fix(gateway): treat OpenAI HTTP ingress as non-owner (#57769)

Co-authored-by: Brian Mendonca <208517100+bmendonca3@users.noreply.github.com>

src/gateway/openai-http.test.ts

@@ -146,6 +146,7 @@ describe("OpenAI-compatible HTTP API (e2e)", () => {
             message?: string;
             extraSystemPrompt?: string;
             images?: Array<{ type: string; data: string; mimeType: string }>;
+            senderIsOwner?: boolean;
           }
         | undefined;
     const getFirstAgentMessage = () => getFirstAgentCall()?.message ?? "";
@@ -169,6 +170,7 @@ describe("OpenAI-compatible HTTP API (e2e)", () => {
         messages: [{ role: "user", content: message }],
       });
       expect(res.status).toBe(200);
+      expect(getFirstAgentCall()?.senderIsOwner).toBe(false);
       return (await res.json()) as Record<string, unknown>;
     };
 

src/gateway/openai-http.ts

@@ -117,8 +117,8 @@ function buildAgentCommandInput(params: {
     deliver: false as const,
     messageChannel: params.messageChannel,
     bestEffortDeliver: false as const,
-    // HTTP API callers are authenticated operator clients for this gateway context.
-    senderIsOwner: true as const,
+    // OpenAI-compatible HTTP ingress is external input and must not inherit owner-only tools.
+    senderIsOwner: false as const,
     allowModelOverride: true as const,
   };
 }