#8502: WeCom: add WeCom (Enterprise WeChat) channel plugin

## Summary This PR adds the WeCom (Enterprise WeChat) channel plugin to OpenClaw, enabling seamless integration with Enterprise WeChat's AI Bot capabilities. ### Key Features - **Streaming Output**: Smooth typewriter-style responses using WeCom's AI bot streaming mechanism - **Dynamic Agent Management**: Automatically creates independent agents per user/group chat with isolated workspaces - **Group Chat Integration**: Full support for group messages with @mention triggering - **Command Whitelist**: Built-in support for safe commands (`/new`, `/status`, `/help`, `/compact`) - **Security**: Complete message encryption/decryption and sender verification - **Async Processing**: High-performance architecture ensuring gateway responsiveness ### Changes - Added WeCom channel plugin under `extensions/wecom/` - Updated `.github/labeler.yml` to include WeCom channel label - Updated `CHANGELOG.md` with WeCom plugin entry - Plugin follows OpenClaw extension conventions with clean directory structure ### Testing The plugin has been tested with: - Enterprise WeChat AI Bot integration - Streaming message responses - Dynamic agent creation and management - Command whitelist enforcement - Message encryption/decryption ### Documentation Plugin includes comprehensive README.md with: - Quick start guide - Configuration options - Dynamic agent routing details - Command whitelist documentation 🤖 Generated with Claude Code <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR adds a new WeCom (Enterprise WeChat) channel plugin under `extensions/wecom/`, including webhook handling, crypto/signature verification, stream-based response management, dynamic agent routing per DM/group, and command allowlisting. It also updates `.github/labeler.yml` and the top changelog entry to reflect the new channel. The overall structure matches the extension pattern (plugin entrypoint + channel implementation + webhook/crypto helpers). The main merge blockers are around packaging/installation semantics for extensions and a likely response-schema mismatch in the webhook stream reply. <h3>Confidence Score: 2/5</h3> - Not safe to merge as-is due to likely installation/runtime breakage in the plugin package metadata and a possible protocol field mismatch. - The WeCom extension code is generally coherent, but `extensions/wecom/package.json` uses `workspace:*` for `openclaw` in runtime dependencies which will break `npm install` for end users (and dev deps are omitted on install). Additionally, the webhook response uses a `msgsignature` field name that appears inconsistent with the `msg_signature` name used for inbound validation, which could break WeCom response validation. There are also smaller behavioral concerns around command authorization and regex construction from config. - extensions/wecom/package.json, extensions/wecom/src/webhook.js, extensions/wecom/src/channel.js, extensions/wecom/src/dynamic-agent.js <!-- greptile_other_comments_section --> _{(3/5) Reply to the agent's comments like "Can you suggest a fix for this @greptileai?" or ask follow-up questions!} <!-- /greptile_comment -->