Openclaw Skill M365 Task Manager
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill appears purpose-aligned for Microsoft To Do task management, but it uses delegated Microsoft Graph access, stores reusable tokens locally, and can modify or delete tasks.
Before installing, confirm you are comfortable granting Microsoft Graph Tasks.ReadWrite, User.Read, and offline_access to this skill. Protect the token cache path, review npm dependencies from the actual repository, and require confirmation before update or delete actions on tasks.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
After sign-in, the skill can access and change the signed-in user's Microsoft To Do task data and keep working from the local token cache.
The skill requests delegated Graph access that can read/write Microsoft To Do tasks and refresh access after the initial login. This is expected for the skill purpose, but it is account-level authority users should understand.
Add Microsoft Graph delegated permissions: ... `Tasks.ReadWrite` ... `User.Read` ... `offline_access` ... On first run, the script uses Device Code login and caches tokens for reuse.
Use an Entra app registration with only the listed scopes, install only for accounts where task automation is acceptable, and revoke the app or remove the token cache if no longer needed.
A mistaken or over-broad agent instruction could update or delete the wrong Microsoft To Do task if the user does not verify the target.
The helper performs real Graph DELETE operations when invoked with a list and task ID. This matches the CRUD purpose, but deleting cloud task data is destructive.
await graph('DELETE', `/me/todo/lists/${listId}/tasks/${taskId}`, token);Have the agent list and confirm the target list/task before update or delete operations, and avoid granting the skill to workflows where autonomous deletion is not acceptable.
Users may install dependencies that are not visible in these artifacts, depending on the repository state they install from.
The skill requires an npm install step, but the provided artifacts do not include a package.json or lockfile to review exact dependency versions. This is not hidden or automatic, but dependency provenance is incomplete in the supplied review context.
Install dependencies at repo root: ```bash npm install ```
Review the repository's package.json and lockfile before running npm install, and install from a trusted, pinned source.