ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Zalo

OpenClaw skill for Zalo Bot API workflows (bot token) plus optional guidance on unofficial personal automation tools.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 1.7k · 2 current installs · 2 all-time installs
by@codedao12
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description and all reference documents consistently describe Zalo Bot API workflows (token-based) and a clearly marked unofficial personal-automation branch. That capability set is coherent with a Zalo bot skill. However, the SKILL.md and references explicitly mention environment/config keys (e.g., ZALO_BOT_TOKEN, channels.zalo.botToken, tokenFile, webhookSecret) and say a bot token is a required input, but the registry metadata lists no required env vars or primary credential — an inconsistency between declared metadata and the instructions.
Instruction Scope
The SKILL.md and referenced files are operational guidance for webhook/polling, token handling, UX, routing, and cautions for unofficial automation. They do not instruct the agent to read unrelated system files or exfiltrate data; they explicitly advise not to log tokens and to protect cookies. The scope stays within building and operating a Zalo bot, aside from the separate personal-automation notes which deal with sensitive session state.
Install Mechanism
This is instruction-only with no install spec and no code files to execute — lowest install risk. The preregistry scan had nothing to analyze.
!
Credentials
The skill clearly needs sensitive credentials (bot token) and the personal-automation branch discusses cookies/device IDs, but the registry metadata does not declare any required env vars or primary credential. That omission is a red flag: the runtime instructions rely on secrets but the skill metadata does not advertise or restrict them. While the requested secrets are appropriate for a bot skill, the mismatch can lead to accidental exposure or improper handling. The personal-automation guidance also implies handling of very sensitive session cookies which increases risk if misused.
Persistence & Privilege
always is false and there are no install hooks or claims of modifying other skills or system-wide settings. The skill does not request permanent presence or elevated agent privileges in the metadata.
What to consider before installing
This skill appears to be a legitimate Zalo bot guidance bundle, but it has two practical issues to consider before installing: (1) the skill's documents expect you to supply sensitive secrets (e.g., ZALO_BOT_TOKEN, optional tokenFile, webhookSecret), yet the registry metadata does not declare these required environment variables — verify what secrets the skill will actually read and how they will be provided; (2) the included 'personal automation' notes reference cookies and device identifiers (sensitive session state) and are explicitly unofficial — avoid using that branch in production and do not store cookies on shared hosts. Because this is instruction-only, there's no code to audit here, so confirm with the publisher (or view an implementation) how tokens and tokenFiles are read, whether anything will be transmitted to third-party endpoints, and whether the agent will be given those secrets for autonomous invocation. If the publisher updates the metadata to declare required env vars and provides an implementation you can inspect, re-evaluate; until then treat token/cookie provisioning conservatively and limit scope (use dev tokens, allowlists, rotate tokens).

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1
Download zip
latestvk97a2877xmdehrzyhs66135mb580v451

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Zalo Bot Skill (Advanced)

Purpose

Provide a production-oriented guide for Zalo Bot API workflows (token-based), with a separate, clearly marked branch for unofficial personal automation tools.

Best fit

  • You use the Zalo Bot Platform / bot token path.
  • You need clear webhook or long-polling handling.
  • You want professional conversation UX guidance.

Not a fit

  • You require guaranteed, officially supported personal-account automation.
  • You need rich media streaming or advanced file pipelines.

Quick orientation

  • Read references/zalo-bot-overview.md for platform scope and constraints.
  • Read references/zalo-bot-token-and-setup.md for token setup and connection flow.
  • Read references/zalo-bot-messaging-capabilities.md for capability checklist.
  • Read references/zalo-bot-ux-playbook.md for UX and conversation patterns.
  • Read references/zalo-bot-webhook-routing.md for webhook/polling handling.
  • Read references/zalo-personal-zca-js.md for the unofficial personal-account branch.
  • Read references/zalo-n8n-automation.md for automation notes and cautions.

Required inputs

  • Bot token and bot configuration.
  • Target workflow (notify, support, broadcast).
  • Delivery model (webhook or polling).

Expected output

  • A clear bot workflow plan, method checklist, and operational guardrails.

Operational notes

  • Validate inbound events and handle retries safely.
  • Keep replies concise; rate-limit outgoing messages.
  • Prefer explicit allowlists for any automation flow.

Security notes

  • Never log tokens or credentials.
  • Treat all state files and cookies as secrets.

Files

8 total
Select a file
Select a file to preview.

Comments

Loading comments…