Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
DingTalk Push
v0.1.0Send Markdown-formatted messages with type and @mentions to DingTalk group chats via bot webhook with optional signature verification.
⭐ 1· 1.5k·12 current·14 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill is described as a DingTalk webhook messenger and the included files (send.js, tool.js) implement exactly that. The only minor incoherence: the registry metadata lists no required environment variables or primary credential, but both the SKILL.md and the code expect a DINGTALK_WEBHOOK and optional DINGTALK_SECRET (or a config file). This is likely an omission in the metadata rather than malicious behavior.
Instruction Scope
SKILL.md and the code limit actions to composing a Markdown message and POSTing it to the configured DingTalk webhook. The runtime reads configuration from environment variables or a small set of config file locations (~/.config/dingtalk-push/config.json, cwd .dingtalk-push.json, or the skill dir). It does not access unrelated system credentials, other network endpoints, or arbitrary files beyond those config paths.
Install Mechanism
No install spec or external downloads are used; the skill is instruction-only with local JS files. There is no fetching of third-party archives or packages at install time. Node.js 16+ is required to run the code (SKILL.md lists axios as available in the runtime).
Credentials
The only sensitive inputs required are the DingTalk webhook URL and optional secret — appropriate and proportionate for the stated function. However, the registry metadata does not declare these env vars (DINGTALK_WEBHOOK, DINGTALK_SECRET) as required; users should be aware the skill expects them even though the registry listing omitted them.
Persistence & Privilege
The skill does not request persistent elevated privileges, does not set always: true, and does not modify other skills or system-wide configuration. It runs as a normal skill and only performs outbound requests to the configured webhook.
Assessment
This skill appears to do exactly what it says: send Markdown messages to a DingTalk group via a webhook and optional signing secret. Before installing: (1) Verify and trust the webhook URL you provide — the webhook is a secret that can post into your group, so keep it private. (2) Note that the registry metadata omitted required env vars; you must set DINGTALK_WEBHOOK (and DINGTALK_SECRET if you use signing) or create the config file at ~/.config/dingtalk-push/config.json. (3) The skill reads config from your home config directory and the current working directory — avoid putting secrets in repositories or public folders. (4) The source has no homepage and an unknown owner; if you need higher assurance, review the small JS files yourself (they are readable and straightforward) or ask the author for provenance. (5) No external installs or unexpected network endpoints were found — the code only calls the provided webhook. If you plan to allow autonomous agent invocation, be aware the agent could send messages using that webhook, so restrict who can enable the skill and where the webhook posts.Like a lobster shell, security has layers — review code before you run it.
dingtalkvk9700tk8geb79ej78zsw5m2bb18146dnlatestvk9700tk8geb79ej78zsw5m2bb18146dnmessagevk9700tk8geb79ej78zsw5m2bb18146dnnotificationvk9700tk8geb79ej78zsw5m2bb18146dnwebhookvk9700tk8geb79ej78zsw5m2bb18146dn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.