← Back to Skills Marketplace
349
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install zalo-agent
Description
Automate Zalo messaging, Official Account (OA), and MCP server integration via zalo-agent-cli. Triggers: 'zalo', 'send zalo', 'zalo OA', 'official account',...
Usage Guidance
This skill is an instruction-only wrapper for the external 'zalo-agent' CLI and appears coherent. Before using it: (1) obtain the zalo-agent binary from the official GitHub releases (verify checksums/signatures if available) — the skill does not provide or install the binary; (2) be careful when enabling listen --webhook: any configured webhook URL will receive message contents (PII), so only send events to endpoints you control and prefer HTTPS with authentication; (3) never publish or transmit exported credential files (creds.json, ~/.zalo-agent/*). The SKILL.md documents these risks and includes defensive guidance, but you should still avoid mass-forwarding contact lists or secrets without explicit user consent; (4) if you plan to run MCP or OA listeners on a VPS, protect endpoints with auth and firewall rules and confirm you understand proxy credentials handling. If you want higher assurance, review the zalo-agent project's source/release artifacts directly before installing the binary.
Capability Analysis
Type: OpenClaw Skill
Name: zalo-agent
Version: 1.3.0
The zalo-agent skill bundle is a comprehensive automation tool for Zalo, supporting personal accounts, Official Accounts (OA), and MCP integration. It provides a well-documented interface to the zalo-agent CLI with extensive command references and usage guides. Notably, the bundle includes a robust security model in SKILL.md and a detailed set of evaluation scenarios in evals/eval-scenarios.md specifically designed to instruct the AI agent to resist prompt injection, protect credentials (stored in ~/.zalo-agent-cli/ and ~/.zalo-agent/), and prevent data exfiltration. The capabilities, while powerful (including remote control via MCP and credential exporting), are strictly aligned with the stated purpose of Zalo automation and are accompanied by clear safety guardrails.
Capability Assessment
Purpose & Capability
Name/description match the runtime instructions: the SKILL.md exclusively documents using the external 'zalo-agent' CLI to manage Zalo personal accounts, OA, and MCP. The only required binary is 'zalo-agent', which is appropriate for the described functionality. No unrelated credentials, binaries, or system paths are requested.
Instruction Scope
Instructions stay within the stated domain (login, messaging, listen/webhook, OA, MCP). Notable behaviors that are expected but security-relevant: (1) listen --webhook forwards live event JSON to arbitrary endpoints (can exfiltrate PII if misconfigured); (2) login flow uses curl to discover server IP for QR URL (exposes server IP to the helper flow); (3) account export produces credential files which the docs explicitly warn are sensitive. These are consistent with the skill purpose but require careful user configuration and explicit consent before mass-forwarding or exporting secrets.
Install Mechanism
There is no install spec in the skill bundle (instruction-only). That minimizes risk from the skill itself writing or executing code. However, the skill depends on the external 'zalo-agent' binary; users must obtain and verify that binary separately (homepage points to a GitHub repo).
Credentials
The skill declares no required environment variables or credentials and the runtime instructions do not request secrets beyond the normal use of the external CLI (app ID/secret when using OA, proxy credentials used only if user supplies them). There is no unexplained request for unrelated tokens/keys.
Persistence & Privilege
The skill is not force-included (always=false) and does not request persistent platform privileges. It instructs use of local files (creds.json, ~/.zalo-agent/*) and starting local listeners (MCP/oa listen), but these are in-scope for the tool and documented as sensitive. No evidence the skill would modify other skills or global agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install zalo-agent - After installation, invoke the skill by name or use
/zalo-agent - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.0
Auto-publish from commit c9114350d09384d66c2f34a63c37a03767db39ec
v1.1.1
Auto-publish from commit 4ec84b13968c8532ebfb743f1ca8a30ec6616556
v1.0.31
Auto-publish from commit d2552df893ddfe547bc4df425485a1e61dd7cb69
v1.1.0
Add 6 security evals (prompt injection, jailbreak, data exfiltration, system prompt leak, malicious links, indirect credential leak). Fix E06 to use natural Vietnamese prompt.
v1.0.0
Initial release: 15+ command groups, listen mode, webhook, multi-account, banking, evals
Metadata
Frequently Asked Questions
What is Zalo Agent CLI?
Automate Zalo messaging, Official Account (OA), and MCP server integration via zalo-agent-cli. Triggers: 'zalo', 'send zalo', 'zalo OA', 'official account',... It is an AI Agent Skill for Claude Code / OpenClaw, with 349 downloads so far.
How do I install Zalo Agent CLI?
Run "/install zalo-agent" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Zalo Agent CLI free?
Yes, Zalo Agent CLI is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Zalo Agent CLI support?
Zalo Agent CLI is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux).
Who created Zalo Agent CLI?
It is built and maintained by PhucMPham (@phucmpham); the current version is v1.3.0.
More Skills