Sensitive-looking file read is paired with a network send.
- Code
- suspicious.potential_exfiltration
- Location
- dist/index.js:31
- Evidence
const raw = readFileSync(CREDENTIALS_PATH, "utf-8");
Security audit
Security checks across malware telemetry and agentic risk
The package is coherent for connecting OpenClaw to a personal Zalo account, but it gives the agent sensitive messaging and account-control powers that users should enable deliberately.
Install only if you want an AI agent connected to your personal Zalo account. This plugin can send and delete messages, manage friends and groups, change account/profile-related settings, and use a reverse-engineered personal-account API that may violate Zalo's terms or risk account lockout. Use pairing or allowlists, keep group tool policies tight, and enable passive group-history logging only when everyone affected understands messages will be saved locally.
61/61 vendors flagged this plugin as clean.
Detected: suspicious.potential_exfiltration
const raw = readFileSync(CREDENTIALS_PATH, "utf-8");