ClawHub

Dingtalk Setup

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward DingTalk setup guide, but users should be careful with the DingTalk app secret and verify the third-party plugin package before installing it.

Before installing, confirm that @soimy/dingtalk is the plugin you intend to trust. Prefer the interactive configuration flow, avoid putting real secrets in command history or shared screenshots, restrict access to ~/.openclaw/openclaw.json, rotate any secret copied into examples or commands, and consider allowlist settings instead of open DM/group access for sensitive workspaces.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The guide instructs users to place a Client Secret directly into a JSON config file and even includes a realistic-looking full secret in the example, but provides no warning about secret handling, file permissions, redaction, or avoiding committed plaintext credentials. This increases the risk of accidental credential disclosure through screenshots, shell history, backups, shared machines, or version control, which could allow unauthorized use of the DingTalk application.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Passing Client Secret values on the command line can expose them to process listings, shell history, audit logs, CI logs, and remote session transcripts. The skill recommends this automation path without any warning or safer alternative, making inadvertent credential leakage more likely in real deployments.

VirusTotal

39/39 vendors flagged this skill as clean.

View on VirusTotal