refactor: unify workspace restriction for file tools, remove redundant checks, fix SECURITY.md

2026-02-06 09:16:20 +00:00
parent 8a23d541e2
commit c5191eed1a
8 changed files with 49 additions and 97 deletions
--- a/nanobot/channels/base.py
+++ b/nanobot/channels/base.py
@@ -70,10 +70,9 @@ class BaseChannel(ABC):
        """
        allow_list = getattr(self.config, "allow_from", [])
        
-        # Fail-closed: if no allow list is configured, deny access
-        # Users must explicitly configure allowed senders
+        # If no allow list, allow everyone
        if not allow_list:
-            return False
+            return True
        
        sender_str = str(sender_id)
        if sender_str in allow_list: