release(secrets-mcp): 0.5.4 — Web 分页修正与 hex 解码；批量删除上限；MCP @ 路径检测

crates/secrets-mcp/src/tools.rs

@@ -611,6 +611,10 @@ fn map_to_kv_strings(map: Map<String, Value>) -> Vec<String> {
 /// contain `@` characters (e.g. `config:=@/etc/passwd`), the `:=` branch in
 /// `parse_kv` treats the right-hand side as raw JSON and never performs file
 /// reads. The `@` in such cases is just data, not a file reference.
+///
+/// For entries without `=` that contain `@`, we only reject them if the `@`
+/// appears to be file-path syntax (i.e., the part after `@` starts with `/`,
+/// `~`, or `.`). This avoids false positives on values like `user@example.com`.
 fn contains_file_reference(entries: &[String]) -> Option<String> {
     for entry in entries {
         // key:=json — safe, skip before checking for `=`
@@ -625,12 +629,14 @@ fn contains_file_reference(entries: &[String]) -> Option<String> {
             continue;
         }
         // key@path (no `=` present)
-        // parse_kv treats entries without `=` that contain `@` as file-read
-        // syntax (key@path). This includes strings like "user@example.com"
-        // if passed without a `=` separator — which is correct to reject here
-        // since the MCP server runs remotely and cannot read local files.
-        if entry.contains('@') {
-            return Some(entry.clone());
+        // Only reject if the `@` looks like file-path syntax: the segment after
+        // `@` starts with `/`, `~`, or `.`, which are common path prefixes.
+        // Values like "user@example.com" pass through safely.
+        if let Some((_, path_part)) = entry.split_once('@') {
+            let trimmed = path_part.trim_start();
+            if trimmed.starts_with('/') || trimmed.starts_with('~') || trimmed.starts_with('.') {
+                return Some(entry.clone());
+            }
         }
     }
     None