Problem

Currently, channels.whatsapp.allowFrom controls who can send inbound DMs to the agent. However, there's no equivalent config to restrict who the agent can send outbound DMs to.

Use Case

I have an AI agent connected to WhatsApp that has access to private information (files, memories, context about my life). I want to ensure it:

1. Can only respond to DMs from me (owner) ✅ Currently possible with allowFrom
2. Can only send DMs to me (owner) ❌ Not currently possible

The Problem

Even with strict allowFrom settings, if someone in a group chat asks the agent to "move to private", the agent can comply and send a DM to anyone. This is a security/privacy risk since the agent may share context it shouldn't.

Proposed Solution

Add a sendTo allowlist that restricts outbound DMs:

{
  "channels": {
    "whatsapp": {
      "allowFrom": ["+15551234567"],
      "sendTo": ["+15551234567"]
    }
  }
}

Behavior

• If sendTo is set, agent can only initiate/respond to DMs with numbers in the list
• Group messages are unaffected (controlled by groupPolicy / groups)
• If sendTo is not set, current behavior is preserved (no outbound restriction)
• If agent tries to send DM to non-allowed number, fail with clear error

Alternatives Considered

• Behavioral rules only: Added instructions to the agent's system prompt, but this is not foolproof and depends on the model following instructions correctly
• Disabling DMs entirely: Too restrictive - I want to be able to DM my agent

Additional Context

This came up when my agent (running with dmPolicy: pairing and strict allowFrom) still sent a private message to a family member who asked to "go private" from a group chat. The behavioral guardrails weren't enough.