docs(im): clarify app visibility for user sends

[OwenYWT]

Addresses #161

Summary

• document that --as user direct messages still depend on the app being visible to the recipient
• add the visibility caveat to the IM skill overview and +messages-send reference
• call out the common failure mode so agents do not assume user auth bypasses app visibility

Test Plan

• Docs only

Summary by CodeRabbit

• Bug Fixes

  • Option identifiers no longer exposed in search results output.

• Documentation

  • Clarified that user token authentication does not bypass app visibility constraints when sending direct messages.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a3c091c1-a208-491c-9a8f-c059b02c654e

📥 Commits

Reviewing files that changed from the base of the PR and between fa16fe1 and b39f962.

📒 Files selected for processing (4)

• shortcuts/base/base_execute_test.go
• shortcuts/base/field_ops.go
• skills/lark-im/SKILL.md
• skills/lark-im/references/lark-im-messages-send.md

---

📝 Walkthrough

Walkthrough

The pull request removes option ID identifiers from API responses in field search operations, adds a corresponding test assertion, and updates Lark IM documentation to clarify that app visibility rules apply regardless of user authentication token type.

Changes

Cohort / File(s)	Summary
Option ID Filtering shortcuts/base/field_ops.go, shortcuts/base/base_execute_test.go	Modified executeFieldSearchOptions to strip "id" keys from option map objects before returning; added test assertion verifying option IDs are not exposed in command output.
Lark IM Documentation skills/lark-im/SKILL.md, skills/lark-im/references/lark-im-messages-send.md	Clarified that --as user authentication does not bypass app visibility/availability restrictions; direct messages to users fail if the app is not visible to the recipient, regardless of login status.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A rabbit hops through code so clean,
Striping IDs from the scene,
Options now lack their hidden names,
While docs remind us visibility reigns! 🌟

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: documenting that app visibility is required for user sends in the IM skill.
Description check	✅ Passed	The description is well-structured and addresses the template requirements with summary, changes, and test plan sections, though it lacks explicit related issues link format.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This docs-only PR clarifies that --as user direct messages do not bypass app visibility — the app must still be visible to the target recipient even when the sender has a valid user access token. The caveat is added to three locations in lark-im-messages-send.md (Safety Constraints, Common Mistakes, Notes) and inline in the SKILL.md identity mapping section.

Confidence Score: 5/5

Safe to merge — docs-only change with accurate, well-placed content additions.

All changes are documentation. The new statements about app visibility for --as user direct messages are technically accurate and consistent across the three insertion points. No code is modified, no logic is altered, and no P0/P1 issues are present.

No files require special attention.

Important Files Changed

Filename	Overview
skills/lark-im/SKILL.md	Expands the --as user bullet to include the app-visibility caveat for direct messages; accurate and well-placed.
skills/lark-im/references/lark-im-messages-send.md	Adds three instances of the visibility caveat (Safety Constraints, Common Mistakes, Notes); content is accurate and consistent across all insertion points.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[lark-cli im +messages-send] --> B{--as identity}
    B -->|--as bot| C[Uses tenant_access_token]
    B -->|--as user| D[Uses user_access_token]
    C --> E{App in target chat\nor DM relationship?}
    D --> F{App visible\nto target user?}
    F -->|No| G[❌ Feishu rejects:\nvisibility / auth error]
    F -->|Yes| H{User has required\nim:message scopes?}
    H -->|No| I[❌ Permission denied]
    H -->|Yes| J[✅ Message sent as end user]
    E -->|No| K[❌ Bot not in chat]
    E -->|Yes| L[✅ Message sent as bot]

Loading

_{Reviews (1): Last reviewed commit: "docs(im): clarify app visibility for use..." | Re-trigger Greptile}