feat(session): add dmScope for multi-user DM isolation

Co-authored-by: Alphonse-arianee <Alphonse-arianee@users.noreply.github.com>

src/commands/doctor-security.ts

@@ -34,6 +34,8 @@ export async function noteSecurityWarnings(cfg: ClawdbotConfig) {
       .map((v) => v.trim())
       .filter(Boolean);
     const allowCount = Array.from(new Set([...normalizedCfg, ...normalizedStore])).length;
+    const dmScope = cfg.session?.dmScope ?? "main";
+    const isMultiUserDm = hasWildcard || allowCount > 1;
 
     if (dmPolicy === "open") {
       const allowFromPath = `${params.allowFromPath}allowFrom`;
@@ -43,7 +45,6 @@ export async function noteSecurityWarnings(cfg: ClawdbotConfig) {
           `- ${params.label} DMs: config invalid — "open" requires ${allowFromPath} to include "*".`,
         );
       }
-      return;
     }
 
     if (dmPolicy === "disabled") {
@@ -51,12 +52,18 @@ export async function noteSecurityWarnings(cfg: ClawdbotConfig) {
       return;
     }
 
-    if (allowCount === 0) {
+    if (dmPolicy !== "open" && allowCount === 0) {
       warnings.push(
         `- ${params.label} DMs: locked (${policyPath}="${dmPolicy}") with no allowlist; unknown senders will be blocked / get a pairing code.`,
       );
       warnings.push(`  ${params.approveHint}`);
     }
+
+    if (dmScope === "main" && isMultiUserDm) {
+      warnings.push(
+        `- ${params.label} DMs: multiple senders share the main session; set session.dmScope="per-channel-peer" to isolate sessions.`,
+      );
+    }
   };
 
   for (const plugin of listChannelPlugins()) {