feat: hard gate to prevent @here and @everyone mentions

AGENTS.md

@@ -36,6 +36,8 @@
 | `src/utils/health.js` | Health monitoring singleton |
 | `src/utils/permissions.js` | Permission checking for commands |
 | `src/utils/retry.js` | Retry utility for flaky operations |
+| `src/utils/safeSend.js` | Safe message-sending wrappers — sanitizes mentions and enforces allowedMentions on every outgoing message |
+| `src/utils/sanitizeMentions.js` | Mention sanitization — strips @everyone/@here from outgoing text via zero-width space insertion |
 | `src/utils/registerCommands.js` | Discord REST API command registration |
 | `src/utils/splitMessage.js` | Message splitting for Discord's 2000-char limit |
 | `src/utils/duration.js` | Duration parsing — "1h", "7d" ↔ ms with human-readable formatting |

src/commands/ban.js

@@ -13,6 +13,7 @@ import {
   sendModLogEmbed,
   shouldSendDm,
 } from '../modules/moderation.js';
+import { safeEditReply } from '../utils/safeSend.js';
 
 export const data = new SlashCommandBuilder()
   .setName('ban')
@@ -59,7 +60,7 @@ export async function execute(interaction) {
         interaction.guild.members.me,
       );
       if (hierarchyError) {
-        return await interaction.editReply(hierarchyError);
+        return await safeEditReply(interaction, hierarchyError);
       }
 
       if (shouldSendDm(config, 'ban')) {
@@ -84,13 +85,15 @@ export async function execute(interaction) {
     await sendModLogEmbed(interaction.client, config, caseData);
 
     info('User banned', { target: user.tag, moderator: interaction.user.tag });
-    await interaction.editReply(
+    await safeEditReply(
+      interaction,
       `✅ **${user.tag}** has been banned. (Case #${caseData.case_number})`,
     );
   } catch (err) {
     logError('Command error', { error: err.message, command: 'ban' });
-    await interaction
-      .editReply('❌ An error occurred. Please try again or contact an administrator.')
-      .catch(() => {});
+    await safeEditReply(
+      interaction,
+      '❌ An error occurred. Please try again or contact an administrator.',
+    ).catch(() => {});
   }
 }

src/commands/case.js

@@ -8,6 +8,7 @@ import { getPool } from '../db.js';
 import { info, error as logError } from '../logger.js';
 import { getConfig } from '../modules/config.js';
 import { ACTION_COLORS, ACTION_LOG_CHANNEL_KEY } from '../modules/moderation.js';
+import { safeEditReply } from '../utils/safeSend.js';
 
 export const data = new SlashCommandBuilder()
   .setName('case')
@@ -117,7 +118,7 @@ export async function execute(interaction) {
     }
   } catch (err) {
     logError('Case command failed', { error: err.message, subcommand });
-    await interaction.editReply('Failed to execute case command.');
+    await safeEditReply(interaction, 'Failed to execute case command.');
   }
 }
 
@@ -135,11 +136,11 @@ async function handleView(interaction) {
   );
 
   if (rows.length === 0) {
-    return await interaction.editReply(`Case #${caseId} not found.`);
+    return await safeEditReply(interaction, `Case #${caseId} not found.`);
   }
 
   const embed = buildCaseEmbed(rows[0]);
-  await interaction.editReply({ embeds: [embed] });
+  await safeEditReply(interaction, { embeds: [embed] });
 }
 
 /**
@@ -172,7 +173,7 @@ async function handleList(interaction) {
   const { rows } = await pool.query(query, params);
 
   if (rows.length === 0) {
-    return await interaction.editReply('No cases found matching the criteria.');
+    return await safeEditReply(interaction, 'No cases found matching the criteria.');
   }
 
   const lines = rows.map((row) => {
@@ -192,7 +193,7 @@ async function handleList(interaction) {
     .setFooter({ text: `Showing ${rows.length} case(s)` })
     .setTimestamp();
 
-  await interaction.editReply({ embeds: [embed] });
+  await safeEditReply(interaction, { embeds: [embed] });
 }
 
 /**
@@ -210,7 +211,7 @@ async function handleReason(interaction) {
   );
 
   if (rows.length === 0) {
-    return await interaction.editReply(`Case #${caseId} not found.`);
+    return await safeEditReply(interaction, `Case #${caseId} not found.`);
   }
 
   const caseRow = rows[0];
@@ -249,7 +250,7 @@ async function handleReason(interaction) {
     moderator: interaction.user.tag,
   });
 
-  await interaction.editReply(`Updated reason for case #${caseId}.`);
+  await safeEditReply(interaction, `Updated reason for case #${caseId}.`);
 }
 
 /**
@@ -266,7 +267,7 @@ async function handleDelete(interaction) {
   );
 
   if (rows.length === 0) {
-    return await interaction.editReply(`Case #${caseId} not found.`);
+    return await safeEditReply(interaction, `Case #${caseId} not found.`);
   }
 
   info('Case deleted', {
@@ -275,5 +276,5 @@ async function handleDelete(interaction) {
     moderator: interaction.user.tag,
   });
 
-  await interaction.editReply(`Deleted case #${caseId} (${rows[0].action}).`);
+  await safeEditReply(interaction, `Deleted case #${caseId} (${rows[0].action}).`);
 }

src/commands/config.js

@@ -5,6 +5,7 @@
 
 import { EmbedBuilder, SlashCommandBuilder } from 'discord.js';
 import { getConfig, resetConfig, setConfigValue } from '../modules/config.js';
+import { safeEditReply, safeReply } from '../utils/safeSend.js';
 
 /**
  * Escape backticks in user-provided strings to prevent breaking Discord inline code formatting.
@@ -169,7 +170,7 @@ export async function execute(interaction) {
       await handleReset(interaction);
       break;
     default:
-      await interaction.reply({
+      await safeReply(interaction, {
         content: `❌ Unknown subcommand: \`${subcommand}\``,
         ephemeral: true,
       });
@@ -200,7 +201,7 @@ async function handleView(interaction) {
       const sectionData = config[section];
       if (!sectionData) {
         const safeSection = escapeInlineCode(section);
-        return await interaction.reply({
+        return await safeReply(interaction, {
           content: `❌ Section \`${safeSection}\` not found in config`,
           ephemeral: true,
         });
@@ -254,11 +255,11 @@ async function handleView(interaction) {
       }
     }
 
-    await interaction.reply({ embeds: [embed], ephemeral: true });
+    await safeReply(interaction, { embeds: [embed], ephemeral: true });
   } catch (err) {
     const safeMessage =
       process.env.NODE_ENV === 'development' ? err.message : 'An internal error occurred.';
-    await interaction.reply({
+    await safeReply(interaction, {
       content: `❌ Failed to load config: ${safeMessage}`,
       ephemeral: true,
     });
@@ -277,7 +278,7 @@ async function handleSet(interaction) {
   const validSections = Object.keys(getConfig());
   if (!validSections.includes(section)) {
     const safeSection = escapeInlineCode(section);
-    return await interaction.reply({
+    return await safeReply(interaction, {
       content: `❌ Invalid section \`${safeSection}\`. Valid sections: ${validSections.join(', ')}`,
       ephemeral: true,
     });
@@ -308,15 +309,15 @@ async function handleSet(interaction) {
       .setFooter({ text: 'Changes take effect immediately' })
       .setTimestamp();
 
-    await interaction.editReply({ embeds: [embed] });
+    await safeEditReply(interaction, { embeds: [embed] });
   } catch (err) {
     const safeMessage =
       process.env.NODE_ENV === 'development' ? err.message : 'An internal error occurred.';
     const content = `❌ Failed to set config: ${safeMessage}`;
     if (interaction.deferred) {
-      await interaction.editReply({ content });
+      await safeEditReply(interaction, { content });
     } else {
-      await interaction.reply({ content, ephemeral: true });
+      await safeReply(interaction, { content, ephemeral: true });
     }
   }
 }
@@ -343,15 +344,15 @@ async function handleReset(interaction) {
       .setFooter({ text: 'Changes take effect immediately' })
       .setTimestamp();
 
-    await interaction.editReply({ embeds: [embed] });
+    await safeEditReply(interaction, { embeds: [embed] });
   } catch (err) {
     const safeMessage =
       process.env.NODE_ENV === 'development' ? err.message : 'An internal error occurred.';
     const content = `❌ Failed to reset config: ${safeMessage}`;
     if (interaction.deferred) {
-      await interaction.editReply({ content });
+      await safeEditReply(interaction, { content });
     } else {
-      await interaction.reply({ content, ephemeral: true });
+      await safeReply(interaction, { content, ephemeral: true });
     }
   }
 }

src/commands/history.js

@@ -6,6 +6,7 @@
 import { EmbedBuilder, SlashCommandBuilder } from 'discord.js';
 import { getPool } from '../db.js';
 import { info, error as logError } from '../logger.js';
+import { safeEditReply } from '../utils/safeSend.js';
 
 export const data = new SlashCommandBuilder()
   .setName('history')
@@ -30,7 +31,7 @@ export async function execute(interaction) {
     );
 
     if (rows.length === 0) {
-      return await interaction.editReply(`No moderation history found for ${user.tag}.`);
+      return await safeEditReply(interaction, `No moderation history found for ${user.tag}.`);
     }
 
     const lines = rows.map((row) => {
@@ -68,9 +69,9 @@ export async function execute(interaction) {
       caseCount: rows.length,
     });
 
-    await interaction.editReply({ embeds: [embed] });
+    await safeEditReply(interaction, { embeds: [embed] });
   } catch (err) {
     logError('Command error', { error: err.message, command: 'history' });
-    await interaction.editReply('❌ Failed to fetch moderation history.');
+    await safeEditReply(interaction, '❌ Failed to fetch moderation history.').catch(() => {});
   }
 }

src/commands/kick.js

@@ -13,6 +13,7 @@ import {
   sendModLogEmbed,
   shouldSendDm,
 } from '../modules/moderation.js';
+import { safeEditReply } from '../utils/safeSend.js';
 
 export const data = new SlashCommandBuilder()
   .setName('kick')
@@ -35,13 +36,13 @@ export async function execute(interaction) {
     const config = getConfig();
     const target = interaction.options.getMember('user');
     if (!target) {
-      return await interaction.editReply('❌ User is not in this server.');
+      return await safeEditReply(interaction, '❌ User is not in this server.');
     }
     const reason = interaction.options.getString('reason');
 
     const hierarchyError = checkHierarchy(interaction.member, target, interaction.guild.members.me);
     if (hierarchyError) {
-      return await interaction.editReply(hierarchyError);
+      return await safeEditReply(interaction, hierarchyError);
     }
 
     if (shouldSendDm(config, 'kick')) {
@@ -62,13 +63,15 @@ export async function execute(interaction) {
     await sendModLogEmbed(interaction.client, config, caseData);
 
     info('User kicked', { target: target.user.tag, moderator: interaction.user.tag });
-    await interaction.editReply(
+    await safeEditReply(
+      interaction,
       `✅ **${target.user.tag}** has been kicked. (Case #${caseData.case_number})`,
     );
   } catch (err) {
     logError('Command error', { error: err.message, command: 'kick' });
-    await interaction
-      .editReply('❌ An error occurred. Please try again or contact an administrator.')
-      .catch(() => {});
+    await safeEditReply(
+      interaction,
+      '❌ An error occurred. Please try again or contact an administrator.',
+    ).catch(() => {});
   }
 }

src/commands/lock.js

@@ -7,6 +7,7 @@ import { ChannelType, EmbedBuilder, SlashCommandBuilder } from 'discord.js';
 import { info, error as logError } from '../logger.js';
 import { getConfig } from '../modules/config.js';
 import { createCase, sendModLogEmbed } from '../modules/moderation.js';
+import { safeEditReply, safeSend } from '../utils/safeSend.js';
 
 export const data = new SlashCommandBuilder()
   .setName('lock')
@@ -36,7 +37,7 @@ export async function execute(interaction) {
     const reason = interaction.options.getString('reason');
 
     if (channel.type !== ChannelType.GuildText) {
-      return await interaction.editReply('❌ Lock can only be used in text channels.');
+      return await safeEditReply(interaction, '❌ Lock can only be used in text channels.');
     }
 
     await channel.permissionOverwrites.edit(interaction.guild.roles.everyone, {
@@ -49,7 +50,7 @@ export async function execute(interaction) {
         `🔒 This channel has been locked by ${interaction.user}${reason ? `\n**Reason:** ${reason}` : ''}`,
       )
       .setTimestamp();
-    await channel.send({ embeds: [notifyEmbed] });
+    await safeSend(channel, { embeds: [notifyEmbed] });
 
     const config = getConfig();
     const caseData = await createCase(interaction.guild.id, {
@@ -63,11 +64,12 @@ export async function execute(interaction) {
     await sendModLogEmbed(interaction.client, config, caseData);
 
     info('Channel locked', { channelId: channel.id, moderator: interaction.user.tag });
-    await interaction.editReply(`✅ ${channel} has been locked.`);
+    await safeEditReply(interaction, `✅ ${channel} has been locked.`);
   } catch (err) {
     logError('Lock command failed', { error: err.message, command: 'lock' });
-    await interaction
-      .editReply('❌ An error occurred. Please try again or contact an administrator.')
-      .catch(() => {});
+    await safeEditReply(
+      interaction,
+      '❌ An error occurred. Please try again or contact an administrator.',
+    ).catch(() => {});
   }
 }