@creatoraris/openclaw-wecom 0.1.0-beta

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 CreatorAris
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,304 @@
+# OpenClaw WeCom Plugin
+
+企业微信（WeCom）智能助手机器人桥接插件，让你的 OpenClaw AI 助手接入企业微信。
+
+[![npm version](https://img.shields.io/npm/v/@creatoraris/openclaw-wecom.svg)](https://www.npmjs.com/package/@creatoraris/openclaw-wecom)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+## ✨ 特性
+
+- ✅ 支持流式回复（分段发送，体验更流畅）
+- ✅ 支持消息加密（符合企微安全规范）
+- ✅ 支持单聊和群聊
+- ✅ 自动消息去重
+- ✅ 生产环境验证
+
+## 📋 前置条件
+
+- OpenClaw 已安装并运行
+- Node.js >= 18.0.0
+- 企业微信账号（个人也可注册企业版，1-9 人免费）
+- 一台可部署 Webhook 服务的机器（或使用 ngrok 本地开发）
+
+## 🚀 快速开始
+
+### 总耗时：约 20 分钟
+
+### 步骤 1：安装插件（2 分钟）
+
+```bash
+openclaw plugins install @creatoraris/openclaw-wecom
+```
+
+### 步骤 2：申请企微机器人（10 分钟）
+
+#### 2.1 注册企业微信
+
+如果还没有企业微信账号：
+
+1. 访问 [企业微信官网](https://work.weixin.qq.com/)
+2. 点击「注册企业」
+3. 填写信息（可以用个人身份注册）
+4. 验证手机号
+
+#### 2.2 创建智能助手机器人
+
+1. 登录 [企业微信管理后台](https://work.weixin.qq.com/wework_admin/)
+2. 左侧菜单：「应用管理」→「应用」
+3. 找到「智能助手」，点击进入
+4. 点击「创建智能助手」
+5. 填写名称（如：OpenClaw AI 助手）
+6. 点击「创建」
+
+#### 2.3 配置回调
+
+1. 在智能助手详情页，点击「接收消息」标签
+2. 设置回调 URL：
+   ```
+   https://your-domain.com/wecom/callback
+   ```
+   > 💡 本地开发可以用 [ngrok](https://ngrok.com/)：`https://xxx.ngrok.io/wecom/callback`
+
+3. 点击「生成 Token 和 EncodingAESKey」
+4. **保存这三个值**（下一步要用）：
+   - Token: `abc123...`
+   - EncodingAESKey: `xyz789...`
+   - Webhook URL: `https://your-domain.com/wecom/callback`
+
+5. 点击「保存」
+
+✅ 机器人申请完成！
+
+### 步骤 3：配置 OpenClaw（5 分钟）
+
+#### 3.1 编辑配置文件
+
+编辑 `~/.openclaw/openclaw.json`：
+
+```json
+{
+  "channels": {
+    "wecom": {
+      "enabled": true,
+      "webhookUrl": "https://your-domain.com/wecom/callback",
+      "token": "你的 Token",
+      "encodingAESKey": "你的 EncodingAESKey",
+      "port": 8788
+    }
+  }
+}
+```
+
+#### 3.2 配置环境变量
+
+创建 `.env` 文件（或直接在启动脚本中设置）：
+
+```bash
+WECOM_TOKEN=你的Token
+WECOM_ENCODING_AES_KEY=你的EncodingAESKey
+OPENCLAW_API=http://localhost:18789/v1/chat/completions
+OPENCLAW_TOKEN=你的OpenClaw_Gateway_Token
+PORT=8788
+```
+
+#### 3.3 部署 Webhook 服务
+
+**方式 A：使用 systemd（推荐）**
+
+创建 `/etc/systemd/system/wecom-bridge.service`：
+
+```ini
+[Unit]
+Description=OpenClaw WeCom Bridge
+After=network.target
+
+[Service]
+Type=simple
+User=your-user
+WorkingDirectory=/path/to/openclaw-wecom-plugin
+EnvironmentFile=/path/to/.env
+ExecStart=/usr/bin/node index.js
+Restart=always
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
+```
+
+启动服务：
+
+```bash
+sudo systemctl daemon-reload
+sudo systemctl enable wecom-bridge
+sudo systemctl start wecom-bridge
+sudo systemctl status wecom-bridge
+```
+
+**方式 B：使用 PM2**
+
+```bash
+pm2 start index.js --name wecom-bridge
+pm2 save
+pm2 startup
+```
+
+**方式 C：本地开发（ngrok）**
+
+```bash
+# 终端 1：启动 webhook 服务
+node index.js
+
+# 终端 2：启动 ngrok
+ngrok http 8788
+# 复制 ngrok 生成的 https URL，配置到企微回调中
+```
+
+### 步骤 4：测试（1 分钟）
+
+1. 在企业微信中找到你创建的机器人
+2. 发送消息：`你好`
+3. 应该会收到 AI 回复
+
+🎉 恭喜！配置完成！
+
+## 📖 配置说明
+
+### 完整配置选项
+
+```json
+{
+  "channels": {
+    "wecom": {
+      "enabled": true,              // 是否启用
+      "webhookUrl": "https://...",  // 回调 URL（必填）
+      "token": "...",               // Token（必填）
+      "encodingAESKey": "...",      // EncodingAESKey（必填）
+      "port": 8788,                 // 监听端口（可选，默认 8788）
+      "streamDelay": 2000           // 流式回复延迟（毫秒，可选）
+    }
+  }
+}
+```
+
+### OpenClaw Gateway 配置
+
+确保 OpenClaw Gateway 配置了正确的认证：
+
+```json
+{
+  "gateway": {
+    "auth": {
+      "mode": "token",
+      "token": "your-gateway-token"
+    }
+  }
+}
+```
+
+## 🔧 故障排查
+
+### 问题：消息发送后没有回复
+
+**检查清单：**
+
+1. Webhook 服务器是否正常运行？
+   ```bash
+   curl http://localhost:8788/health
+   ```
+
+2. 查看日志：
+   ```bash
+   # systemd
+   sudo journalctl -u wecom-bridge -f
+   
+   # pm2
+   pm2 logs wecom-bridge
+   ```
+
+3. 验证 OpenClaw Gateway 连接：
+   ```bash
+   curl http://localhost:18789/v1/status \
+     -H "Authorization: Bearer your-token"
+   ```
+
+### 问题：消息乱码
+
+检查 `encodingAESKey` 是否正确配置。
+
+### 问题：回复速度慢
+
+流式回复会分段发送。可以调整 `streamDelay` 参数：
+
+```json
+{
+  "wecom": {
+    "streamDelay": 1000  // 减小延迟（毫秒）
+  }
+}
+```
+
+### 问题：Webhook 服务启动失败
+
+1. 检查端口是否被占用：
+   ```bash
+   lsof -i :8788
+   ```
+
+2. 检查环境变量是否正确：
+   ```bash
+   echo $WECOM_TOKEN
+   echo $WECOM_ENCODING_AES_KEY
+   ```
+
+## 🏗️ 架构说明
+
+```
+企微客户端 → 企微服务器 → Webhook 服务器 → OpenClaw Gateway → AI 模型
+                           ↓
+                    加密/解密、去重、流式处理
+```
+
+### 消息流程
+
+1. 用户在企微发送消息
+2. 企微服务器加密后推送到 Webhook
+3. Webhook 服务解密、验证、去重
+4. 转发到 OpenClaw Gateway
+5. AI 生成回复（流式）
+6. Webhook 服务分段加密发送到企微
+7. 用户收到 AI 回复
+
+## 🔒 安全性
+
+- ✅ 使用 AES-256-CBC 加密
+- ✅ 消息签名验证
+- ✅ 自动消息去重（防止重放攻击）
+- ✅ 环境变量存储敏感信息
+
+## 🤝 贡献
+
+欢迎贡献代码、报告问题或提出建议！
+
+1. Fork 本仓库
+2. 创建特性分支：`git checkout -b feature/amazing-feature`
+3. 提交更改：`git commit -m 'Add amazing feature'`
+4. 推送分支：`git push origin feature/amazing-feature`
+5. 提交 Pull Request
+
+## 📄 License
+
+MIT License - 详见 [LICENSE](LICENSE) 文件
+
+## 🙏 致谢
+
+- [OpenClaw](https://openclaw.ai) - 强大的 AI 助手框架
+- [企业微信](https://work.weixin.qq.com/) - 提供企业级通讯平台
+
+## 📞 支持
+
+- 提交 Issue：[GitHub Issues](https://github.com/CreatorAris/openclaw-wecom-plugin/issues)
+- 查看文档：[OpenClaw 文档](https://docs.openclaw.ai)
+
+---
+
+**注意：** 本项目为 beta 版本，欢迎反馈和建议！

package/crypto.js

@@ -0,0 +1,64 @@
+/**
+ * 企业微信智能机器人加解密模块
+ */
+import crypto from 'node:crypto';
+
+export class WeComCrypto {
+  constructor(token, encodingAESKey, receiverId = '') {
+    this.token = token;
+    this.receiverId = receiverId;
+    this.aesKey = Buffer.from(encodingAESKey + '=', 'base64');
+    this.iv = this.aesKey.subarray(0, 16);
+  }
+
+  verifySignature(signature, timestamp, nonce, echostr) {
+    const arr = [this.token, timestamp, nonce, echostr].filter(Boolean).sort();
+    const hash = crypto.createHash('sha1').update(arr.join('')).digest('hex');
+    return hash === signature;
+  }
+
+  decrypt(encrypted) {
+    const decipher = crypto.createDecipheriv('aes-256-cbc', this.aesKey, this.iv);
+    decipher.setAutoPadding(false);
+
+    let decrypted = Buffer.concat([
+      decipher.update(encrypted, 'base64'),
+      decipher.final(),
+    ]);
+
+    const pad = decrypted[decrypted.length - 1];
+    decrypted = decrypted.subarray(0, decrypted.length - pad);
+
+    const msgLen = decrypted.readUInt32BE(16);
+    const message = decrypted.subarray(20, 20 + msgLen).toString('utf8');
+    const receiverId = decrypted.subarray(20 + msgLen).toString('utf8');
+
+    return { message, receiverId };
+  }
+
+  encrypt(message) {
+    const msgBuf = Buffer.from(message, 'utf8');
+    const receiverBuf = Buffer.from(this.receiverId, 'utf8');
+
+    const random = crypto.randomBytes(16);
+    const lenBuf = Buffer.alloc(4);
+    lenBuf.writeUInt32BE(msgBuf.length, 0);
+
+    let data = Buffer.concat([random, lenBuf, msgBuf, receiverBuf]);
+
+    const blockSize = 32;
+    const pad = blockSize - (data.length % blockSize);
+    data = Buffer.concat([data, Buffer.alloc(pad, pad)]);
+
+    const cipher = crypto.createCipheriv('aes-256-cbc', this.aesKey, this.iv);
+    cipher.setAutoPadding(false);
+
+    const encrypted = Buffer.concat([cipher.update(data), cipher.final()]);
+    return encrypted.toString('base64');
+  }
+
+  sign(timestamp, nonce, encrypted) {
+    const arr = [this.token, timestamp, nonce, encrypted].sort();
+    return crypto.createHash('sha1').update(arr.join('')).digest('hex');
+  }
+}

package/index.js

@@ -0,0 +1,355 @@
+import 'dotenv/config';
+import http from 'node:http';
+import crypto from 'node:crypto';
+import { URL } from 'node:url';
+import { WeComCrypto } from './crypto.js';
+
+const {
+  WECOM_TOKEN,
+  WECOM_ENCODING_AES_KEY,
+  OPENCLAW_API,
+  OPENCLAW_TOKEN,
+  PORT = '8788',
+} = process.env;
+
+const botCrypto = new WeComCrypto(WECOM_TOKEN, WECOM_ENCODING_AES_KEY, '');
+
+// ── Stream state management ──
+// Map<streamId, { content: string, finished: boolean, responseUrl: string }>
+const streams = new Map();
+
+function cleanupStreams() {
+  const cutoff = Date.now() - 10 * 60 * 1000; // 10 min
+  for (const [k, v] of streams) {
+    if (v.createdAt < cutoff) streams.delete(k);
+  }
+}
+
+// ── Dedup ──
+const processedMsgIds = new Map();
+function isDuplicate(msgid) {
+  if (!msgid) return false;
+  if (processedMsgIds.has(msgid)) return true;
+  processedMsgIds.set(msgid, Date.now());
+  if (processedMsgIds.size > 1000) {
+    const cutoff = Date.now() - 600000;
+    for (const [k, v] of processedMsgIds) {
+      if (v < cutoff) processedMsgIds.delete(k);
+    }
+  }
+  return false;
+}
+
+// ── Helpers ──
+
+function readBody(req) {
+  return new Promise((resolve, reject) => {
+    const chunks = [];
+    req.on('data', (c) => chunks.push(c));
+    req.on('end', () => resolve(Buffer.concat(chunks).toString('utf8')));
+    req.on('error', reject);
+  });
+}
+
+function makeStreamId() {
+  return crypto.randomBytes(12).toString('hex');
+}
+
+function encryptReply(jsonObj, nonce) {
+  const plaintext = JSON.stringify(jsonObj);
+  const encrypted = botCrypto.encrypt(plaintext);
+  const timestamp = Math.floor(Date.now() / 1000).toString();
+  const msgsignature = botCrypto.sign(timestamp, nonce, encrypted);
+  return JSON.stringify({ encrypt: encrypted, msgsignature, timestamp: Number(timestamp), nonce });
+}
+
+function extractUserText(msg) {
+  if (msg.msgtype === 'text') {
+    return msg.text?.content?.replace(/@\S+\s?/g, '').trim() || '';
+  }
+  if (msg.msgtype === 'voice') {
+    return msg.voice?.content?.trim() || '';
+  }
+  if (msg.msgtype === 'mixed') {
+    const parts = msg.mixed?.msg_item || [];
+    return parts
+      .filter(p => p.msgtype === 'text')
+      .map(p => p.text?.content || '')
+      .join(' ')
+      .replace(/@\S+\s?/g, '')
+      .trim();
+  }
+  return '';
+}
+
+// ── OpenClaw SSE streaming call ──
+
+async function callOpenClawStream(text, sessionId, streamId) {
+  const state = streams.get(streamId);
+  if (!state) return;
+
+  const headers = { 'Content-Type': 'application/json' };
+  if (OPENCLAW_TOKEN) headers['Authorization'] = `Bearer ${OPENCLAW_TOKEN}`;
+
+  console.log(`[OpenClaw →] session=${sessionId} text=${text.slice(0, 100)}`);
+
+  try {
+    const res = await fetch(OPENCLAW_API, {
+      method: 'POST',
+      headers,
+      body: JSON.stringify({ model: 'openclaw', input: text, user: sessionId, stream: true }),
+    });
+
+    if (!res.ok) {
+      const err = await res.text();
+      console.error(`[OpenClaw] HTTP ${res.status}: ${err.slice(0, 200)}`);
+      state.content = '⚠️ 服务暂时不可用，请稍后再试';
+      state.finished = true;
+      return;
+    }
+
+    // Parse SSE stream
+    const reader = res.body.getReader();
+    const decoder = new TextDecoder();
+    let buffer = '';
+
+    while (true) {
+      const { done, value } = await reader.read();
+      if (done) break;
+
+      buffer += decoder.decode(value, { stream: true });
+      const lines = buffer.split('\n');
+      buffer = lines.pop(); // keep incomplete line
+
+      for (const line of lines) {
+        if (!line.startsWith('data: ')) continue;
+        const data = line.slice(6).trim();
+        if (data === '[DONE]') continue;
+
+        try {
+          const event = JSON.parse(data);
+
+          // OpenResponses streaming: response.output_text.delta / response.completed
+          if (event.type === 'response.output_text.delta') {
+            state.content += event.delta || '';
+          } else if (event.type === 'response.completed') {
+            // Extract final text from completed response
+            const output = event.response?.output;
+            if (output && Array.isArray(output)) {
+              const texts = [];
+              for (const item of output) {
+                if (item.type === 'message' && Array.isArray(item.content)) {
+                  for (const part of item.content) {
+                    if (part.type === 'output_text' && part.text) texts.push(part.text);
+                  }
+                }
+              }
+              const fullText = texts.join('\n').trim();
+              if (fullText) state.content = fullText;
+            }
+            state.finished = true;
+          }
+        } catch {}
+      }
+    }
+
+    // If stream ended without explicit completion
+    if (!state.finished) {
+      state.finished = true;
+    }
+
+    if (!state.content) {
+      state.content = '(无回复)';
+    }
+
+    console.log(`[OpenClaw ←] stream=${streamId} len=${state.content.length} done`);
+  } catch (err) {
+    console.error(`[OpenClaw] error: ${err.message}`);
+    state.content = '⚠️ 请求失败，请稍后再试';
+    state.finished = true;
+  }
+}
+
+// ── HTTP Server ──
+
+const server = http.createServer(async (req, res) => {
+  const url = new URL(req.url, `http://localhost:${PORT}`);
+
+  if (url.pathname !== '/callback') {
+    res.writeHead(404);
+    res.end('not found');
+    return;
+  }
+
+  const msgSignature = url.searchParams.get('msg_signature');
+  const timestamp = url.searchParams.get('timestamp');
+  const nonce = url.searchParams.get('nonce');
+
+  try {
+    // GET: URL verification
+    if (req.method === 'GET') {
+      const echostr = url.searchParams.get('echostr');
+      if (!botCrypto.verifySignature(msgSignature, timestamp, nonce, echostr)) {
+        res.writeHead(403);
+        res.end('signature mismatch');
+        return;
+      }
+      const { message } = botCrypto.decrypt(echostr);
+      console.log('[Verify] OK');
+      res.writeHead(200, { 'Content-Type': 'text/plain' });
+      res.end(message);
+      return;
+    }
+
+    // POST: message callback
+    if (req.method === 'POST') {
+      const body = await readBody(req);
+      const trimmed = body.trim();
+
+      let encrypt;
+      if (trimmed.startsWith('{')) {
+        try { encrypt = JSON.parse(trimmed).encrypt; } catch {}
+      }
+      if (!encrypt) {
+        res.writeHead(400);
+        res.end('bad request');
+        return;
+      }
+
+      if (!botCrypto.verifySignature(msgSignature, timestamp, nonce, encrypt)) {
+        res.writeHead(403);
+        res.end('signature mismatch');
+        return;
+      }
+
+      const { message: decrypted } = botCrypto.decrypt(encrypt);
+      const msg = JSON.parse(decrypted);
+
+      const { msgid, chatid, chattype, from, response_url, msgtype } = msg;
+      const source = chattype === 'group' ? `group:${chatid}` : `user:${from?.userid}`;
+
+      // ── Stream refresh callback ──
+      if (msgtype === 'stream') {
+        const sid = msg.stream?.id;
+        const state = streams.get(sid);
+
+        if (!state) {
+          console.log(`[Stream] unknown id=${sid}, reply empty`);
+          res.writeHead(200);
+          res.end('');
+          return;
+        }
+
+        if (isDuplicate(msgid)) {
+          res.writeHead(200);
+          res.end('');
+          return;
+        }
+
+        const replyObj = {
+          msgtype: 'stream',
+          stream: {
+            id: sid,
+            finish: state.finished,
+            content: state.content || '思考中...',
+          },
+        };
+
+        const encrypted = encryptReply(replyObj, nonce);
+        console.log(`[Stream ↻] id=${sid} finish=${state.finished} len=${(state.content || '').length}`);
+        res.writeHead(200, { 'Content-Type': 'application/json' });
+        res.end(encrypted);
+
+        // Cleanup finished streams after final reply
+        if (state.finished) {
+          setTimeout(() => streams.delete(sid), 30000);
+        }
+        return;
+      }
+
+      // ── User message callback ──
+      if (isDuplicate(msgid)) {
+        res.writeHead(200);
+        res.end('');
+        return;
+      }
+
+      // Handle enter_chat event
+      if (msgtype === 'event') {
+        console.log(`[Event] ${msg.event?.eventtype} from=${from?.userid}`);
+        res.writeHead(200);
+        res.end('');
+        return;
+      }
+
+      const text = extractUserText(msg);
+      console.log(`[← ${source}] (${msgtype}) ${text.slice(0, 100)}`);
+
+      if (!text) {
+        res.writeHead(200);
+        res.end('');
+        return;
+      }
+
+      // Create stream state and start OpenClaw request
+      const streamId = makeStreamId();
+      const sessionId = chattype === 'group' ? `wecom_group_${chatid}` : `wecom_bot_${from?.userid}`;
+
+      streams.set(streamId, {
+        content: '',
+        finished: false,
+        responseUrl: response_url,
+        createdAt: Date.now(),
+      });
+
+      // Reply with initial stream message (encrypted)
+      const replyObj = {
+        msgtype: 'stream',
+        stream: {
+          id: streamId,
+          finish: false,
+          content: '思考中...',
+        },
+      };
+
+      const encrypted = encryptReply(replyObj, nonce);
+      res.writeHead(200, { 'Content-Type': 'application/json' });
+      res.end(encrypted);
+
+      console.log(`[Stream →] id=${streamId} started`);
+
+      // Fire off OpenClaw request asynchronously
+      callOpenClawStream(text, sessionId, streamId).catch(err => {
+        console.error(`[OpenClaw] unhandled: ${err.message}`);
+        const state = streams.get(streamId);
+        if (state && !state.finished) {
+          state.content = '⚠️ 内部错误';
+          state.finished = true;
+        }
+      });
+
+      cleanupStreams();
+      return;
+    }
+
+    res.writeHead(405);
+    res.end('method not allowed');
+  } catch (err) {
+    console.error('[Server] error:', err.message);
+    res.writeHead(500);
+    res.end('internal error');
+  }
+});
+
+server.listen(Number(PORT), '127.0.0.1', () => {
+  console.log(`wecom-bridge v1.0.0 listening on 127.0.0.1:${PORT}`);
+  console.log(`  Mode:      智能机器人 (流式回复)`);
+  console.log(`  Callback:  /callback`);
+  console.log(`  OpenClaw:  ${OPENCLAW_API}`);
+});
+
+process.on('SIGINT', () => {
+  console.log('\nshutting down...');
+  server.close();
+  process.exit(0);
+});

package/openclaw.plugin.json

@@ -0,0 +1,73 @@
+{
+  "id": "wecom",
+  "version": "0.1.0-beta",
+  "name": "企业微信（WeCom）",
+  "description": "企业微信智能助手机器人桥接，支持流式回复、加密消息、单聊和群聊",
+  "author": "CreatorAris",
+  "license": "MIT",
+  "homepage": "https://github.com/CreatorAris/openclaw-wecom-plugin",
+  "extensions": ["./index.js"],
+  "channel": {
+    "id": "wecom",
+    "label": "企业微信",
+    "selectionLabel": "企业微信（智能助手机器人）",
+    "docsPath": "/channels/wecom",
+    "docsLabel": "wecom",
+    "blurb": "通过企业微信智能助手机器人接入 OpenClaw，支持流式回复和加密消息",
+    "order": 50,
+    "aliases": ["wechat-work", "wxwork", "qywx"]
+  },
+  "install": {
+    "npmSpec": "@creatoraris/openclaw-wecom",
+    "defaultChoice": "npm"
+  },
+  "configSchema": {
+    "type": "object",
+    "properties": {
+      "enabled": {
+        "type": "boolean",
+        "description": "启用企业微信通道"
+      },
+      "webhookUrl": {
+        "type": "string",
+        "format": "uri",
+        "description": "Webhook 回调 URL"
+      },
+      "token": {
+        "type": "string",
+        "description": "企业微信机器人 Token"
+      },
+      "encodingAESKey": {
+        "type": "string",
+        "description": "企业微信消息加密密钥"
+      },
+      "port": {
+        "type": "number",
+        "default": 8788,
+        "description": "Webhook 服务器监听端口"
+      }
+    },
+    "required": ["webhookUrl", "token", "encodingAESKey"]
+  },
+  "uiHints": {
+    "webhookUrl": {
+      "label": "Webhook URL",
+      "placeholder": "https://your-domain.com/wecom/callback",
+      "description": "企业微信回调 URL，需要公网可访问"
+    },
+    "token": {
+      "label": "Token",
+      "sensitive": true,
+      "description": "在企业微信机器人配置页面生成"
+    },
+    "encodingAESKey": {
+      "label": "EncodingAESKey",
+      "sensitive": true,
+      "description": "用于消息加密解密"
+    },
+    "port": {
+      "label": "端口",
+      "description": "Webhook 服务器监听端口"
+    }
+  }
+}

package/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@creatoraris/openclaw-wecom",
+  "version": "0.1.0-beta",
+  "description": "Enterprise WeChat (WeCom) channel plugin for OpenClaw - 企业微信智能助手机器人桥接",
+  "main": "index.js",
+  "type": "module",
+  "keywords": [
+    "openclaw",
+    "wecom",
+    "wechat",
+    "enterprise-wechat",
+    "chatbot",
+    "plugin",
+    "ai"
+  ],
+  "author": "CreatorAris <ganjiaxing@example.com>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/CreatorAris/openclaw-wecom-plugin.git"
+  },
+  "bugs": {
+    "url": "https://github.com/CreatorAris/openclaw-wecom-plugin/issues"
+  },
+  "homepage": "https://github.com/CreatorAris/openclaw-wecom-plugin#readme",
+  "scripts": {
+    "start": "node index.js"
+  },
+  "dependencies": {
+    "dotenv": "^16.4.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "files": [
+    "index.js",
+    "crypto.js",
+    "openclaw.plugin.json",
+    "README.md",
+    "LICENSE"
+  ]
+}