diff --git a/extensions/mattermost/src/mattermost/slash-commands.ts b/extensions/mattermost/src/mattermost/slash-commands.ts
index 69e29f8fa6c..08ba8651098 100644
--- a/extensions/mattermost/src/mattermost/slash-commands.ts
+++ b/extensions/mattermost/src/mattermost/slash-commands.ts
@@ -503,7 +503,13 @@ export function resolveCallbackUrl(params: {
   if (params.config.callbackUrl) {
     return params.config.callbackUrl;
   }
-  const host = params.gatewayHost || "localhost";
+  let host = params.gatewayHost || "localhost";
   const path = normalizeCallbackPath(params.config.callbackPath);
+
+  // Bracket IPv6 literals so the URL is valid: http://[::1]:3015/...
+  if (host.includes(":") && !(host.startsWith("[") && host.endsWith("]"))) {
+    host = `[${host}]`;
+  }
+
   return `http://${host}:${params.gatewayPort}${path}`;
 }
diff --git a/src/auto-reply/command-auth.ts b/src/auto-reply/command-auth.ts
index 8f0a68c7256..458984b3d86 100644
--- a/src/auto-reply/command-auth.ts
+++ b/src/auto-reply/command-auth.ts
@@ -165,7 +165,9 @@ function resolveCommandsAllowFromList(params: {
 
   const rawList = Array.isArray(providerList) ? providerList : globalList;
   if (!Array.isArray(rawList)) {
-    return null; // No applicable list found
+    // commands.allowFrom is configured, but there's no provider-specific list and no "*".
+    // Treat as an explicit deny for this provider (override semantics).
+    return [];
   }
 
   return formatAllowFromList({
diff --git a/src/auto-reply/command-control.test.ts b/src/auto-reply/command-control.test.ts
index 76a12398801..59f6545ab09 100644
--- a/src/auto-reply/command-control.test.ts
+++ b/src/auto-reply/command-control.test.ts
@@ -296,6 +296,33 @@ describe("resolveCommandAuthorization", () => {
       expect(whatsappAuth.isAuthorizedSender).toBe(true);
     });
 
+    it("denies providers not present in commands.allowFrom when no wildcard is set", () => {
+      const cfg = {
+        commands: {
+          allowFrom: {
+            signal: ["user123"],
+          },
+        },
+        // Channel allowFrom would normally allow, but commands.allowFrom should override.
+        channels: { whatsapp: { allowFrom: ["*"] } },
+      } as OpenClawConfig;
+
+      const ctx = {
+        Provider: "whatsapp",
+        Surface: "whatsapp",
+        From: "whatsapp:anyuser",
+        SenderId: "anyuser",
+      } as MsgContext;
+
+      const auth = resolveCommandAuthorization({
+        ctx,
+        cfg,
+        commandAuthorized: true,
+      });
+
+      expect(auth.isAuthorizedSender).toBe(false);
+    });
+
     it("falls back to channel allowFrom when commands.allowFrom not set", () => {
       const cfg = {
         channels: { whatsapp: { allowFrom: ["+15551234567"] } },