Back to skill
Skillv1.1.1
VirusTotal security
Outlook Delegate · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:52 AM
- Hash
- d58cc324f898588c9e5dd2d4c1105fda2ab535d31637192b7ad0da23f0b3fd4e
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: outlook-delegate Version: 1.1.1 The OpenClaw AgentSkills skill bundle for Outlook delegate access is classified as benign. The code and documentation consistently align with the stated purpose of managing Outlook emails and calendars via Microsoft Graph API with delegate support. Key security indicators include robust input sanitization using `jq` for JSON payloads and URL encoding for query parameters (e.g., in `scripts/outlook-mail.sh` and `scripts/outlook-calendar.sh`), secure handling of sensitive credentials (client secret via stdin, access token via temporary files with `chmod 600` in `scripts/outlook-token.sh`), and strict file permissions for configuration and credential directories (`~/.outlook-mcp/`). All network communications are directed to legitimate Microsoft OAuth and Graph API endpoints. There is no evidence of data exfiltration, unauthorized remote execution, persistence mechanisms, obfuscation, or prompt injection attempts within the `SKILL.md` or other documentation files. The broad permissions requested are necessary for the skill's stated delegate functionality.
- External report
- View on VirusTotal