fix: enforce group tool policy inheritance for subagents (#1557) (thanks @adam91holt)

src/commands/agent/run-context.ts

@@ -14,6 +14,15 @@ export function resolveAgentRunContext(opts: AgentCommandOpts): AgentRunContext
   const normalizedAccountId = normalizeAccountId(merged.accountId ?? opts.accountId);
   if (normalizedAccountId) merged.accountId = normalizedAccountId;
 
+  const groupId = (merged.groupId ?? opts.groupId)?.toString().trim();
+  if (groupId) merged.groupId = groupId;
+
+  const groupChannel = (merged.groupChannel ?? opts.groupChannel)?.toString().trim();
+  if (groupChannel) merged.groupChannel = groupChannel;
+
+  const groupSpace = (merged.groupSpace ?? opts.groupSpace)?.toString().trim();
+  if (groupSpace) merged.groupSpace = groupSpace;
+
   if (
     merged.currentThreadTs == null &&
     opts.threadId != null &&

src/commands/agent/types.ts

@@ -17,6 +17,9 @@ export type AgentStreamParams = {
 export type AgentRunContext = {
   messageChannel?: string;
   accountId?: string;
+  groupId?: string | null;
+  groupChannel?: string | null;
+  groupSpace?: string | null;
   currentChannelId?: string;
   currentThreadTs?: string;
   replyToMode?: "off" | "first" | "all";
@@ -55,6 +58,14 @@ export type AgentCommandOpts = {
   accountId?: string;
   /** Context for embedded run routing (channel/account/thread). */
   runContext?: AgentRunContext;
+  /** Group id for channel-level tool policy resolution. */
+  groupId?: string | null;
+  /** Group channel label for channel-level tool policy resolution. */
+  groupChannel?: string | null;
+  /** Group space label for channel-level tool policy resolution. */
+  groupSpace?: string | null;
+  /** Parent session key for subagent policy inheritance. */
+  spawnedBy?: string | null;
   deliveryTargetMode?: ChannelOutboundTargetMode;
   bestEffortDeliver?: boolean;
   abortSignal?: AbortSignal;