refactor(security): harden CommandAuthorized plumbing

This commit is contained in:
Peter Steinberger
2026-01-17 09:01:43 +00:00
parent 31e8ecca10
commit 69ba2765de
16 changed files with 92 additions and 56 deletions

View File

@@ -1,6 +1,7 @@
import { resolveAckReaction } from "../../../agents/identity.js";
import { hasControlCommand } from "../../../auto-reply/command-detection.js";
import { shouldHandleTextCommands } from "../../../auto-reply/commands-registry.js";
import type { FinalizedMsgContext } from "../../../auto-reply/templating.js";
import {
formatInboundEnvelope,
formatThreadStarterEnvelope,
@@ -466,10 +467,10 @@ export async function prepareSlackMessage(params: {
MediaPath: media?.path,
MediaType: media?.contentType,
MediaUrl: media?.path,
CommandAuthorized: commandAuthorized,
OriginatingChannel: "slack" as const,
OriginatingTo: slackTo,
}) satisfies Record<string, unknown>;
CommandAuthorized: commandAuthorized,
OriginatingChannel: "slack" as const,
OriginatingTo: slackTo,
}) satisfies FinalizedMsgContext;
const replyTarget = ctxPayload.To ?? undefined;
if (!replyTarget) return null;