Dingtalk Ai Table
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent DingTalk AI table automation skill, but it uses a password-like DingTalk MCP URL and can create, edit, or delete table data.
Install this only if you want the agent to operate DingTalk AI tables using your DingTalk MCP permissions. Protect DINGTALK_MCP_URL like a password, verify mcporter is trusted, keep import files in the declared workspace, and require careful review before bulk updates or any delete operation.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incorrectly, the skill can alter or permanently delete DingTalk table data that the configured account can access.
The documented toolset includes irreversible deletion of an entire DingTalk AI table base. This is purpose-aligned for a CRUD table-management skill, but it is a high-impact action.
delete_base:删除整个 Base,高风险、不可逆。
Use explicit baseId/tableId/recordId values, review destructive operations carefully, and back up important tables before delete or bulk update actions.
Anyone who obtains this URL may be able to act with the DingTalk permissions associated with it.
The skill requires a DingTalk MCP Server URL that contains an access token. The artifact correctly warns that it is password-equivalent.
这个 URL 带访问令牌,等同密码,不要泄露。
Store the MCP URL securely, do not paste it into shared chats or logs, and rotate it if it may have been exposed.
Running the helper scripts will execute local commands that send selected records or field definitions to the configured DingTalk MCP server.
The included helper scripts execute the local mcporter CLI. This is central to the skill's purpose and uses argument lists rather than shell string execution.
result = subprocess.run(cmd, capture_output=True, text=True, timeout=120)
Review input files before importing, keep them inside OPENCLAW_WORKSPACE, and ensure mcporter is the expected trusted binary.
A compromised or unexpected mcporter installation could affect all DingTalk MCP calls made by the skill.
The skill relies on an external globally installed CLI. This is expected for this integration, but the artifact does not pin an exact mcporter package version.
npm install -g mcporter
Install mcporter from a trusted source, prefer the recommended version or newer, and verify the binary before use.
A stale or incorrect local cache marker could cause the skill to skip schema validation until the URL changes or the cache is cleared.
The schema gate stores a persistent local cache marker keyed by a hash of the MCP URL and skips repeated checks when the marker says the new schema was confirmed.
CACHE_FILE="$CACHE_DIR/schema-check-$URL_HASH.json"
Clear the workspace cache or rerun schema validation if DingTalk MCP behavior changes unexpectedly.