Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Dingtalk Notify
v1.0.0通过钉钉工作通知发送消息给指定用户。统一的消息推送渠道。 Use when: 需要发送钉钉工作通知、测试钉钉连通性、重试失败的钉钉消息、 发送文件到钉钉、切换钉钉机器人模型。Triggers: "钉钉通知", "钉钉推送", "发送钉钉", "dingtalk notify", "钉钉连通性", "钉钉测试",...
⭐ 0· 43·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The described purpose (sending DingTalk work notifications) matches the commands in SKILL.md, but the skill bundle does not include or install the referenced scripts (~/.openclaw/workspace/scripts/*.sh) or declare any credentials; it assumes pre-existing local tooling without documenting it.
Instruction Scope
Runtime instructions explicitly invoke local shell scripts under the user's home directory and instruct sending arbitrary files (file path parameter). They also state OAuth2 auto-refresh and a local send-record path. Those instructions allow reading/transmitting local files and depend on token storage that is not described or controlled by the skill manifest.
Install Mechanism
No install spec (instruction-only). That lowers disk-write risk from this package itself, but it also means the skill relies on external scripts already present on disk—those scripts are not provided or audited here, which is a gap.
Credentials
SKILL.md references OAuth2 tokens and automatic refresh, yet the manifest declares no required environment variables or primary credential. It's unclear where credentials live or how they are protected; requesting/using OAuth tokens without documenting them is disproportionate and opaque.
Persistence & Privilege
The skill does not request always:true and does not declare modifications to other skills. However, instructions reference writing/reading files under ~/.openclaw/backups and running scripts in the user's home, which grants operational access to local data if those scripts are executed.
What to consider before installing
Before installing or enabling this skill: 1) Ask the author for the actual scripts (~/.openclaw/workspace/scripts/*.sh) and/or an install procedure; do not run unknown scripts. 2) Inspect those scripts' source to confirm where OAuth tokens are stored, what scopes/credentials they use, and whether they access unrelated files. 3) Confirm who controls the OAuth client/credentials and whether least-privilege scopes are enforced. 4) If you must test, run the scripts in a sandbox/container and avoid pointing them at sensitive files. 5) Prefer a skill package that includes its code or a documented, verifiable install step and explicit required env vars (e.g., DINGTALK_CLIENT_ID, DINGTALK_SECRET), or decline until the manifest and code align. If you cannot review the scripts and token storage, treat this as potentially risky and avoid granting it access to sensitive data.Like a lobster shell, security has layers — review code before you run it.
latestvk970eanemdcy5eczb5p8gbjbpd84m437
License
MIT-0
Free to use, modify, and redistribute. No attribution required.