The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires the installation of the @dingtalk-real-ai/dingtalk-connector package from the npm registry.\n- [REMOTE_CODE_EXECUTION]: The quick-start installation process uses npx, which downloads and runs external code from a remote package to configure the bot and gateway.\n- [PROMPT_INJECTION]: The skill processes untrusted incoming data from DingTalk messages, which presents a surface for indirect prompt injection attacks. \n- Ingestion points: Processes message text, images, and files from external DingTalk users (identified in SKILL.md). \n- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands in the message handling examples. \n- Capability inventory: The skill possesses extensive capabilities, including creating/modifying documents, sending high-priority notifications, and managing calendar events. \n- Sanitization: No sanitization or validation of external message content is documented or demonstrated in the implementation examples.

dingtalk-openclaw-connector