MS Outlook + Teams Assistant
ReviewAudited by ClawScan on May 1, 2026.
Overview
The skill is coherent with its Outlook/Teams reminder purpose, but it handles private email/chat data and delegated Microsoft/Telegram flows that should be configured carefully.
Install only if you are comfortable letting it read recent Outlook and optional Teams messages. Review config.json, limit days/maxItems and Graph scopes, protect or delete state/thread/token files, and confirm the Telegram or Teams reminder target before using nagging mode.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A local token cache may allow continued access to Teams/Graph data under the signed-in user's delegated permissions.
The optional Teams mode stores an MSAL delegated token cache locally so repeated Graph scans can run without a new sign-in. This is expected for the feature, but it is sensitive account-access material.
cache_path = tcfg.get("tokenCachePath") or os.path.join("state", "teams_token_cache.bin") ... f.write(cache.serialize())Use least-privilege Graph scopes, avoid ChatMessage.Send unless truly needed, keep the state directory private, and delete the token cache when disabling or uninstalling the skill.
Email or Teams subjects, sender names, snippets, and links may appear in Telegram or another reminder destination.
Reminder output can be sent to an external messaging channel. This is disclosed and core to the nagging workflow, but it can carry private message metadata or previews.
For reminders: send to Telegram by default; only send to Teams if explicitly enabled. ... The agent should send the output to Telegram if non-empty.
Verify the configured reminder target, use report/no-send mode for sensitive mailboxes, and avoid sending previews to channels other people can access.
Private email content may remain in local files such as thread.json after a draft is generated.
Drafting writes up to 8000 characters of an email body into a local JSON context file. This is purpose-aligned for reply drafting, but it leaves message content on disk.
"body": (target.Body or "")[:8000], ... with open(args.out, "w", encoding="utf-8") as f: json.dump(data, f, ensure_ascii=False, indent=2)
Store output files in a protected location, delete draft context files after use, and do not commit state or context files to source control.
Installing Python packages adds local code from package sources to the machine.
The skill requires a user-directed package install for Outlook automation. This is central to the Windows desktop purpose, but it is still a supply-chain step users should verify.
Install the Python dependency (ask before doing this on the machine): - `pip install pywin32`
Install dependencies from trusted package indexes, consider pinning versions, and review the included scripts before running them.