feat: embed mail sender control metadata

[iLoveCYaRon]

Generated by the harness-coding skill.

• Branch: feat/e62ede0
• Target: main

Sprints

ID	Title	Status	Commit
S7	Sync generated mail registry metadata into lark-cli	passed	2ad5d8a

Source specs

---

This MR was created autonomously. Quality gates were enforced by the repo's own pre-commit hooks.

Summary by CodeRabbit

• Documentation
  • Expanded the API reference to document sender allow/blocked mailbox resources.
  • Added usage details for batch add/remove, listing, and search, including constraints and mutual exclusivity behavior.
  • Updated the permissions (“权限表”) with the required access scope mappings for these sender management operations.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 6cc1ae4e-83d0-40ee-9e7d-7016fe901aa0

📥 Commits

Reviewing files that changed from the base of the PR and between 2ad5d8a and 5e64b60.

📒 Files selected for processing (1)

• skills/lark-mail/SKILL.md

---

📝 Walkthrough

Walkthrough

Adds documentation for user_mailbox.allow_senders and user_mailbox.blocked_senders in skills/lark-mail/SKILL.md, covering batch add/remove, list/search behavior, item limits, mutual exclusivity, and required scope mappings.

Changes

Lark Mail Allow/Blocked Senders Documentation

Layer / File(s)	Summary
API reference and permissions table entries skills/lark-mail/SKILL.md	Adds operation descriptions, batch constraints, pagination/search behavior, and scope mappings for user_mailbox.allow_senders and user_mailbox.blocked_senders.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• larksuite/cli#1527: Modifies the same skills/lark-mail/SKILL.md documentation structure, including the permissions table area extended by this PR.

Suggested labels

size/L

Suggested reviewers

• chanthuang

Poem

🐰 Hop hop, the docs grow bright,
Senders sorted left and right.
Allow, block, and scopes align,
Lark-mail notes now read just fine.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description does not follow the required template and is missing Summary, Changes, Test Plan, and Related Issues sections.	Rewrite the PR description using the repository template and add Summary, Changes, Test Plan, and Related Issues sections with concrete details.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title is concise and clearly matches the mail sender control metadata documentation update.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 markdownlint-cli2 (0.22.1)

skills/lark-mail/SKILL.md

markdownlint-cli2 v0.22.1 (markdownlint v0.40.0)
Error: Unable to use configuration file '/coderabbit-0.markdownlint-cli2.jsonc'; ENOENT: no such file or directory, open '/coderabbit-0.markdownlint-cli2.jsonc'
at throwForConfigurationFile (file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2.mjs:48:9)
at readOptionsOrConfig (file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2.mjs:169:5)
at async main (file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2.mjs:927:21)
at async file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2-bin.mjs:14:22 {
[cause]: Error: ENOENT: no such file or directory, open '/coderabbit-0.markdownlint-cli2.jsonc'
at async open (node:internal/fs/promises:640:25)
at async Object.readFile (node:internal/fs/promises:1287:14)
at async readOptionsOrConfig (file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2.mjs:141:17)
at async main (file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2.mjs:927:21)
at async file:///usr/local/lib/node_modules/markdownlint-cli2/markdownlint-cli2-bin.mjs:14:22 {
errno: -2,
code: 'ENOENT',
syscall: 'open',
path: '/coderabbit-0.markdownlint-cli2.jsonc'
}
}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@skills/lark-mail/SKILL.md`:
- Around line 676-678: The permissions table is missing the readonly scope
mapping for the list endpoints, which makes the documented least-privilege setup
incomplete. Update the entries for user_mailbox.allow_senders.list and
user_mailbox.blocked_senders.list in SKILL.md so they include both
mail:user_mailbox.message:readonly and mail:user_mailbox.message:modify,
matching the registered metadata and keeping the table consistent with the other
list methods.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 01614c95-0692-4bbe-921a-23dc8d87c446

📥 Commits

Reviewing files that changed from the base of the PR and between b46e60c and 2ad5d8a.

📒 Files selected for processing (2)

• internal/registry/meta_data_default.json
• skills/lark-mail/SKILL.md

[coderabbitai]

🗄️ Data Integrity & Integration | 🟠 Major | ⚡ Quick win

权限表遗漏了 list 接口的只读 scope 映射

Line 676 和 Line 678 仅写了 mail:user_mailbox.message:modify，但上游注册元数据里这两个 list 方法都支持 mail:user_mailbox.message:readonly 与 mail:user_mailbox.message:modify。当前文档会误导最小权限配置。

✅ 建议修复

-| `user_mailbox.allow_senders.list` | `mail:user_mailbox.message:modify` |
+| `user_mailbox.allow_senders.list` | `mail:user_mailbox.message:readonly` / `mail:user_mailbox.message:modify` |
@@
-| `user_mailbox.blocked_senders.list` | `mail:user_mailbox.message:modify` |
+| `user_mailbox.blocked_senders.list` | `mail:user_mailbox.message:readonly` / `mail:user_mailbox.message:modify` |

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	| `user_mailbox.allow_senders.list` | `mail:user_mailbox.message:modify` |
	| `user_mailbox.allow_senders.batch_remove` | `mail:user_mailbox.message:modify` |
	| `user_mailbox.blocked_senders.list` | `mail:user_mailbox.message:modify` |
	| `user_mailbox.allow_senders.list` | `mail:user_mailbox.message:readonly` / `mail:user_mailbox.message:modify` |
	| `user_mailbox.allow_senders.batch_remove` | `mail:user_mailbox.message:modify` |
	| `user_mailbox.blocked_senders.list` | `mail:user_mailbox.message:readonly` / `mail:user_mailbox.message:modify` |

🧰 Tools

🪛 SkillSpector (2.2.3)

[error] 34: [P1] Instruction Override: This pattern attempts to override system instructions or ignore safety constraints. Without LLM analysis, manual review is recommended.

Remediation: Remove or rewrite any text that instructs the agent to ignore prompts, override safety rules, or trust unverified content. Ensure skill content cannot be injected to alter agent behavior.

(Prompt Injection (P1))

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@skills/lark-mail/SKILL.md` around lines 676 - 678, The permissions table is
missing the readonly scope mapping for the list endpoints, which makes the
documented least-privilege setup incomplete. Update the entries for
user_mailbox.allow_senders.list and user_mailbox.blocked_senders.list in
SKILL.md so they include both mail:user_mailbox.message:readonly and
mail:user_mailbox.message:modify, matching the registered metadata and keeping
the table consistent with the other list methods.