Outlook Delegate

Security checks across malware telemetry and agentic risk

Overview

This Outlook skill appears transparent and purpose-aligned, but it grants broad mailbox/calendar write and send authority without clearly documented action confirmations.

Install only if you intend to give this skill delegate-level Outlook mailbox and calendar authority. Treat the local config and credentials files as sensitive secrets, restrict file permissions, use the least-privileged mailbox possible, and require manual confirmation before delete, move, send/reply, or calendar-write actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly documents actions that can alter or destroy another user's data, including deleting mail, moving messages, marking mail state, sending replies on behalf of the owner, and creating calendar events, but it does not require any confirmation, authorization check, or user-warning step before those actions. In a delegate-access skill, these operations affect a real mailbox owned by someone else, so accidental or prompt-induced execution could cause data loss, impersonation-style communications, and calendar tampering.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal