ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Dingtalk Calendar

v1.0.2

钉钉日程管理(创建日程、查询闲忙、会议室预订)。使用 mcporter CLI 连接钉钉 MCP server 执行日程管理、日程查询、会议室预订等操作。使用场景:日程创建管理、会议预订、查询他人闲忙、会议室预约等。

1· 1.3k·19 current·19 all-time
by@javazhengwu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (DingTalk calendar management) align with the instructions: all operations are CLI calls to an MCP calendar/contacts service via the mcporter tool. No unrelated credentials, binaries, or system access are requested.
Instruction Scope
SKILL.md confines runtime actions to installing/using the mcporter CLI, adding MCP service Streamable HTTP URLs from mcp.dingtalk.com, and running mcporter call commands for calendar/contacts operations. These actions necessarily send calendar/contact data to the configured MCP endpoints (expected for this skill). The instructions do not direct reading unrelated host files, environment variables, or unknown external endpoints.
Install Mechanism
This is instruction-only (no install spec). SKILL.md tells the user to install mcporter manually via npm/bun (user-run). package.json lists mcporter as a dependency even though there is no automated install — this is a minor inconsistency that can confuse users but is not evidence of malicious behavior. No downloads from untrusted URLs or archive extraction are present.
Credentials
The skill does not request environment variables, secrets, or system config paths. It requires the user to supply Streamable HTTP URLs for DingTalk MCP services (these act like service endpoints/credentials) which is proportional to the stated purpose. Users should treat those URLs as sensitive and only paste trusted endpoints.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide persistence or modification of other skills. Autonomous invocation is allowed (platform default) but does not combine with broad credentials or unusual privileges here.
Assessment
This skill is coherent for managing DingTalk calendars using the mcporter CLI, but take these precautions before installing/using it: - Only install mcporter from a trusted source (verify the npm package and its maintainer) and run the installation yourself rather than running arbitrary install commands you don't understand. - The skill requires you to paste Streamable HTTP URLs for DingTalk MCP services; treat those URLs as potentially sensitive (they allow the mcporter client to call your org's MCP endpoints) and only provide them if you trust the endpoint and operator. - Because the skill relies on an external CLI (mcporter), review mcporter's documentation for what it stores locally (configs, tokens) and its network behavior. - Note the minor inconsistency: package.json lists mcporter as a dependency even though the skill has no automated install; this is likely a packaging omission, not malicious, but verify before granting access to production accounts. If you want a stricter review, provide the mcporter package source (or its code) so its network/storage behavior can be inspected — that information would change the assessment if it showed unexpected exfiltration or wide local credential access.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e2wm2znf80zvdbsqxvb5cb5826mk9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments