fix(security): clarify dmScope remediation path with explicit CLI command

# Problem The security audit and onboarding screens suggested 'Set session.dmScope="..."' for multi-user DM isolation. This led users to try setting the value in invalid config paths (e.g., 'channels.imessage.dmScope'). # Changes - Updated 'src/security/audit.ts' to use 'formatCliCommand' for dmScope remediation. - Updated 'src/commands/doctor-security.ts' and 'src/commands/onboard-channels.ts' to use the explicit 'openclaw config set' command format. # Validation - Verified text alignment with 'pnpm tsgo'. - Confirmed CLI command formatting remains consistent across modified files.
2026-05-08 18:38:28 +00:00 · 2026-02-10 12:39:14 +08:00
parent 31c6a12cfa
commit ca3c83acdf
3 changed files with 12 additions and 4 deletions
--- a/src/commands/doctor-security.ts
+++ b/src/commands/doctor-security.ts
@@ -124,7 +124,9 @@ export async function noteSecurityWarnings(cfg: OpenClawConfig) {

    if (dmScope === "main" && isMultiUserDm) {
      warnings.push(
-        `- ${params.label} DMs: multiple senders share the main session; set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.`,
+        `- ${params.label} DMs: multiple senders share the main session; run: ` +
+          formatCliCommand('openclaw config set session.dmScope "per-channel-peer"') +
+          ' (or "per-account-channel-peer" for multi-account channels) to isolate sessions.',
      );
    }
  };