← 返回 Skills 市场

dingtalk-gui-message

Name: dingtalk-gui-message
Author: jacky-wzj

作者 jacky-wzj · GitHub ↗ · v1.1.2 · MIT-0

cross-platform ⚠ suspicious

122

总下载

当前安装

版本数

在 OpenClaw 中安装

/install dingtalk-gui-message

功能描述

通过 macOS GUI 自动化给钉钉联系人发消息。使用 peekaboo + screencapture + Swift Vision OCR + cliclick 实现全流程自动化。触发词：钉钉发消息、给XX发消息、钉钉GUI、dingtalk message。

使用说明 (SKILL.md)

钉钉 GUI 自动化发消息

通过 macOS 桌面 GUI 自动化，搜索钉钉联系人并发送消息。

前置条件

macOS（arm64, Retina）
已安装钉钉桌面客户端（com.alibaba.DingTalkMac）
已安装工具：peekaboo, cliclick, swift
已授权：Screen Recording + Accessibility

用法

python3 scripts/send_message.py "联系人名" "消息内容"

登录处理

脚本自动检测钉钉是否需要登录：

已登录 → 直接执行
未登录 → 截取二维码，输出 {"needs_login": true, "qr_code": "路径"}
exit code: 0=成功, 1=失败, 2=需要登录

技术方案（4/13 + 4/23 验证通过）

截图策略（关键！）

场景	工具	理由
登录检测	`peekaboo image --app`	只截钉钉窗口，避免误识别其他窗口文字
OCR 导航	`screencapture -x`	全屏 Retina，能捕获 WebView 内容
二维码截图	`screencapture -x`	确保二维码可见

坐标换算（4/23 修正）

Retina 截图: 3024×1964 像素
逻辑分辨率: 1512×982
换算: 逻辑坐标 = 像素坐标 ÷ 2

双引擎 OCR

引擎	用途
Swift Vision OCR	文字精确坐标 → cliclick
qwen3.6-plus vision	语义理解，确认操作结果

核心原则（踩坑总结）

bundleId: 始终用 com.alibaba.DingTalkMac
中文输入: 只用 peekaboo paste --text --app bundleId
WebView 点击: 用 cliclick，不用 peekaboo click
搜索词: 用名字前两个字，不用全名
窗口激活: osascript activate + peekaboo focus 双重保障

工具链

工具	用途
peekaboo	paste 中文、hotkey、press、窗口截图
screencapture	全屏 Retina 截图（捕获 WebView）
Swift Vision	OCR + 像素坐标
cliclick	逻辑坐标点击
qwen-vl-max	截图语义分析

安全使用建议

This skill appears to implement the advertised DingTalk GUI automation, but there are several things to check before installing or running it: - Expect to grant macOS Screen Recording and Accessibility permissions; the script will take full-screen and app-window screenshots and save them in /tmp/dingtalk-gui (including QR codes and any visible content). - The script will look for a QWEN API key in ~/.openclaw/openclaw.json and in the QWEN_API_KEY env var. If found it will send base64-encoded screenshots to dashscope.aliyuncs.com (qwen-vl-max) for optional vision analysis. If you do not want screenshots leaving your machine, remove the API key(s) or avoid using the --vision option. - Metadata/registry fields do not declare the required local tools (peekaboo, cliclick, swift) and the script reads a user config path that is not advertised. This mismatch is a red flag — review the files locally before running. - If you decide to use it: audit the included scripts (send_message.py and ocr_screen.swift) yourself, run them in a controlled environment or VM, and avoid running the vision feature unless you trust the remote endpoint and the API key in use. If you want, I can: (a) point out the exact lines where the script reads your config and where it sends network requests, (b) suggest edits to disable remote uploads, or (c) produce a minimal checklist to run this safely.

功能分析

Type: OpenClaw Skill Name: dingtalk-gui-message Version: 1.1.2 The skill automates DingTalk via macOS GUI interaction, involving full-screen screenshots and coordinate-based clicks. It contains a shell injection vulnerability in `scripts/send_message.py` where user-provided contact names or messages are passed unsanitized to `subprocess.run` via the `peekaboo` command. Additionally, the script reads sensitive configuration from `~/.openclaw/openclaw.json` and transmits screenshots to an external API (dashscope.aliyuncs.com) for vision analysis. While these actions align with the stated purpose, the combination of RCE risk and broad screen capture capability poses a significant security risk.

能力标签

requires-sensitive-credentials

能力评估

⚠ Purpose & Capability

The skill's stated purpose (automating DingTalk GUI on macOS) matches the code and instructions. However the registry metadata claims no required binaries or env vars while SKILL.md and scripts require/expect peekaboo, cliclick, swift, screencapture and Screen Recording/Accessibility permissions — a mismatch between declared requirements and actual runtime needs.

⚠ Instruction Scope

Instructions and the included Python/Swift scripts direct the agent to take full-screen and window screenshots, OCR them locally, and — optionally if an API key is available — POST base64-encoded screenshots to a remote vision endpoint (dashscope.aliyuncs.com). The script also reads a user configuration file (~/.openclaw/openclaw.json) to extract a model API key. Capturing and transmitting screenshots can expose unrelated sensitive data on your screen; reading the user's config file is not declared in the skill metadata.

✓ Install Mechanism

Instruction-only skill (no install spec). No installers or downloads are performed by the skill bundle itself, which limits disk-write/install risk. However it depends on third-party tools that the user must install separately (peekaboo, cliclick, Swift).

⚠ Credentials

The registry lists no required env vars or config paths, but the script accesses ~/.openclaw/openclaw.json and the QWEN_API_KEY environment variable to enable optional remote 'vision' functionality. This is disproportionate to 'send a DingTalk message' and is not clearly declared: the script will try to find and use a model API key from your personal config without explicit metadata prompting.

✓ Persistence & Privilege

The skill does not request permanent inclusion (always:false) and does not modify other skills or system-wide settings. It stores transient files in /tmp/dingtalk-gui and requires Screen Recording/Accessibility permissions as expected for GUI automation.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install dingtalk-gui-message
安装完成后，直接呼叫该 Skill 的名称或使用 /dingtalk-gui-message 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.1.2

fix: remove personal name from LICENSE

v1.1.1

fix: remove personal names from code examples

v1.1.0

v1.1: Pure script verification - zero AI model dependency by default. Added --wait-login auto-polling, OCR-only verification, QR code retry.

v1.0.0

Initial release: macOS GUI automation for DingTalk messaging

元数据

Slug dingtalk-gui-message

版本 1.1.2

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 4

常见问题