feat: 将项目从nano重命名为beaver并更新相关配置

- 将所有环境变量前缀从NANO_改为BEAVER_
- 更新README.md文档内容，包括项目介绍、组件说明和快速开始指南
- 修改.gitignore文件，添加auth-portal运行时路径排除规则
- 更新app-instance镜像标签从nano/app-instance改为beaver/app-instance
- 增强技能安全检查器，支持工具前缀白名单功能
- 添加技能草稿重新检查安全性API端点
- 扩展证据选择器，收集工具调用名称用于技能学习
- 改进技能合成器，基于实际调用的工具生成工具提示
- 优化路由超时处理机制，增加重试逻辑
- 更新后端架构文档，添加可视化入口和基础概念说明
- 实现在WebSocket消息中传递工具迭代次数信息

app-instance/backend/beaver/skills/learning/safety.py

@@ -32,8 +32,14 @@ class SkillDraftSafetyChecker:
         "credentials",
     }
 
-    def __init__(self, *, allowed_tool_names: set[str] | None = None) -> None:
+    def __init__(
+        self,
+        *,
+        allowed_tool_names: set[str] | None = None,
+        allowed_tool_prefixes: set[str] | None = None,
+    ) -> None:
         self.allowed_tool_names = allowed_tool_names
+        self.allowed_tool_prefixes = allowed_tool_prefixes or set()
 
     def check(self, draft: SkillDraft) -> SkillDraftSafetyReport:
         issues: list[str] = []
@@ -50,7 +56,7 @@ class SkillDraftSafetyChecker:
 
         tool_hints = _tool_hints(frontmatter)
         if self.allowed_tool_names is not None:
-            unknown = [name for name in tool_hints if name not in self.allowed_tool_names]
+            unknown = [name for name in tool_hints if not self._is_allowed_tool_hint(name)]
             if unknown:
                 blocked.append(f"unknown tool hints: {', '.join(sorted(unknown))}")
         dangerous = sorted({name for name in tool_hints if name.lower() in self._DANGEROUS_TOOL_HINTS})
@@ -80,6 +86,11 @@ class SkillDraftSafetyChecker:
             created_at=_utc_now(),
         )
 
+    def _is_allowed_tool_hint(self, name: str) -> bool:
+        if self.allowed_tool_names is not None and name in self.allowed_tool_names:
+            return True
+        return any(name.startswith(prefix) and len(name) > len(prefix) for prefix in self.allowed_tool_prefixes)
+
 
 def _tool_hints(frontmatter: dict) -> list[str]:
     raw = frontmatter.get("tools")