Skills dingtalk-bridge
πŸ””

dingtalk-bridge

Low Risk 🌐 Network accessβš™οΈ External commands

Connect Claude Code to DingTalk Chat

Bridge your Claude Code agent with DingTalk group chat for bi-directional messaging. Send notifications and execute commands through @mentions in group conversations.

Supports: Claude Codex Code(CC)
πŸ₯‰ 75 Bronze
1

Download the skill ZIP

2

Upload in Claude

Go to Settings β†’ Capabilities β†’ Skills β†’ Upload skill

3

Toggle on and start using

Test it

Using "dingtalk-bridge". Send a DingTalk message: Today's build passed all 142 tests

Expected outcome:

Message sent successfully to DingTalk group

Using "dingtalk-bridge". What is the current configuration?

Expected outcome:

DingTalk Bridge is configured with app_key, conversation ID saved, and workdir set to /home/user/project

Security Audit

Low Risk
v1 β€’ 4/13/2026

Static analysis detected 208 patterns, mostly false positives from documentation code examples and legitimate API usage. The skill intentionally executes subprocess commands to run the Claude CLI with user prompts, which is properly sandboxed using list arguments (no shell injection). No hardcoded credentials, no prompt injection attempts, no malicious intent detected. All network activity is to official DingTalk API endpoints.

12
Files scanned
1,446
Lines analyzed
5
findings
1
Total audits
Medium Risk Issues (1)
src/stream_bot.py:63-75
Subprocess Execution with User Input
The stream_bot.py executes the Claude CLI with user-controlled prompt content via subprocess.run. While this is intentional functionality for a chat bot bridge, it allows arbitrary command execution through the Claude CLI. The implementation uses proper list arguments to prevent shell injection, and the --dangerously-skip-permissions flag is used which is documented.
Low Risk Issues (2)
scripts/install.sh:62-111
macOS LaunchAgent Persistence
The install.sh script optionally creates a macOS LaunchAgent for 24/7 bot operation. This is a legitimate persistence mechanism for a long-running service, properly documented and requires user consent.
scripts/install.sh:42-50
Credential Storage in Config File
App credentials are stored in config.json with chmod 600 permissions. This is a standard practice for local development tools.

Risk Factors

🌐 Network access (4)
src/send.py:33 src/send.py:70 src/send.py:90 src/send.py:106
βš™οΈ External commands (3)
src/stream_bot.py:63-75 scripts/install.sh:4 scripts/install.sh:102
Audited by: claude

Quality Score

59
Architecture
100
Maintainability
87
Content
50
Community
81
Security
83
Spec Compliance

What You Can Build

Development Team Notifications

Send build status, deployment alerts, or test results from Claude Code directly to your team's DingTalk group

Interactive Task Automation

Team members can @mention the bot in DingTalk to trigger Claude Code tasks like code review, documentation generation, or data analysis

24/7 Monitoring Bot

Deploy the stream bot as a persistent service to handle asynchronous requests and execute tasks through Claude Code

Try These Prompts

Send a Simple Message 
Send a DingTalk message: The production deployment completed successfully
Send Markdown with Title 
Send a DingTalk message with title 'Build Alert' saying: Build #142 failed in the integration tests. 3 tests failing.
Start the Stream Bot 
Start the DingTalk stream bot in the background so it can receive @mentions
Configure via Environment Variables 
Set up DingTalk credentials using environment variables DINGTALK_APP_KEY and DINGTALK_APP_SECRET

Best Practices

  • Use environment variables for credentials instead of config.json when possible
  • Start the stream bot using systemd or LaunchAgent for 24/7 operation
  • Test message sending with the CLI before setting up the stream bot
  • Keep the Claude CLI updated to ensure compatibility with --dangerously-skip-permissions flag

Avoid

  • Do not hardcode app_key or app_secret in source code or version control
  • Avoid sending messages longer than 3000 characters without adjusting max_reply configuration
  • Do not run the stream bot with elevated privileges unless necessary
  • Never share the config.json file or commit it to version control

Frequently Asked Questions

How do I get DingTalk app credentials?
Go to DingTalk Open Platform (open-dev.dingtalk.com), create an Enterprise Internal App, enable Robot capability, set message mode to Stream, and copy the App Key and App Secret.
Can I use this with multiple DingTalk groups?
The default configuration supports one group. For multiple groups, create separate config files with different DINGTALK_CONV_FILE paths or modify the skill to support multiple conversation IDs.
Is it safe to execute Claude commands from chat?
The bot uses subprocess.run with list arguments to prevent shell injection. However, Claude CLI will execute with your permissions. Only use this in trusted groups and be aware that anyone who can @mention the bot can trigger Claude execution.
What happens if the stream bot crashes?
The bot has exponential backoff retry logic (5s to 60s) and will auto-reconnect. For additional reliability, use systemd or LaunchAgent to auto-restart the process on exit.
Does this work on Linux and Windows?
The Python code works on Linux and Windows. The install.sh LaunchAgent setup is macOS-only, but you can use systemd on Linux or create a Windows service equivalent.
How do I stop the stream bot?
Press Ctrl+C in the terminal running the bot, or use launchctl stop com.dingtalk-bridge.bot (macOS) or systemctl stop dingtalk-bridge (Linux) if running as a service.

Developer Details

Author

mguozhen

License

MIT

Repository

https://github.com/mguozhen/dingtalk-bridge/tree/main/

Ref

main

File structure

πŸ“ scripts/

πŸ“„ install.sh

πŸ“ src/

πŸ“„ __init__.py

πŸ“„ config.py

πŸ“„ send.py

πŸ“„ stream_bot.py

πŸ“ tests/

πŸ“„ test_dingtalk.py

πŸ“„ config.example.json

πŸ“„ LICENSE

πŸ“„ marketplace.json

πŸ“„ README.md

πŸ“„ SKILL.md