security: harden architecture against Moltbot security model

- Discord: add allowed_users field + sender validation in listen()
- Slack: add allowed_users field + sender validation in listen()
- Webhook: add X-Webhook-Secret header auth (401 on mismatch)
- SecurityPolicy: add ActionTracker with sliding-window rate limiting
  - record_action() enforces max_actions_per_hour
  - is_rate_limited() checks without recording
- Gateway: print auth status on startup (ENABLED/DISABLED)
- 22 new tests (Discord/Slack allowlists, gateway header extraction,
  rate limiter: starts at zero, records, allows within limit,
  blocks over limit, clone independence)
- 554 tests passing, 0 clippy warnings

src/config/schema.rs

@@ -183,6 +183,8 @@ pub struct TelegramConfig {
 pub struct DiscordConfig {
     pub bot_token: String,
     pub guild_id: Option<String>,
+    #[serde(default)]
+    pub allowed_users: Vec<String>,
 }
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
@@ -190,6 +192,8 @@ pub struct SlackConfig {
     pub bot_token: String,
     pub app_token: Option<String>,
     pub channel_id: Option<String>,
+    #[serde(default)]
+    pub allowed_users: Vec<String>,
 }
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
@@ -461,6 +465,7 @@ default_temperature = 0.7
         let dc = DiscordConfig {
             bot_token: "discord-token".into(),
             guild_id: Some("12345".into()),
+            allowed_users: vec![],
         };
         let json = serde_json::to_string(&dc).unwrap();
         let parsed: DiscordConfig = serde_json::from_str(&json).unwrap();
@@ -473,6 +478,7 @@ default_temperature = 0.7
         let dc = DiscordConfig {
             bot_token: "tok".into(),
             guild_id: None,
+            allowed_users: vec![],
         };
         let json = serde_json::to_string(&dc).unwrap();
         let parsed: DiscordConfig = serde_json::from_str(&json).unwrap();