Voice DNA
Trained on your sent messages, so drafts sound like you, not AI.
The AI version of you - it doesn't read like a robot.
The LinkedIn execution layer for any AI agent
LinkedIn for AI agents: the safe way to let your agent send
Zevari is the LinkedIn execution layer for AI agents. Connect any agent - Claude, Codex, ChatGPT, OpenClaw, Hermes Agent, or your own - over MCP or a REST API, and it can search prospects, score them against your ICP, draft in your voice, and run campaigns. Every send is staged for your approval. No browser cookies. No bans.
Any agentMCP or RESTApproval gatesNo cookiesHosted state
terminal
Over MCP
$ claude mcp add zevari https://mcp.zevari.ai/mcpOver REST (bearer token)
$ curl https://api.zevari.ai/v1/search/posts \
-H "Authorization: Bearer $ZEVARI_API_KEY" \
-d '{"query":"hiring an SDR","posted_within_days":30}'Same 60+ capabilities, same approval gate, no MCP client required. If your agent can call an HTTP endpoint, it can run LinkedIn through Zevari.
The wall every builder hits
Your agent can research LinkedIn. It can't act on it.
The agent finds the right 15 prospects, reads their posts, writes a better opener than your last SDR - and then it stops, because LinkedIn's own API is too restrictive for an unaided agent to send. In one operator's words, it's "handicapped - it can research, it just can't operate LinkedIn." The agent can find the needle. It can't reach in and pull it out.
So people reach for the wrong bridge: a tool that drives a logged-in browser session with your cookies. That is the exact mechanism LinkedIn flags. It is the reason the after-stories all sound the same - "my account kept getting banned, LinkedIn just sees the logs." Zevari is the other bridge: a hosted connection that gives your agent real hands on LinkedIn without putting your account on the line.
Two ways to connect
MCP or REST. Engineers pick the API.
Zevari is hosted. Nothing to self-host, no scraper to babysit, no cookie to refresh. There are two clean paths in, and you use whichever your agent speaks.
Over MCP
For Claude, Codex, ChatGPT, and any MCP client. One endpoint, then OAuth:
$ claude mcp add zevari https://mcp.zevari.ai/mcpOr drop it in your project config and commit it, so the whole team gets the same LinkedIn layer on clone:
{ "mcpServers": { "zevari": {
"type": "http",
"url": "https://mcp.zevari.ai/mcp"
} } }Over the REST API
For OpenClaw, Hermes Agent, a cron job, or anything you wrote yourself. One bearer token, plain HTTP:
$ curl https://api.zevari.ai/v1/search/posts \
-H "Authorization: Bearer $ZEVARI_API_KEY" \
-d '{"query":"hiring an SDR",
"posted_within_days":30}'Same 60+ capabilities, same approval gate, no MCP client required. If you would rather call an API than wire an MCP server, this is your path - and it's the one most engineers take.
The Claude-specific deep dive lives on the LinkedIn MCP pillar. The per-framework guides are below. This page is the map: any agent, either transport, one safe layer underneath.
Will this get my account banned?
It is the first question, and it is the right one - because most "AI agent for LinkedIn" tools earn the ban. 2026 was a culling: HeyReach was cut off by LinkedIn in March, Apollo and Seamless before it, detection is up 340% since 2023, and in one 50-account test 23% were restricted inside 90 days. Almost all of it traces to the same root cause - cookie-driven browser automation and fake session environments.
Zevari was built to be the safe one, and after a year of refinement it has zero ban incidents. Safety here is receipts, not adjectives:
- Every write - message, connection request, comment, post - is staged for human approval. Nothing fires unseen, even from a fully autonomous agent.
- Session-based connection. No stored browser cookies, ever. No password handoff, no extension.
- Weekly connection ceilings, enforced server-side: Free 40, Premium 80, Sales Navigator 150.
- Working hours and behavioral pacing - actions spread like a person's, not a bot's.
- Duplicate checks and burst caps, so you never double-touch or spike.
- Warm-by-default: reactions, comments, and profile views before the ask.
The full mechanics, with the numbers, live on the safety page - nobody else in this category publishes theirs.
The part most agent-LinkedIn tools skip: the approval gate
An autonomous agent that can send on LinkedIn unattended is a banned account waiting to happen - and a brand risk you can't take back. Most tools in this layer wave it away: one competitor advertises "no approval process required" as if that were the feature. It's the bug.
Zevari inverts it. Your agent does all the work - finds, scores, drafts, sequences - and then stops at the gate. Every write surfaces as a one-tap approval in chat, in Slack, or in a daily digest. You approve in minutes; the agent executes inside your ceilings and working hours. Autonomy on the research, human judgment on the send. That is the only version of "AI does my LinkedIn" that keeps your account alive.
Works with the agent you already run
One layer, every runtime
Pick your agent; the connect path and a per-agent guide are below.
| Your agent | Connect via | Guide |
|---|---|---|
| Claude / Claude Code / Cowork | MCP (OAuth) | /linkedin-mcp/claude |
| Codex | MCP (bearer token) | /linkedin-mcp/codex |
| ChatGPT | MCP (bearer token) | /linkedin-mcp/chatgpt |
| OpenClaw | REST (bearer) or MCP | /open-claw |
| Hermes Agent | MCP server entry or REST | /hermes |
| Your own agent / cron / script | REST (bearer) | docs.zevari.ai |
Don't see yours? If it can call an HTTP endpoint, it can run LinkedIn through Zevari. The bearer-token REST API is the universal path; the developer docs have the full reference.
What your agent can do
Real tools your agent calls, not a roadmap
Each card is a real tool your agent calls. You don't call them by hand; you tell the agent what you want and it orchestrates across the 60+ functions.
Signal-based targeting
Finds people who posted in the last 30 days and ICP-scores them 1 to 5 with written reasons.
Reaches intent, not static lists - the needle, not the haystack.
Campaigns and sequences
Multi-step campaigns your agent builds and advances on schedule.
Set the sequence once; the agent moves targets through it.
Inbox Radar
Classifies replies by intent and stages drafts for approval.
Triage the inbox against your ICP without reading every DM.
Warm-by-default
Reactions, comments, and profile views before the connection ask.
Higher accept rates, lower risk - you show up warm.
Hosted state
Persistent scheduling on our infrastructure.
The one thing a bare agent can't do - campaigns run while you sleep.
LinkedIn to email follow-up
Enriches a profile to a verified email, hands off to your email tool.
Catch the people who never reply on LinkedIn.
Approval-gated posting
Drafts content in your voice, posts only after you approve.
Content and outbound from one place, your account always in control.
The one thing your agent can't do alone: stay running
A bare agent runs when you run it, then forgets. Zevari holds state on our infrastructure - campaigns advance, warm-up sequences fire, the inbox gets classified - while your agent sleeps. Your agent sleeps; your pipeline doesn't. That hosted state is what turns "my agent can do a task" into "my agent runs my outbound." It is also why a $5/mo VPS bot and Zevari are not competitors - the bot is your agent, Zevari is the LinkedIn layer and the persistent scheduler underneath it.
Pricing
Three ways to buy one product, routed by how technical you are
Operator
$87/mo+ $37 per sub-account
For the engineer who runs their own agent. Hosted MCP and REST, all 60+ tools, safety center, docs. Self-serve, live in 60 seconds. 30-day money-back guarantee.
Connect your agentManaged
$997/mo+ setup, application-gated
For the founder or agency owner who wants the outcomes without operating an agent. We run the same engine; you approve every send from Slack in minutes a day.
We run it for youPipeline
$1,997/moDFY, application-gated
For agencies and busy founders who want booked calls, not a tool. We run everything up to the booking and send weekly reports.
We run it for youFAQ
LinkedIn for AI agents, answered
Can I give my AI agent access to LinkedIn?
Yes. LinkedIn's own API is too restrictive for an unaided agent to send, so the agent needs an execution layer. Zevari is that layer: connect your agent over MCP (Claude, Codex, ChatGPT) or a REST API with a bearer token (OpenClaw, Hermes Agent, or your own code), and it can search, score, draft, and run campaigns. Every write action is staged for your approval, so even a fully autonomous agent can't send unattended.
Should I connect over MCP or the REST API?
Use whichever your agent speaks. MCP is the cleanest path for Claude, Codex, ChatGPT, and other MCP clients - one endpoint plus OAuth or a bearer token. The REST API is the universal path for self-hosted runtimes like OpenClaw and Hermes Agent, cron jobs, or anything you wrote yourself - one bearer token over plain HTTP. Same 60+ capabilities and the same approval gate on both. Most engineers take the API.
Will an AI agent get my LinkedIn account banned?
It can - and that is the most important question on this page. Most agent-to-LinkedIn tools drive a logged-in browser session with your cookies, which is the mechanism behind the 2026 bans (HeyReach in March, Apollo and Seamless before it). Zevari uses a session-based connection with no browser cookies, stages every write for approval, and enforces weekly connection ceilings, working hours, behavioral pacing, and burst caps server-side. A year of refinement, zero ban incidents. Full mechanics at /safety.
I run a self-hosted agent on a VPS (OpenClaw, Hermes Agent). Does this work?
Yes - this is exactly the audience the REST API is for. Your bot keeps running on your VPS; it calls Zevari's hosted endpoint with a bearer token to do the LinkedIn work safely, and Zevari holds the campaign schedule and approval queue so the sequence advances even between the bot's runs. See the per-framework guides at /open-claw and /hermes, or the full reference in the developer docs.
Which AI agents and frameworks are supported?
Claude, Claude Code, Cowork, Codex, and ChatGPT over MCP; OpenClaw, Hermes Agent, and any custom or self-hosted agent over the REST API. If your agent can call an HTTP endpoint, it can run LinkedIn through Zevari. The bearer-token REST API is the universal fallback for anything not listed.
Does the agent actually send, or just draft?
For LinkedIn it stages every message, connection request, comment, and post, and you approve before anything sends - in chat, Slack, or a daily digest. For email follow-up to non-responders, it enriches a verified email from the profile and hands off to your email tool. You are always the last step before a send.
Do I need LinkedIn Sales Navigator?
No. You can start on a free account. Sales Navigator only raises your weekly connection ceiling (Free 40, Premium 80, Sales Navigator 150) - it is not required to connect an agent or run campaigns.
I'm not technical. Can I still use this?
You don't have to operate an agent yourself. If you'd rather approve than build, the Managed tier runs the whole engine for you and you approve sends from a simple Slack digest in minutes a day. It is application-gated for buyers with an established offer and paying customers, so the $997/mo replaces what you already spend on an appointment setter.
Give any agent LinkedIn - safely
Run it as code, or we run it for you. Same engine either way - connect it yourself over MCP or the REST API, or have us operate it on our infrastructure and approve every send from Slack.
Connect your agent
You run an agent. Get the hosted LinkedIn layer over MCP or REST, all 60+ tools, and the full safety model, self-serve and live in 60 seconds.
Connect your agentWe run it for you
Don't run an agent yourself? We run the same approval-gated engine on our infrastructure and send every message to you for approval from Slack.
We run it for youZevari - the LinkedIn execution layer for AI agents. Your agent sleeps; your pipeline doesn't.