#23464: feat(synology-chat): add group/channel support

## Summary - Adds group/channel message support to the Synology Chat plugin. Synology Chat bots only receive DMs natively; this uses **outgoing webhooks** (one per channel, with trigger words) for reception and **incoming webhooks** for replies. - Multi-token architecture: bot token validates DMs, channel outgoing webhook tokens validate group messages. Detection is token-based, not heuristic. - Group routing via `OriginatingTo` encoding (`group:<channelId>:<userId>`) so `outbound.sendText` routes replies to the correct channel webhook. - New access control: `groupPolicy` (`disabled`/`open`/`allowlist`) + `groupAllowFrom`. - Config: `channelTokens` + `channelWebhooks` (env vars `SYNOLOGY_CHANNEL_TOKEN_<id>` / `SYNOLOGY_CHANNEL_WEBHOOK_<id>` or config keys). - Security fix: `allowInsecureSsl` now defaults to `false` in all client function signatures (was `true`). - Client refactor: shared `sendWithRetry()` eliminates duplicated retry/rate-limit logic across `sendMessage`, `sendToChannel`, `sendFileUrl`. - DM session keys keep the upstream format (`synology-chat-${userId}`) for backward compatibility. - New user-oriented README and comprehensive `docs/channels/synology-chat.md` page. - Synology Chat added to `docs/channels/index.md`. ## Test plan - [x] 74 plugin tests pass (`npx vitest run` in extensions/synology-chat) - [x] 1260 extension tests pass (`vitest.extensions.config.ts`, zero regressions) - [x] Tested on real Synology NAS (DSM 7.x) — DMs and channel "Roboteam" with trigger word - [x] Verified DM session key backward compatibility (no conversation history loss) - [ ] Verify CI passes 🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- greptile_comment --> <h3>Greptile Summary</h3> Adds comprehensive group/channel support to the Synology Chat plugin via a multi-token architecture. DM messages continue using the bot token while channel messages use per-channel outgoing webhook tokens for reception and incoming webhooks for replies. The implementation includes proper access control (`groupPolicy` with `disabled`/`open`/`allowlist` modes), backward-compatible DM session keys, security improvements (`allowInsecureSsl` defaults changed to `false`), and thorough test coverage. **Major changes:** - Multi-token validation: bot token for DMs, channel-specific tokens for groups - Group routing via `OriginatingTo` encoding (`group:<channelId>:<userId>`) - New access control: `groupPolicy` and `groupAllowFrom` for channel-specific allowlists - Security fix: `allowInsecureSsl` parameter now defaults to `false` across all client functions - Client refactor: shared `sendWithRetry()` eliminates code duplication - Comprehensive documentation in README and `docs/channels/synology-chat.md` <h3>Confidence Score: 4/5</h3> - This PR is safe to merge with minimal risk - Score reflects high-quality implementation with proper security measures, comprehensive test coverage (74 plugin tests, 1260 extension tests), and backward compatibility. The multi-token architecture is well-designed, error handling is robust, and the changes follow established patterns from other channel plugins. Minor deduction for the breaking change to `allowInsecureSsl` default (though this improves security), and the complexity of the dual-webhook channel setup requiring careful user configuration. - No files require special attention - the implementation is clean and well-tested _{Last reviewed commit: e8fb635} <!-- greptile_other_comments_section --> _{(4/5) You can add custom instructions or style guidelines for the agent [here](https://app.greptile.com/review/github)!} <!-- /greptile_comment -->