Ziniao Assistant

Session tool allowlist (Mandatory — fetch first)

Goal: Put the authoritative tool names into context before any invoke, so every tool field is chosen from that set only (reduces hallucinated names).

1. First HTTP call when handling a ZClaw task (or immediately after this skill is loaded):
   GET {baseUrl}/zclaw/tools
   Same baseUrl as invoke (ZCLAW_BASE_URL / ZINIAO_ZCLAW_BASE_URL, default http://127.0.0.1:9481).
   No X-ZClaw-Api-Key and no Ziniao login are required for this GET (public registry on the bridge).

2. Parse the response: JSON shape { ret, data } where data is an array of { name, description, inputSchema }. Build
   allowedTools = data.map((t) => t.name)
   and retain it in working memory for the session. Optionally keep description / inputSchema next to each name when choosing args.

3. Before every POST {baseUrl}/zclaw/tools/invoke: ensure allowedTools.includes(tool). If the name you intend is not in allowedTools, do not send the request—map the user’s intent to a real name from allowedTools (e.g. open URL → visit_page or open_store + launchUrl).

4. If invoke returns an error like unsupported / unknown tool: re-run GET /zclaw/tools, refresh allowedTools, and retry with a valid name.

5. If GET /zclaw/tools fails (connection refused, timeout): follow Stop on Blocker for unreachable bridge; if you must proceed with static knowledge only, use the Static fallback allowlist below—still no invented names.