Back to plugin

Security audit

Openclaw Zalo Mod

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Zalo moderation plugin, but it can broadly change OpenClaw/Zalo routing and has under-bounded owner/session handling that should be reviewed before use.

Before installing, review the full runtime source, manually set ownerId and any allowedDmUsers, narrow the Zalo group list instead of using a wildcard, inspect any openclaw.json changes, and understand that @mentions and memory sync can persist or forward group content.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.