Dida Coach
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: dida365-coach-skills Version: 1.2.0 The skill bundle implements a Dida365 (TickTick) integration with high-risk capabilities, including the ability to modify the agent's own configuration file (~/.openclaw/openclaw.json) via tools/mcp_client.py and running a local HTTP server on port 38000 to capture OAuth credentials in tools/openapi_auth.py. While these features are aligned with the stated purpose of 'semi-automatic' setup and authentication, they represent a significant attack surface. The instructions in prompts/system.md also encourage the agent to perform single write operations without explicit secondary confirmation, which could be leveraged if the agent is misdirected. No evidence of intentional malice or unauthorized data exfiltration was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Authorizing this integration lets the agent view and change Dida tasks, lists, deadlines, reminders, and completion status.
The skill requires a Dida MCP connection that can read and write the user's task account.
description: "滴答清单 MCP,用于读取和写入任务" ... url: "https://mcp.dida365.com"
Only connect the Dida MCP account you intend to manage, and review requested changes before asking the agent to perform them.
A clear request such as completing, moving, or updating one task may be carried out without a second confirmation prompt.
The skill is allowed to perform task mutations directly for clear single-item requests, while reserving confirmation for high-risk bulk actions.
单个明确写操作默认直接执行...只有高风险批量动作才需要显式确认:批量完成、批量改期、一次移动多条任务
Phrase task changes precisely, and require explicit confirmation yourself for anything that affects multiple tasks or important deadlines.
If you choose the optional local OAuth setup, local code will open a browser, handle the OAuth callback, and write credentials on your machine.
The optional OpenAPI route asks the user to run a local Python OAuth helper with a client secret.
python3 scripts/dida_openapi_oauth.py --client-id YOUR_CLIENT_ID --client-secret YOUR_CLIENT_SECRET --open-browser
Use the built-in MCP authorization path unless you specifically need local OpenAPI OAuth, and protect or delete the generated credential file when no longer needed.
Personal or work productivity information may be stored locally and later used to guide future coaching responses.
The skill maintains persistent local productivity summaries, commitments, focus records, and review files for reuse.
root: "~/.dida-coach/productivity" ... auto_update_after_init: true ... managed_files: dashboard.md, commitments/promises.md, focus/sessions.md, reviews/weekly.md
Initialize the local productivity system only if you want this persistent record, and periodically review or delete files under ~/.dida-coach/productivity.
Your agent client may gain a new remote tool connection for Dida task access.
The skill can add a remote MCP server to the local OpenClaw configuration when the user allows it.
如果用户允许修改本地配置,优先把 dida365 写入 OpenClaw 的 `mcpServers`,使用 `transport.type=http` 和 `transport.url=https://mcp.dida365.com`
Confirm the MCP server URL before allowing the config write, and remove the dida365 entry from OpenClaw settings if you uninstall or stop using the skill.