Security audit
Openclaw Zalo Mod
Security checks across malware telemetry and agentic risk
Overview
This appears to be a real Zalo moderation plugin, but it can broadly change OpenClaw/Zalo routing and has under-bounded owner/session handling that should be reviewed before use.
Before installing, review the full runtime source, manually set ownerId and any allowedDmUsers, narrow the Zalo group list instead of using a wildcard, inspect any openclaw.json changes, and understand that @mentions and memory sync can persist or forward group content.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Static analysis
No suspicious patterns detected.
