ClawHub

Dingtalk

v1.0.0

DingTalk channel plugin for OpenClaw - send and receive messages via DingTalk (钉钉)

2· 1.9k·25 current·27 all-time
bychan@chayjan
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name, description, SKILL.md, and the TypeScript code all implement a DingTalk channel plugin: fetching access tokens, sending messages via API and webhook, receiving callbacks, onboarding UI, and a probe. The config/env vars referenced (DINGTALK_CLIENT_ID/SECRET and webhook URL/secret) match the stated purpose.
Instruction Scope
SKILL.md instructs only on configuring credentials, webhook URLs, and the gateway callback — the runtime code only calls DingTalk endpoints (oapi.dingtalk.com) and does not read unrelated files, system configs, or contact external domains beyond DingTalk/webhook URLs.
Install Mechanism
There is no external download/install spec (lower risk). However, this skill is not purely instruction-only: it includes source files and package.json/openclaw.plugin.json describing an extension path. That is coherent for a plugin but means code will run in the host if installed — there are no third-party downloads or obscure URLs.
Credentials
The registry metadata listed no required env vars, but SKILL.md and the code expect optional environment variables (DINGTALK_CLIENT_ID/SECRET and alternate names DINGTALK_APP_KEY/APP_SECRET). These env reads are appropriate for the plugin's function, but the registry should declare them explicitly. No unrelated credentials are requested.
Persistence & Privilege
The skill does not set always:true and makes no attempt to modify other skills or system settings. It will run as a channel plugin within OpenClaw's extension system when installed — standard and appropriate for its purpose.
Assessment
This plugin appears to do what it says: integrate OpenClaw with DingTalk using either an app key/secret or a group webhook. Before installing, consider: (1) the package has no homepage or repository listed and the publisher identity is unclear — prefer plugins from a known org or official repo; (2) the plugin will read DINGTALK_CLIENT_ID/DINGTALK_CLIENT_SECRET (and alternate env names) — provide least-privilege app credentials and rotate them if possible; (3) if you choose file-based config, be careful storing secrets in plaintext config files — prefer environment variables or secret storage; (4) review network exposure for your OpenClaw Gateway (callback URL and IP whitelisting) as noted in docs; (5) because source files are included, you can inspect or vendor the code in your environment before enabling it. If you want higher assurance, ask the publisher for a repo/homepage and a signed release or install the plugin from a trusted source.

Like a lobster shell, security has layers — review code before you run it.

latestvk971d7f86xhqgmna67y0rf8ce182by1m
1.9kdownloads
2stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
chan@chayjan
latest
Download

DingTalk Channel Plugin for OpenClaw

Connect OpenClaw to DingTalk (钉钉) for enterprise messaging.

Features

  • Send/receive messages via DingTalk API
  • Support for both internal apps and webhook robots
  • DM and group chat policies
  • User allowlist support

Configuration

Method 1: Environment Variables

export DINGTALK_CLIENT_ID="your-app-key"
export DINGTALK_CLIENT_SECRET="your-app-secret"

Method 2: Config File

openclaw config --section channels
# Select DingTalk and follow prompts

Or manually edit config:

channels:
  dingtalk:
    enabled: true
    clientId: "ding6kntxc33nvloty5z"
    clientSecret: "your-secret"
    dmPolicy: "allowlist"  # or "open", "pairing"
    allowFrom:
      - "user001"
      - "user002"
    groupPolicy: "allowlist"  # or "open", "disabled"
    groupAllowFrom:
      - "chat001"

Method 3: Webhook Robot (Group Chat)

For group robot webhooks:

channels:
  dingtalk:
    enabled: true
    webhookUrl: "https://oapi.dingtalk.com/robot/send?access_token=xxxxx"
    webhookSecret: "SECxxxxx"  # optional, for signature verification

Getting Credentials

  1. Go to DingTalk Open Platform
  2. Create a micro-app or internal robot
  3. Copy the App Key and App Secret
  4. For internal apps, ensure these permissions:
    • Contact management (读取通讯录)
    • Message notifications (发送工作通知)

Usage

Sending Messages

await message({
  channel: "dingtalk",
  target: "user-id",
  text: "Hello from OpenClaw!"
});

Receiving Messages

Configure DingTalk callback URL to point to your OpenClaw Gateway:

https://your-gateway/webhook/dingtalk

API Reference

Troubleshooting

Error: "invalid timestamp"

  • Check your system time is synchronized

Error: "app not authorized"

  • Ensure your app has the required permissions in DingTalk admin console

Error: "ip not in whitelist"

  • Add your OpenClaw Gateway IP to DingTalk app IP whitelist

Development

This plugin is in beta. Report issues at: https://github.com/openclaw/openclaw

License

MIT

Comments

Loading comments...