dingtalk-channel-rules

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to extract the current bot's clientId from the conversation context and inject it verbatim into dws CLI commands (e.g., --client-id dingXXXXXXXX), which requires handling and outputting a credential-like value directly.