let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: harden msteams group access

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-12 08:31:59 +00:00
parent 4d075a703e
commit 006e1352d8
12 changed files with 206 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/gateway/security.md
View File

@@ -70,7 +70,7 @@ Clawdbot has two separate “who can trigger me?” layers:
- **Group allowlist** (provider-specific): which groups/channels/guilds the bot will accept messages from at all.
- Common patterns:
- `whatsapp.groups`, `telegram.groups`, `imessage.groups`: per-group defaults like `requireMention`; when set, it also acts as a group allowlist (include `"*"` to keep allow-all behavior).
- `groupPolicy="allowlist"` + `groupAllowFrom`: restrict who can trigger the bot *inside* a group session (WhatsApp/Telegram/Signal/iMessage).
- `groupPolicy="allowlist"` + `groupAllowFrom`: restrict who can trigger the bot *inside* a group session (WhatsApp/Telegram/Signal/iMessage/Microsoft Teams).
- `discord.guilds` / `slack.channels`: per-surface allowlists + mention defaults.
Details: [Configuration](/gateway/configuration) and [Groups](/concepts/groups)