github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-18 15:47:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): lock down inbound DMs by default

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-06 17:39:22 +01:00
parent 9254f4b738
commit d8504f5321
36 changed files with 2092 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/security.md
View File

@@ -49,6 +49,7 @@ This is social engineering 101. Create distrust, encourage snooping.
```
Only allow specific phone numbers to trigger your AI. Never use `["*"]` in production.
Newer versions default to **DM pairing** (`*.dmPolicy="pairing"`) on most providers; avoid `dmPolicy="open"` unless you explicitly want public inbound access.
### 2. Group Chat Mentions