The Agent Skills Directory

[SAFE]: The skill acts as a structured interface for the official DingTalk Workspace CLI (dws). It provides clear instructions and helper scripts to interact with internal DingTalk services while enforcing safety protocols like user confirmation for destructive actions.
[COMMAND_EXECUTION]: Multiple Python scripts in the scripts/ directory (e.g., todo_batch_create.py, calendar_schedule_meeting.py) use subprocess.run() to execute dws commands. These executions are benign as they are strictly scoped to the skill's primary purpose of automating DingTalk workflows.
[EXTERNAL_DOWNLOADS]: The scripts/upload_attachment.py script uses urllib.request.urlopen to perform HTTP PUT requests. These requests target pre-signed URLs (Alibaba Cloud OSS) generated by the official dws tool to facilitate file uploads to AI Tables. This is a standard product feature and utilizes vendor-controlled infrastructure, qualifying as safe under trusted source rules.
[DATA_EXFILTRATION]: While the skill can read and transfer data (such as chat logs or emails), it operates entirely within the user's DingTalk environment as requested. There are no signs of unauthorized data transfer to non-whitelisted or suspicious external domains.
[PROMPT_INJECTION]: The SKILL.md file contains robust negative constraints ('NEVER DO') and positive requirements ('MUST DO') that help prevent the agent from bypassing safety filters or making unauthorized API calls outside the dws tool.

dws