Title: Shomi Author: antomintegration Published: 2026 年 5 月 8 日 Last modified: 2026 年 5 月 13 日 --- 搜尋外掛 ![](https://ps.w.org/antom-shomi/assets/icon.svg?rev=3528251) # Shomi 由 [antomintegration](https://profiles.wordpress.org/antomintegration/) 開發 [下載](https://downloads.wordpress.org/plugin/antom-shomi.1.0.9.zip) * [詳細資料](https://tw.wordpress.org/plugins/antom-shomi/#description) * [使用者評論](https://tw.wordpress.org/plugins/antom-shomi/#reviews) * [安裝方式](https://tw.wordpress.org/plugins/antom-shomi/#installation) * [開發資訊](https://tw.wordpress.org/plugins/antom-shomi/#developers) [技術支援](https://wordpress.org/support/plugin/antom-shomi/) ## 外掛說明 Shomi is a WordPress plugin designed for AI agents, providing the following features: * **Secure Communication**: All API interfaces use RSA-SHA256 signature verification * **Product Search**: Support searching products by keywords, returning complete product information * **Order Creation**: Create WooCommerce orders through API * **Order Management**: Query order status, mark orders as paid * **One-click Initialization**: Automatically generate shared key, simplify configuration process * **Anti-replay Attack**: Use timestamp and nonce mechanism to prevent API abuse * **Multilingual Support**: Supports English and Chinese languages, with English as the default This plugin is an important component of the shopping assistant system, tightly integrated with Agent backend service B to achieve end-to-end assistance from product selection to payment. Only authenticated Agent backend service B can call the plugin’s API interfaces, ensuring system security. The plugin mounts Agent frontend components through external CDN to provide shopping assistant functionality. ### External Services This plugin uses external services provided by Antom to deliver the shopping assistant functionality. What the service is used for: – Loading the assistant frontend JavaScript components( CDN delivery) – Sending user messages/inputs to the assistant service to generate responses Domains/resources: – https://gw.alipayobjects.com/render/p/yuyan_npm/@alipay_paymentagent/ 1.0.0/lib/CommonEntry.js – https://gw.alipayobjects.com/render/p/yuyan_npm/@alipay_paymentagent/ 1.0.0/lib/CommonProduct.js – https://dashboard-apiv2.antom.com/ai/online/portal/ api/bot/chat(assistant API) When data is sent: – The CDN scripts are loaded only on frontend pages (never in wp-admin). – User input is sent when a visitor interacts with the assistant (e.g. submits a question or form fields in the assistant UI). What data is sent: – Standard HTTP request data to the CDN/API (e.g. IP address, user agent, referrer, and time of request). – The user’s messages/questions to the assistant and any information the user enters into the assistant UI. Data retention: – Requests are processed to generate a response and are not stored longer than necessary. Terms of Service: https://docs.antom.com/ac/plugins/terms_of_service Privacy Policy: https://docs.antom.com/ac/plugins/privacy_policy ### Security All incoming requests from Antom are secured using RSA-SHA256 digital signatures. Antom signs each request with its private key, and this plugin verifies the signature using the official Antom public key you configure in settings. This ensures requests are authentic and have not been tampered with during transmission. #### Does the plugin support multiple languages? Yes, the plugin supports both English and Chinese languages. English is the default language, and the plugin will automatically use the user’s WordPress language setting. If the user’s language is not supported, it will fall back to English. ## 安裝方式 1. In the WordPress admin panel, go to “Plugins” > “Add New” 2. Search for “Shomi” 3. Click “Install Now” 4. After installation, click “Activate Plugin” 5. Make sure WooCommerce plugin is installed and activated 6. Find “Shomi” in the left menu for initialization settings ## 常見問題集 ### What dependencies does the plugin require? The plugin requires WooCommerce 3.0 or higher. ### How to initialize the plugin? After activating the plugin, find the “Shomi” menu item in the WordPress admin left menu, click to enter the settings page, then fill in the required configuration and click “Verify and Save Configuration” button. ### How does the plugin integrate with the shopping assistant system? This plugin serves as the WordPress component of the shopping assistant system, working with Agent backend service B: 1. Users select products through the shopping assistant 2. Agent backend service B calls plugin API to create orders 3. Users complete the payment process 4. Agent backend service B can query order status ## 使用者評論 這個外掛目前沒有任何使用者評論。 ## 參與者及開發者 以下人員參與了開源軟體〈Shomi〉的開發相關工作。 參與者 * [ antomintegration ](https://profiles.wordpress.org/antomintegration/) [將〈Shomi〉外掛本地化為台灣繁體中文版](https://translate.wordpress.org/projects/wp-plugins/antom-shomi) ### 對開發相關資訊感興趣? 任何人均可[瀏覽程式碼](https://plugins.trac.wordpress.org/browser/antom-shomi/)、 查看 [SVN 存放庫](https://plugins.svn.wordpress.org/antom-shomi/),或透過 [RSS](https://plugins.trac.wordpress.org/log/antom-shomi/?limit=100&mode=stop_on_copy&format=rss) 訂閱[開發記錄](https://plugins.trac.wordpress.org/log/antom-shomi/)。 ## 變更記錄 #### 1.0.9 * Added new Chat API module (class-chat-api.php) for dedicated chat/session management * Moved /session/key endpoint from pay-api to chat-api for better separation of concerns * Refactored product search API with enhanced capabilities: - Added price range filtering (min_price/max_price parameters) - Replaced “scene” parameter (hot/new) with “sort” parameter for explicit ordering - Added special “random” keyword support for random product retrieval - Price filtering now works in combination with keyword search and ID lookup * Improved setup wizard with enhanced UI and configuration flow * Updated admin settings page styling and user experience * Minor code cleanup: removed trailing whitespace in Security section #### 1.0.8 * Updated WooCommerce compatibility: WC tested up to 10.0 * Added HPOS (High-Performance Order Storage) compatibility declaration * Added plugin icons for WordPress.org marketplace #### 1.0.7 * Addressed WordPress plugin review security feedback - Clarified `/session/key` endpoint as public API with `__return_true` permission callback (returns identity token only, no direct auth bypass) - Documented that `wp_set_current_user()` is only called after successful RSA signature verification and identity token validation - Enhanced code comments to explain the multi-layer authentication flow - No functional changes – security model already meets WordPress.org requirements #### 1.0.6 * Refactored API authentication logic for better security and simplicity - Frontend requests: WooCommerce Session Cookie validation (HttpOnly, secure) - Backend requests: RSA-SHA256 signature authentication with timestamp and nonce - Removed wp-api-token implementation (insecure when exposed in frontend JavaScript) - Automatic detection: requests with signature headers = backend, without = frontend * Removed deprecated openssl_free_key() call (deprecated in PHP 8.0+) * Updated plugin icon from SVG to PNG format for WordPress.org compatibility * Minor code cleanup and documentation improvements #### 1.0.5 * Updated the plugin name, description, and slug * Unified the text domain to antom-shomi * Updated the text domain in related internationalization files #### 1.0.4 * Fixed a critical security issue in REST API authentication. - Sensitive endpoints now require valid signature headers to access. - Removed incorrect early return that allowed unauthenticated access. #### 1.0.3 * Ensured Terms of Service and Privacy Policy links are directly accessible and properly disclosed in the External Services section. * Standardized External Services section title for compliance. #### 1.0.2 * Updated documentation to include external service disclosures. * Added links to the Terms of Service and Privacy Policy. #### 1.0.1 * Improved the admin settings page UI and overall user experience. #### 1.0.0 * Initial release. * Added shopping assistant features: product search, order creation, and order management. * Implemented RSA-SHA256 request signature verification. * Added anti-replay protection. * Added multilingual support (English and Chinese). ## 中繼資料 * 版本 **1.0.9** * 最後更新 **14 小時前** * 啟用安裝數 **少於 10 次** * WordPress 版本需求 ** 5.6 或更新版本 ** * 已測試相容的 WordPress 版本 **6.9.4** * PHP 版本需求 ** 7.4 或更新版本 ** * 語言 * [English (US)](https://wordpress.org/plugins/antom-shomi/) * 標籤: * [agent](https://tw.wordpress.org/plugins/tags/agent/)[antom](https://tw.wordpress.org/plugins/tags/antom/) [payment](https://tw.wordpress.org/plugins/tags/payment/)[Shopping Assistant](https://tw.wordpress.org/plugins/tags/shopping-assistant/) [woocommerce](https://tw.wordpress.org/plugins/tags/woocommerce/) * [進階檢視](https://tw.wordpress.org/plugins/antom-shomi/advanced/) ## 評分 這個項目尚無任何評論記錄。 [Your review](https://wordpress.org/support/plugin/antom-shomi/reviews/#new-post) [查看全部使用者評論](https://wordpress.org/support/plugin/antom-shomi/reviews/) ## 參與者 * [ antomintegration ](https://profiles.wordpress.org/antomintegration/) ## 技術支援 使用者可在技術支援論壇提出意見反應或使用問題。 [檢視技術支援論壇](https://wordpress.org/support/plugin/antom-shomi/) ## 贊助 想要支援這個外掛的發展嗎? [ 贊助這個外掛 ](https://www.antom.com)