From f23d9049a79d275a08acdbab649d7813fe01086e Mon Sep 17 00:00:00 2001 From: zhi Date: Fri, 27 Feb 2026 14:14:39 +0000 Subject: [PATCH] fix: bypass DM sessions without metadata and make tool globally visible 1. DM bypass: when neither senderId nor channelId can be extracted from the prompt (DM sessions lack untrusted conversation info), skip the no-reply gate and allow the message through with end-marker injection. 2. Tool visibility: change whispergateway_tools registration from optional=true to optional=false so all agents can see the tool without needing explicit tools.allow entries. --- plugin/index.ts | 2 +- plugin/rules.ts | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/plugin/index.ts b/plugin/index.ts index 0561df2..540a538 100644 --- a/plugin/index.ts +++ b/plugin/index.ts @@ -355,7 +355,7 @@ export default { return { content: [{ type: "text", text: `unsupported action: ${action}` }], isError: true }; }, }, - { optional: true }, + { optional: false }, ); api.on("message_received", async (event, ctx) => { diff --git a/plugin/rules.ts b/plugin/rules.ts index 42b50d1..ccaacd8 100644 --- a/plugin/rules.ts +++ b/plugin/rules.ts @@ -73,6 +73,12 @@ export function evaluateDecision(params: { return { shouldUseNoReply: false, shouldInjectEndMarkerPrompt: false, reason: "non_discord" }; } + // DM bypass: if no conversation info was found in the prompt (no senderId AND no channelId), + // this is a DM session where untrusted metadata is not injected. Always allow through. + if (!params.senderId && !params.channelId) { + return { shouldUseNoReply: false, shouldInjectEndMarkerPrompt: true, reason: "dm_no_metadata_bypass" }; + } + const policy = resolvePolicy(config, params.channelId, params.channelPolicies); const mode = policy.listMode;