refactor: compose account security warning helpers

extensions/googlechat/src/channel.ts

@@ -5,9 +5,9 @@ import {
   createScopedChannelConfigAdapter,
 } from "openclaw/plugin-sdk/channel-config-helpers";
 import {
+  composeAccountWarningCollectors,
   composeWarningCollectors,
   createAllowlistProviderGroupPolicyWarningCollector,
-  createConditionalWarningCollector,
   createAllowlistProviderOpenWarningCollector,
 } from "openclaw/plugin-sdk/channel-policy";
 import { createChatChannelPlugin } from "openclaw/plugin-sdk/core";
@@ -116,16 +116,17 @@ const collectGoogleChatGroupPolicyWarnings =
     },
   });
 
-const collectGoogleChatSecurityWarnings = composeWarningCollectors<{
-  cfg: OpenClawConfig;
-  account: ResolvedGoogleChatAccount;
-}>(
+const collectGoogleChatSecurityWarnings = composeAccountWarningCollectors<
+  ResolvedGoogleChatAccount,
+  {
+    cfg: OpenClawConfig;
+    account: ResolvedGoogleChatAccount;
+  }
+>(
   collectGoogleChatGroupPolicyWarnings,
-  createConditionalWarningCollector(
-    ({ account }) =>
-      account.config.dm?.policy === "open" &&
-      '- Google Chat DMs are open to anyone. Set channels.googlechat.dm.policy="pairing" or "allowlist".',
-  ),
+  (account) =>
+    account.config.dm?.policy === "open" &&
+    '- Google Chat DMs are open to anyone. Set channels.googlechat.dm.policy="pairing" or "allowlist".',
 );
 
 export const googlechatPlugin = createChatChannelPlugin({

extensions/irc/src/channel.ts

@@ -6,9 +6,9 @@ import {
   createScopedDmSecurityResolver,
 } from "openclaw/plugin-sdk/channel-config-helpers";
 import {
+  composeAccountWarningCollectors,
   composeWarningCollectors,
   createAllowlistProviderOpenWarningCollector,
-  createConditionalWarningCollector,
 } from "openclaw/plugin-sdk/channel-policy";
 import { createChatChannelPlugin } from "openclaw/plugin-sdk/core";
 import {
@@ -110,23 +110,24 @@ const collectIrcGroupPolicyWarnings =
     },
   });
 
-const collectIrcSecurityWarnings = composeWarningCollectors<{
-  account: ResolvedIrcAccount;
-  cfg: CoreConfig;
-}>(
+const collectIrcSecurityWarnings = composeAccountWarningCollectors<
+  ResolvedIrcAccount,
+  {
+    account: ResolvedIrcAccount;
+    cfg: CoreConfig;
+  }
+>(
   collectIrcGroupPolicyWarnings,
-  createConditionalWarningCollector(
-    ({ account }) =>
-      !account.config.tls &&
-      "- IRC TLS is disabled (channels.irc.tls=false); traffic and credentials are plaintext.",
-    ({ account }) =>
-      account.config.nickserv?.register &&
-      '- IRC NickServ registration is enabled (channels.irc.nickserv.register=true); this sends "REGISTER" on every connect. Disable after first successful registration.',
-    ({ account }) =>
-      account.config.nickserv?.register &&
-      !account.config.nickserv.password?.trim() &&
-      "- IRC NickServ registration is enabled but no NickServ password is resolved; set channels.irc.nickserv.password, channels.irc.nickserv.passwordFile, or IRC_NICKSERV_PASSWORD.",
-  ),
+  (account) =>
+    !account.config.tls &&
+    "- IRC TLS is disabled (channels.irc.tls=false); traffic and credentials are plaintext.",
+  (account) =>
+    account.config.nickserv?.register &&
+    '- IRC NickServ registration is enabled (channels.irc.nickserv.register=true); this sends "REGISTER" on every connect. Disable after first successful registration.',
+  (account) =>
+    account.config.nickserv?.register &&
+    !account.config.nickserv.password?.trim() &&
+    "- IRC NickServ registration is enabled but no NickServ password is resolved; set channels.irc.nickserv.password, channels.irc.nickserv.passwordFile, or IRC_NICKSERV_PASSWORD.",
 );
 
 export const ircPlugin: ChannelPlugin<ResolvedIrcAccount, IrcProbe> = createChatChannelPlugin({

src/channels/plugins/group-policy-warnings.test.ts

@@ -3,6 +3,7 @@ import type { OpenClawConfig } from "../../config/types.openclaw.js";
 import {
   collectAllowlistProviderGroupPolicyWarnings,
   collectAllowlistProviderRestrictSendersWarnings,
+  composeAccountWarningCollectors,
   composeWarningCollectors,
   createAllowlistProviderGroupPolicyWarningCollector,
   createConditionalWarningCollector,
@@ -113,6 +114,25 @@ describe("group policy warning builders", () => {
     expect(collect({ open: false, token: "x" })).toEqual([]);
   });
 
+  it("composes account-scoped warning collectors", () => {
+    const collect = composeAccountWarningCollectors<
+      { enabled: boolean },
+      { account: { enabled: boolean } }
+    >(
+      () => ["base"],
+      (account) => (account.enabled ? "enabled" : undefined),
+      () => ["extra-a", "extra-b"],
+    );
+
+    expect(collect({ account: { enabled: true } })).toEqual([
+      "base",
+      "enabled",
+      "extra-a",
+      "extra-b",
+    ]);
+    expect(collect({ account: { enabled: false } })).toEqual(["base", "extra-a", "extra-b"]);
+  });
+
   it("builds base open-policy warning", () => {
     expect(
       buildOpenGroupPolicyWarning({

src/channels/plugins/group-policy-warnings.ts

@@ -80,6 +80,25 @@ export function createConditionalWarningCollector<Params>(
     });
 }
 
+export function composeAccountWarningCollectors<
+  ResolvedAccount,
+  Params extends { account: ResolvedAccount },
+>(
+  baseCollector: WarningCollector<Params>,
+  ...collectors: Array<(account: ResolvedAccount) => string | string[] | null | undefined | false>
+): WarningCollector<Params> {
+  return composeWarningCollectors(
+    baseCollector,
+    createConditionalWarningCollector<Params>(
+      ...collectors.map(
+        (collector) =>
+          ({ account }: Params) =>
+            collector(account),
+      ),
+    ),
+  );
+}
+
 export function buildOpenGroupPolicyWarning(params: {
   surface: string;
   openBehavior: string;

src/plugin-sdk/channel-policy.ts

@@ -9,6 +9,7 @@ export type {
   GroupToolPolicyConfig,
 } from "../config/types.tools.js";
 export {
+  composeAccountWarningCollectors,
   buildOpenGroupPolicyConfigureRouteAllowlistWarning,
   composeWarningCollectors,
   createAllowlistProviderGroupPolicyWarningCollector,