钉钉日报自动提交

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed DingTalk daily-report automation skill, with no artifact evidence of hidden or malicious behavior, but it should be used carefully because it can send work content and clear submitted drafts.

Before installing, confirm you want reports sent automatically to DingTalk recipients, review the recipient list and report content source, keep AppKey/AppSecret out of shared files, and inspect any submit_log.py or cron setup because those implementation files are not included in this artifact.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The documentation describes automatic submission of daily work logs and notes that submitted content is automatically cleared, but it does not prominently warn users that potentially sensitive work content will be transmitted to DingTalk and may be deleted afterward. This can lead to unintended disclosure of internal project information and accidental data loss, especially when users enable cron-based automation without fully understanding the behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal