Gate Matrix profile updates for non-owner message tool runs

[eleqtrizit]

Summary

• gate Matrix self-profile message actions behind owner context
• thread owner status through shared message action discovery and execution

Changes

• hide Matrix set-profile from non-owner message tool discovery
• reject Matrix set-profile execution for non-owner callers
• pass senderIsOwner through shared message-tool discovery and action dispatch
• add regression coverage for Matrix discovery/execution and shared message-tool context plumbing

Validation

• Ran pnpm test extensions/matrix/src/actions.test.ts
• Ran pnpm test extensions/matrix/src/actions.account-propagation.test.ts
• Ran pnpm test src/agents/tools/message-tool.test.ts
• Ran pnpm check via scripts/committer
• Attempted claude -p "/review" before PR creation; it required a PR number to continue

Notes

• This keeps owner/admin behavior intact while removing persistent Matrix profile mutation from non-owner agent runs.
• No broader channel action behavior changed.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 55326ffb07

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[greptile-apps]

Greptile Summary

This PR gates the Matrix set-profile message action behind an owner check at both discovery time (hidden from the schema for non-owners) and execution time (hard reject if senderIsOwner !== true). The senderIsOwner flag is threaded through the full call stack: createOpenClawTools → createMessageTool → runMessageAction → dispatchChannelMessageAction → handleAction(ctx), and through the discovery path: listChannelSupportedActions → createMessageActionDiscoveryContext → describeMessageTool.

Confidence Score: 5/5

Safe to merge; owner gate is correctly applied at both discovery and execution time with no bypass vectors via tool params.

All remaining findings are P2 or lower. The senderIsOwner flag is threaded correctly through every layer of the call stack, the fail-closed !== true guard provides defense in depth, and tests cover owner, non-owner, and unknown-status cases.

No files require special attention.

Vulnerabilities

No security concerns identified. senderIsOwner is sourced exclusively from server-side session context (never from tool/model-controlled params), and the execution-time guard in handleAction uses a strict !== true check that fails closed on undefined, false, or any unexpected value — consistent with the trust boundary established for requesterSenderId.

_{Reviews (5): Last reviewed commit: "fix(matrix): remove worklog artifact fro..." | Re-trigger Greptile}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 55326ffb07

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1724a92958

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1724a92958

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 01476a7370

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 33ca2f3ee2

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 236f01a1fe

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f652e619ab

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: fdad0eff6b

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[eleqtrizit]

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Keep them coming!

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[gumadeiras]

Merged via squash.

• Prepared head SHA: 602b16a676d1fd7ad8bd2a5ab3126b1a35f1ae9f
• Merge commit: fe0f686c9228fffcec6de4011da45e69a6e23e54

Thanks @eleqtrizit!