Huo15 Dingtalk Connector Pro

The package is plausibly a DingTalk OpenClaw connector (code and docs align with the description), but there are mismatches and prompt-injection signals in the SKILL.md plus unstated external integrations and install-related scripts that merit manual review before installing.

What to check before installing: - Verify publisher/source: confirm the npm package owner and GitHub repo are operated by a trusted party (compare package.json author/publisher with the repo and the company site). Prefer installing directly from the upstream project's official repository or a verified npm publisher. - Inspect install scripts: open install-npm.sh and install-beta.sh and package.json to ensure they don't run arbitrary curl/wget/extract commands or write to unexpected system locations. Reject or sandbox the install if there are untrusted downloads or unpack/exec steps. - Search the code for hard-coded network endpoints and secrets: look for fetch/axios/wss/URL strings, telemetry endpoints, or callbacks that post data to third-party domains (especially tools.huo15.com or other domains not under your control). If found, ask the maintainer to document why they are needed. - Confirm required credentials and where they are stored: this connector expects DingTalk AppKey/AppSecret to be placed in OpenClaw channel config (~/.openclaw/openclaw.json) rather than as env vars; ensure you are comfortable providing those credentials and that they are kept in a secure config location. - Investigate 'huo15-memory-evolution' integration: ask the author whether that integration sends memory data to an external service, and what credentials or network access it requires. If it uploads or syncs conversation history externally, evaluate privacy/compliance implications. - Remove hidden/control characters: open SKILL.md and README in a binary/hex-capable editor to reveal and remove any unexpected Unicode control characters before using the file as instructions to an LLM or automated installer. - Run in isolation first: install and test the plugin in a sandboxed environment (non-production OpenClaw instance, container, or VM) and monitor outbound connections and file writes to ensure no unexpected exfiltration. If you want, I can: (1) list suspicious files/strings to inspect (install scripts, openclaw.plugin.json, package.json, network-using modules like src/utils/http-client.ts, src/core/connection.ts, any script that spawns child processes), or (2) extract and show the contents of the install scripts and package.json for a quick review.