ClawHub

Dingtalk Bitable

Security checks across malware telemetry and agentic risk

Overview

This is a coherent DingTalk Bitable integration that can read, create, update, and delete table data when invoked.

Install this only if you want an agent to operate on DingTalk Bitable data through your configured DingTalk app. Use least-privilege app permissions and explicitly confirm table, record, and field targets before allowing create, update, delete, or schema-changing actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill advertises destructive operations such as deleting tables and records and updating data, but it provides no warning, confirmation guidance, or safety constraints around irreversible changes. In an agent setting, this raises the risk of accidental or unauthorized data destruction if a user request is ambiguous, maliciously phrased, or executed without explicit confirmation.

Missing User Warnings

Low
Confidence
79% confidence
Finding
The skill states that DingTalk credentials are automatically read from channel configuration but does not include any privacy or security warning about secret handling, scope, or auditability. While not an exploit by itself, this can normalize silent credential use and reduce operator awareness of where sensitive tokens are sourced and how they may be used against enterprise data.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill exposes a destructive delete operation with no confirmation, dry-run, safety interlock, or scoping checks. In an agent context, this increases the risk of accidental or prompt-induced deletion of records, especially when operating on user-provided identifiers.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The manifest exposes create, update, and delete operations on table records but does not communicate that these actions modify or permanently remove user data. In an agent setting, missing user-facing warnings and confirmation expectations can lead to unintended destructive actions, especially when the assistant is asked to operate on ambiguous records or tables.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal