alibabacloud-openclaw-ecs-dingtalk

SUSPICIOUS. The core deployment purpose is coherent, but the skill’s trust model is weak: it auto-creates a cloud API key, collects DingTalk secrets, and forwards both into cloud-executed shell commands that download and run unpinned remote scripts. This is a high security risk supply-chain and credential-handling pattern, even without proof of confirmed malware.