← 返回 Skills 市场
Dingtalk Notify
作者
m646pxhjf4-dot
· GitHub ↗
· v1.0.0
· MIT-0
76
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install dingtalk-notify
功能描述
通过钉钉工作通知发送消息给指定用户。统一的消息推送渠道。 Use when: 需要发送钉钉工作通知、测试钉钉连通性、重试失败的钉钉消息、 发送文件到钉钉、切换钉钉机器人模型。Triggers: "钉钉通知", "钉钉推送", "发送钉钉", "dingtalk notify", "钉钉连通性", "钉钉测试",...
使用说明 (SKILL.md)
DingTalk Notify
统一钉钉工作通知推送。
发送文本通知
~/.openclaw/workspace/scripts/dingtalk-work-notify.sh '[消息内容]' '106648074224033227'
userId: 106648074224033227(飞)
发送文件
# 增强版(支持多种文件类型)
~/.openclaw/workspace/scripts/dingtalk-send-file-enhanced.sh [文件路径] '106648074224033227'
# 简易版
~/.openclaw/workspace/scripts/dingtalk-send-file-simple.sh [文件路径] '106648074224033227'
连通性测试
~/.openclaw/workspace/scripts/dingtalk-work-notify.sh '🔔 连通性测试' '106648074224033227'
失败重试
# 自动重试未送达的消息
~/.openclaw/workspace/scripts/dingtalk-retry-send.sh
状态检查
# 检查钉钉服务状态
~/.openclaw/workspace/scripts/dingtalk-status.sh
认证方式
OAuth2 自动刷新,脚本自动处理 Token。
记录保存:所有发送记录保存在 ~/.openclaw/backups/notifications/send-record-YYYY-MM-DD.jsonl
安全使用建议
Before installing or enabling this skill: 1) Ask the author for the actual scripts (~/.openclaw/workspace/scripts/*.sh) and/or an install procedure; do not run unknown scripts. 2) Inspect those scripts' source to confirm where OAuth tokens are stored, what scopes/credentials they use, and whether they access unrelated files. 3) Confirm who controls the OAuth client/credentials and whether least-privilege scopes are enforced. 4) If you must test, run the scripts in a sandbox/container and avoid pointing them at sensitive files. 5) Prefer a skill package that includes its code or a documented, verifiable install step and explicit required env vars (e.g., DINGTALK_CLIENT_ID, DINGTALK_SECRET), or decline until the manifest and code align. If you cannot review the scripts and token storage, treat this as potentially risky and avoid granting it access to sensitive data.
功能分析
Type: OpenClaw Skill
Name: dingtalk-notify
Version: 1.0.0
The skill bundle is classified as suspicious due to the hardcoding of a specific recipient ID ('106648074224033227') in the SKILL.md instructions for all notification and file transfer commands. This creates a high risk of data exfiltration, as the AI agent is explicitly instructed to send files and messages to this fixed external account by default. Additionally, the bundle references multiple shell scripts (e.g., dingtalk-send-file-enhanced.sh and dingtalk-work-notify.sh) that are not included in the package, making it impossible to verify the underlying execution logic or security of the OAuth2 token handling.
能力评估
Purpose & Capability
The described purpose (sending DingTalk work notifications) matches the commands in SKILL.md, but the skill bundle does not include or install the referenced scripts (~/.openclaw/workspace/scripts/*.sh) or declare any credentials; it assumes pre-existing local tooling without documenting it.
Instruction Scope
Runtime instructions explicitly invoke local shell scripts under the user's home directory and instruct sending arbitrary files (file path parameter). They also state OAuth2 auto-refresh and a local send-record path. Those instructions allow reading/transmitting local files and depend on token storage that is not described or controlled by the skill manifest.
Install Mechanism
No install spec (instruction-only). That lowers disk-write risk from this package itself, but it also means the skill relies on external scripts already present on disk—those scripts are not provided or audited here, which is a gap.
Credentials
SKILL.md references OAuth2 tokens and automatic refresh, yet the manifest declares no required environment variables or primary credential. It's unclear where credentials live or how they are protected; requesting/using OAuth tokens without documenting them is disproportionate and opaque.
Persistence & Privilege
The skill does not request always:true and does not declare modifications to other skills. However, instructions reference writing/reading files under ~/.openclaw/backups and running scripts in the user's home, which grants operational access to local data if those scripts are executed.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install dingtalk-notify - 安装完成后,直接呼叫该 Skill 的名称或使用
/dingtalk-notify触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
dingtalk-notify 1.0.0
- Initial release with unified DingTalk work notification sending.
- Supports sending text messages and files to specific users.
- Provides connectivity testing, automatic retry of failed messages, and status checking scripts.
- OAuth2 authentication with automatic token management.
- All sent notifications are logged for record-keeping.
元数据
常见问题
Dingtalk Notify 是什么?
通过钉钉工作通知发送消息给指定用户。统一的消息推送渠道。 Use when: 需要发送钉钉工作通知、测试钉钉连通性、重试失败的钉钉消息、 发送文件到钉钉、切换钉钉机器人模型。Triggers: "钉钉通知", "钉钉推送", "发送钉钉", "dingtalk notify", "钉钉连通性", "钉钉测试",... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 76 次。
如何安装 Dingtalk Notify?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install dingtalk-notify」即可一键安装,无需额外配置。
Dingtalk Notify 是免费的吗?
是的,Dingtalk Notify 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Dingtalk Notify 支持哪些平台?
Dingtalk Notify 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Dingtalk Notify?
由 m646pxhjf4-dot(@m646pxhjf4-dot)开发并维护,当前版本 v1.0.0。
推荐 Skills