fix(channel:discord): robust inbound image marker detection

[theonlyhennygod]

Summary

• Base branch target (main or dev; direct main PRs are allowed): main
• Problem: PR fix(channel:discord): handle inbound image attachments as robust [IMAGE] markers #1923 is approved but not mergeable on main due stale conflicting branch history.
• Why it matters: Discord inbound image-marker hardening is blocked from landing.
• What changed: replayed only the intended src/channels/discord.rs robust image detection delta on the latest main tip.
• What did not change (scope boundary): no workflow, docs, provider, or unrelated channel changes.

Label Snapshot (required)

• Risk label (risk: low|medium|high): risk: medium
• Size label (size: XS|S|M|L|XL, auto-managed/read-only): size: S
• Scope labels (core|agent|channel|config|cron|daemon|doctor|gateway|health|heartbeat|integration|memory|observability|onboard|provider|runtime|security|service|skillforge|skills|tool|tunnel|docs|dependencies|ci|tests|scripts|dev, comma-separated): channel, tests
• Module labels (<module>: <component>, for example channel: telegram, provider: kimi, tool: shell): channel: discord
• Contributor tier label (trusted contributor|experienced contributor|principal contributor|distinguished contributor, auto-managed/read-only; author merged PRs >=5/10/20/50): auto-managed
• If any auto-label is incorrect, note requested correction: none

Change Metadata

• Change type (bug|feature|refactor|docs|security|chore): bug
• Primary scope (runtime|provider|channel|memory|security|ci|docs|multi): channel

Linked Issue

• Closes [Feature]: Discord inbound image attachments as [IMAGE:] markers #1825
• Related fix(channel:discord): handle inbound image attachments as robust [IMAGE] markers #1923
• Depends on # (if stacked): none
• Supersedes # (if replacing older PR): fix(channel:discord): handle inbound image attachments as robust [IMAGE] markers #1923, fix(channel:discord): robust inbound image marker detection #2237
• Linear issue key(s) (required, e.g. RMN-123): RMN-1923
• Linear issue URL(s): N/A (CLI auth unavailable in this environment)

Supersede Attribution (required when Supersedes # is used)

• Superseded PRs + authors (#<pr> by @<author>, one per line):
  • #1923 by @loydccc
  • #2237 by @theonlyhennygod
• Integrated scope by source PR (what was materially carried forward): robust Discord image marker detection (MIME+extension fallback) and focused tests.
• Co-authored-by trailers added for materially incorporated contributors? (Yes/No): No
• If No, explain why (for example: inspiration-only, no direct code/design carry-over): clean maintainer-side replay to remove conflicting stale branch history.
• Trailer format check (separate lines, no escaped \n): (Pass/Fail): Pass

Validation Evidence (required)

Commands and result summary:

cargo test process_attachments --lib

• Evidence provided (test/log/trace/screenshot/perf): command reached compile stage and hit existing repository-wide compile blockers outside this PR's changed file.
• If any command is intentionally skipped, explain why: full fmt/clippy/test currently blocked by baseline upstream errors not introduced by this delta.

Security Impact (required)

• New permissions/capabilities? (Yes/No): No
• New external network calls? (Yes/No): No
• Secrets/tokens handling changed? (Yes/No): No
• File system access scope changed? (Yes/No): No
• If any Yes, describe risk and mitigation: N/A

Privacy and Data Hygiene (required)

• Data-hygiene status (pass|needs-follow-up): pass
• Redaction/anonymization notes: no data model changes.
• Neutral wording confirmation (use ZeroClaw/project-native labels if identity-like wording is needed): confirmed.

Compatibility / Migration

• Backward compatible? (Yes/No): Yes
• Config/env changes? (Yes/No): No
• Migration needed? (Yes/No): No
• If yes, exact upgrade steps: N/A

i18n Follow-Through (required when docs or user-facing wording changes)

• i18n follow-through triggered? (Yes/No): No
• If Yes, locale navigation parity updated in README*, docs/README*, and docs/SUMMARY.md for supported locales (en, zh-CN, ja, ru, fr, vi)? (Yes/No): N/A
• If Yes, localized runtime-contract docs updated where equivalents exist (minimum for fr/vi: commands-reference, config-reference, troubleshooting)? (Yes/No/N.A.): N/A
• If Yes, Vietnamese canonical docs under docs/i18n/vi/** synced and compatibility shims under docs/*.vi.md validated? (Yes/No/N.A.): N/A
• If any No/N.A., link follow-up issue/PR and explain scope decision: not applicable.

Human Verification (required)

What was personally validated beyond CI:

• Verified scenarios: explicit image MIME markers still emitted.
• Edge cases checked: no-content-type filename/url extension fallback and explicit non-image MIME precedence.
• What was not verified: full repository matrix due unrelated baseline failures.

Side Effects / Blast Radius (required)

• Affected subsystems/workflows: Discord inbound attachment parsing only.
• Potential unintended effects: low-risk broader detection when MIME is missing.
• Guardrails/monitoring for early detection: dedicated tests for fallback and non-image precedence.

Agent Collaboration Notes (recommended)

• Agent tools used (if any): gh CLI + isolated /tmp worktree.
• Workflow/plan summary (if any): intake -> conflict diagnostics -> clean replay on latest main -> supersede PR.
• Verification focus: scope minimization and mergeability.
• Confirmation: naming + architecture boundaries followed (AGENTS.md + CONTRIBUTING.md): Yes.

Rollback Plan (required)

• Fast rollback command/path: git revert <merge_commit_sha>
• Feature flags or config toggles (if any): none
• Observable failure symptoms: Discord image attachments no longer produce [IMAGE:...] markers correctly.

Risks and Mitigations

• Risk: extension fallback might classify unusual image-like names when MIME is absent.
  • Mitigation: explicit non-image MIME wins over extension fallback.

[coderabbitai]

Warning

Rate limit exceeded

@theonlyhennygod has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 5 minutes and 54 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 2f1380a and 376d965.

📒 Files selected for processing (1)

• src/channels/discord.rs

Note

.coderabbit.yaml has unrecognized properties

CodeRabbit is using all valid settings from your configuration. Unrecognized properties (listed below) have been ignored and may indicate typos or deprecated fields that can be removed.

⚠️ Parsing warnings (1)

Validation error: Unrecognized key(s) in object: 'tools', 'path_filters', 'review_instructions'

⚙️ Configuration instructions

• Please see the configuration documentation for more information.
• You can also validate your configuration using the online YAML validator.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch supersede-pr-1923-v2-20260228

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Thanks for contributing to ZeroClaw.

For faster review, please ensure:

• PR template sections are fully completed
• cargo fmt --all -- --check, cargo clippy --all-targets -- -D warnings, and cargo test are included
• If automation/agents were used heavily, add brief workflow notes
• Scope is focused (prefer one concern per PR)

See CONTRIBUTING.md and docs/pr-workflow.md for full collaboration rules.