fix: harden dm command authorization in open mode

src/signal/monitor/event-handler.inbound-contract.test.ts

@@ -143,4 +143,33 @@ describe("signal createSignalEventHandler inbound contract", () => {
       expect.any(Object),
     );
   });
+
+  it("does not auto-authorize DM commands in open mode without allowlists", async () => {
+    const handler = createSignalEventHandler(
+      createBaseSignalEventHandlerDeps({
+        cfg: {
+          messages: { inbound: { debounceMs: 0 } },
+          channels: { signal: { dmPolicy: "open", allowFrom: [] } },
+        },
+        allowFrom: [],
+        groupAllowFrom: [],
+        account: "+15550009999",
+        blockStreaming: false,
+        historyLimit: 0,
+        groupHistories: new Map(),
+      }),
+    );
+
+    await handler(
+      createSignalReceiveEvent({
+        dataMessage: {
+          message: "/status",
+          attachments: [],
+        },
+      }),
+    );
+
+    expect(capture.ctx).toBeTruthy();
+    expect(capture.ctx?.CommandAuthorized).toBe(false);
+  });
 });

src/signal/monitor/event-handler.ts

@@ -475,7 +475,6 @@ export function createSignalEventHandler(deps: SignalEventHandlerDeps) {
     const dmAccess = resolveAccessDecision(false);
     const effectiveDmAllow = dmAccess.effectiveAllowFrom;
     const effectiveGroupAllow = dmAccess.effectiveGroupAllowFrom;
-    const dmAllowed = dmAccess.decision === "allow";
 
     if (
       reaction &&
@@ -573,7 +572,7 @@ export function createSignalEventHandler(deps: SignalEventHandlerDeps) {
       allowTextCommands: true,
       hasControlCommand: hasControlCommandInMessage,
     });
-    const commandAuthorized = isGroup ? commandGate.commandAuthorized : dmAllowed;
+    const commandAuthorized = commandGate.commandAuthorized;
     if (isGroup && commandGate.shouldBlock) {
       logInboundDrop({
         log: logVerbose,