#20921: WhatsApp: enforce allowFrom for explicit outbound sends

## Summary - Fixes #20108 by enforcing WhatsApp `allowFrom` for direct-message outbound targets in all modes, including `mode: "explicit"`. - Keeps group JID behavior unchanged (`@g.us` targets still follow the group-policy path). - Adds regression tests for explicit/custom mode deny+allow behavior. ## Why this is treated as a bug (not a feature) - Main outbound send paths use `mode: "explicit"`. - Previous resolver logic enforced `allowFrom` only for `implicit`/`heartbeat`, then returned success for explicit non-group targets. - This created a path where non-allowlisted WhatsApp numbers could be targeted despite configured allowlist controls. ## Why this is the simplest fix - Single resolver-logic correction in one file. - No new config surface, no API change, no routing refactor. - Existing semantics are preserved for: - `allowFrom: ["*"]` - empty allowlist behavior - group JID handling ## Open question This PR applies the minimal safe default and treats explicit-mode bypass as a security bug. If maintainers confirm prior explicit bypass had intentional product semantics for specific workflows, a follow-up can introduce an explicit opt-in config rather than a hidden bypass. ## Validation Reproduction input: - `to = "+15551112222"` - `allowFrom = ["+15550000000"]` - `mode = "explicit"` Observed behavior: - Before (commit `6a19654c4`): allowed - With this PR: blocked Tests: - `src/whatsapp/resolve-outbound-target.test.ts` - `src/infra/outbound/outbound.test.ts` ## Prompt summary I asked Codex to: 1. "fix this issue" 2. explain why this is a bug and not a feature 3. explain why this is the simplest valid fix 4. keep PR framing explicit that prior logic may have had reasons and should be confirmed in review ## Attribution This PR is Codex-assisted, based on my prompts and review direction.