dingtalk-openclaw-connector

SUSPICIOUS: the skill is mostly purpose-aligned for a DingTalk connector, but it gives an agent broad enterprise write/action powers and forwards DingTalk credentials to an external package whose publisher ownership is not verified in the provided material. This looks more like a high-risk integration than confirmed malware.