You could check the users modes to ensure that they have sufficient access.
menu * {
$iif((a isin $usermode) || (C isincs $v2) || (o isin $v2),Spamfilter) : dialog $iif(!$dialog(spam),-ev,-md) spam spam
}
This will 1) prevent someone with the code but without IRCops from even accessing the code.
2) Open the dialog if closed, or restore it if open but minimized