feat(commands): unify chat commands (#275)

* Chat commands: registry, access groups, Carbon * Chat commands: clear native commands on disable * fix(commands): align command surface typing * docs(changelog): note commands registry (PR #275) --------- Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-01-06 14:17:56 -06:00
parent 1bf44bf30c
commit 9b22e1f6e9
40 changed files with 2357 additions and 1459 deletions
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -409,6 +409,27 @@ Controls how inbound messages behave when an agent run is already active.
 }
 ```

+### `commands` (chat command handling)
+
+Controls how chat commands are enabled across connectors.
+
+```json5
+{
+  commands: {
+    native: false,          // register native commands when supported
+    text: true,             // parse slash commands in chat messages
+    useAccessGroups: true   // enforce access-group allowlists/policies for commands
+  }
+}
+```
+
+Notes:
+- Text commands must be sent as a **standalone** message and use the leading `/` (no plain-text aliases).
+- `commands.text: false` disables parsing chat messages for commands.
+- `commands.native: true` registers native commands on supported connectors (Discord/Slack/Telegram). Platforms without native commands still rely on text commands.
+- `commands.native: false` skips native registration; Discord/Telegram clear previously registered commands on startup. Slack commands are managed in the Slack app.
+- `commands.useAccessGroups: false` allows commands to bypass access-group allowlists/policies.
+
 ### `web` (WhatsApp web provider)

 WhatsApp runs through the gateway’s web provider. It starts automatically when a linked session exists.
@@ -480,12 +501,6 @@ Configure the Discord bot by setting the bot token and optional gating:
      moderation: false
    },
    replyToMode: "off",                     // off | first | all
-    slashCommand: {                         // user-installed app slash commands
-      enabled: true,
-      name: "clawd",
-      sessionPrefix: "discord:slash",
-      ephemeral: true
-    },
    dm: {
      enabled: true,                        // disable all DMs when false
      policy: "pairing",                    // pairing | allowlist | open | disabled
--- a/docs/discord.md
+++ b/docs/discord.md
@@ -29,11 +29,11 @@ Status: ready for DM and guild text channels via the official Discord bot gatewa
   - To ignore all DMs: set `discord.dm.enabled=false` or `discord.dm.policy="disabled"`.
 8. Group DMs are ignored by default; enable via `discord.dm.groupEnabled` and optionally restrict by `discord.dm.groupChannels`.
 9. Optional guild rules: set `discord.guilds` keyed by guild id (preferred) or slug, with per-channel rules.
-10. Optional slash commands: enable `discord.slashCommand` to accept user-installed app commands (ephemeral replies). Slash invocations respect the same DM/guild allowlists.
+10. Optional native commands: set `commands.native: true` to register native commands in Discord; set `commands.native: false` to clear previously registered native commands. Text commands are controlled by `commands.text` and must be sent as standalone `/...` messages. Use `commands.useAccessGroups: false` to bypass access-group checks for commands.
 11. Optional guild context history: set `discord.historyLimit` (default 20) to include the last N guild messages as context when replying to a mention. Set `0` to disable.
 12. Reactions: the agent can trigger reactions via the `discord` tool (gated by `discord.actions.*`).
    - The `discord` tool is only exposed when the current provider is Discord.
-12. Slash commands use isolated session keys (`${sessionPrefix}:${userId}`) rather than the shared `main` session.
+13. Native commands use isolated session keys (`discord:slash:${userId}`) rather than the shared `main` session.

 Note: Discord does not provide a simple username → id lookup without extra guild context, so prefer ids or `<@id>` mentions for DM delivery targets.
 Note: Slugs are lowercase with spaces replaced by `-`. Channel names are slugged without the leading `#`.
@@ -63,7 +63,7 @@ In your app: **OAuth2** → **URL Generator**

 **Scopes**
 - ✅ `bot`
- ✅ `applications.commands` (only if you want slash commands; otherwise leave unchecked)
+- ✅ `applications.commands` (required for native commands)

 **Bot Permissions** (minimal baseline)
 - ✅ View Channels
@@ -179,12 +179,6 @@ Notes:
      moderation: false
    },
    replyToMode: "off",
-    slashCommand: {
-      enabled: true,
-      name: "clawd",
-      sessionPrefix: "discord:slash",
-      ephemeral: true
-    },
    dm: {
      enabled: true,
      policy: "pairing", // pairing | allowlist | open | disabled
@@ -225,7 +219,6 @@ Ack reactions are controlled globally via `messages.ackReaction` +
 - `guilds.<id>.channels`: channel rules (keys are channel slugs or ids).
 - `guilds.<id>.requireMention`: per-guild mention requirement (overridable per channel).
 - `guilds.<id>.reactionNotifications`: reaction system event mode (`off`, `own`, `all`, `allowlist`).
- `slashCommand`: optional config for user-installed slash commands (ephemeral responses).
 - `mediaMaxMb`: clamp inbound media saved to disk.
 - `historyLimit`: number of recent guild messages to include as context when replying to a mention (default 20, `0` disables).
 - `actions`: per-action tool gates; omit to allow all (set `false` to disable).
@@ -279,11 +272,9 @@ Allowlist matching notes:
 - Use `*` to allow any sender/channel.
 - When `guilds.<id>.channels` is present, channels not listed are denied by default.

-Slash command notes:
- Register a chat input command in Discord with at least one string option (e.g., `prompt`).
- The first non-empty string option is treated as the prompt.
- Slash commands honor the same allowlists as DMs/guild messages (`discord.dm.allowFrom`, `discord.guilds`, per-channel rules).
- Clawdbot will auto-register `/clawd` (or the configured name) if it doesn't already exist.
+Native command notes:
+- The registered commands mirror Clawdbot’s chat commands.
+- Native commands honor the same allowlists as DMs/guild messages (`discord.dm.allowFrom`, `discord.guilds`, per-channel rules).

 ## Tool actions
 The agent can call `discord` with actions like:
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -572,6 +572,8 @@ Slash commands are owner-only (gated by `whatsapp.allowFrom` and command authori
 | `/model <name>` | Switch AI model (see below) |
 | `/queue instant\|batch\|serial` | Message queuing mode |

+Commands are only recognized when the entire message is the command (slash required; no plain-text aliases).
+
 ### How do I switch models on the fly?

 Use `/model` to switch without restarting:
--- a/docs/group-messages.md
+++ b/docs/group-messages.md
@@ -12,7 +12,7 @@ Note: `routing.groupChat.mentionPatterns` is now used by Telegram/Discord/Slack/
 ## What’s implemented (2025-12-03)
 - Activation modes: `mention` (default) or `always`. `mention` requires a ping (real WhatsApp @-mentions via `mentionedJids`, regex patterns, or the bot’s E.164 anywhere in the text). `always` wakes the agent on every message but it should reply only when it can add meaningful value; otherwise it returns the silent token `NO_REPLY`. Defaults can be set in config (`whatsapp.groups`) and overridden per group via `/activation`. When `whatsapp.groups` is set, it also acts as a group allowlist (include `"*"` to allow all).
 - Group policy: `whatsapp.groupPolicy` controls whether group messages are accepted (`open|disabled|allowlist`). `allowlist` uses `whatsapp.groupAllowFrom` (fallback: explicit `whatsapp.allowFrom`).
- Per-group sessions: session keys look like `whatsapp:group:<jid>` so commands such as `/verbose on` or `/think:high` are scoped to that group; personal DM state is untouched. Heartbeats are skipped for group threads.
+- Per-group sessions: session keys look like `whatsapp:group:<jid>` so commands such as `/verbose on` or `/think high` (sent as standalone messages) are scoped to that group; personal DM state is untouched. Heartbeats are skipped for group threads.
 - Context injection: last N (default 50) group messages are prefixed under `[Chat messages since your last reply - for context]`, with the triggering line under `[Current message - respond to this]`.
 - Sender surfacing: every group batch now ends with `[from: Sender Name (+E164)]` so Pi knows who is speaking.
 - Ephemeral/view-once: we unwrap those before extracting text/mentions, so pings inside them still trigger.
@@ -52,13 +52,13 @@ Use the group chat command:
 - `/activation mention`
 - `/activation always`

-Only the owner number (from `whatsapp.allowFrom`, or the bot’s own E.164 when unset) can change this. `/status` in the group shows the current activation mode.
+Only the owner number (from `whatsapp.allowFrom`, or the bot’s own E.164 when unset) can change this. Send `/status` as a standalone message in the group to see the current activation mode.

 ## How to use
 1) Add Clawd UK (`+447700900123`) to the group.
 2) Say `@clawd …` (or `@clawd uk`, `@clawdbot`, or include the number). Anyone in the group can trigger it.
 3) The agent prompt will include recent group context plus the trailing `[from: …]` marker so it can address the right person.
-4) Session-level directives (`/verbose on`, `/think:high`, `/new` or `/reset`, `/compact`) apply only to that group’s session; your personal DM session remains independent.
+4) Session-level directives (`/verbose on`, `/think high`, `/new` or `/reset`, `/compact`) apply only to that group’s session; send them as standalone messages so they register. Your personal DM session remains independent.

 ## Testing / verification
 - Automated: `pnpm test -- src/web/auto-reply.test.ts --runInBand` (covers mention gating, history injection, sender suffix).
--- a/docs/groups.md
+++ b/docs/groups.md
@@ -110,7 +110,7 @@ Group owners can toggle per-group activation:
 - `/activation mention`
 - `/activation always`

-Owner is determined by `whatsapp.allowFrom` (or the bot’s self E.164 when unset). Other surfaces currently ignore `/activation`.
+Owner is determined by `whatsapp.allowFrom` (or the bot’s self E.164 when unset). Send the command as a standalone message. Other surfaces currently ignore `/activation`.

 ## Context fields
 Group inbound payloads set:
--- a/docs/health.md
+++ b/docs/health.md
@@ -11,7 +11,7 @@ Short guide to verify the WhatsApp Web / Baileys stack without guessing.
 - `clawdbot status` — local summary: whether creds exist, auth age, session store path + recent sessions.
 - `clawdbot status --deep` — also probes the running Gateway (WhatsApp connect + Telegram + Discord APIs).
 - `clawdbot health --json` — asks the running Gateway for a full health snapshot (WS-only; no direct Baileys socket).
- Send `/status` in WhatsApp/WebChat to get a status reply without invoking the agent.
+- Send `/status` as a standalone message in WhatsApp/WebChat to get a status reply without invoking the agent.
 - Logs: tail `/tmp/clawdbot/clawdbot-*.log` and filter for `web-heartbeat`, `web-reconnect`, `web-auto-reply`, `web-inbound`.

 ## Deep diagnostics
--- a/docs/queue.md
+++ b/docs/queue.md
@@ -30,7 +30,7 @@ Inbound messages can steer the current run, wait for a followup turn, or do both
 Steer-backlog means you can get a followup response after the steered run, so
 streaming surfaces can look like duplicates. Prefer `collect`/`steer` if you want
 one response per inbound message.
-Inline fix: `/queue collect` (per-session) or set `routing.queue.byProvider.discord: "collect"`.
+Send `/queue collect` as a standalone command (per-session) or set `routing.queue.byProvider.discord: "collect"`.

 Defaults (when unset in config):
 - All surfaces → `collect`
@@ -61,8 +61,7 @@ Summarize keeps a short bullet list of dropped messages and injects it as a synt
 Defaults: `debounceMs: 1000`, `cap: 20`, `drop: summarize`.

 ## Per-session overrides
- `/queue <mode>` as a standalone command stores the mode for the current session.
- `/queue <mode>` embedded in a message applies **once** (no persistence).
+- Send `/queue <mode>` as a standalone command to store the mode for the current session.
 - Options can be combined: `/queue collect debounce:2s cap:25 drop:summarize`
 - `/queue default` or `/queue reset` clears the session override.

--- a/docs/session-tool.md
+++ b/docs/session-tool.md
@@ -114,7 +114,7 @@ Policy-based blocking by provider/chat type (not per session id).

 Runtime override (per session entry):
 - `sendPolicy: "allow" | "deny"` (unset = inherit config)
- Settable via `sessions.patch` or owner-only `/send on|off|inherit`.
+- Settable via `sessions.patch` or owner-only `/send on|off|inherit` (standalone message).

 Enforcement points:
 - `chat.send` / `agent` (gateway)
--- a/docs/session.md
+++ b/docs/session.md
@@ -57,6 +57,7 @@ Runtime override (owner only):
 - `/send on` → allow for this session
 - `/send off` → deny for this session
 - `/send inherit` → clear override and use config rules
+Send these as standalone messages so they register.

 ## Configuration (optional rename example)
 ```json5
@@ -76,8 +77,8 @@ Runtime override (owner only):
 - `pnpm clawdbot status` — shows store path and recent sessions.
 - `pnpm clawdbot sessions --json` — dumps every entry (filter with `--active <minutes>`).
 - `pnpm clawdbot gateway call sessions.list --params '{}'` — fetch sessions from the running gateway (use `--url`/`--token` for remote gateway access).
- Send `/status` in chat to see whether the agent is reachable, how much of the session context is used, current thinking/verbose toggles, and when your WhatsApp web creds were last refreshed (helps spot relink needs).
- Send `/compact` (optional instructions) to summarize older context and free up window space.
+- Send `/status` as a standalone message in chat to see whether the agent is reachable, how much of the session context is used, current thinking/verbose toggles, and when your WhatsApp web creds were last refreshed (helps spot relink needs).
+- Send `/compact` (optional instructions) as a standalone message to summarize older context and free up window space.
 - JSONL transcripts can be opened directly to review full turns.

 ## Tips
--- a/docs/slack.md
+++ b/docs/slack.md
@@ -189,6 +189,7 @@ Ack reactions are controlled globally via `messages.ackReaction` +
 - DMs share the `main` session (like WhatsApp/Telegram).
 - Channels map to `slack:channel:<channelId>` sessions.
 - Slash commands use `slack:slash:<userId>` sessions.
+- Native command registration is controlled by `commands.native`; text commands require standalone `/...` messages and can be disabled with `commands.text: false`. Slack slash commands are managed in the Slack app and are not removed automatically. Use `commands.useAccessGroups: false` to bypass access-group checks for commands.

 ## DM security (pairing)
 - Default: `slack.dm.policy="pairing"` — unknown DM senders get a pairing code.
--- a/docs/telegram.md
+++ b/docs/telegram.md
@@ -28,6 +28,8 @@ Status: ready for bot-mode use with grammY (long-polling by default; webhook sup
 6) Allowlist + pairing:
   - Direct chats: `telegram.allowFrom` (chat ids) or pairing approvals via `clawdbot pairing approve --provider telegram <code>` (alias: `clawdbot telegram pairing approve <code>`).
   - Groups: set `telegram.groupPolicy = "allowlist"` and list senders in `telegram.groupAllowFrom` (fallback: explicit `telegram.allowFrom`).
+   - Commands respect group allowlists/policies by default; set `commands.useAccessGroups: false` to bypass.
+7) Native commands: set `commands.native: true` to register `/` commands; set `commands.native: false` to clear previously registered commands.

 ## Capabilities & limits (Bot API)
 - Sees only messages sent after it’s added to a chat; no pre-history access.
@@ -71,7 +73,7 @@ Example config:
 ## Group etiquette
 - Keep privacy mode off if you expect the bot to read all messages; with privacy on, it only sees commands/mentions.
 - Make the bot an admin if you need it to send in restricted groups or channels.
- Mention the bot (`@yourbot`) or use a `routing.groupChat.mentionPatterns` trigger; per-group overrides live in `telegram.groups` if you want always-on behavior. If `telegram.groups` is set, add `"*"` to keep existing allow-all behavior.
+- Mention the bot (`@yourbot`), use a `routing.groupChat.mentionPatterns` trigger, or send a standalone `/...` command. Per-group overrides live in `telegram.groups` if you want always-on behavior; if `telegram.groups` is set, add `"*"` to keep existing allow-all behavior.

 ## Reply tags
 To request a threaded reply, the model can include one tag in its output:
--- a/docs/whatsapp.md
+++ b/docs/whatsapp.md
@@ -80,7 +80,7 @@ WhatsApp requires a real mobile number for verification. VoIP and virtual number
 - Activation modes:
  - `mention` (default): requires @mention or regex match.
  - `always`: always triggers.
- `/activation mention|always` is owner-only.
+- `/activation mention|always` is owner-only and must be sent as a standalone message.
 - Owner = `whatsapp.allowFrom` (or self E.164 if unset).
 - **History injection**:
  - Recent messages (default 50) inserted under: