fix: harden pairing flow

2026-01-07 05:06:04 +01:00
parent 6ffece68b0
commit 42ae2341aa
22 changed files with 679 additions and 265 deletions
--- a/docs/providers/slack.md
+++ b/docs/providers/slack.md
@@ -195,7 +195,7 @@ Ack reactions are controlled globally via `messages.ackReaction` +
 - Full command list + config: [Slash commands](/tools/slash-commands)

 ## DM security (pairing)
- Default: `slack.dm.policy="pairing"` — unknown DM senders get a pairing code.
+- Default: `slack.dm.policy="pairing"` — unknown DM senders get a pairing code (expires after 1 hour).
 - Approve via: `clawdbot pairing approve --provider slack <code>`.
 - To allow anyone: set `slack.dm.policy="open"` and `slack.dm.allowFrom=["*"]`.