Use Dingding
v1.1.0Interact with DingTalk workspace via dws CLI to manage contacts, chats, calendars, todos, approvals, attendance, reports, and AITable data using OAuth creden...
⭐ 0· 51·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description promise (interact with DingTalk via the dws CLI) matches what the skill asks for: it requires DWS_CLIENT_ID and DWS_CLIENT_SECRET and documents use of the dws CLI. The bundled Python scripts call the dws binary via subprocess to perform calendar, contact, aitable, todo, report, and attendance operations — all coherent with the claimed purpose.
Instruction Scope
SKILL.md and scripts instruct the agent to run dws commands (including mutations like approvals, sends, deletes). The instructions explicitly recommend --dry-run by default and advise interactive login; the scripts themselves default to dry-run unless an explicit execute flag is passed. There are no instructions to read unrelated system files or to exfiltrate secrets, but the skill will access files the user explicitly supplies (CSV, message.md) and may use env vars if chosen. Because the skill can perform destructive org actions, limiting autonomous invocation or requiring manual confirmation is recommended.
Install Mechanism
There is no automated install spec in the package (instruction-only). SKILL.md points to GitHub releases and an install script (raw.githubusercontent.com) and suggests building from source. GitHub releases and source are reasonable installation sources; the provided curl | sh installer pattern is common but carries the usual risk—SKILL.md correctly asks reviewers to inspect the script before running it.
Credentials
Only DingTalk OAuth credentials (DWS_CLIENT_ID and DWS_CLIENT_SECRET) are declared as required, which is proportionate for a DingTalk CLI skill. The code and docs reference a small set of optional runtime envs (DWS_DEBUG, DWS_TRUSTED_DOMAINS) but nothing asks for unrelated cloud/provider credentials or broad secrets.
Persistence & Privilege
always is false and the skill does not request persistent platform-wide privileges or attempt to modify other skills/config. The only notable risk is functional: the skill can perform high-impact operations (approvals, deletes, send messages). Since autonomous invocation is allowed by default on the platform, restrict that when you don't want automated destructive actions — the SKILL.md also calls this out.
Assessment
This skill appears to do what it says: it wraps the dws CLI and needs DingTalk OAuth credentials. Before installing, do the following: (1) Review the referenced GitHub repository and the raw install script before running any curl | sh; prefer building from source or downloading an official release. (2) Use least-privilege OAuth scopes and test in a sandbox enterprise first. (3) Prefer interactive login (keychain/libsecret) over environment variables for production. (4) Be cautious about granting the agent autonomous execution: require confirmations or disable autonomous invocation if you don't want automated approvals, message sends, or deletes. (5) Inspect the bundled scripts if you will run them; they call the dws binary via subprocess and operate on files you provide (CSV, message files), but they do not contain hidden network exfiltration code. (6) Rotate credentials and monitor audit logs after first use.Like a lobster shell, security has layers — review code before you run it.
latestvk97f39f01m6ee01m4a0ygqt6j5841rw4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.