fix(tools): forward senderIsOwner to embedded runner so owner-only tools work (#22296)

Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 0baca5ccc11c83727fe3db02b6ef6b11b421e698 Co-authored-by: hcoj <1169805+hcoj@users.noreply.github.com> Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com> Reviewed-by: @obviyus
2026-02-21 03:03:58 +00:00
parent d94d21f9b0
commit 5dae5e6ef2
5 changed files with 5 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,7 @@ Docs: https://docs.openclaw.ai

 ### Fixes

+- Auto-reply/Tools: forward `senderIsOwner` through embedded queued/followup runner params so owner-only tools remain available for authorized senders. (#22296) thanks @hcoj.
 - Agents/Subagents: restore announce-chain delivery to agent injection, defer nested announce output until descendant follow-up content is ready, and prevent descendant deferrals from consuming announce retry budget so deep chains do not drop final completions. (#22223) Thanks @tyler6204.
 - Gateway/Auth: require `gateway.trustedProxies` to include a loopback proxy address when `auth.mode="trusted-proxy"` and `bind="loopback"`, preventing same-host proxy misconfiguration from silently blocking auth. (#22082, follow-up to #20097) thanks @mbelinky.
 - Security/OpenClawKit/UI: prevent injected inbound user context metadata blocks from leaking into chat history in TUI, webchat, and macOS surfaces by stripping all untrusted metadata prefixes at display boundaries. (#22142) Thanks @Mellowambience, @vincentkoc.
--- a/src/auto-reply/reply/agent-runner-utils.ts
+++ b/src/auto-reply/reply/agent-runner-utils.ts
@@ -164,6 +164,7 @@ export function buildEmbeddedRunBaseParams(params: {
    config: params.run.config,
    skillsSnapshot: params.run.skillsSnapshot,
    ownerNumbers: params.run.ownerNumbers,
+    senderIsOwner: params.run.senderIsOwner,
    enforceFinalTag: resolveEnforceFinalTag(params.run, params.provider),
    provider: params.provider,
    model: params.model,
--- a/src/auto-reply/reply/followup-runner.ts
+++ b/src/auto-reply/reply/followup-runner.ts
@@ -152,6 +152,7 @@ export function createFollowupRunner(params: {
              senderName: queued.run.senderName,
              senderUsername: queued.run.senderUsername,
              senderE164: queued.run.senderE164,
+              senderIsOwner: queued.run.senderIsOwner,
              sessionFile: queued.run.sessionFile,
              workspaceDir: queued.run.workspaceDir,
              config: queued.run.config,
--- a/src/auto-reply/reply/queue/types.ts
+++ b/src/auto-reply/reply/queue/types.ts
@@ -55,6 +55,7 @@ export type FollowupRun = {
    senderName?: string;
    senderUsername?: string;
    senderE164?: string;
+    senderIsOwner?: boolean;
    sessionFile: string;
    workspaceDir: string;
    config: OpenClawConfig;
--- a/src/shared/chat-envelope.ts
+++ b/src/shared/chat-envelope.ts
@@ -24,7 +24,7 @@ const INBOUND_METADATA_HEADERS = [
  "Forwarded message context (untrusted metadata):",
  "Chat history since last reply (untrusted, for context):",
 ];
-const REGEX_ESCAPE_RE = /[.*+?^${}()|[\]\\\-]/g;
+const REGEX_ESCAPE_RE = /[.*+?^${}()|[\]\\-]/g;
 const INBOUND_METADATA_PREFIX_RE = new RegExp(
  "^\\s*(?:" +
    INBOUND_METADATA_HEADERS.map((header) => header.replace(REGEX_ESCAPE_RE, "\\$&")).join("|") +