (!min) {
-        return item
-      }
-      return (item.remainingPercent ?? 0) < (min.remainingPercent ?? 0) ? item : min
-    }, null)
-
-  if (!critical) {
-    return null
-  }
-
-  return {
-    balance: null,
-    currency: 'USD',
-    quota: {
-      type: 'antigravity',
-      total: 100,
-      used: critical.usedPercent,
-      remaining: critical.remainingPercent,
-      percentage: critical.usedPercent,
-      resetAt: critical.resetAt,
-      buckets: buckets.map((item) => ({
-        category: item.category,
-        remaining: item.remainingPercent,
-        used: item.usedPercent,
-        percentage: item.usedPercent,
-        resetAt: item.resetAt
-      }))
-    },
-    queryMethod: 'api',
-    rawData: {
-      modelsCount: Object.keys(models).length,
-      bucketCount: buckets.length
-    }
-  }
-}
-
-class GeminiBalanceProvider extends BaseBalanceProvider {
-  constructor() {
-    super('gemini')
-  }
-
-  async queryBalance(account) {
-    const oauthProvider = account?.oauthProvider
-    if (oauthProvider !== OAUTH_PROVIDER_ANTIGRAVITY) {
-      if (account && Object.prototype.hasOwnProperty.call(account, 'dailyQuota')) {
-        return this.readQuotaFromFields(account)
-      }
-      return { balance: null, currency: 'USD', queryMethod: 'local' }
-    }
-
-    const accessToken = String(account?.accessToken || '').trim()
-    const refreshToken = String(account?.refreshToken || '').trim()
-    const proxyConfig = account?.proxyConfig || account?.proxy || null
-
-    if (!accessToken) {
-      throw new Error('Antigravity 账户缺少 accessToken')
-    }
-
-    const fetch = async (token) =>
-      await antigravityClient.fetchAvailableModels({
-        accessToken: token,
-        proxyConfig
-      })
-
-    let data
-    try {
-      data = await fetch(accessToken)
-    } catch (error) {
-      const status = error?.response?.status
-      if ((status === 401 || status === 403) && refreshToken) {
-        const refreshed = await geminiAccountService.refreshAccessToken(
-          refreshToken,
-          proxyConfig,
-          OAUTH_PROVIDER_ANTIGRAVITY
-        )
-        const nextToken = String(refreshed?.access_token || '').trim()
-        if (!nextToken) {
-          throw error
-        }
-        data = await fetch(nextToken)
-      } else {
-        throw error
-      }
-    }
-
-    const mapped = buildAntigravityQuota(data)
-    if (!mapped) {
-      return {
-        balance: null,
-        currency: 'USD',
-        quota: null,
-        queryMethod: 'api',
-        rawData: data || null
-      }
-    }
-
-    return mapped
-  }
-}
-
-module.exports = GeminiBalanceProvider
--- a/src/services/balanceProviders/index.js
+++ b/src/services/balanceProviders/index.js
@@ -2,7 +2,6 @@ const ClaudeBalanceProvider = require('./claudeBalanceProvider')
 const ClaudeConsoleBalanceProvider = require('./claudeConsoleBalanceProvider')
 const OpenAIResponsesBalanceProvider = require('./openaiResponsesBalanceProvider')
 const GenericBalanceProvider = require('./genericBalanceProvider')
-const GeminiBalanceProvider = require('./geminiBalanceProvider')

 function registerAllProviders(balanceService) {
  // Claude
@@ -15,7 +14,7 @@ function registerAllProviders(balanceService) {
  balanceService.registerProvider('azure_openai', new GenericBalanceProvider('azure_openai'))

  // 其他平台（降级）
-  balanceService.registerProvider('gemini', new GeminiBalanceProvider())
+  balanceService.registerProvider('gemini', new GenericBalanceProvider('gemini'))
  balanceService.registerProvider('gemini-api', new GenericBalanceProvider('gemini-api'))
  balanceService.registerProvider('bedrock', new GenericBalanceProvider('bedrock'))
  balanceService.registerProvider('droid', new GenericBalanceProvider('droid'))
--- a/src/services/balanceScriptService.js
+++ b/src/services/balanceScriptService.js
@@ -2,50 +2,6 @@ const vm = require('vm')
 const axios = require('axios')
 const { isBalanceScriptEnabled } = require('../utils/featureFlags')

-/**
- * SSRF防护：检查URL是否访问内网或敏感地址
- * @param {string} url - 要检查的URL
- * @returns {boolean} - true表示URL安全
- */
-function isUrlSafe(url) {
-  try {
-    const parsed = new URL(url)
-    const hostname = parsed.hostname.toLowerCase()
-
-    // 禁止的协议
-    if (!['http:', 'https:'].includes(parsed.protocol)) {
-      return false
-    }
-
-    // 禁止访问localhost和私有IP
-    const privatePatterns = [
-      /^localhost$/i,
-      /^127\./,
-      /^10\./,
-      /^172\.(1[6-9]|2[0-9]|3[0-1])\./,
-      /^192\.168\./,
-      /^169\.254\./, // AWS metadata
-      /^0\./, // 0.0.0.0
-      /^::1$/,
-      /^fc00:/i,
-      /^fe80:/i,
-      /\.local$/i,
-      /\.internal$/i,
-      /\.localhost$/i
-    ]
-
-    for (const pattern of privatePatterns) {
-      if (pattern.test(hostname)) {
-        return false
-      }
-    }
-
-    return true
-  } catch {
-    return false
-  }
-}
-
 /**
 * 可配置脚本余额查询执行器
 * - 脚本格式：({ request: {...}, extractor: function(response){...} })
@@ -99,11 +55,6 @@ class BalanceScriptService {
      throw new Error('脚本 request.url 不能为空')
    }

-    // SSRF防护：验证URL安全性
-    if (!isUrlSafe(request.url)) {
-      throw new Error('脚本 request.url 不安全：禁止访问内网地址、localhost或使用非HTTP(S)协议')
-    }
-
    if (typeof extractor !== 'function') {
      throw new Error('脚本 extractor 必须是函数')
    }
--- a/src/services/openaiToClaude.js
+++ b/src/services/openaiToClaude.js
@@ -36,15 +36,28 @@ class OpenAIToClaudeConverter {

    // 如果 OpenAI 请求中包含系统消息,提取并检查
    const systemMessage = this._extractSystemMessage(openaiRequest.messages)
-    if (systemMessage && systemMessage.includes('You are currently in Xcode')) {
-      // Xcode 系统提示词
+
+    const passThroughSystemPrompt =
+      String(process.env.CRS_PASSTHROUGH_SYSTEM_PROMPT || '').toLowerCase() === 'true'
+
+    if (
+      systemMessage &&
+      (passThroughSystemPrompt || systemMessage.includes('You are currently in Xcode'))
+    ) {
      claudeRequest.system = systemMessage
-      logger.info(
-        `🔍 Xcode request detected, using Xcode system prompt (${systemMessage.length} chars)`
-      )
+
+      if (systemMessage.includes('You are currently in Xcode')) {
+        logger.info(
+          `🔍 Xcode request detected, using Xcode system prompt (${systemMessage.length} chars)`
+        )
+      } else {
+        logger.info(
+          `🧩 Using caller-provided system prompt (${systemMessage.length} chars) because CRS_PASSTHROUGH_SYSTEM_PROMPT=true`
+        )
+      }
      logger.debug(`📋 System prompt preview: ${systemMessage.substring(0, 150)}...`)
    } else {
-      // 使用 Claude Code 默认系统提示词
+      // 默认行为：兼容 Claude Code（忽略外部 system）
      claudeRequest.system = claudeCodeSystemMessage
      logger.debug(
        `📋 Using Claude Code default system prompt${systemMessage ? ' (ignored custom prompt)' : ''}`
--- a/src/services/rateLimitCleanupService.js
+++ b/src/services/rateLimitCleanupService.js
@@ -72,8 +72,7 @@ class RateLimitCleanupService {
      const results = {
        openai: { checked: 0, cleared: 0, errors: [] },
        claude: { checked: 0, cleared: 0, errors: [] },
-        claudeConsole: { checked: 0, cleared: 0, errors: [] },
-        tokenRefresh: { checked: 0, refreshed: 0, errors: [] }
+        claudeConsole: { checked: 0, cleared: 0, errors: [] }
      }

      // 清理 OpenAI 账号
@@ -85,29 +84,21 @@ class RateLimitCleanupService {
      // 清理 Claude Console 账号
      await this.cleanupClaudeConsoleAccounts(results.claudeConsole)

-      // 主动刷新等待重置的 Claude 账户 Token（防止 5小时/7天 等待期间 Token 过期）
-      await this.proactiveRefreshClaudeTokens(results.tokenRefresh)
-
      const totalChecked =
        results.openai.checked + results.claude.checked + results.claudeConsole.checked
      const totalCleared =
        results.openai.cleared + results.claude.cleared + results.claudeConsole.cleared
      const duration = Date.now() - startTime

-      if (totalCleared > 0 || results.tokenRefresh.refreshed > 0) {
+      if (totalCleared > 0) {
        logger.info(
-          `✅ Rate limit cleanup completed: ${totalCleared}/${totalChecked} accounts cleared, ${results.tokenRefresh.refreshed} tokens refreshed (${duration}ms)`
+          `✅ Rate limit cleanup completed: ${totalCleared} accounts cleared out of ${totalChecked} checked (${duration}ms)`
        )
        logger.info(`   OpenAI: ${results.openai.cleared}/${results.openai.checked}`)
        logger.info(`   Claude: ${results.claude.cleared}/${results.claude.checked}`)
        logger.info(
          `   Claude Console: ${results.claudeConsole.cleared}/${results.claudeConsole.checked}`
        )
-        if (results.tokenRefresh.checked > 0 || results.tokenRefresh.refreshed > 0) {
-          logger.info(
-            `   Token Refresh: ${results.tokenRefresh.refreshed}/${results.tokenRefresh.checked} refreshed`
-          )
-        }

        // 发送 webhook 恢复通知
        if (this.clearedAccounts.length > 0) {
@@ -123,8 +114,7 @@ class RateLimitCleanupService {
      const allErrors = [
        ...results.openai.errors,
        ...results.claude.errors,
-        ...results.claudeConsole.errors,
-        ...results.tokenRefresh.errors
+        ...results.claudeConsole.errors
      ]
      if (allErrors.length > 0) {
        logger.warn(`⚠️ Encountered ${allErrors.length} errors during cleanup:`, allErrors)
@@ -358,68 +348,6 @@ class RateLimitCleanupService {
    }
  }

-  /**
-   * 主动刷新 Claude 账户 Token（防止等待重置期间 Token 过期）
-   * 仅对等待重置（schedulable=false）且 Token 即将过期的账户执行刷新
-   */
-  async proactiveRefreshClaudeTokens(result) {
-    try {
-      const redis = require('../models/redis')
-      const accounts = await redis.getAllClaudeAccounts()
-      const now = Date.now()
-      const refreshAheadMs = 30 * 60 * 1000 // 提前30分钟刷新
-      const recentRefreshMs = 5 * 60 * 1000 // 5分钟内刷新过则跳过
-
-      for (const account of accounts) {
-        // 1. 必须激活
-        if (account.isActive !== 'true') {
-          continue
-        }
-
-        // 2. 必须有 refreshToken
-        if (!account.refreshToken) {
-          continue
-        }
-
-        // 3. 【优化】仅处理等待重置的账户（schedulable=false）
-        // 正常调度的账户会在请求时自动刷新，无需主动刷新
-        if (account.schedulable !== 'false') {
-          continue
-        }
-
-        // 4. 【优化】如果最近 5 分钟内已刷新，跳过（避免重复刷新）
-        const lastRefreshAt = account.lastRefreshAt ? new Date(account.lastRefreshAt).getTime() : 0
-        if (now - lastRefreshAt < recentRefreshMs) {
-          continue
-        }
-
-        // 5. 检查 Token 是否即将过期（30分钟内）
-        const expiresAt = parseInt(account.expiresAt)
-        if (expiresAt && now < expiresAt - refreshAheadMs) {
-          continue
-        }
-
-        // 符合条件，执行刷新
-        result.checked++
-        try {
-          await claudeAccountService.refreshAccountToken(account.id)
-          result.refreshed++
-          logger.info(`🔄 Proactively refreshed token: ${account.name} (${account.id})`)
-        } catch (error) {
-          result.errors.push({
-            accountId: account.id,
-            accountName: account.name,
-            error: error.message
-          })
-          logger.warn(`⚠️ Proactive refresh failed for ${account.name}: ${error.message}`)
-        }
-      }
-    } catch (error) {
-      logger.error('Failed to proactively refresh Claude tokens:', error)
-      result.errors.push({ error: error.message })
-    }
-  }
-
  /**
   * 手动触发一次清理（供 API 或 CLI 调用）
   */
--- a/src/utils/anthropicRequestDump.js
+++ b/src/utils/anthropicRequestDump.js
@@ -1,7 +1,7 @@
+const fs = require('fs/promises')
 const path = require('path')
 const logger = require('./logger')
 const { getProjectRoot } = require('./projectPaths')
-const { safeRotatingAppend } = require('./safeRotatingAppend')

 const REQUEST_DUMP_ENV = 'ANTHROPIC_DEBUG_REQUEST_DUMP'
 const REQUEST_DUMP_MAX_BYTES_ENV = 'ANTHROPIC_DEBUG_REQUEST_DUMP_MAX_BYTES'
@@ -108,7 +108,7 @@ async function dumpAnthropicMessagesRequest(req, meta = {}) {
  const line = `${safeJsonStringify(record, maxBytes)}\n`

  try {
-    await safeRotatingAppend(filename, line)
+    await fs.appendFile(filename, line, { encoding: 'utf8' })
  } catch (e) {
    logger.warn('Failed to dump Anthropic request', {
      filename,
--- a/src/utils/anthropicResponseDump.js
+++ b/src/utils/anthropicResponseDump.js
@@ -1,7 +1,7 @@
+const fs = require('fs/promises')
 const path = require('path')
 const logger = require('./logger')
 const { getProjectRoot } = require('./projectPaths')
-const { safeRotatingAppend } = require('./safeRotatingAppend')

 const RESPONSE_DUMP_ENV = 'ANTHROPIC_DEBUG_RESPONSE_DUMP'
 const RESPONSE_DUMP_MAX_BYTES_ENV = 'ANTHROPIC_DEBUG_RESPONSE_DUMP_MAX_BYTES'
@@ -89,7 +89,7 @@ async function dumpAnthropicResponse(req, responseInfo, meta = {}) {

  const line = `${safeJsonStringify(record, maxBytes)}\n`
  try {
-    await safeRotatingAppend(filename, line)
+    await fs.appendFile(filename, line, { encoding: 'utf8' })
  } catch (e) {
    logger.warn('Failed to dump Anthropic response', {
      filename,
--- a/src/utils/antigravityUpstreamDump.js
+++ b/src/utils/antigravityUpstreamDump.js
@@ -1,7 +1,7 @@
+const fs = require('fs/promises')
 const path = require('path')
 const logger = require('./logger')
 const { getProjectRoot } = require('./projectPaths')
-const { safeRotatingAppend } = require('./safeRotatingAppend')

 const UPSTREAM_REQUEST_DUMP_ENV = 'ANTIGRAVITY_DEBUG_UPSTREAM_REQUEST_DUMP'
 const UPSTREAM_REQUEST_DUMP_MAX_BYTES_ENV = 'ANTIGRAVITY_DEBUG_UPSTREAM_REQUEST_DUMP_MAX_BYTES'
@@ -103,7 +103,7 @@ async function dumpAntigravityUpstreamRequest(requestInfo) {

  const line = `${safeJsonStringify(record, maxBytes)}\n`
  try {
-    await safeRotatingAppend(filename, line)
+    await fs.appendFile(filename, line, { encoding: 'utf8' })
  } catch (e) {
    logger.warn('Failed to dump Antigravity upstream request', {
      filename,
--- a/src/utils/antigravityUpstreamResponseDump.js
+++ b/src/utils/antigravityUpstreamResponseDump.js
@@ -1,175 +0,0 @@
-const path = require('path')
-const logger = require('./logger')
-const { getProjectRoot } = require('./projectPaths')
-const { safeRotatingAppend } = require('./safeRotatingAppend')
-
-const UPSTREAM_RESPONSE_DUMP_ENV = 'ANTIGRAVITY_DEBUG_UPSTREAM_RESPONSE_DUMP'
-const UPSTREAM_RESPONSE_DUMP_MAX_BYTES_ENV = 'ANTIGRAVITY_DEBUG_UPSTREAM_RESPONSE_DUMP_MAX_BYTES'
-const UPSTREAM_RESPONSE_DUMP_FILENAME = 'antigravity-upstream-responses-dump.jsonl'
-
-function isEnabled() {
-  const raw = process.env[UPSTREAM_RESPONSE_DUMP_ENV]
-  if (!raw) {
-    return false
-  }
-  const normalized = String(raw).trim().toLowerCase()
-  return normalized === '1' || normalized === 'true'
-}
-
-function getMaxBytes() {
-  const raw = process.env[UPSTREAM_RESPONSE_DUMP_MAX_BYTES_ENV]
-  if (!raw) {
-    return 2 * 1024 * 1024
-  }
-  const parsed = Number.parseInt(raw, 10)
-  if (!Number.isFinite(parsed) || parsed <= 0) {
-    return 2 * 1024 * 1024
-  }
-  return parsed
-}
-
-function safeJsonStringify(payload, maxBytes) {
-  let json = ''
-  try {
-    json = JSON.stringify(payload)
-  } catch (e) {
-    return JSON.stringify({
-      type: 'antigravity_upstream_response_dump_error',
-      error: 'JSON.stringify_failed',
-      message: e?.message || String(e)
-    })
-  }
-
-  if (Buffer.byteLength(json, 'utf8') <= maxBytes) {
-    return json
-  }
-
-  const truncated = Buffer.from(json, 'utf8').subarray(0, maxBytes).toString('utf8')
-  return JSON.stringify({
-    type: 'antigravity_upstream_response_dump_truncated',
-    maxBytes,
-    originalBytes: Buffer.byteLength(json, 'utf8'),
-    partialJson: truncated
-  })
-}
-
-/**
- * 记录 Antigravity 上游 API 的响应
- * @param {Object} responseInfo - 响应信息
- * @param {string} responseInfo.requestId - 请求 ID
- * @param {string} responseInfo.model - 模型名称
- * @param {number} responseInfo.statusCode - HTTP 状态码
- * @param {string} responseInfo.statusText - HTTP 状态文本
- * @param {Object} responseInfo.headers - 响应头
- * @param {string} responseInfo.responseType - 响应类型 (stream/non-stream/error)
- * @param {Object} responseInfo.summary - 响应摘要
- * @param {Object} responseInfo.error - 错误信息（如果有）
- */
-async function dumpAntigravityUpstreamResponse(responseInfo) {
-  if (!isEnabled()) {
-    return
-  }
-
-  const maxBytes = getMaxBytes()
-  const filename = path.join(getProjectRoot(), UPSTREAM_RESPONSE_DUMP_FILENAME)
-
-  const record = {
-    ts: new Date().toISOString(),
-    type: 'antigravity_upstream_response',
-    requestId: responseInfo?.requestId || null,
-    model: responseInfo?.model || null,
-    statusCode: responseInfo?.statusCode || null,
-    statusText: responseInfo?.statusText || null,
-    responseType: responseInfo?.responseType || null,
-    headers: responseInfo?.headers || null,
-    summary: responseInfo?.summary || null,
-    error: responseInfo?.error || null,
-    rawData: responseInfo?.rawData || null
-  }
-
-  const line = `${safeJsonStringify(record, maxBytes)}\n`
-  try {
-    await safeRotatingAppend(filename, line)
-  } catch (e) {
-    logger.warn('Failed to dump Antigravity upstream response', {
-      filename,
-      requestId: responseInfo?.requestId || null,
-      error: e?.message || String(e)
-    })
-  }
-}
-
-/**
- * 记录 SSE 流中的每个事件（用于详细调试）
- */
-async function dumpAntigravityStreamEvent(eventInfo) {
-  if (!isEnabled()) {
-    return
-  }
-
-  const maxBytes = getMaxBytes()
-  const filename = path.join(getProjectRoot(), UPSTREAM_RESPONSE_DUMP_FILENAME)
-
-  const record = {
-    ts: new Date().toISOString(),
-    type: 'antigravity_stream_event',
-    requestId: eventInfo?.requestId || null,
-    eventIndex: eventInfo?.eventIndex || null,
-    eventType: eventInfo?.eventType || null,
-    data: eventInfo?.data || null
-  }
-
-  const line = `${safeJsonStringify(record, maxBytes)}\n`
-  try {
-    await safeRotatingAppend(filename, line)
-  } catch (e) {
-    // 静默处理，避免日志过多
-  }
-}
-
-/**
- * 记录流式响应的最终摘要
- */
-async function dumpAntigravityStreamSummary(summaryInfo) {
-  if (!isEnabled()) {
-    return
-  }
-
-  const maxBytes = getMaxBytes()
-  const filename = path.join(getProjectRoot(), UPSTREAM_RESPONSE_DUMP_FILENAME)
-
-  const record = {
-    ts: new Date().toISOString(),
-    type: 'antigravity_stream_summary',
-    requestId: summaryInfo?.requestId || null,
-    model: summaryInfo?.model || null,
-    totalEvents: summaryInfo?.totalEvents || 0,
-    finishReason: summaryInfo?.finishReason || null,
-    hasThinking: summaryInfo?.hasThinking || false,
-    hasToolCalls: summaryInfo?.hasToolCalls || false,
-    toolCallNames: summaryInfo?.toolCallNames || [],
-    usage: summaryInfo?.usage || null,
-    error: summaryInfo?.error || null,
-    textPreview: summaryInfo?.textPreview || null
-  }
-
-  const line = `${safeJsonStringify(record, maxBytes)}\n`
-  try {
-    await safeRotatingAppend(filename, line)
-  } catch (e) {
-    logger.warn('Failed to dump Antigravity stream summary', {
-      filename,
-      requestId: summaryInfo?.requestId || null,
-      error: e?.message || String(e)
-    })
-  }
-}
-
-module.exports = {
-  dumpAntigravityUpstreamResponse,
-  dumpAntigravityStreamEvent,
-  dumpAntigravityStreamSummary,
-  UPSTREAM_RESPONSE_DUMP_ENV,
-  UPSTREAM_RESPONSE_DUMP_MAX_BYTES_ENV,
-  UPSTREAM_RESPONSE_DUMP_FILENAME
-}
--- a/src/utils/featureFlags.js
+++ b/src/utils/featureFlags.js
@@ -20,9 +20,8 @@ const parseBooleanEnv = (value) => {
 }

 /**
- * 是否允许执行"余额脚本"（安全开关）
- * ⚠️ 安全警告：vm模块非安全沙箱，默认禁用。如需启用请显式设置 BALANCE_SCRIPT_ENABLED=true
- * 仅在完全信任管理员且了解RCE风险时才启用此功能
+ * 是否允许执行“余额脚本”（安全开关）
+ * 默认开启，便于保持现有行为；如需禁用请显式设置 BALANCE_SCRIPT_ENABLED=false（环境变量优先）
 */
 const isBalanceScriptEnabled = () => {
  if (
@@ -37,8 +36,7 @@ const isBalanceScriptEnabled = () => {
    config?.features?.balanceScriptEnabled ??
    config?.security?.enableBalanceScript

-  // 默认禁用，需显式启用
-  return typeof fromConfig === 'boolean' ? fromConfig : false
+  return typeof fromConfig === 'boolean' ? fromConfig : true
 }

 module.exports = {
--- a/src/utils/safeRotatingAppend.js
+++ b/src/utils/safeRotatingAppend.js
@@ -1,88 +0,0 @@
-/**
- * ============================================================================
- * 安全 JSONL 追加工具（带文件大小限制与自动轮转）
- * ============================================================================
- *
- * 用于所有调试 Dump 模块，避免日志文件无限增长导致 I/O 拥塞。
- *
- * 策略：
- * - 每次写入前检查目标文件大小
- * - 超过阈值时，将现有文件重命名为 .bak（覆盖旧 .bak）
- * - 然后写入新文件
- */
-
-const fs = require('fs/promises')
-const logger = require('./logger')
-
-// 默认文件大小上限：10MB
-const DEFAULT_MAX_FILE_SIZE_BYTES = 10 * 1024 * 1024
-const MAX_FILE_SIZE_ENV = 'DUMP_MAX_FILE_SIZE_BYTES'
-
-/**
- * 获取文件大小上限（可通过环境变量覆盖）
- */
-function getMaxFileSize() {
-  const raw = process.env[MAX_FILE_SIZE_ENV]
-  if (raw) {
-    const parsed = Number.parseInt(raw, 10)
-    if (Number.isFinite(parsed) && parsed > 0) {
-      return parsed
-    }
-  }
-  return DEFAULT_MAX_FILE_SIZE_BYTES
-}
-
-/**
- * 获取文件大小，文件不存在时返回 0
- */
-async function getFileSize(filepath) {
-  try {
-    const stat = await fs.stat(filepath)
-    return stat.size
-  } catch (e) {
-    // 文件不存在或无法读取
-    return 0
-  }
-}
-
-/**
- * 安全追加写入 JSONL 文件，支持自动轮转
- *
- * @param {string} filepath - 目标文件绝对路径
- * @param {string} line - 要写入的单行（应以 \n 结尾）
- * @param {Object} options - 可选配置
- * @param {number} options.maxFileSize - 文件大小上限（字节），默认从环境变量或 10MB
- */
-async function safeRotatingAppend(filepath, line, options = {}) {
-  const maxFileSize = options.maxFileSize || getMaxFileSize()
-
-  const currentSize = await getFileSize(filepath)
-
-  // 如果当前文件已达到或超过阈值，轮转
-  if (currentSize >= maxFileSize) {
-    const backupPath = `${filepath}.bak`
-    try {
-      // 先删除旧备份（如果存在）
-      await fs.unlink(backupPath).catch(() => {})
-      // 重命名当前文件为备份
-      await fs.rename(filepath, backupPath)
-    } catch (renameErr) {
-      // 轮转失败时记录警告日志，继续写入原文件
-      logger.warn('⚠️ Log rotation failed, continuing to write to original file', {
-        filepath,
-        backupPath,
-        error: renameErr?.message || String(renameErr)
-      })
-    }
-  }
-
-  // 追加写入
-  await fs.appendFile(filepath, line, { encoding: 'utf8' })
-}
-
-module.exports = {
-  safeRotatingAppend,
-  getMaxFileSize,
-  MAX_FILE_SIZE_ENV,
-  DEFAULT_MAX_FILE_SIZE_BYTES
-}
--- a/src/utils/signatureCache.js
+++ b/src/utils/signatureCache.js
@@ -1,183 +0,0 @@
-/**
- * Signature Cache - 签名缓存模块
- *
- * 用于缓存 Antigravity thinking block 的 thoughtSignature。
- * Claude Code 客户端可能剥离非标准字段，导致多轮对话时签名丢失。
- * 此模块按 sessionId + thinkingText 存储签名，便于后续请求恢复。
- *
- * 参考实现：
- * - CLIProxyAPI: internal/cache/signature_cache.go
- * - antigravity-claude-proxy: src/format/signature-cache.js
- */
-
-const crypto = require('crypto')
-const logger = require('./logger')
-
-// 配置常量
-const SIGNATURE_CACHE_TTL_MS = 60 * 60 * 1000 // 1 小时（同 CLIProxyAPI）
-const MAX_ENTRIES_PER_SESSION = 100 // 每会话最大缓存条目
-const MIN_SIGNATURE_LENGTH = 50 // 最小有效签名长度
-const TEXT_HASH_LENGTH = 16 // 文本哈希长度（SHA256 前 16 位）
-
-// 主缓存：sessionId -> Map<textHash, { signature, timestamp }>
-const signatureCache = new Map()
-
-/**
- * 生成文本内容的稳定哈希值
- * @param {string} text - 待哈希的文本
- * @returns {string} 16 字符的十六进制哈希
- */
-function hashText(text) {
-  if (!text || typeof text !== 'string') {
-    return ''
-  }
-  const hash = crypto.createHash('sha256').update(text).digest('hex')
-  return hash.slice(0, TEXT_HASH_LENGTH)
-}
-
-/**
- * 获取或创建会话缓存
- * @param {string} sessionId - 会话 ID
- * @returns {Map} 会话的签名缓存 Map
- */
-function getOrCreateSessionCache(sessionId) {
-  if (!signatureCache.has(sessionId)) {
-    signatureCache.set(sessionId, new Map())
-  }
-  return signatureCache.get(sessionId)
-}
-
-/**
- * 检查签名是否有效
- * @param {string} signature - 待检查的签名
- * @returns {boolean} 签名是否有效
- */
-function isValidSignature(signature) {
-  return typeof signature === 'string' && signature.length >= MIN_SIGNATURE_LENGTH
-}
-
-/**
- * 缓存 thinking 签名
- * @param {string} sessionId - 会话 ID
- * @param {string} thinkingText - thinking 内容文本
- * @param {string} signature - thoughtSignature
- */
-function cacheSignature(sessionId, thinkingText, signature) {
-  if (!sessionId || !thinkingText || !signature) {
-    return
-  }
-
-  if (!isValidSignature(signature)) {
-    return
-  }
-
-  const sessionCache = getOrCreateSessionCache(sessionId)
-  const textHash = hashText(thinkingText)
-
-  if (!textHash) {
-    return
-  }
-
-  // 淘汰策略：超过限制时删除最老的 1/4 条目
-  if (sessionCache.size >= MAX_ENTRIES_PER_SESSION) {
-    const entries = Array.from(sessionCache.entries())
-    entries.sort((a, b) => a[1].timestamp - b[1].timestamp)
-    const toRemove = Math.max(1, Math.floor(entries.length / 4))
-    for (let i = 0; i < toRemove; i++) {
-      sessionCache.delete(entries[i][0])
-    }
-    logger.debug(
-      `[SignatureCache] Evicted ${toRemove} old entries for session ${sessionId.slice(0, 8)}...`
-    )
-  }
-
-  sessionCache.set(textHash, {
-    signature,
-    timestamp: Date.now()
-  })
-
-  logger.debug(
-    `[SignatureCache] Cached signature for session ${sessionId.slice(0, 8)}..., hash ${textHash}`
-  )
-}
-
-/**
- * 获取缓存的签名
- * @param {string} sessionId - 会话 ID
- * @param {string} thinkingText - thinking 内容文本
- * @returns {string|null} 缓存的签名，未找到或过期则返回 null
- */
-function getCachedSignature(sessionId, thinkingText) {
-  if (!sessionId || !thinkingText) {
-    return null
-  }
-
-  const sessionCache = signatureCache.get(sessionId)
-  if (!sessionCache) {
-    return null
-  }
-
-  const textHash = hashText(thinkingText)
-  if (!textHash) {
-    return null
-  }
-
-  const entry = sessionCache.get(textHash)
-  if (!entry) {
-    return null
-  }
-
-  // 检查是否过期
-  if (Date.now() - entry.timestamp > SIGNATURE_CACHE_TTL_MS) {
-    sessionCache.delete(textHash)
-    logger.debug(`[SignatureCache] Entry expired for hash ${textHash}`)
-    return null
-  }
-
-  logger.debug(
-    `[SignatureCache] Cache hit for session ${sessionId.slice(0, 8)}..., hash ${textHash}`
-  )
-  return entry.signature
-}
-
-/**
- * 清除会话缓存
- * @param {string} sessionId - 要清除的会话 ID，为空则清除全部
- */
-function clearSignatureCache(sessionId = null) {
-  if (sessionId) {
-    signatureCache.delete(sessionId)
-    logger.debug(`[SignatureCache] Cleared cache for session ${sessionId.slice(0, 8)}...`)
-  } else {
-    signatureCache.clear()
-    logger.debug('[SignatureCache] Cleared all caches')
-  }
-}
-
-/**
- * 获取缓存统计信息（调试用）
- * @returns {Object} { sessionCount, totalEntries }
- */
-function getCacheStats() {
-  let totalEntries = 0
-  for (const sessionCache of signatureCache.values()) {
-    totalEntries += sessionCache.size
-  }
-  return {
-    sessionCount: signatureCache.size,
-    totalEntries
-  }
-}
-
-module.exports = {
-  cacheSignature,
-  getCachedSignature,
-  clearSignatureCache,
-  getCacheStats,
-  isValidSignature,
-  // 内部函数导出（用于测试或扩展）
-  hashText,
-  MIN_SIGNATURE_LENGTH,
-  MAX_ENTRIES_PER_SESSION,
-  SIGNATURE_CACHE_TTL_MS
-}
--- a/web/admin-spa/src/components/accounts/BalanceDisplay.vue
+++ b/web/admin-spa/src/components/accounts/BalanceDisplay.vue
@@ -52,51 +52,10 @@
      </div>

      <!-- 配额（如适用） -->
-      <div v-if="quotaInfo && isAntigravityQuota" class="space-y-2">
+      <div v-if="quotaInfo" class="space-y-1">
        <div class="flex items-center justify-between text-xs text-gray-600 dark:text-gray-400">
-          <span>剩余</span>
-          <span>{{ formatQuotaNumber(quotaInfo.remaining) }}</span>
-        </div>
-
-        <div class="space-y-1">
-          <div
-            v-for="row in antigravityRows"
-            :key="row.category"
-            class="flex items-center gap-2 rounded-md bg-gray-50 px-2 py-1.5 dark:bg-gray-700/60"
-          >
-            <span class="h-2 w-2 shrink-0 rounded-full" :class="row.dotClass"></span>
-            <span
-              class="min-w-0 flex-1 truncate text-xs font-medium text-gray-800 dark:text-gray-100"
-              :title="row.category"
-            >
-              {{ row.category }}
-            </span>
-
-            <div class="flex w-[94px] flex-col gap-0.5">
-              <div class="h-1.5 w-full rounded-full bg-gray-200 dark:bg-gray-600">
-                <div
-                  class="h-1.5 rounded-full transition-all"
-                  :class="row.barClass"
-                  :style="{ width: `${row.remainingPercent ?? 0}%` }"
-                ></div>
-              </div>
-              <div
-                class="flex items-center justify-between text-[11px] text-gray-500 dark:text-gray-300"
-              >
-                <span>{{ row.remainingText }}</span>
-                <span v-if="row.resetAt" class="text-gray-400 dark:text-gray-400">{{
-                  formatResetTime(row.resetAt)
-                }}</span>
-              </div>
-            </div>
-          </div>
-        </div>
-      </div>
-
-      <div v-else-if="quotaInfo" class="space-y-1">
-        <div class="flex items-center justify-between text-xs text-gray-600 dark:text-gray-400">
-          <span>已用: {{ formatQuotaNumber(quotaInfo.used) }}</span>
-          <span>剩余: {{ formatQuotaNumber(quotaInfo.remaining) }}</span>
+          <span>已用: {{ formatNumber(quotaInfo.used) }}</span>
+          <span>剩余: {{ formatNumber(quotaInfo.remaining) }}</span>
        </div>
        <div class="h-1.5 w-full rounded-full bg-gray-200 dark:bg-gray-700">
          <div
@@ -141,8 +100,7 @@ const props = defineProps({
  platform: { type: String, required: true },
  initialBalance: { type: Object, default: null },
  hideRefresh: { type: Boolean, default: false },
-  autoLoad: { type: Boolean, default: true },
-  queryMode: { type: String, default: 'local' } // local | auto | api
+  autoLoad: { type: Boolean, default: true }
 })

 const emit = defineEmits(['refreshed', 'error'])
@@ -178,43 +136,6 @@ const quotaInfo = computed(() => {
  }
 })

-const isAntigravityQuota = computed(() => {
-  return balanceData.value?.quota?.type === 'antigravity'
-})
-
-const antigravityRows = computed(() => {
-  if (!isAntigravityQuota.value) return []
-
-  const buckets = balanceData.value?.quota?.buckets
-  const list = Array.isArray(buckets) ? buckets : []
-  const map = new Map(list.map((b) => [b?.category, b]))
-
-  const order = ['Gemini Pro', 'Claude', 'Gemini Flash', 'Gemini Image']
-  const styles = {
-    'Gemini Pro': { dotClass: 'bg-blue-500', barClass: 'bg-blue-500 dark:bg-blue-400' },
-    Claude: { dotClass: 'bg-purple-500', barClass: 'bg-purple-500 dark:bg-purple-400' },
-    'Gemini Flash': { dotClass: 'bg-cyan-500', barClass: 'bg-cyan-500 dark:bg-cyan-400' },
-    'Gemini Image': { dotClass: 'bg-emerald-500', barClass: 'bg-emerald-500 dark:bg-emerald-400' }
-  }
-
-  return order.map((category) => {
-    const raw = map.get(category) || null
-    const remaining = raw?.remaining
-    const remainingPercent = Number.isFinite(Number(remaining))
-      ? Math.max(0, Math.min(100, Number(remaining)))
-      : null
-
-    return {
-      category,
-      remainingPercent,
-      remainingText: remainingPercent === null ? '—' : `${Math.round(remainingPercent)}%`,
-      resetAt: raw?.resetAt || null,
-      dotClass: styles[category]?.dotClass || 'bg-gray-400',
-      barClass: styles[category]?.barClass || 'bg-gray-400'
-    }
-  })
-})
-
 const quotaBarClass = computed(() => {
  const percentage = quotaInfo.value?.percentage || 0
  if (percentage >= 90) return 'bg-red-500 dark:bg-red-600'
@@ -223,12 +144,7 @@ const quotaBarClass = computed(() => {
 })

 const canRefresh = computed(() => {
-  // antigravity 配额：允许直接触发 Provider 刷新（无需脚本）
-  if (props.queryMode === 'api' || props.queryMode === 'auto') {
-    return true
-  }
-
-  // 其他平台：仅在“已启用脚本且该账户配置了脚本”时允许刷新，避免误导（非脚本 Provider 多为降级策略）
+  // 仅在“已启用脚本且该账户配置了脚本”时允许刷新，避免误导（非脚本 Provider 多为降级策略）
  const data = balanceData.value
  if (!data) return false
  if (data.scriptEnabled === false) return false
@@ -243,9 +159,6 @@ const refreshTitle = computed(() => {
    }
    return '请先配置余额脚本'
  }
-  if (isAntigravityQuota.value) {
-    return '刷新配额（调用 Antigravity API）'
-  }
  return '刷新余额（调用脚本配置的余额 API）'
 })

@@ -266,10 +179,7 @@ const load = async () => {

  try {
    const response = await apiClient.get(`/admin/accounts/${props.accountId}/balance`, {
-      params: {
-        platform: props.platform,
-        queryApi: props.queryMode === 'api' ? true : props.queryMode === 'auto' ? 'auto' : false
-      }
+      params: { platform: props.platform, queryApi: false }
    })
    if (response?.success) {
      balanceData.value = response.data
@@ -321,16 +231,6 @@ const formatNumber = (num) => {
  return value.toLocaleString('zh-CN', { maximumFractionDigits: 2 })
 }

-const formatQuotaNumber = (num) => {
-  if (num === Infinity) return '∞'
-  const value = Number(num)
-  if (!Number.isFinite(value)) return 'N/A'
-  if (isAntigravityQuota.value) {
-    return `${Math.round(value)}%`
-  }
-  return formatNumber(value)
-}
-
 const formatCurrency = (amount) => {
  const value = Number(amount)
  if (!Number.isFinite(value)) return '$0.00'
--- a/web/admin-spa/src/components/accounts/OAuthFlow.vue
+++ b/web/admin-spa/src/components/accounts/OAuthFlow.vue
@@ -287,7 +287,7 @@
    </div>

    <!-- Gemini OAuth流程 -->
-    <div v-else-if="platform === 'gemini' || platform === 'gemini-antigravity'">
+    <div v-else-if="platform === 'gemini'">
      <div
        class="rounded-lg border border-green-200 bg-green-50 p-6 dark:border-green-700 dark:bg-green-900/30"
      >
--- a/web/admin-spa/src/components/apikeys/EditApiKeyModal.vue
+++ b/web/admin-spa/src/components/apikeys/EditApiKeyModal.vue
@@ -1233,28 +1233,13 @@ onMounted(async () => {
  form.totalCostLimit = props.apiKey.totalCostLimit || ''
  form.weeklyOpusCostLimit = props.apiKey.weeklyOpusCostLimit || ''
  // 处理权限数据，兼容旧格式（字符串）和新格式（数组）
-  // 有效的权限值
-  const VALID_PERMS = ['claude', 'gemini', 'openai', 'droid']
-  let perms = props.apiKey.permissions
-  // 如果是字符串，尝试 JSON.parse（Redis 可能返回 "[]" 或 "[\"gemini\"]"）
-  if (typeof perms === 'string') {
-    if (perms === 'all' || perms === '') {
-      perms = []
-    } else if (perms.startsWith('[')) {
-      try {
-        perms = JSON.parse(perms)
-      } catch {
-        perms = VALID_PERMS.includes(perms) ? [perms] : []
-      }
-    } else if (VALID_PERMS.includes(perms)) {
-      perms = [perms]
-    } else {
-      perms = []
-    }
-  }
+  const perms = props.apiKey.permissions
  if (Array.isArray(perms)) {
-    // 过滤掉无效值（如 "[]"）
-    form.permissions = perms.filter((p) => VALID_PERMS.includes(p))
+    form.permissions = perms
+  } else if (perms === 'all' || !perms) {
+    form.permissions = []
+  } else if (typeof perms === 'string') {
+    form.permissions = [perms]
  } else {
    form.permissions = []
  }
--- a/web/admin-spa/src/views/AccountsView.vue
+++ b/web/admin-spa/src/views/AccountsView.vue
@@ -797,19 +797,11 @@
                    :account-id="account.id"
                    :initial-balance="account.balanceInfo"
                    :platform="account.platform"
-                    :query-mode="
-                      account.platform === 'gemini' && account.oauthProvider === 'antigravity'
-                        ? 'auto'
-                        : 'local'
-                    "
                    @error="(error) => handleBalanceError(account.id, error)"
                    @refreshed="(data) => handleBalanceRefreshed(account.id, data)"
                  />
                  <div class="mt-1 text-xs">
                    <button
-                      v-if="
-                        !(account.platform === 'gemini' && account.oauthProvider === 'antigravity')
-                      "
                      class="text-blue-500 hover:underline dark:text-blue-300"
                      @click="openBalanceScriptModal(account)"
                    >
@@ -1484,17 +1476,11 @@
              :account-id="account.id"
              :initial-balance="account.balanceInfo"
              :platform="account.platform"
-              :query-mode="
-                account.platform === 'gemini' && account.oauthProvider === 'antigravity'
-                  ? 'auto'
-                  : 'local'
-              "
              @error="(error) => handleBalanceError(account.id, error)"
              @refreshed="(data) => handleBalanceRefreshed(account.id, data)"
            />
            <div class="mt-1 text-xs">
              <button
-                v-if="!(account.platform === 'gemini' && account.oauthProvider === 'antigravity')"
                class="text-blue-500 hover:underline dark:text-blue-300"
                @click="openBalanceScriptModal(account)"
              >
Author	SHA1	Message	Date
github-actions[bot]	b892ac30a0	chore: sync VERSION file with release v1.1.242 [skip ci]	2025-12-26 05:59:55 +00:00
Wesley Liddick	b8f34b4630	Merge pull request #844 from dadongwo/antigravity feat: 实现 Antigravity OAuth 账户支持与路径分流	2025-12-26 00:59:42 -05:00
Wesley Liddick	c9621e9efb	Merge pull request #846 from bgColorGray/feat/passthrough-system-prompt [skip ci] feat: allow passing system prompt to Claude	2025-12-26 00:59:29 -05:00
pengyujie	e57a7bd614	feat: allow passing system prompt to Claude Add CRS_PASSTHROUGH_SYSTEM_PROMPT to optionally forward OpenAI-format system messages to Claude, improving compatibility with clients that rely on strict system instructions (e.g. MineContext).	2025-12-25 20:02:26 +08:00
@@ -1 +1 @@
 .1.253
 .1.242