Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and SKILL.md match the stated purpose (creating/managing DingTalk internal groups) and legitimately require DingTalk app credentials. However, the registry metadata lists no required environment variables or primary credential even though SKILL.md and the code explicitly require DINGTALK_APP_KEY and DINGTALK_APP_SECRET — this mismatch is an inconsistency that should be explained by the publisher.
Instruction Scope
Runtime instructions and the included script confine network calls to the DingTalk Open Platform (oapi.dingtalk.com) and only access the two DingTalk-related environment variables. The script prints debugging info to stderr/stdout and otherwise stays within the stated scope (no filesystem crawling, no unrelated network endpoints).
Install Mechanism
There is no install spec despite the code depending on external Node/TypeScript packages (@alicloud/dingtalk, @alicloud/openapi-client) and ts-node. That increases supply-chain/install ambiguity: a user must install these packages manually or run in an environment that already has them. Lack of declared installation steps is a practical risk (missing or malicious dependency substitution) and should be remedied by the publisher.
Credentials
The only required secrets in SKILL.md and the script are DINGTALK_APP_KEY and DINGTALK_APP_SECRET, which are proportionate to the skill's purpose. However, the registry metadata does not declare these required environment variables or a primary credential, which is a mismatch that can lead to accidental credential exposure or misuse if installers are unaware. No other unrelated credentials or paths are requested.
Persistence & Privilege
The skill does not request persistent or elevated platform privileges (always:false). It does not attempt to modify other skills or system-wide configuration. Autonomous invocation is allowed by default but is not combined with other high-risk behaviors here.
What to consider before installing
This skill appears to do what it says (create/manage DingTalk groups) and requires only your DingTalk app key and secret. Before installing or running it: 1) Confirm you trust the publisher (source is unknown); 2) Do not supply broader credentials — only set DINGTALK_APP_KEY and DINGTALK_APP_SECRET for an app that has minimal permissions (group management only); 3) Because there is no install spec, run it in a controlled environment (container or isolated VM) after installing ts-node and the declared npm packages from the official registry; 4) Ask the publisher to update the registry metadata to declare the required env vars and to provide an install script or README so you know exactly which packages will be installed; 5) If you can't verify the source, consider reviewing or running the script in a sandbox before giving it access to real credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk97e5k5s21cxzfg086eb4rk2ax82pyqb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.