docs: update save_to_file desc, add iframe scan note, cdp_bridge notice

assets/tools_schema.json

@@ -46,7 +46,7 @@
     "description": "Execute JS to control browser. Use precisely to reduce web_scan calls. Put code in ```javascript blocks in reply body to avoid escaping",
     "parameters": {"type": "object", "properties": {
       "script": {"type": "string", "description": "[Mutually exclusive] JS code or script path. NEVER use this param when use reply code block"},
-      "save_to_file": {"type": "string", "description": "file path to save long result", "default": ""},
+      "save_to_file": {"type": "string", "description": "file path; only for long result", "default": ""},
       "no_monitor": {"type": "boolean", "description": "Skip page change monitoring, saves 2-3s. Only for reads, not for page actions", "default": false}}}
   }},
   {"type": "function", "function": {

memory/tmwebdriver_sop.md

@@ -9,6 +9,7 @@
 ## 通用特性
 - ✅web_execute_js**完美支持顶层await**（v0.4+），可直接`await fetch()`/`await new Promise()`等
   - ⚠使用await时需**显式`return`**才能拿到返回值（底层async包裹，不写return则返回null）
+- ✅web_scan**自动穿透同源iframe**：无需手动操作，scan直接递归输出iframe内部DOM。跨域iframe则需CDP或postMessage（见下方章节）
 
 ## 限制(isTrusted)
 - JS dispatch的事件`isTrusted=false`，敏感操作(文件上传/部分按钮)会被浏览器拦截

memory/web_setup_sop.md

@@ -1,5 +1,7 @@
 # Web 工具链初始化执行 SOP
 
+⚠ **当前只需安装 `assets/tmwd_cdp_bridge` Chrome 扩展即可，Tampermonkey 方案将在未来移除。**
+
 若 web_scan 和 web_execute_js 已测试可用，无需执行此 SOP。
 仅供初始安装时，code_run 可用但 web 工具尚未配置的场景。