Openclaw Zalo 2026.5.12 Beta.6.Tgz

Package: @openclaw/zalo (npm) Version: 2026.5.7 Description: OpenClaw Zalo channel plugin The package `@openclaw/zalo` implements a Zalo channel plugin for the OpenClaw platform. The code adheres strictly to standard plugin architecture, focusing on integration with the official Zalo Bot API (`https://bot-api.zaloplatforms.com`). Key functions include secure handling of bot tokens and secrets via the OpenClaw SDK, implementation of polling and webhook modes, and robust security measures for webhook ingress (timing-safe secret comparison, rate limiting, replay attack prevention, and anomaly tracking). It correctly implements outbound messaging (text/photo) and inbound message processing, including authorization checks based on configured DM and group policies. The code includes necessary features like proxy support and a temporary media hosting solution that implements critical security controls (token authentication, restricted access, temporary storage, and file cleanup). No malicious or suspicious behavior was detected.