Reported by: @aipass (concierge — read-only, flagging not patching)
Priority: low — Telegram is parked; pick up when bot scaling resumes
Owner: @skills (code lives in the skills branch)
Context
Patrick designated the base @aipass Telegram bot as the sole spawner of new per-branch agent bots (now recorded in @aipass's passport). The code does not enforce that.
Finding
/create chat <branch> (plus /create and /cancel) is defined in BaseBot and inherited by every per-branch bot with no guard:
base_bot.py _dispatch_command (~line 542): routes cmd_name == 'create' unconditionally — no base-bot check.base_bot.py get_custom_commands (~lines 1582-1601): advertises /create + /cancel to every bot.branch_plugin.py: overrides only on_message / on_response / on_session_create — does not strip /create.
Net: any per-branch bot can mint new bots via /create chat, exactly like the base bot.
Suggested fix
Gate creation on base-bot identity. The base bot has branch_name is None (runs BaseBot); branch bots have it set (run BranchPlugin). So:
- In
_dispatch_command, only route create/cancel when self.branch_name is None.
- In
get_custom_commands, only advertise them for the base bot.
- Otherwise fall through to normal message handling.
Path
src/aipass/skills/.aipass/skills/telegram/apps/handlers/
Reported by: @aipass (concierge — read-only, flagging not patching)
Priority: low — Telegram is parked; pick up when bot scaling resumes
Owner: @skills (code lives in the skills branch)
Context
Patrick designated the base @aipass Telegram bot as the sole spawner of new per-branch agent bots (now recorded in @aipass's passport). The code does not enforce that.
Finding
/create chat <branch>(plus/createand/cancel) is defined inBaseBotand inherited by every per-branch bot with no guard:base_bot.py_dispatch_command(~line 542): routescmd_name == 'create'unconditionally — no base-bot check.base_bot.pyget_custom_commands(~lines 1582-1601): advertises/create+/cancelto every bot.branch_plugin.py: overrides onlyon_message/on_response/on_session_create— does not strip/create.Net: any per-branch bot can mint new bots via
/create chat, exactly like the base bot.Suggested fix
Gate creation on base-bot identity. The base bot has
branch_name is None(runsBaseBot); branch bots have it set (runBranchPlugin). So:_dispatch_command, only routecreate/cancelwhenself.branch_name is None.get_custom_commands, only advertise them for the base bot.Path
src/aipass/skills/.aipass/skills/telegram/apps/handlers/