fix: isolate external direct-message runtime policy

docs/channels/channel-routing.md

@@ -23,15 +23,13 @@ host configuration.
 
 ## Session key shapes (examples)
 
-Most direct messages collapse to the agent’s **main** session:
+Direct messages collapse to the agent’s **main** session by default:
 
 - `agent:<agentId>:<mainKey>` (default: `agent:main:main`)
 
-Telegram bot direct messages are isolated per bot account and sender even when
-`session.dmScope` is `main`, so sandbox and tool policy decisions can distinguish
-channel-originated DMs from the agent main session:
-
-- `agent:<agentId>:telegram:<accountId>:direct:<senderId>`
+Even when direct-message conversation history is shared with main, sandbox and
+tool policy use a derived per-account direct-chat runtime key for external DMs
+so channel-originated messages are not treated like local main-session runs.
 
 Groups and channels remain isolated per channel:
 

docs/channels/telegram.md

@@ -72,13 +72,6 @@ openclaw pairing approve telegram <CODE>
 Token resolution order is account-aware. In practice, config values win over env fallback, and `TELEGRAM_BOT_TOKEN` only applies to the default account.
 </Note>
 
-## Session isolation
-
-Telegram bot DMs use per-account sender session keys, for example
-`agent:main:telegram:default:direct:814912386`. This keeps Telegram-originated
-tool and sandbox policy distinct from the agent main session even when the
-global `session.dmScope` setting is `main`.
-
 ## Telegram side settings
 
 <AccordionGroup>