diff --git a/extensions/qqbot/src/utils/file-utils.test.ts b/extensions/qqbot/src/utils/file-utils.test.ts
index 3c0b64ca9f0..302db50627a 100644
--- a/extensions/qqbot/src/utils/file-utils.test.ts
+++ b/extensions/qqbot/src/utils/file-utils.test.ts
@@ -47,7 +47,16 @@ describe("qqbot file-utils downloadFile", () => {
       ssrfPolicy: QQBOT_MEDIA_SSRF_POLICY,
     });
     expect(QQBOT_MEDIA_SSRF_POLICY).toEqual({
-      hostnameAllowlist: ["*.myqcloud.com", "*.qpic.cn", "*.qq.com", "*.tencentcos.com"],
+      hostnameAllowlist: [
+        "*.qpic.cn",
+        "*.qq.com",
+        "*.weiyun.com",
+        "*.qq.com.cn",
+        "*.ugcimg.cn",
+        "*.myqcloud.com",
+        "*.tencentcos.cn",
+        "*.tencentcos.com",
+      ],
       allowRfc2544BenchmarkRange: true,
     });
   });
diff --git a/extensions/qqbot/src/utils/file-utils.ts b/extensions/qqbot/src/utils/file-utils.ts
index f7509cab660..27e017fc1a5 100644
--- a/extensions/qqbot/src/utils/file-utils.ts
+++ b/extensions/qqbot/src/utils/file-utils.ts
@@ -16,9 +16,18 @@ export const MAX_UPLOAD_SIZE = 20 * 1024 * 1024;
 export const LARGE_FILE_THRESHOLD = 5 * 1024 * 1024;
 
 const QQBOT_MEDIA_HOSTNAME_ALLOWLIST = [
-  "*.myqcloud.com",
+  // QQ富媒体
   "*.qpic.cn",
   "*.qq.com",
+  "*.weiyun.com",
+  "*.qq.com.cn",
+
+  // QQ机器人
+  "*.ugcimg.cn",
+
+  // 腾讯云COS
+  "*.myqcloud.com",
+  "*.tencentcos.cn",
   "*.tencentcos.com",
 ];