钉钉宜搭开发助手

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only helper for DingTalk Yida development, with some examples that should be used carefully but no evidence of hidden execution or malicious behavior.

Install if you want a Yida development reference. Before copying examples into a real app, verify app and form IDs, limit DingTalk/Yida permissions, avoid testing update/delete flows on production data, and remove temporary debugging scripts such as vConsole after troubleshooting.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrase at line 8 includes a broad low-code-development term that can match routine user conversation rather than a clear request for this specific Yida skill. Overly broad activation increases the chance the skill is invoked in contexts where its specialized instructions, links, and code patterns are not appropriate, causing prompt-routing mistakes or unintended tool use.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger phrase 'yida' is too generic and short to reliably scope activation to this skill, and may collide with unrelated names, acronyms, or user text. This creates misrouting risk where the skill activates outside its intended context and influences responses with domain-specific instructions that do not apply.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal