feat: add configurable content-safety scanning

cmd/api/api.go

@@ -239,12 +239,13 @@ func apiRun(opts *APIOptions) error {
 		return output.MarkRaw(client.WrapDoAPIError(err))
 	}
 	err = client.HandleResponse(resp, client.ResponseOptions{
-		OutputPath: opts.Output,
-		Format:     format,
-		JqExpr:     opts.JqExpr,
-		Out:        out,
-		ErrOut:     f.IOStreams.ErrOut,
-		FileIO:     f.ResolveFileIO(opts.Ctx),
+		OutputPath:  opts.Output,
+		Format:      format,
+		JqExpr:      opts.JqExpr,
+		Out:         out,
+		ErrOut:      f.IOStreams.ErrOut,
+		FileIO:      f.ResolveFileIO(opts.Ctx),
+		CommandPath: opts.Cmd.CommandPath(),
 	})
 	// MarkRaw tells root error handler to skip enrichPermissionError,
 	// preserving the original API error detail (log_id, troubleshooter, etc.).

cmd/service/service.go

@@ -272,13 +272,14 @@ func serviceMethodRun(opts *ServiceMethodOptions) error {
 		return output.ErrNetwork("API call failed: %s", err)
 	}
 	return client.HandleResponse(resp, client.ResponseOptions{
-		OutputPath: opts.Output,
-		Format:     format,
-		JqExpr:     opts.JqExpr,
-		Out:        out,
-		ErrOut:     f.IOStreams.ErrOut,
-		FileIO:     f.ResolveFileIO(opts.Ctx),
-		CheckError: checkErr,
+		OutputPath:  opts.Output,
+		Format:      format,
+		JqExpr:      opts.JqExpr,
+		Out:         out,
+		ErrOut:      f.IOStreams.ErrOut,
+		FileIO:      f.ResolveFileIO(opts.Ctx),
+		CommandPath: opts.Cmd.CommandPath(),
+		CheckError:  checkErr,
 	})
 }
 

extension/contentsafety/registry.go

@@ -0,0 +1,28 @@
+// Copyright (c) 2026 Lark Technologies Pte. Ltd.
+// SPDX-License-Identifier: MIT
+
+package contentsafety
+
+import "sync"
+
+var (
+	mu       sync.Mutex
+	provider Provider
+)
+
+// Register installs a content-safety Provider. Later registrations
+// override earlier ones (last-write-wins).
+// Typically called from init() via blank import.
+func Register(p Provider) {
+	mu.Lock()
+	defer mu.Unlock()
+	provider = p
+}
+
+// GetProvider returns the currently registered Provider.
+// Returns nil if no provider has been registered.
+func GetProvider() Provider {
+	mu.Lock()
+	defer mu.Unlock()
+	return provider
+}

extension/contentsafety/types.go

@@ -0,0 +1,29 @@
+// Copyright (c) 2026 Lark Technologies Pte. Ltd.
+// SPDX-License-Identifier: MIT
+
+package contentsafety
+
+import (
+	"context"
+	"io"
+)
+
+// Provider scans parsed response data for content-safety issues.
+// Implementations must be safe for concurrent use.
+type Provider interface {
+	Name() string
+	Scan(ctx context.Context, req ScanRequest) (*Alert, error)
+}
+
+// ScanRequest carries the data to scan.
+type ScanRequest struct {
+	Path   string    // normalized command path (e.g. "im.messages_search")
+	Data   any       // parsed response data (generic JSON shape)
+	ErrOut io.Writer // stderr for provider-level notices (e.g. lazy-config creation)
+}
+
+// Alert holds the result of a content-safety scan that detected issues.
+type Alert struct {
+	Provider     string   `json:"provider"`
+	MatchedRules []string `json:"matched_rules"`
+}

extension/contentsafety/types_test.go

@@ -0,0 +1,70 @@
+// Copyright (c) 2026 Lark Technologies Pte. Ltd.
+// SPDX-License-Identifier: MIT
+
+package contentsafety
+
+import (
+	"context"
+	"io"
+	"testing"
+)
+
+func TestAlertFields(t *testing.T) {
+	a := &Alert{
+		Provider:     "regex",
+		MatchedRules: []string{"rule_a", "rule_b"},
+	}
+	if a.Provider != "regex" {
+		t.Errorf("Provider = %q, want %q", a.Provider, "regex")
+	}
+	if len(a.MatchedRules) != 2 {
+		t.Errorf("MatchedRules length = %d, want 2", len(a.MatchedRules))
+	}
+}
+
+type stubProvider struct{}
+
+func (s *stubProvider) Name() string { return "stub" }
+func (s *stubProvider) Scan(_ context.Context, _ ScanRequest) (*Alert, error) {
+	return &Alert{Provider: "stub", MatchedRules: []string{"test"}}, nil
+}
+
+func TestProviderInterface(t *testing.T) {
+	var p Provider = &stubProvider{}
+	if p.Name() != "stub" {
+		t.Errorf("Name() = %q, want %q", p.Name(), "stub")
+	}
+	alert, err := p.Scan(context.Background(), ScanRequest{Path: "test", Data: nil, ErrOut: io.Discard})
+	if err != nil {
+		t.Fatalf("Scan() error = %v", err)
+	}
+	if alert.Provider != "stub" {
+		t.Errorf("alert.Provider = %q, want %q", alert.Provider, "stub")
+	}
+}
+
+func TestRegistryLastWriteWins(t *testing.T) {
+	mu.Lock()
+	old := provider
+	provider = nil
+	mu.Unlock()
+	defer func() {
+		mu.Lock()
+		provider = old
+		mu.Unlock()
+	}()
+
+	if GetProvider() != nil {
+		t.Fatal("expected nil provider initially")
+	}
+	p1 := &stubProvider{}
+	Register(p1)
+	if GetProvider() != p1 {
+		t.Fatal("expected p1 after first Register")
+	}
+	p2 := &stubProvider{}
+	Register(p2)
+	if GetProvider() != p2 {
+		t.Fatal("expected p2 after second Register (last-write-wins)")
+	}
+}

internal/client/response.go

@@ -23,12 +23,13 @@
 
 // ResponseOptions configures how HandleResponse routes a raw API response.
 type ResponseOptions struct {
-	OutputPath string        // --output flag; "" = auto-detect
-	Format     output.Format // output format for JSON responses
-	JqExpr     string        // if set, apply jq filter instead of Format
-	Out        io.Writer     // stdout
-	ErrOut     io.Writer     // stderr
-	FileIO     fileio.FileIO // file transfer abstraction; required when saving files (--output or binary response)
+	OutputPath  string        // --output flag; "" = auto-detect
+	Format      output.Format // output format for JSON responses
+	JqExpr      string        // if set, apply jq filter instead of Format
+	Out         io.Writer     // stdout
+	ErrOut      io.Writer     // stderr
+	FileIO      fileio.FileIO // file transfer abstraction; required when saving files (--output or binary response)
+	CommandPath string        // raw cobra CommandPath() for content safety scanning
 	// CheckError is called on parsed JSON results. Nil defaults to CheckLarkResponse.
 	CheckError func(interface{}) error
 }
@@ -60,9 +61,20 @@
 		if apiErr := check(result); apiErr != nil {
 			return apiErr
 		}
+		// Content safety scanning
+		scanResult := output.ScanForSafety(opts.CommandPath, result, opts.ErrOut)
+		if scanResult.Blocked {
+			return scanResult.BlockErr
+		}
 		if opts.OutputPath != "" {
+			if scanResult.Alert != nil {
+				output.WriteAlertWarning(opts.ErrOut, scanResult.Alert)
+			}
 			return saveAndPrint(opts.FileIO, resp, opts.OutputPath, opts.Out)
 		}
+		if scanResult.Alert != nil {
+			output.WriteAlertWarning(opts.ErrOut, scanResult.Alert)
+		}
 		if opts.JqExpr != "" {
 			return output.JqFilter(opts.Out, result, opts.JqExpr)
 		}

internal/cmdutil/factory_default.go

@@ -21,6 +21,7 @@ import (
 	"github.com/larksuite/cli/internal/credential"
 	"github.com/larksuite/cli/internal/keychain"
 	"github.com/larksuite/cli/internal/registry"
+	_ "github.com/larksuite/cli/internal/security/contentsafety" // register content safety provider
 	"github.com/larksuite/cli/internal/util"
 	_ "github.com/larksuite/cli/internal/vfs/localfileio" // register default FileIO provider
 )

internal/envvars/envvars.go

@@ -15,4 +15,7 @@ const (
 	// Sidecar proxy (auth proxy mode)
 	CliAuthProxy = "LARKSUITE_CLI_AUTH_PROXY" // sidecar HTTP address, e.g. "http://127.0.0.1:16384"
 	CliProxyKey  = "LARKSUITE_CLI_PROXY_KEY"  // HMAC signing key shared with sidecar
+
+	// Content safety scanning mode
+	CliContentSafetyMode = "LARKSUITE_CLI_CONTENT_SAFETY_MODE"
 )

internal/output/emit.go

@@ -0,0 +1,61 @@
+// Copyright (c) 2026 Lark Technologies Pte. Ltd.
+// SPDX-License-Identifier: MIT
+
+package output
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"strings"
+
+	extcs "github.com/larksuite/cli/extension/contentsafety"
+)
+
+// ScanResult holds the output of ScanForSafety.
+type ScanResult struct {
+	Alert    *extcs.Alert
+	Blocked  bool
+	BlockErr error
+}
+
+// ScanForSafety runs content-safety scanning on the given data.
+// cmdPath is the raw cobra CommandPath().
+// When MODE=off, no provider registered, or the command is not allowlisted,
+// returns a zero ScanResult.
+func ScanForSafety(cmdPath string, data any, errOut io.Writer) ScanResult {
+	alert, csErr := runContentSafety(cmdPath, data, errOut)
+	if errors.Is(csErr, errBlocked) {
+		return ScanResult{
+			Alert:    alert,
+			Blocked:  true,
+			BlockErr: wrapBlockError(alert),
+		}
+	}
+	return ScanResult{Alert: alert}
+}
+
+// wrapBlockError creates an ExitError for content-safety block.
+func wrapBlockError(alert *extcs.Alert) error {
+	rules := ""
+	if alert != nil {
+		rules = strings.Join(alert.MatchedRules, ", ")
+	}
+	return &ExitError{
+		Code: ExitContentSafety,
+		Detail: &ErrDetail{
+			Type:    "content_safety_blocked",
+			Message: fmt.Sprintf("content safety violation detected (rules: %s)", rules),
+		},
+	}
+}
+
+// WriteAlertWarning writes a human-readable content-safety warning to w.
+// Used by non-JSON output paths (pretty, table, csv) in warn mode.
+func WriteAlertWarning(w io.Writer, alert *extcs.Alert) {
+	if alert == nil {
+		return
+	}
+	fmt.Fprintf(w, "warning: content safety alert from %s (rules: %s)\n",
+		alert.Provider, strings.Join(alert.MatchedRules, ", "))
+}