Hardening · access control
Lock down who can talk to the bot
If strangers can message your bot, assume they will try to manipulate it. Start with allowlists and mention-only group behavior.
Checklist
1
Allowlist senders
Start with only your own accounts.
2
Groups: mention-only
Bots should not be always-on in a busy group.
3
Pairing/approval for nodes
Require explicit approval before new devices can connect.
Why this matters
Reduces prompt injection surface
Less untrusted input means fewer weird agent behaviors.
Prevents drive-by abuse
Many incidents start with “someone discovered the bot”.
Makes auditing possible
Fewer actors = clearer logs.