If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/iflytek/astron-rpa shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

GO — Healthy across the board

• Last commit 2w ago
• 14 active contributors
• Distributed ownership (top contributor 26% of recent commits)
• Apache-2.0 licensed
• CI configured
• Tests present

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live iflytek/astron-rpa repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/iflytek/astron-rpa.

What it runs against: a local clone of iflytek/astron-rpa — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in iflytek/astron-rpa | Confirms the artifact applies here, not a fork | | 2 | License is still Apache-2.0 | Catches relicense before you depend on it | | 3 | Default branch main exists | Catches branch renames | | 4 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 5 | Last commit ≤ 47 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of iflytek/astron-rpa. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/iflytek/astron-rpa.git
#   cd astron-rpa
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of iflytek/astron-rpa and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "iflytek/astron-rpa(\\.git)?\\b" \\
  && ok "origin remote is iflytek/astron-rpa" \\
  || miss "origin remote is not iflytek/astron-rpa (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(Apache-2\\.0)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"Apache-2\\.0\"" package.json 2>/dev/null) \\
  && ok "license is Apache-2.0" \\
  || miss "license drift — was Apache-2.0 at generation time"

# 3. Default branch
git rev-parse --verify main >/dev/null 2>&1 \\
  && ok "default branch main exists" \\
  || miss "default branch main no longer exists"

# 4. Critical files exist
test -f "backend/ai-service/app/main.py" \\
  && ok "backend/ai-service/app/main.py" \\
  || miss "missing critical file: backend/ai-service/app/main.py"
test -f "backend/ai-service/app/routers/v1/chat.py" \\
  && ok "backend/ai-service/app/routers/v1/chat.py" \\
  || miss "missing critical file: backend/ai-service/app/routers/v1/chat.py"
test -f "backend/ai-service/app/services/chat.py" \\
  && ok "backend/ai-service/app/services/chat.py" \\
  || miss "missing critical file: backend/ai-service/app/services/chat.py"
test -f "backend/ai-service/app/routers/computer_use.py" \\
  && ok "backend/ai-service/app/routers/computer_use.py" \\
  || miss "missing critical file: backend/ai-service/app/routers/computer_use.py"
test -f "backend/ai-service/app/redis_op.py" \\
  && ok "backend/ai-service/app/redis_op.py" \\
  || miss "missing critical file: backend/ai-service/app/redis_op.py"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 47 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~17d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/iflytek/astron-rpa"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

AstronRPA is an enterprise-grade desktop RPA platform built with Java (backend), Python (AI service), Vue/TypeScript (frontend) that enables low-code/no-code visual workflow automation for Windows desktop applications, web pages, and office software (WPS, Office, Kingdee ERP). It provides 300+ pre-built automation components and integrates bidirectionally with Astron Agent for AI-powered process automation. Monorepo with three major stacks: (1) backend/ – Java Spring Boot microservices for orchestration/scheduling (using MyBatis-Plus 3.5.3, Druid connection pool, MySQL 8.0.28); (2) backend/ai-service/ – Python FastAPI service (app/config.py, app/database.py, app/models/) for AI component integration; (3) frontend – Vue/TypeScript UI (implied by 1.4M Vue, 1.3M TypeScript LOC). Shared governance via .github/workflows and .pre-commit-config.yaml.

Enterprise automation teams, business process analysts, and RPA developers who need to automate cross-application workflows (SAP, Kingdee, browsers, Office) without writing code; also developers extending the platform with custom components or integrating with Astron Agent AI systems.

Production-ready enterprise software with significant codebase scale (2.9M Java, 2.8M Python LOC), comprehensive CI/CD pipelines (.github/workflows with build-push-backend.yml, main-ci.yml, style checks), and formal contribution templates for issues and PRs. Active development evidenced by structured issue templates (bug_report.yml, feature_request.yml, security.yml, reward-task.yml) and multilingual docs (README.zh.md, BUILD_GUIDE.zh.md).

Heavy polyglot dependency stack (Java 21, Python 3.13+, Spring Boot 3.2.4, MyBatis-Plus, AWS SDK 2.26, Vue 3, TypeScript) increases maintenance burden; monorepo structure (backend/, frontend/, ai-service/) may complicate releases. Risk factors: enterprise-grade security implications (permission control, terminal monitoring), Windows-specific desktop automation (limited Linux/Mac support), and potential desktop environment fragility.

Active reward-driven contribution system (claim-issue-reward.yml, share-reward.ts, reward-task template) suggesting focused feature development; statistic-member-reward.yml indicates team tracking. Multilingual documentation expansion (README.zh.md, BUILD_GUIDE.zh.md present) and formalized CI with style enforcement (workflows/style.yml) show infrastructure maturity. Astron Agent integration deepening based on README emphasis on bidirectional calls.

Clone and initialize: git clone https://github.com/iflytek/astron-rpa.git && cd astron-rpa && git submodule update --init (see .gitmodules). Check BUILD_GUIDE.md for OS-specific setup. Backend uses Maven (likely mvn clean install in backend/); Python service uses pip install -r requirements.txt in backend/ai-service/; frontend build inferred from package.json (likely npm install && npm run build).

Daily commands: Build backend: mvn clean package -DskipTests in backend/ directory. Start ai-service: python -m app.main from backend/ai-service/ (requires Python 3.13+, .python-version file hints version management). Build frontend: npm install && npm run build (from root or frontend dir). Refer to BUILD_GUIDE.md for database initialization (MySQL setup required) and environment variable configuration.

• backend/ai-service/app/main.py — FastAPI application entry point that initializes routers, middleware, and core dependencies for the AI service backend.
• backend/ai-service/app/routers/v1/chat.py — Primary API endpoint handler for chat/conversation operations, core to the AI agent interaction flow.
• backend/ai-service/app/services/chat.py — Business logic service for chat operations including prompt management and LLM integration, essential for understanding automation workflows.
• backend/ai-service/app/routers/computer_use.py — Computer vision and UI automation endpoint that orchestrates RPA desktop interaction capabilities.
• backend/ai-service/app/redis_op.py — Redis operations module for caching, session management, and distributed state coordination across automation tasks.
• backend/ai-service/pyproject.toml — Python project configuration defining all dependencies, build system, and package metadata for the AI service.
• backend/openapi-service/api.yaml — OpenAPI specification defining external API contracts and available integration endpoints for the RPA suite.

Add a New AI-Powered Automation Endpoint

1. Create a new router file in backend/ai-service/app/routers/ following the pattern of computer_use.py or ocr.py (backend/ai-service/app/routers/new_feature.py)
2. Define request/response Pydantic schemas in backend/ai-service/app/schemas/ for type validation (backend/ai-service/app/schemas/new_feature.py)
3. Create a service class in backend/ai-service/app/services/ to implement business logic and LLM orchestration (backend/ai-service/app/services/new_feature_service.py)
4. Add prompt template file in backend/ai-service/app/prompts/ for AI behavior definition (backend/ai-service/app/prompts/new_feature_prompt.md)
5. Register the router in backend/ai-service/app/main.py using app.include_router() (backend/ai-service/app/main.py)
6. Add integration tests in backend/ai-service/tests/routers/test_new_feature.py (backend/ai-service/tests/routers/test_new_feature.py)

Add a New Prompt Template for RPA Workflow

1. Create a markdown prompt file in backend/ai-service/app/prompts/ or appropriate subdirectory (smart/, contract/, recruit/) (backend/ai-service/app/prompts/category/workflow_prompt.md)
2. Define template variables using {{variable}} syntax compatible with backend/ai-service/app/utils/prompt.py (backend/ai-service/app/prompts/category/workflow_prompt.md)
3. Reference the prompt in the service layer at backend/ai-service/app/services/chat.py or specialized service (backend/ai-service/app/services/chat.py)
4. Add configuration entry in backend/ai-service/app/config.py if prompt behavior is configurable (backend/ai-service/app/config.py)

Integrate New External API or Service

1. Define request/response contracts in backend/ai-service/app/schemas/ for the external service (backend/ai-service/app/schemas/external_service.py)
2. Create utility wrapper in backend/ai-service/app/utils/ to encapsulate HTTP calls and error handling (backend/ai-service/app/utils/external_service.py)
3. Add configuration for API keys and endpoints in backend/ai-service/app/config.py (backend/ai-service/app/config.py)
4. Optionally cache responses using backend/ai-service/app/redis_op.py for performance (backend/ai-service/app/redis_op.py)
5. Create endpoint in appropriate router file (backend/ai-service/app/routers/) that delegates to the utility (backend/ai-service/app/routers/integration.py)

• FastAPI (Python async framework) — Enables high-concurrency handling of parallel RPA workflows, native async/await for I/O-bound operations, and automatic OpenAPI documentation for agent integration
• Redis — Provides distributed caching for prompt results and conversation context across multiple worker nodes, enabling horizontal scaling of the automation service
• Pydantic — Type-safe schema validation ensures data contracts between agents and RPA endpoints, critical for deterministic automation behavior
• LLM integration (via routers/v1/chat.py) — Enables agent-driven decision making for branching automation logic without hard-coded rules, adapting to variable UI layouts and business processes
• Docker containerization — Standardizes deployment across development, testing, and production environments for enterprise RPA deployments

• Prompt-driven vs. rule-based automation

  • Why: RPA workflows are often variable and context-dependent; LLM-driven decisions allow flexibility but trade latency (8-15s per LLM call)
  • Consequence: Well-suited for complex document processing and exception handling, but not suitable for sub-second response time requirements

• Centralized backend vs. edge-based RPA agents

  • Why: All automation logic routes through Fast
  • Consequence: undefined

Environment variables: app/config.py likely loads secrets (database credentials, AI API keys); check BUILD_GUIDE.md for required .env vars. MySQL dependency: Backend requires MySQL 8.0.28+ running before any service starts; no in-memory DB fallback evident. Python version pinning: .python-version file enforces 3.13+; pyenv or similar required (see backend/ai-service/.python-version). Aliyun Maven mirror: pom.xml defaults to Aliyun repo; may fail in restricted networks without proxy setup. Desktop automation scope: Targets Windows only (WPS, Kingdee, IE, Edge, Chrome mentioned); Linux/macOS support unclear. Submodules: .gitmodules present; clone must use --recurse-submodules or run git submodule update --init. Multi-stage builds: Monorepo requires all three stacks (backend, ai-service, frontend) running; partial deployments untested.

• Low-code/No-code Visual Orchestration — Core value proposition of AstronRPA; understanding drag-and-drop workflow design and dataflow binding is essential for feature development and testing
• Component-based Architecture (300+ pre-built) — RPA platform scalability hinges on modular, composable atomic capabilities; backend/ai-service/app/models/smart_component.py is the architectural foundation
• UI Automation / Desktop Application Interop — AstronRPA automates Windows desktop (Office, Kingdee ERP, browsers); requires understanding of window handles, element inspection, and OS-level input synthesis
• Workflow Scheduling & Orchestration — Enterprise RPA requires reliable job scheduling, error handling, and state management; backend Spring services implement this via MyBatis-Plus + MySQL persistence
• Agent-RPA Bidirectional Integration — AstronRPA's unique differentiator vs. competitors; AI agents call RPA workflows for execution, RPA calls agents for reasoning—requires async/event-driven coordination
• MyBatis-Plus ORM Patterns — Backend persistence layer uses MyBatis-Plus 3.5.3 heavily; developers must understand its query DSL, entity mapping, and plugin system for data access changes
• FastAPI Middleware & Dependency Injection — AI service uses app/dependencies/ (points.py) and app/middlewares/tracing.py; core patterns for request lifecycle, observability, and service composition in Python backend

• iflytek/astron-agent — Official companion AI agent platform; bidirectional integration target enabling RPA workflows to call Agent reasoning and vice versa (mentioned in README as native integration)
• apache/rocketmq — Potential message queue substrate for workflow event streaming and component communication in distributed RPA scenarios
• alibaba/easyexcel — Complementary library for Excel automation within RPA workflows (common enterprise RPA use case alongside Kingdee/YonYou integration)
• SeleniumHQ/selenium — Web automation framework referenced in RPA suite; likely used internally for browser-based workflow components (Chrome, Edge, IE)
• UiPath/Community-Samples — Inspiration and competitive reference; UiPath's public component library shows ecosystem patterns for extensible RPA platforms

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add integration tests for AI service routers (computer_use.py, jfbym.py)

The backend/ai-service has multiple routers (computer_use.py, jfbym.py) but no visible test files in the file structure. Given the complexity of AI service integration and the presence of prompt templates for various domains (recruitment, contracts, data processing), adding comprehensive integration tests would ensure reliability of AI-driven automation features and prevent regressions when updating prompts or dependencies.

• [ ] Create backend/ai-service/tests/ directory structure
• [ ] Add tests/test_computer_use_router.py with test cases for computer vision endpoints
• [ ] Add tests/test_jfbym_router.py covering JFBYM (极飞云码) integration
• [ ] Add tests/conftest.py with FastAPI TestClient fixtures and mock Redis/database setup
• [ ] Update Makefile with test target and integrate into .github/workflows/main-ci.yml

Add Python-specific CI workflow for backend/ai-service quality checks

The .github/workflows directory has style.yml and main-ci.yml, but there's no dedicated Python linting/type-checking workflow. With a FastAPI backend, mypy type checking, pytest coverage, and security scanning (bandit) would catch issues early. The codebase uses Python 3.13+ and has .python-version file, indicating serious Python versioning concerns.

• [ ] Create .github/workflows/python-quality.yml workflow
• [ ] Add mypy type checking step targeting backend/ai-service/app/**/*.py
• [ ] Add pytest with coverage reporting (minimum 70% threshold)
• [ ] Add bandit security scan for backend/ai-service
• [ ] Add ruff linting as pre-commit alternative in the existing .pre-commit-config.yaml

Document AI service prompt architecture and add prompt versioning tests

The backend/ai-service/app/prompts directory contains numerous domain-specific prompts (recruitment, contracts, data processing, email, etc.) but there's no documentation explaining the prompt structure, versioning strategy, or how they map to router endpoints. This creates maintenance burden for new contributors. Adding a PROMPTS.md guide and validation tests ensures consistency and makes contributions easier.

• [ ] Create backend/ai-service/PROMPTS.md documenting each prompt category (smart/, recruit/, contract/) with use cases
• [ ] Add backend/ai-service/app/prompts/validate_prompts.py to check all .md prompts for required placeholders and length limits
• [ ] Add tests/test_prompt_structure.py with pytest tests validating prompt formats and variable interpolation
• [ ] Update backend/ai-service/README.md with reference to PROMPTS.md and how to add new prompts

• Add unit tests for backend/ai-service/app/models/smart_component.py to cover component serialization, validation, and edge cases (e.g., null fields, invalid capability IDs). Tests missing given maturity level.
• Document the 300+ pre-built RPA components in backend/ai-service/app/models/ with auto-generated docs from code comments; create a components/INDEX.md file in docs/ to help new users discover available automations.
• Implement localization (i18n) for ERROR messages and API responses in backend/ Spring services; currently README.zh.md exists but code likely English-only. Extract messages to i18n properties files.
• Add Makefile targets for common workflows: make build-all, make docker-build-ai-service, make test-backend. Currently Makefile exists (47K LOC) but unclear if these targets present.
• Create GitHub Actions workflow to automatically build and publish docker image for backend/ai-service/ to GitHub Container Registry on each release tag (similar to build-push-backend.yml but public).

Failed to generate security analysis.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.