ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

DingTalk Bot

v1.0.0

DingTalk Bot integration for messaging, group management, approval workflows, and attendance. Send messages, manage groups, handle approvals, and automate no...

0· 52·0 current·0 all-time
by@jason-aka-chen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, and the included dingtalk_bot.py all describe DingTalk messaging, group, approval, and attendance features — this is coherent with the stated purpose. However the registry metadata lists no required environment variables while the SKILL.md and code clearly expect DINGTALK_WEBHOOK_URL, DINGTALK_SECRET, DINGTALK_APP_KEY, DINGTALK_APP_SECRET, and DINGTALK_AGENT_ID. That omission in the metadata is an incoherence worth flagging.
Instruction Scope
SKILL.md instructs the agent to set environment variables and shows only API calls to DingTalk (oapi.dingtalk.com). There are no instructions to read unrelated local files or transmit data to unexpected endpoints. The runtime instructions are generally scoped to the DingTalk integration.
Install Mechanism
No install spec or external downloads are present; the skill ships a single Python module and relies on standard libraries plus requests. This is low risk from an install/download perspective.
!
Credentials
The SKILL.md and code require sensitive credentials (webhook secret, app key/secret, agent id) which are proportional to controlling a DingTalk bot. However the package metadata declares no required environment variables or primary credential, creating a mismatch that could cause users to unknowingly provide secrets in the wrong place or miss the need to secure them. Confirm where to store these secrets in your agent before enabling the skill.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system settings. It performs network calls when invoked but has no built-in persistence or elevated platform privileges.
What to consider before installing
This skill appears to implement a DingTalk integration and calls only DingTalk APIs, but the package metadata does not list the environment variables the SKILL.md requires. Before installing: (1) review the full dingtalk_bot.py source in your environment (it contains several implementation bugs — e.g. incorrect HMAC usage and some incorrect request URLs — which could cause failures); (2) do not paste production app secrets into an agent until you confirm how the agent stores them; (3) run the code in a controlled/test account first (use a test DingTalk app/webhook); (4) ask the publisher to correct the metadata to declare required env vars and to fix the implementation errors, or prefer an official/verified integration. If you need help auditing specific functions or verifying network destinations, provide the rest of the source and I can inspect further.

Like a lobster shell, security has layers — review code before you run it.

latestvk975a5jbbratt7p39h3wjfeepd83cftd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments