ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Outlook Plus

v1.9.0

Read, search, and manage Outlook emails and calendar via Microsoft Graph API. Use when the user asks about emails, inbox, Outlook, Microsoft mail, calendar e...

0· 733·1 current·1 all-time
byCristian Dan@cristiandan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actual behavior: scripts call Microsoft Graph and the setup uses the Azure CLI to create an App Registration and obtain delegated OAuth tokens. Required binaries (az, jq) are necessary and used by the scripts.
Instruction Scope
Runtime instructions and scripts operate only against Microsoft endpoints (login.microsoftonline.com, graph.microsoft.com). They read/write config and tokens under ~/.outlook-mcp and optionally read system timezone files (/etc/timezone, /etc/localtime). Scripts accept OUTLOOK_ACCOUNT and OUTLOOK_TZ environment variables (used but not declared in requires.env). The token manager can print access tokens when run with explicit confirmation; this is flagged in the docs and scripts.
Install Mechanism
No install spec or external downloads — the package is instruction + shell scripts. No remote, arbitrary code download or extraction is performed by the skill itself.
Credentials
The skill requests OAuth permissions (Mail.ReadWrite, Mail.Send, Calendars.ReadWrite, offline_access) which are appropriate for full mail/calendar management. It requires Azure CLI login so it will create resources in the user's Azure account (App Registration and client secret) and stores client_id/client_secret and tokens in ~/.outlook-mcp. These sensitive artifacts are expected but merit careful handling by the user. The scripts also use optional env vars (OUTLOOK_ACCOUNT, OUTLOOK_TZ) that are not declared in the metadata.
Persistence & Privilege
always:false and user-invocable:true (normal). The skill writes credentials and tokens only under the invoking user's home (~/.outlook-mcp) and does not modify other skills or system-wide agent settings. It does create an App Registration in the user's Azure tenant during setup, which is expected for OAuth but is an action with side effects in the user's cloud account.
Assessment
This skill appears to do what it says, but before installing or running it you should: 1) Review the scripts yourself (they will create an Azure App Registration and client secret in your Azure account). 2) Understand the requested scopes (Mail.ReadWrite, Mail.Send, Calendars.ReadWrite, offline_access) grant full read/write/send access to your mail and calendars — only proceed if you trust the author. 3) Be aware credentials and tokens are stored at ~/.outlook-mcp (files are chmod 600 in the scripts); do not share those files. 4) The token manager can print access tokens with outlook-token.sh get --confirm — avoid running that in insecure contexts. 5) Use a personal account or get admin approval if using a work account (organization consent may be required). 6) If you have concerns, run the setup steps manually following references/setup.md instead of automated script to retain full control.

Like a lobster shell, security has layers — review code before you run it.

latestvk976k7yqt8vzx12z5wk47rfq3d81n9nc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsaz, jq

Comments