ClawHub

Dingding

Security checks across malware telemetry and agentic risk

Overview

This is a DingTalk API reference skill with sensitive enterprise examples, but the behavior is disclosed, purpose-aligned, and not automatically executable.

Install this only if you need DingTalk Open Platform API help. Before using real credentials, confirm you are authorized for the tenant and target users, use least-privilege app scopes, and require explicit confirmation before sending messages, starting approvals, creating calendar events, or reading directory and attendance records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs how to create calendar events on behalf of users without warning that this mutates real schedules and may notify attendees or create operational disruption. In an agent context, omission of an explicit confirmation/sandboxing requirement increases the risk of unintended real-world actions against enterprise calendars.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill describes launching approval workflow instances but does not warn that this can trigger actual business approvals, notifications, and downstream enterprise processes. In a production tenant, an agent following these instructions could submit real approval requests with financial, HR, or operational consequences.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents directory and attendance APIs that expose employee identifiers, phone-derived user mapping, and attendance records without any privacy or authorization warning. In an enterprise assistant, this omission can normalize bulk access to sensitive personnel data and increase the chance of over-collection or disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal