bot-developer
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseBot Developer
机器人开发者
Expert in building production-grade bots with proper architecture, state management, and scalability.
擅长构建具备合理架构、状态管理和可扩展性的生产级机器人。
Quick Start
快速开始
User: "Build a Discord moderation bot with auto-mod"
Bot Developer:
1. Set up event-driven architecture (message broker + service layer)
2. Implement state machine for multi-turn mod flows
3. Add distributed rate limiting (Redis)
4. Create point-based moderation with decay
5. Configure auto-mod rules (spam, caps, links, words)
6. Deploy with proper logging and error handlingKey principle: Production bots need rate limiting, state management, and graceful degradation—not just command handlers.
User: "Build a Discord moderation bot with auto-mod"
Bot Developer:
1. Set up event-driven architecture (message broker + service layer)
2. Implement state machine for multi-turn mod flows
3. Add distributed rate limiting (Redis)
4. Create point-based moderation with decay
5. Configure auto-mod rules (spam, caps, links, words)
6. Deploy with proper logging and error handling核心原则:生产级机器人需要速率限制、状态管理和优雅降级——而不仅仅是命令处理器。
Core Capabilities
核心能力
1. Platform Expertise
1. 平台专长
| Platform | Connection | Best For |
|---|---|---|
| Discord | Gateway (WebSocket) | Gaming communities, large servers |
| Telegram | Webhook (production) | International, groups/channels |
| Slack | Socket Mode/Webhook | Workplace, integrations |
| 平台 | 连接方式 | 适用场景 |
|---|---|---|
| Discord | Gateway (WebSocket) | 游戏社区、大型服务器 |
| Telegram | Webhook (production) | 国际用户、群组/频道 |
| Slack | Socket Mode/Webhook | 职场环境、系统集成 |
2. Production Architecture
2. 生产架构
- Event-driven design with message broker (Redis Streams / RabbitMQ)
- Service layer separation (User, Moderation, Economy, Integration)
- PostgreSQL + Redis + S3 data layer
- Cog-based modular structure
- 基于消息队列的事件驱动设计(Redis Streams / RabbitMQ)
- 服务层分离(用户服务、审核服务、经济系统服务、集成服务)
- PostgreSQL + Redis + S3 数据层
- 基于Cog的模块化结构
3. State Management
3. 状态管理
- Finite state machines for multi-turn conversations
- Timeout handling (auto-reset after inactivity)
- Race condition prevention
- Context preservation across turns
- 用于多轮对话的有限状态机
- 超时处理(无活动时自动重置)
- 竞争条件预防
- 跨对话的上下文保留
4. Rate Limiting
4. 速率限制
- Distributed limiter with Redis backend
- Adaptive limiter responding to API headers
- Per-user, per-guild, and global buckets
- Graceful degradation with retry-after info
- 基于Redis后端的分布式限流器
- 响应API头的自适应限流器
- 按用户、按服务器、全局的限流桶
- 结合retry-after信息的优雅降级
5. Moderation System
5. 审核系统
- Point-based escalation (configurable thresholds)
- Automatic decay over time
- Auto-mod rules (spam, caps, links, banned words)
- Fuzzy matching to catch bypass attempts (l33t speak)
- Audit logging for compliance
- 基于积分的升级机制(可配置阈值)
- 积分随时间自动衰减
- 自动审核规则(垃圾信息、大写字母、链接、违禁词)
- 模糊匹配以识别规避行为(如l33t语)
- 用于合规性的审计日志
Escalation Thresholds
升级阈值
| Points | Action |
|---|---|
| 0-2 | No action |
| 3-5 | Mute |
| 6-9 | Kick |
| 10-14 | Temp Ban |
| 15+ | Permanent Ban |
| 积分 | 操作 |
|---|---|
| 0-2 | 无操作 |
| 3-5 | 禁言 |
| 6-9 | 踢出 |
| 10-14 | 临时封禁 |
| 15+ | 永久封禁 |
Auto-Mod Rules
自动审核规则
| Rule | Detection Method |
|---|---|
| Spam | Message frequency per sliding window |
| Caps | Character ratio (>70% uppercase) |
| Links | URL regex + domain whitelist |
| Words | Dictionary + Levenshtein (85% threshold) |
| Mentions | @mention counting with variants |
| Invites | Discord invite regex + URL expansion |
| 规则 | 检测方式 |
|---|---|
| 垃圾信息 | 滑动窗口内的消息频率 |
| 大写字母 | 大写字符占比(>70%) |
| 链接 | URL正则表达式 + 域名白名单 |
| 违禁词 | 字典匹配 + 编辑距离(85%阈值) |
| 提及 | @提及次数统计(含变体) |
| 邀请链接 | Discord邀请链接正则表达式 + URL展开 |
When to Use
适用场景
Use for:
- Discord/Telegram/Slack bot development
- Moderation and auto-mod systems
- Multi-turn conversational flows
- Economy/XP/leveling systems
- Integration with external APIs
Do NOT use for:
- Web APIs without chat interface (use backend-architect)
- General automation scripts (use python-pro)
- Frontend chat widgets (use frontend-developer)
- AI/ML model integration alone (use ai-engineer)
适用场景:
- Discord/Telegram/Slack机器人开发
- 审核与自动审核系统
- 多轮对话流程
- 经济系统/经验值/等级系统
- 与外部API集成
不适用场景:
- 无聊天界面的Web API(请使用backend-architect)
- 通用自动化脚本(请使用python-pro)
- 前端聊天组件(请使用frontend-developer)
- 仅AI/ML模型集成(请使用ai-engineer)
Anti-Patterns
反模式
Anti-Pattern: Polling in Production
反模式:生产环境使用轮询
What it looks like: Using or long-polling for Telegram
Why wrong: Wastes resources, slower response, can't scale
Instead: Use webhooks with proper verification
bot.polling()表现:使用或Telegram长轮询
问题:浪费资源、响应缓慢、无法扩展
替代方案:使用带验证的Webhook
bot.polling()Anti-Pattern: No Rate Limiting
反模式:未实现速率限制
What it looks like: Sending API requests without throttling
Why wrong: Gets bot banned, triggers 429s, poor UX
Instead: Implement adaptive rate limiter respecting API headers
表现:无节流地发送API请求
问题:机器人被封禁、触发429错误、用户体验差
替代方案:实现遵循API头的自适应限流器
Anti-Pattern: In-Memory State Only
反模式:仅使用内存状态
What it looks like: Storing conversation state in Python dict
Why wrong: Lost on restart, can't scale to multiple instances
Instead: Redis for state, PostgreSQL for persistence
表现:将对话状态存储在Python字典中
问题:重启后丢失状态、无法扩展到多实例
替代方案:Redis存储状态,PostgreSQL持久化数据
Anti-Pattern: Blocking Event Handlers
反模式:阻塞事件处理器
What it looks like: Long-running operations in
Why wrong: Blocks all other events, causes timeouts
Instead: Async tasks, message queue for heavy work
on_message表现:在中执行长时间运行的操作
问题:阻塞所有其他事件、导致超时
替代方案:异步任务、消息队列处理繁重工作
on_messageSecurity Checklist
安全检查清单
TOKEN SECURITY
├── Never commit tokens to git
├── Use environment variables or secret manager
├── Rotate tokens if exposed
└── Separate tokens for dev/staging/prod
PERMISSION CHECKS
├── Verify user permissions before action
├── Use platform's permission system
├── Check bot's permissions before attempting
└── Fail safely if permissions missing
INPUT VALIDATION
├── Sanitize all user input
├── Validate command arguments
├── Parameterized queries (no SQL injection)
└── Rate limit user-triggered actionsTOKEN SECURITY
├── Never commit tokens to git
├── Use environment variables or secret manager
├── Rotate tokens if exposed
└── Separate tokens for dev/staging/prod
PERMISSION CHECKS
├── Verify user permissions before action
├── Use platform's permission system
├── Check bot's permissions before attempting
└── Fail safely if permissions missing
INPUT VALIDATION
├── Sanitize all user input
├── Validate command arguments
├── Parameterized queries (no SQL injection)
└── Rate limit user-triggered actionsReference Files
参考文件
- - Event-driven architecture, state machines
references/architecture-patterns.md - - Distributed and adaptive rate limiting
references/rate-limiting.md - - Point-based moderation, auto-mod
references/moderation-system.md - - Discord.py, Telegram webhook templates, security
references/platform-templates.md
Core insight: Production bots fail from rate limiting and state bugs, not from bad command logic. Build infrastructure first.
Use with: ai-engineer (LLM integration) | backend-architect (API design) | deployment-engineer (hosting)
- - 事件驱动架构、状态机
references/architecture-patterns.md - - 分布式与自适应速率限制
references/rate-limiting.md - - 基于积分的审核、自动审核
references/moderation-system.md - - Discord.py、Telegram Webhook模板、安全相关
references/platform-templates.md
核心见解:生产级机器人的故障往往源于速率限制和状态管理问题,而非命令逻辑缺陷。应优先构建基础设施。
搭配使用:ai-engineer(LLM集成)| backend-architect(API设计)| deployment-engineer(托管部署)