ClawHub

Microsoft Teams

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Microsoft Teams API skill, but it routes sensitive Teams data through Maton's OAuth proxy and should be used only with trusted accounts and clear user approval for changes.

Install only if you trust Maton and are allowed to route your Teams messages, chats, meetings, recordings, transcripts, and metadata through its proxy. Keep MATON_API_KEY private, use the Maton-Connection header when multiple accounts exist, revoke unused connections, and approve write actions only after checking the exact team, channel, message, meeting, or connection being changed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill’s stated scope understates the actual accessible data and operations. Users or downstream agents may rely on the narrower description and unintentionally access or expose additional Teams data types such as chats, presence, calendar events, recordings, and transcripts without informed consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
Meeting recordings and transcripts are highly sensitive because they may contain confidential speech, participant identities, and regulated information. Advertising access to them without a privacy warning or explicit user-impact disclosure increases the risk of silent over-collection and misuse.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation routes Microsoft Teams traffic through `api.maton.ai`, but the examples do not clearly warn users that messages, chats, meetings, and metadata are transmitted via a third-party proxy. This can mislead users about data flow and trust boundaries when authorizing the integration.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal