fix(memory): prevent QMD scope deny bypass

2026-05-07 12:31:24 +00:00 · 2026-02-15 02:41:30 +00:00
parent 014b42dd45
commit f9bb748a6c
11 changed files with 80 additions and 6 deletions
--- a/src/sessions/send-policy.test.ts
+++ b/src/sessions/send-policy.test.ts
@@ -55,4 +55,17 @@ describe("resolveSendPolicy", () => {
    } as OpenClawConfig;
    expect(resolveSendPolicy({ cfg, sessionKey: "cron:job-1" })).toBe("deny");
  });
+
+  it("rule match by rawKeyPrefix", () => {
+    const cfg = {
+      session: {
+        sendPolicy: {
+          default: "allow",
+          rules: [{ action: "deny", match: { rawKeyPrefix: "agent:main:discord:" } }],
+        },
+      },
+    } as OpenClawConfig;
+    expect(resolveSendPolicy({ cfg, sessionKey: "agent:main:discord:group:dev" })).toBe("deny");
+    expect(resolveSendPolicy({ cfg, sessionKey: "agent:main:slack:group:dev" })).toBe("allow");
+  });
 });