fix(base): gate +form-submit behind high-risk-write confirmation

[hehanlin1996]

Summary

Promote base +form-submit from write to high-risk-write so the irreversible form submission requires explicit confirmation, giving AI agents a way to let users review content before it is written.

Changes

• shortcuts/base/base_form_submit.go: set Risk: "high-risk-write"; add a preview→confirm tip plus the shared baseHighRiskYesTip agent guidance.
• shortcuts/base/base_shortcuts_test.go: add TestBaseFormSubmitRisk; update the metadata assertion; pass --yes in the execute-path tests now gated by confirmation.
• skills/lark-base/references/lark-base-form-submit.md: document the --dry-run → confirm → --yes flow and the --yes flag.

Test Plan

• Unit tests pass (go test ./shortcuts/base/)
• Manual local verification confirms the lark-cli base +form-submit flow works as expected
  • Without --yes: returns confirmation_required (exit 10), no network call, nothing written.
  • With --dry-run: previews the exact submit body for review.

Related Issues

• Closes base +form-submit lacks a pre-submit human confirmation step (preview before irreversible write) #1545

Summary by CodeRabbit

• New Features

  • Form submission now requires explicit --yes confirmation flag to prevent accidental data changes.
  • Added preview capability using --dry-run before final submission.

• Documentation

  • Updated documentation for high-risk form submission confirmation workflow.

• Tests

  • Added test coverage for form submission risk level.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ecde93bc-1594-4ffc-83a9-6b6c0bf4b34d

📥 Commits

Reviewing files that changed from the base of the PR and between 736b131 and 1331b18.

📒 Files selected for processing (3)

• shortcuts/base/base_form_submit.go
• shortcuts/base/base_shortcuts_test.go
• skills/lark-base/references/lark-base-form-submit.md

---

📝 Walkthrough

Walkthrough

BaseFormSubmit's Risk field is changed from "write" to "high-risk-write", and its Tips are updated to include an irreversible-submission warning. All test invocations of +form-submit are updated to pass --yes, and a new risk assertion test is added. Documentation adds the --yes parameter and a confirmation workflow section.

BaseFormSubmit high-risk-write promotion

Layer / File(s)	Summary
BaseFormSubmit risk and tips update shortcuts/base/base_form_submit.go	Risk changed from "write" to "high-risk-write"; Tips updated to prepend an irreversible-submission warning before baseHighRiskYesTip.
Test assertions and --yes flag alignment shortcuts/base/base_shortcuts_test.go	New TestBaseFormSubmitRisk asserts "high-risk-write"; existing metadata assertion updated; all TestExecuteFormSubmit and TestUploadAttachmentsParallel execute-path calls add --yes to match the new gate.
--yes parameter and confirmation workflow docs skills/lark-base/references/lark-base-form-submit.md	Adds --yes row to the 参数 table and a new "提交前预览与确认（高风险写）" section describing the --dry-run → confirm → --yes workflow and exit code 10 behavior.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• larksuite/cli#633: Implements the high-risk-write confirmation protocol (--yes gate, exit code 10) that BaseFormSubmit is now opting into.
• larksuite/cli#759: Originally introduced and wired the +form-submit shortcut implementation and tests that this PR directly modifies.

Suggested labels

domain/base, size/M

Suggested reviewers

• kongenpei

Poem

🐇 Hoppy the rabbit taps the form with care,
"–yes" is required before writing anywhere!
No sneaky submits in the dead of night,
High-risk-write keeps the data right.
Preview, confirm, then leap with glee ~

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: promoting form-submit to require high-risk-write confirmation gating.
Description check	✅ Passed	The description follows the template structure and provides comprehensive details on changes, test verification, and issue closure.
Linked Issues check	✅ Passed	The PR fully addresses issue #1545 by promoting +form-submit to high-risk-write with --dry-run preview and --yes confirmation gating, preventing irreversible writes without user review.
Out of Scope Changes check	✅ Passed	All changes are directly related to implementing the confirmation gate for form-submit: risk level update, test coverage, and documentation of the preview-confirm workflow.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}