From adbb1cfe4aa5c93ee2fc184c323cd75639533a6a Mon Sep 17 00:00:00 2001
From: chaodufashi <pahudev@gmail.com>
Date: Tue, 7 Apr 2026 08:16:57 +0800
Subject: [PATCH] fix: empty allowed_channels denies all channels (secure by
 default)

Previously, an empty allowed_channels list would allow the bot to
respond in ALL channels. This changes the behavior so that an empty
list means the bot will not respond to any messages.

Also adds a startup warning log when allowed_channels is empty and
a clarifying comment in config.toml.example.

Closes thepagent/agent-broker#91
---
 config.toml.example | 1 +
 src/discord.rs      | 6 ++++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/config.toml.example b/config.toml.example
index c4227dc6..04d64a40 100644
--- a/config.toml.example
+++ b/config.toml.example
@@ -1,5 +1,6 @@
 [discord]
 bot_token = "${DISCORD_BOT_TOKEN}"
+# Required: at least one channel ID. Empty list = bot will not respond to any messages.
 allowed_channels = ["1234567890"]
 
 [agent]
diff --git a/src/discord.rs b/src/discord.rs
index 8cb60e15..e7ea8f30 100644
--- a/src/discord.rs
+++ b/src/discord.rs
@@ -28,8 +28,7 @@ impl EventHandler for Handler {
         let bot_id = ctx.cache.current_user().id;
 
         let channel_id = msg.channel_id.get();
-        let in_allowed_channel =
-            self.allowed_channels.is_empty() || self.allowed_channels.contains(&channel_id);
+        let in_allowed_channel = self.allowed_channels.contains(&channel_id);
 
         let is_mentioned = msg.mentions_user_id(bot_id)
             || msg.content.contains(&format!("<@{}>", bot_id))
@@ -172,6 +171,9 @@ impl EventHandler for Handler {
 
     async fn ready(&self, _ctx: Context, ready: Ready) {
         info!(user = %ready.user.name, "discord bot connected");
+        if self.allowed_channels.is_empty() {
+            tracing::warn!("allowed_channels is empty — bot will NOT respond to any messages. Configure allowed_channels in config.toml.");
+        }
     }
 }