dingtalk_channel_connect
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is designed for legitimate browser automation and includes specific safety instructions, such as mandatory pauses for user login and requiring manual confirmation for sensitive configuration steps.
- [EXTERNAL_DOWNLOADS]: Fetches default bot icons and preview images from Alibaba's official content delivery network (
img.alicdn.com). This is a well-known service and the action is documented as neutral. - [COMMAND_EXECUTION]: Utilizes standard browser automation capabilities (
click,type,file_upload) to navigate and interact with the official DingTalk developer portal. - [DATA_EXPOSURE]: The instructions explicitly forbid the agent from automatically modifying sensitive local configuration files (e.g.,
~/.copaw/config.json) or the console environment, instead guiding the user to perform credential binding manually to ensure security.
Audit Metadata