Pakat Email Marketing

Interact with Pakat email marketing API (new.pakat.net) - REQUIRES PAKAT_API_KEY environment variable. Use when the user wants to manage email lists, subscri...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 1 · 1.7k · 0 current installs · 0 all-time installs

byHadi Farnoud@hadifarnoud

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name and description match the required artifacts: SKILL.md + API reference + OpenAPI describe interacting with new.pakat.net. Required binary 'curl' and the single env var PAKAT_API_KEY are appropriate and proportional for an HTTP-based API client.

✓

Instruction Scope

SKILL.md contains explicit curl examples that only call https://new.pakat.net/api/* endpoints, documents required headers and encoding rules, and warns about safe encoding to avoid shell injection. It does not instruct reading unrelated files or exfiltrating data to other endpoints.

✓

Install Mechanism

Instruction-only skill (no install spec or code). That minimizes on-disk risk; no downloads or package installs are specified.

ℹ

Credentials

The skill only asks for one secret (PAKAT_API_KEY), which is appropriate. Minor inconsistency: SKILL.md metadata declares PAKAT_API_KEY as the primary credential, while the registry summary above showed 'Primary credential: none' — likely a metadata mismatch but not a security red flag.

✓

Persistence & Privilege

Flags: always:false and normal autonomous invocation allowed. The skill does not request persistent system-wide privileges or configuration changes.

Assessment

This skill appears coherent for managing Pakat email resources and only needs your Pakat API key and curl. Before installing: ensure the API key you supply is from your Pakat account (https://new.pakat.net/customer/api-keys), avoid using overly privileged or long-lived keys if possible, do not paste the key into public logs or chat, and consider creating a dedicated API key for the agent with limited scope. Note the small metadata mismatch about the 'primary credential' in the registry — it doesn't change functionality but you may want to confirm the skill's source since 'Homepage' and 'Source' are missing from the registry entry.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.1.2

Download zip

latestvk97aknej9mhpyvmnmdjjxfmfwd81qtx9

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl

EnvPAKAT_API_KEY

SKILL.md

Pakat Email Marketing

Pakat is a Persian/Farsi-friendly email marketing platform for creating and managing mailing lists, sending campaigns, transactional emails, and tracking delivery — all via a clean REST API.

🔗 Sign up for Pakat to get started.

Setup

Require env var PAKAT_API_KEY. If not set, ask the user for their API key.

Get your API key from: https://new.pakat.net/customer/api-keys/index

export PAKAT_API_KEY="your-key-here"

Making Requests

Base URL: https://new.pakat.net/api

# GET requests
curl -s -H "X-API-KEY: $PAKAT_API_KEY" "https://new.pakat.net/api/{endpoint}"

# POST requests (multipart/form-data)
curl -s -X POST -H "X-API-KEY: $PAKAT_API_KEY" \
  -F "field=value" \
  "https://new.pakat.net/api/{endpoint}"

# PUT requests (x-www-form-urlencoded)
curl -s -X PUT -H "X-API-KEY: $PAKAT_API_KEY" \
  -d "field=value" \
  "https://new.pakat.net/api/{endpoint}"

# DELETE requests
curl -s -X DELETE -H "X-API-KEY: $PAKAT_API_KEY" "https://new.pakat.net/api/{endpoint}"

Common Workflows

List all mailing lists

curl -s -H "X-API-KEY: $PAKAT_API_KEY" "https://new.pakat.net/api/lists"

Add subscriber to a list

curl -s -X POST -H "X-API-KEY: $PAKAT_API_KEY" \
  -F "EMAIL=user@example.com" \
  -F "FNAME=John" \
  -F "LNAME=Doe" \
  "https://new.pakat.net/api/lists/{list_uid}/subscribers"

Create and send a campaign

curl -s -X POST -H "X-API-KEY: $PAKAT_API_KEY" \
  -F "campaign[name]=My Campaign" \
  -F "campaign[from_name]=Sender Name" \
  -F "campaign[from_email]=sender@domain.com" \
  -F "campaign[subject]=Email Subject" \
  -F "campaign[reply_to]=reply@domain.com" \
  -F "campaign[send_at]=2025-01-15 10:00:00" \
  -F "campaign[list_uid]=LIST_UID_HERE" \
  -F "campaign[template][template_uid]=TEMPLATE_UID" \
  "https://new.pakat.net/api/campaigns"

Send a transactional email

# Encode HTML content safely using a heredoc
BODY_B64=$(base64 -w0 <<'EOF'
<h1>Hello</h1><p>Your order is confirmed.</p>
EOF
)

curl -s -X POST -H "X-API-KEY: $PAKAT_API_KEY" \
  -F "email[to_name]=John Doe" \
  -F "email[to_email]=john@example.com" \
  -F "email[from_name]=My App" \
  -F "email[subject]=Order Confirmation" \
  -F "email[body]=$BODY_B64" \
  -F "email[send_at]=2025-01-15 10:00:00" \
  "https://new.pakat.net/api/transactional-emails"

Check campaign stats

curl -s -H "X-API-KEY: $PAKAT_API_KEY" "https://new.pakat.net/api/campaigns/{campaign_uid}/stats"

Key Notes

HTML content must be base64-encoded (campaign[template][content], email[body], template[content])
Safe encoding: When encoding user-provided HTML content, use heredocs (base64 <<'EOF') or write to a temporary file first to avoid shell injection vulnerabilities. Never use echo with unsanitized input.
Transactional email send_at is UTC, format: Y-m-d H:i:s
Campaign send_at uses the customer's configured timezone
Transactional templates: Set email[template_uid] to use a template instead of email[body]. Use email[params][key] for {{ params.key }} placeholders
Subscriber statuses: unconfirmed, confirmed, blacklisted, unsubscribed, unapproved, disabled, moved
Pagination: Use ?page=N&per_page=N query params on list endpoints
from_email for transactional emails must be on a verified domain

Full API Reference

For complete endpoint details, request/response schemas, and all available fields, read references/api_reference.md.

For the raw OpenAPI 3.0 spec, see references/openapi.json.

Files

3 total

Select a file

Select a file to preview.

Comments

Loading comments…