Aegis Security Flaw: Default Telegram Config Allows Any Group Member to Control Sessions

A critical security vulnerability in the Aegis automation platform leaves its Telegram integration wide open. When the `AEGIS_TG_ALLOWED_USERS` environment variable is not explicitly configured—the default state—the system accepts inbound commands from any user in the linked Telegram group. This includes destructive commands like `kill`, `approve`, `reject`, and `escape`, as well as arbitrary message injection into any active session. The access control guard in the source code only activates if an allowlist is populated, meaning a standard installation has zero command authorization.

This flaw stems from a conditional check in `src/channels/telegram.ts`. The code block that verifies a user's ID against a configured allowlist only runs if `allowedUserIds.length > 0`. If the list is empty—which is the default when the variable is unset—the check is bypassed entirely, granting unconditional passage to any command. Consequently, in a shared Telegram supergroup, every member gains the power to terminate sessions, manipulate approval flows, and inject unauthorized messages.

The exposure creates a severe operational risk for teams using Aegis for automated workflows, potentially allowing insider threats or compromised accounts to disrupt critical processes. The vulnerability highlights a dangerous default-security posture, where a missing configuration silently disables all access controls. Administrators are urged to immediately set the `AEGIS_TG_ALLOWED_USERS` variable to restrict command execution to authorized personnel only.