Outlook-email
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: outlook-email Version: 0.1.0 The skill bundle describes a legitimate command-line email client for Microsoft Outlook using the Microsoft Graph API. The `SKILL.md` and `README.md` files provide clear instructions for setup (Azure AD app registration, OAuth flow) and usage, which are standard for such an application. There is no evidence of prompt injection against the agent, data exfiltration, malicious execution, persistence mechanisms, or obfuscation in the provided documentation. The required dependencies (`python3`, `requests`) are standard for a Python-based CLI tool interacting with web APIs.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user would be trusting external, unreviewed code to access their Outlook mailbox and perform send/read actions.
The reviewed package has no `outlook` script or install spec, so the executable that would handle credentials and email actions is fetched outside the reviewed artifacts.
git clone https://github.com/abhiramee08b021/outlook-cli.git cd outlook-cli
Include the CLI code in the skill package or pin a reviewed commit; users should inspect the GitHub repository before running it.
If these stored credentials are mishandled or compromised, they could enable continued access to read or send Outlook email.
The tool stores sensitive OAuth material for mailbox access; the registry metadata declares no primary credential or required config path, and the implementation is not present for review.
config.json - Client ID and secret - `tokens.json` - OAuth tokens (auto-generated)
Use a dedicated Azure app registration, verify the requested Microsoft Graph scopes, protect `~/.config/outlook-cli/`, and revoke/remove tokens when no longer needed.
An accidental or poorly reviewed send/reply command could email the wrong recipients or send unintended content.
Sending and replying are core email-client features, but they mutate a real account and can affect other people.
`outlook send --to ...` | Send email | | `outlook reply <id>` | Reply to email |
Review recipients, message body, and reply-all behavior before allowing the agent to send or reply.