Skip to content

fix(security): require explicit opt-in for Telegram bridge open chat access #699

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
ericksoa wants to merge 1 commit into
base: main
Choose a base branch
from
+28 −1
Draft

fix(security): require explicit opt-in for Telegram bridge open chat access #699

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 21 additions & 1 deletion scripts/telegram-bridge.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@
* TELEGRAM_BOT_TOKEN — from @BotFather
* NVIDIA_API_KEY — for inference
* SANDBOX_NAME — sandbox name (default: nemoclaw)
* ALLOWED_CHAT_IDS — comma-separated Telegram chat IDs to accept (optional, accepts all if unset)
* ALLOWED_CHAT_IDS — comma-separated Telegram chat IDs to accept (required unless ALLOW_ALL_CHATS=true)
* ALLOW_ALL_CHATS — set to "true" to explicitly allow messages from all chats
*/

const https = require("https");
Expand All @@ -36,6 +37,21 @@ const ALLOWED_CHATS = process.env.ALLOWED_CHAT_IDS
? process.env.ALLOWED_CHAT_IDS.split(",").map((s) => s.trim())
: null;

const WARN_OPEN_ACCESS = !ALLOWED_CHATS && process.env.ALLOW_ALL_CHATS !== "true";
const seenChats = new Set();
if (!ALLOWED_CHATS) {
if (WARN_OPEN_ACCESS) {
console.warn("");
console.warn(" ⚠ ALLOWED_CHAT_IDS is not set — the bridge will accept messages from ALL Telegram chats.");
console.warn(" Set ALLOWED_CHAT_IDS to a comma-separated list of chat IDs to restrict access,");
console.warn(" or set ALLOW_ALL_CHATS=true to silence this warning.");
console.warn(" Chat IDs will be logged below so you can build your allowlist.");
console.warn("");
} else {
console.warn("WARNING: ALLOW_ALL_CHATS=true — accepting messages from all Telegram chats.");
}
}

if (!TOKEN) { console.error("TELEGRAM_BOT_TOKEN required"); process.exit(1); }
if (!API_KEY) { console.error("NVIDIA_API_KEY required"); process.exit(1); }

Expand Down Expand Up @@ -175,6 +191,10 @@ async function poll() {
console.log(`[ignored] chat ${chatId} not in allowed list`);
continue;
}
if (WARN_OPEN_ACCESS && !seenChats.has(chatId)) {
seenChats.add(chatId);
console.warn(` ⚠ [open-access] new chat ${chatId} from ${userName} — add to ALLOWED_CHAT_IDS to pin access`);
}

const userName = msg.from?.first_name || "someone";
console.log(`[${chatId}] ${userName}: ${msg.text}`);
Expand Down
7 changes: 7 additions & 0 deletions test/runner.test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,5 +207,12 @@ describe("runner helpers", () => {
expect(src.includes("validateName(SANDBOX")).toBeTruthy();
expect(!src.includes("execSync")).toBeTruthy();
});

it("telegram bridge requires ALLOWED_CHAT_IDS or ALLOW_ALL_CHATS", () => {

const src = fs.readFileSync(path.join(import.meta.dirname, "..", "scripts", "telegram-bridge.js"), "utf-8");
expect(src).toContain("ALLOWED_CHAT_IDS");
expect(src).toContain("ALLOW_ALL_CHATS");
});
});
});
Loading