Description

When a user sends a slash command (e.g. /status) via Telegram (or any channel using SecretRef-based credentials), the gateway crashes with a SecretRef resolution error during command authorization.

Stack Trace

Error: channels.telegram.accounts.<account>.botToken: *** SecretRef "exec:doppler:...".
Resolve this command against an active gateway runtime snapshot before reading it.
    at assertSecretInputResolved
    at normalizeResolvedSecretInputString
    at resolveTelegramToken
    at Object.resolve [as resolvePrimary]
    at resolveAccountWithDefaultFallback
    at resolveTelegramAccount
    at Object.resolveAccount
    at Object.resolveAccount (channel-config-helpers)
    at Object.resolveAllowFrom (channel-config-helpers)
    at resolveCommandAuthorization

Root Cause

resolveCommandAuthorization in src/auto-reply/command-auth.ts calls plugin.config.resolveAllowFrom(), which internally calls resolveAccount(). For channels like Telegram, resolveAccount requires fully resolved secrets (e.g. bot tokens via SecretRef). In the command-authorization code path, secrets may not yet be resolved against the active gateway runtime snapshot.

The same issue exists in resolveProviderFromContext which iterates all channel plugins and calls resolveAllowFrom on each.

Affected Versions

2026.3.14+

Affected Channels

Any channel using SecretRef-based credentials (Telegram with exec:doppler: refs, etc.)

Expected Behavior

Slash commands should work regardless of whether secrets are resolved at the command-authorization stage. The command-auth path only needs the allowlist configuration, not the full resolved account with credentials.

Proposed Fix

Wrap resolveAllowFrom calls in command-auth.ts with try/catch, falling back to the config-only resolveFallbackAllowFrom path when secret resolution fails. This is the safest approach as it handles all channels generically without requiring channel-specific changes.