If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/babalae/better-genshin-impact shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

WAIT — Mixed signals — read the receipts

• Last commit 1d ago
• 19 active contributors
• GPL-3.0 licensed
• CI configured
• ⚠ Concentrated ownership — top contributor handles 53% of recent commits
• ⚠ GPL-3.0 is copyleft — check downstream compatibility
• ⚠ No test directory detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live babalae/better-genshin-impact repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/babalae/better-genshin-impact.

What it runs against: a local clone of babalae/better-genshin-impact — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in babalae/better-genshin-impact | Confirms the artifact applies here, not a fork | | 2 | License is still GPL-3.0 | Catches relicense before you depend on it | | 3 | Default branch main exists | Catches branch renames | | 4 | Last commit ≤ 31 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of babalae/better-genshin-impact. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/babalae/better-genshin-impact.git
#   cd better-genshin-impact
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of babalae/better-genshin-impact and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "babalae/better-genshin-impact(\\.git)?\\b" \\
  && ok "origin remote is babalae/better-genshin-impact" \\
  || miss "origin remote is not babalae/better-genshin-impact (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(GPL-3\\.0)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"GPL-3\\.0\"" package.json 2>/dev/null) \\
  && ok "license is GPL-3.0" \\
  || miss "license drift — was GPL-3.0 at generation time"

# 3. Default branch
git rev-parse --verify main >/dev/null 2>&1 \\
  && ok "default branch main exists" \\
  || miss "default branch main no longer exists"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 31 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~1d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/babalae/better-genshin-impact"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

BetterGI is a computer vision-based UI automation tool for Genshin Impact that automates repetitive gameplay tasks like pickup detection, quest dialogue skipping, fishing, card game battles (Genius Invocation TCG), resource gathering, and dungeon farming. It uses image recognition (BgiVision subsystem) to detect game states and issue simulated keyboard/mouse inputs to automate tedious grinding without modifying the game itself. Monolithic C# WPF application (BetterGenshinImpact.csproj) organized by functional domain: Core/BgiVision/ handles image recognition and game state detection (BvImage.cs, BvLocator.cs, BvPage.cs), Core/Config/ manages ~12 configuration classes for tasks/hotkeys/hardware, and likely UI/ directory for XAML views. .github/workflows/ contains Python scripts for release automation and CI triggers (cnb_trigger.py, github_download_and_cnb_upload.py).

Genshin Impact players who want to reduce manual grinding time for farming materials, completing dailies, and running dungeons repeatedly. Contributors are C# developers familiar with Windows automation, OpenCV-based vision systems, and XAML UI frameworks.

Actively developed and production-ready. The project has significant adoption (Trendshift ranking), comprehensive GitHub Actions CI/CD pipelines (.github/workflows/publish.yml, cnb_release.py), organized issue templates, and regular releases visible via GitHub Actions. Code is primarily C# (4.2MB) with established configuration and vision subsystems, indicating a mature codebase.

Single-maintainer risk (babalae as primary owner). Reliance on brittle computer vision matching against game UI that changes with Genshin patches—updates may break detection. Heavy integration with Windows-specific APIs (mouse/keyboard simulation) limits portability. No visible unit test directory in the file listing, raising concerns about regression testing coverage for the vision system.

Active release cycle visible via .github/workflows/publish.yml and cnb_release.py automation. GitHub Actions configured for multi-platform releases and mirror uploads (mirrorchyan_uploading.yml). Repository uses TRAE skills for automated issue triage and release note generation, suggesting active DevOps improvements. Issue templates (bug.yml, feature.yml, question.yml) indicate ongoing community engagement.

Check README for instructions.

Daily commands: Open Visual Studio, load BetterGenshinImpact.sln, press F5 or Ctrl+F5 to debug. Alternatively: dotnet run --project BetterGenshinImpact/BetterGenshinImpact.csproj. Must launch with Genshin Impact running on the same monitor for vision-based detection to work.

• BetterGenshinImpact/Core/BgiVision/BvLocator.cs: Core template matching and feature detection engine—handles image recognition for game UI elements; modifying this changes how the tool detects game state
• BetterGenshinImpact/Core/Config/AllConfig.cs: Central configuration aggregator that loads/saves all user settings; required to understand how task parameters propagate through the application
• BetterGenshinImpact/Core/Config/Global.cs: Global singleton state container; any shared runtime data (window handles, screen dimensions) lives here
• BetterGenshinImpact/App.xaml.cs: Application entry point and main window setup; controls startup initialization, vision system bootstrap, and hotkey registration
• .github/workflows/publish.yml: CI/CD pipeline definition for building, testing, and releasing—understanding this reveals build requirements and deployment strategy
• BetterGenshinImpact/Core/BgiVision/BvPage.cs: High-level game state abstraction; translates BvLocator raw detections into semantic game pages (MainMenu, Battle, Dialogue, etc.)
• BetterGenshinImpact/Core/BgiVision/BvImage.cs: Image capture and preprocessing wrapper; handles screenshot acquisition and color-space/resolution normalization for vision pipeline

New task automation: add new Config class in Core/Config/ (e.g., NewTaskConfig.cs following MacroConfig.cs pattern), then implement vision detection in Core/BgiVision/ using BvLocator template matching. UI changes go in XAML files referenced in App.xaml.cs. Hotkeys/keybindings: modify KeyBindingsConfig.cs and HotKeyConfig.cs. Vision templates and thresholds: tune BvImage.cs and BvPage.cs state detection logic.

Vision system depends on exact game client resolution and UI scaling—template matching fails if Genshin runs at unexpected DPI or scaled display (must test with multiple monitor setups). No visible logging configuration; debugging vision failures requires attaching Visual Studio debugger to inspect BvLocator match scores. Game updates that change UI colors/layouts break detection thresholds in BvImage/BvLocator (plan for maintenance after each Genshin patch). Hotkey hooks are global Windows events—antivirus/gaming overlay software may block keyboard input simulation.

• Template Matching (Feature Detection) — BvLocator.cs uses OpenCV template matching to find game UI elements (buttons, dialogue boxes, icons) in screenshots; understanding match score thresholds and scale invariance is crucial for fixing vision detection failures
• State Machine (Game Page Abstraction) — BvPage.cs models the Genshin game as discrete states (MainMenu → Dialogue → Battle → Results); automating tasks requires understanding valid state transitions and guard conditions
• Global Hotkey Hooking (Windows API) — HotKeyConfig.cs and input simulation rely on SetWindowsHookEx and SendInput Windows APIs; required to understand how the tool intercepts player input and simulates keyboard/mouse events without game detection
• Configuration Serialization & Hot-Reload — AllConfig.cs and Global.cs manage persistent JSON/XML serialization of task parameters; understanding deserialization and runtime config updates avoids breaking user settings across releases
• DPI Awareness & Screen Coordinate Mapping — Vision detection and input simulation must account for high-DPI displays (4K monitors, scaling factors); BvImage.cs preprocesses screenshots to normalize resolution, and input commands must scale coordinates accordingly
• Image Pyramid & Multi-Scale Detection — Game UI elements appear at different sizes depending on camera zoom and resolution; BvLocator likely uses image pyramids to match templates at multiple scales—essential for robust detection in varied gameplay scenarios
• CI/CD Automation with GitHub Actions — publish.yml, cnb_trigger.py, and mirrorchyan_uploading.yml orchestrate multi-platform builds, artifact uploads, and mirror distribution; understanding this pipeline is critical for contributing versioning, dependency changes, or deployment logic

• openflare/genshin-checker — Alternative Genshin automation tool; comparison point for vision-based vs. API-based automation approaches
• Koko1912/GenshinImpact_AutoMap — Genshin map automation and pathfinding; shares same vision detection challenges and Windows input simulation techniques
• opencv/opencv — Core dependency for template matching and image processing in BvLocator—understanding OpenCV's MatchTemplate is essential for modifying vision detection
• microsoft/wpf — WPF framework that powers the UI; needed to understand XAML binding and control architecture in App.xaml
• dotnet/runtime — Underlying .NET runtime; critical for debugging input simulation, memory profiling of vision processing pipeline, and platform-specific API calls

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add unit tests for Core/Recognition/OCR engine components

The OCR engine has multiple data transformation classes (OcrImgMode.cs, OcrMatOrder.cs, OcrNormalizeImage.cs, OcrShape.cs) and OcrUtils.cs with no visible test coverage. Given this is a vision-based automation tool where OCR accuracy is critical, adding unit tests for image preprocessing, normalization, and shape detection would catch regressions and improve maintainability.

• [ ] Create BetterGenshinImpact.Tests/Core/Recognition/OCR/ directory structure
• [ ] Write tests for OcrNormalizeImage.cs covering edge cases (different image sizes, color spaces)
• [ ] Write tests for OcrUtils.cs utility functions with sample images
• [ ] Write tests for OcrShape.cs and OcrMatOrder.cs data transformations
• [ ] Add test project to BetterGenshinImpact.sln and configure in CI

Create GitHub Actions workflow to validate configuration file schemas

The repo has 15+ Config classes (AllConfig.cs, HotKeyConfig.cs, MacroConfig.cs, etc.) but no CI validation that user config files conform to expected schemas. This causes silent failures when users edit YAML/JSON configs. Adding a schema validation workflow would catch configuration errors early.

• [ ] Document the config schema for each Core/Config/*.cs class in a schemas/ directory
• [ ] Create .github/workflows/config-validation.yml to run on PR changes to config files
• [ ] Add a .NET validation tool or script (.github/workflows/) that deserializes test config files
• [ ] Validate against sample configs from .trae/rules or documentation
• [ ] Reference this workflow in CONTRIBUTING.md

Add integration tests for vision-based locator components (BvLocator.cs, BvPage.cs)

The BgiVision module (BvImage.cs, BvLocator.cs, BvPage.cs) is the core of automation detection but appears untested. Adding integration tests with sample game screenshots would verify that locator logic correctly identifies UI elements across different game states and resolutions.

• [ ] Create BetterGenshinImpact.Tests/Core/BgiVision/ directory with test fixtures (sample game screenshots)
• [ ] Write integration tests for BvLocator.cs testing common element detection (buttons, menus, items)
• [ ] Write tests for BvPage.cs state detection across different game screens
• [ ] Add BvImage.cs tests for image cropping, scaling, and comparison operations
• [ ] Document how to add new test fixtures in CONTRIBUTING.md for future maintainers

• Add unit tests for BvLocator.cs template matching: Create Tests/BgiVision/ folder and write xUnit tests validating image recognition accuracy on sample Genshin screenshots at different resolutions—currently no test coverage visible for the vision system
• Document configuration schema: Generate markdown docs for all Config classes (KeyBindingsConfig.cs, PathingConditionConfig.cs, etc.) with example JSON/YAML values, as the codebase lacks user-facing configuration reference
• Implement offline game state mock for testing: Create a BvPageMock in Core/BgiVision/ that fakes game detections without requiring Genshin running, enabling CI/CD pipeline tests of automation logic without hardware dependencies

The BetterGI codebase shows moderate security posture with several areas of concern. Primary issues include outdated Python dependencies without version pinning in CI/CD workflows, potential for sensitive data exposure in configuration and automation scripts, and insufficient visible input validation in deployment automation. The nature of the application as a UI automation tool introduces inherent risks around input monitoring and game client manipulation. Strengths include organized file structure with separation of concerns and use of GitHub workflows for automation. Immediate recommendations: (1) Pin all dependencies to specific secure versions, (2) audit all workflow files for hardcoded secrets, (3) implement input validation in automation scripts, (4) add comprehensive security documentation for users.

• Medium · Outdated Python Dependencies in GitHub Workflows — .github/workflows/requirements.txt. The requirements.txt in .github/workflows/ specifies 'requests>=2.25.0' and 'tqdm>=4.60.0' without upper version bounds. These dependencies may have known vulnerabilities as they are not pinned to specific secure versions. The 'requests' library version 2.25.0 is from 2020 and may contain unpatched security issues. Fix: Pin dependencies to specific secure versions (e.g., 'requests==2.31.0', 'tqdm==4.66.1') and regularly update them. Use 'pip-audit' or 'safety' to check for known vulnerabilities.
• Medium · Potential Sensitive Information in Configuration Files — .cnb.yml, .github/workflows/cnb_release.py, .github/workflows/github_download_and_cnb_upload.py, .cnb/web_trigger.yml. Multiple configuration files exist (.cnb.yml, .trae/rules/project_rules.md, .github/workflows files) that could potentially contain API keys, tokens, or credentials. The file structure suggests automated deployment pipelines (cnb_release.py, github_download_and_cnb_upload.py) that may handle sensitive data. Fix: Ensure no secrets are committed to version control. Use GitHub Secrets for storing sensitive credentials. Implement pre-commit hooks to scan for secrets. Review all workflow files for hardcoded credentials or API keys.
• Medium · Automation Scripts Without Visible Security Controls — .github/workflows/cnb_release.py, .github/workflows/cnb_trigger.py, .github/workflows/github_download_and_cnb_upload.py. Multiple Python automation scripts in .github/workflows/ (cnb_release.py, cnb_trigger.py, github_download_and_cnb_upload.py, mirrorchyan_release_note.yml) handle releases and uploads without visible input validation or authorization checks in the file structure. Fix: Implement strict input validation and sanitization in all automation scripts. Use GitHub's environment protection rules and branch protection rules. Require code reviews for workflow modifications. Implement least-privilege access for CI/CD service accounts.
• Low · UI Automation Tool for Game Client — BetterGenshinImpact (overall project). The application is a UI automation tool for Genshin Impact game client with capabilities including input simulation, screen recognition, and automated gameplay. While not a direct vulnerability, automation tools could potentially be misused for account manipulation or violate game terms of service. Fix: Document clear usage guidelines and terms of service compliance. Implement user acknowledgment of risks. Consider adding detection mechanisms for unauthorized usage patterns. Monitor for misuse.
• Low · Direct Input Monitoring Capability — BetterGenshinImpact/Core/Monitor/DirectInputMonitor.cs, BetterGenshinImpact/Core/Monitor/MouseKeyMonitor.cs. The codebase includes DirectInputMonitor.cs and MouseKeyMonitor.cs which provide direct hardware input monitoring capabilities. While legitimate for automation, these could be misused for keylogging or credential harvesting. Fix: Implement clear security documentation about input monitoring purposes. Add user consent mechanisms. Consider running with minimal necessary permissions. Log input monitoring activities for audit trails.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.