Openclaw A2a Plugin

This plugin’s remote agent messaging and file handling are disclosed and purpose-aligned, but users should treat it as a network-facing integration with real privacy and credential risks.

Install only if you intend to let OpenClaw communicate with remote agents. Keep API-key authentication enabled unless every machine and user on the network path is trusted, avoid sending secrets or private files unless necessary, handle inbound files as untrusted, and protect generated API keys because they grant access to the inbound A2A endpoint.