competition-file-parser-chain
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseCompetition File Parser Chain
竞赛文件解析链
Use this skill only as a downstream specialization after is already active and has established sandbox assumptions, node ownership, and evidence priorities. If that has not happened yet, return to first.
$ctf-sandbox-orchestrator$ctf-sandbox-orchestratorUse this skill when the hard part is following a file from ingress through every parser, extractor, converter, or deserializer boundary that matters.
Reply in Simplified Chinese unless the user explicitly requests English.
仅可在已激活且完成沙箱假设、节点权属、证据优先级设置后,作为下游专项技能使用。若上述前置条件未满足,请先回到流程。
$ctf-sandbox-orchestrator$ctf-sandbox-orchestrator当核心需求是追踪一个文件从入口流经每个关键parser、提取器、转换器或deserializer边界的路径时,使用本技能。
除非用户明确要求英文回复,否则请使用简体中文作答。
Quick Start
快速开始
- Preserve the original upload and every derived artifact separately.
- Map the chain in order: ingress, temp storage, archive extraction, format conversion, parser call, deserialization, and final consumer.
- Record filenames, MIME guesses, extensions, temp paths, and parser choices before mutating anything.
- Separate client-visible validation from backend parser behavior.
- Reproduce the smallest file-processing chain that yields the decisive branch or artifact.
- 单独留存原始上传文件和所有衍生产物。
- 按顺序梳理链路:入口、临时存储、归档解压、格式转换、parser调用、deserialization、最终消费端。
- 在修改任何内容前,记录文件名、MIME类型推测、后缀名、临时路径、parser选择结果。
- 区分客户端可见的校验逻辑与后端parser行为。
- 复现能触发关键分支或生成关键产物的最短文件处理链路。
Workflow
工作流
1. Map File Ingress And Derivation
1. 梳理文件入口与衍生关系
- Record request shape, multipart names, content type, filename, temp paths, upload staging, and storage keys.
- Note every derived artifact: extracted archive member, converted preview, generated thumbnail, temp document, or deserialized object.
- Keep original file and each derivative labeled separately.
- 记录请求结构、multipart字段名、content-type、文件名、临时路径、上传暂存区、存储key。
- 标注所有衍生产物:归档解压出的成员文件、转换后的预览文件、生成的缩略图、临时文档、deserialization后的对象。
- 给原始文件和每个衍生产物单独打标区分。
2. Trace Parser And Conversion Boundaries
2. 追踪parser与转换边界
- Show which parser, converter, extractor, or deserializer runs at each step.
- Record parser-specific decisions driven by extension, MIME, magic bytes, schema, archive member names, or embedded metadata.
- Distinguish parsing success, preview success, conversion success, and business-logic acceptance.
- 说明每一步运行的parser、转换器、提取器或deserializer。
- 记录由文件后缀、MIME类型、魔数、schema、归档成员名、内嵌元数据驱动的parser专属决策。
- 区分解析成功、预览成功、转换成功、业务逻辑校验通过四种不同状态。
3. Reduce To The Decisive File Chain
3. 提炼关键文件链路
- Compress the result to the smallest sequence: upload -> derived artifact -> parser boundary -> resulting effect.
- State clearly whether the decisive weakness lives in archive handling, MIME inference, file conversion, path resolution, or deserialization.
- If the chain becomes mostly a generic async worker problem after enqueue, hand off to the tighter queue or worker skill.
- 将结果压缩为最短序列:上传 -> 衍生产物 -> parser边界 -> 最终影响。
- 明确说明关键漏洞存在于归档处理、MIME推断、文件转换、路径解析还是deserialization环节。
- 如果链路在入队后主要变成通用异步worker问题,请移交到更匹配的队列或worker技能处理。
Read This Reference
参考文档
- Load for the ingress checklist, parser checklist, and evidence packaging.
references/file-parser-chain.md
- 加载获取入口检查清单、parser检查清单和证据打包规范。
references/file-parser-chain.md
What To Preserve
需要留存的内容
- Original uploads, derived files, temp paths, storage keys, parser names, and conversion steps
- The exact boundary where backend behavior diverges from user-visible validation
- One minimal replayable file-processing sequence that reaches the decisive effect
- 原始上传文件、衍生文件、临时路径、存储key、parser名称、转换步骤
- 后端行为与用户可见校验逻辑出现分歧的精确边界
- 可复现的、能触发关键影响的最短文件处理序列