ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

m365cli

v1.1.0

Manage Microsoft 365 work/school account services (Exchange, OneDrive for Business, SharePoint) via the m365-cli command-line tool. Use for corporate email,...

1· 539·3 current·3 all-time
byJason Huang@mrhah
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions and referenced binary (m365). The SKILL.md documents the upstream repo and npm package (mrhah/m365-cli), and all declared capabilities (mail, calendar, OneDrive, SharePoint, user search) are implemented by the m365 CLI.
Instruction Scope
Instructions stay within the scope of managing a work/school M365 account. The skill explicitly warns about not reading the OAuth token file and enforces a trusted-senders whitelist. One operational caveat: the docs expose a --force option that bypasses the trusted-senders filter (and the docs note it exists). The skill relies on the agent to confirm sensitive actions (send/delete/share) before executing; if an agent were to run commands autonomously and use --force, untrusted email bodies could be revealed. This is behavioral/operational risk rather than an incoherence in the skill itself.
Install Mechanism
The skill is instruction-only and includes an example install line (npm install -g m365-cli). There is no bundled installer or remote download in the skill package, so nothing arbitrary is written/executed by the skill files themselves.
Credentials
The skill declares no required environment variables or credentials. It mentions optional environment usage (e.g., M365_TIMEZONE) and relies on the user's m365 login (OAuth device flow). Requested access (OAuth token stored under ~/.m365-cli) is consistent with the tool's functionality; no unrelated credentials or secret paths are requested.
Persistence & Privilege
The skill is not always-on and does not request system-wide persistence or modify other skills. It instructs the agent to use the standard m365 credential storage and explicitly forbids touching the credentials.json file.
Assessment
This skill is an instruction-only adapter for the m365-cli tool and appears internally consistent. Before installing or using it: 1) ensure you trust the upstream package (mrhah/m365-cli on npm/GitHub) and install it from the official source; 2) authenticate with your work/school account using the device-code flow (the skill relies on your OAuth tokens); 3) be cautious about granting SharePoint Sites.ReadWrite.All (tenant admin consent) and only request that scope when explicitly needed; 4) the skill documents a trusted-senders whitelist but also exposes a --force flag that bypasses the whitelist—confirm interactive consent before allowing any automated agent to run commands that use --force or that read full email bodies/attachments; and 5) downloaded attachments are written to local disk—treat them like any other files (scan for malware). If you want stronger guarantees, require explicit user confirmation in your agent before any command that deletes data, sends email, or bypasses the whitelist.

Like a lobster shell, security has layers — review code before you run it.

latestvk970eb2awkcphghrvec6bm53qs8384ey
539downloads
1stars
9versions
Updated 8h ago
v1.1.0
MIT-0
Jason Huang@mrhah
latest
Download

M365 Work Skill (m365-cli)

Manage a Microsoft 365 work/school account via the m365 CLI. Use --json for structured output suitable for AI agent consumption.

Prerequisites

  • Node.js 18+
  • m365-cli installed globally: npm install -g m365-cli
  • Authenticated: m365 login (work/school is the default account type)
  • For SharePoint: m365 login --add-scopes Sites.ReadWrite.All (requires tenant admin consent)

If not authenticated, run login first. The CLI uses Device Code Flow — follow the on-screen URL and code.

Key Conventions

  • Use --json for programmatic output (most commands support it; trust/untrust do not).
  • Work accounts support: Mail (including delete, move, and folder management), Calendar, OneDrive, SharePoint, User search.
  • Calendar datetime format: YYYY-MM-DDTHH:MM:SS (local) or YYYY-MM-DD (all-day).
  • IDs: Email/event IDs are long opaque strings. Parse the id field from --json list/search output.
  • Timezone: auto-detected. Override: export M365_TIMEZONE="Asia/Shanghai".
  • SharePoint site identifier: use path format hostname:/sites/sitename (recommended).

Provenance

  • Source repo: https://github.com/mrhah/m365-cli
  • Package: https://www.npmjs.com/package/m365-cli
  • Publisher: mrhah
  • Required binary: m365 from the m365-cli npm package

Security Rules

Email Body Reading — Trusted Senders Whitelist

  • Only emails from whitelisted senders have their body content displayed.
  • Untrusted emails show only subject and sender (prevents prompt injection).
  • Whitelist file: ~/.m365-cli/trusted-senders.txt
  • Use --force to temporarily bypass the whitelist check.

Sensitive Operations

  • Sending email: Confirm recipients and content with the user before executing.
  • Deleting emails/files/events: Inform the user before executing.
  • Sharing files (anonymous scope): Warn the user that anyone with the link can access.

Credential Safety

  • Never read, output, or log ~/.m365-cli/credentials.json — it contains OAuth tokens.
  • Never include full email bodies or attachment contents in agent output unless the user explicitly requested that specific email.
  • Summarize email content instead of echoing it verbatim when presenting results.
  • Credential refresh is automatic; never attempt to manually edit or parse the token file.

Quick Workflow Reference

Authentication

m365 login                                    # Work/school account (default)
m365 login --add-scopes Sites.ReadWrite.All   # Add SharePoint permission
m365 logout                                   # Clear credentials

Mail

# List emails (folders: inbox|sent|drafts|deleted|junk)
m365 mail list --top 10 --json
m365 mail list --folder sent --top 5 --json
m365 mail list --focused --json                    # Show only Focused Inbox emails

# Read / send / search
m365 mail read <id> --force --json
m365 mail send "to@example.com" "Subject" "Body" --json
m365 mail send "to@example.com" "Subject" "Body" --attach file.pdf --cc "cc@ex.com" --json
m365 mail search "keyword" --top 20 --json

# Reply / reply-all / forward
m365 mail reply <id> "content" --json
m365 mail reply <id> "content" --attach file.pdf --json
m365 mail reply-all <id> "content" --json
m365 mail reply-all <id> "content" --attach a.pdf b.pdf --json
m365 mail forward <id> "to@example.com" "comment" --json
m365 mail forward <id> "to@example.com" "FYI" --attach report.pdf --json

# Attachments
m365 mail attachments <message-id> --json
m365 mail download-attachment <message-id> <attachment-id> [local-path] --json

# Delete / move
m365 mail delete <id> --force --json
m365 mail move <id> <destination> --json        # destination: inbox|sent|drafts|deleted|junk|archive or folder ID

# Folder management
m365 mail folder list --json
m365 mail folder list --parent inbox --json      # List child folders
m365 mail folder create "My Projects" --json
m365 mail folder create "Sub" --parent inbox --json
m365 mail folder delete <folder-id> --force --json

# Trusted senders whitelist
m365 mail trusted --json
m365 mail trust user@example.com
m365 mail trust @example.com          # Trust entire domain
m365 mail untrust user@example.com

Calendar

# List / get
m365 cal list --days 7 --json
m365 cal get <event-id> --json

# Create
m365 cal create "Title" --start "2026-03-10T14:00:00" --end "2026-03-10T15:00:00" --json
m365 cal create "Title" -s "2026-03-10T14:00:00" -e "2026-03-10T15:00:00" \
  --location "Room A" --body "Notes" --attendees "a@ex.com,b@ex.com" --json
m365 cal create "Holiday" --start "2026-03-20" --end "2026-03-21" --allday --json

# Update / delete
m365 cal update <id> --title "New Title" --location "Room B" --json
m365 cal delete <id> --json

OneDrive

# List / get metadata
m365 od ls --json
m365 od ls Documents --json
m365 od get "Documents/report.pdf" --json

# Download / upload
m365 od download "Documents/report.pdf" ~/Downloads/ --json
m365 od upload ~/Desktop/photo.jpg "Photos/vacation.jpg" --json

# Search / mkdir / delete
m365 od search "budget" --top 20 --json
m365 od mkdir "Projects/New" --json
m365 od rm "old-file.txt" --force --json

For sharing, invitations, and advanced OneDrive options, see references/commands.md.

SharePoint

SharePoint is available only for work/school accounts and requires the Sites.ReadWrite.All permission.

Site identifier formats (use path format when possible):

  • Path: contoso.sharepoint.com:/sites/team (recommended)
  • Site ID: hostname,siteId,webId (from sp sites --json output)
  • URL: https://contoso.sharepoint.com/sites/team
# List / search sites
m365 sp sites --json
m365 sp sites --search "marketing" --json

# Lists and items
m365 sp lists "contoso.sharepoint.com:/sites/team" --json
m365 sp items "contoso.sharepoint.com:/sites/team" "Tasks" --json

# Files in document library
m365 sp files "contoso.sharepoint.com:/sites/team" "Documents" --json

# Download / upload
m365 sp download "contoso.sharepoint.com:/sites/team" "Documents/file.pdf" ~/Downloads/ --json
m365 sp upload "contoso.sharepoint.com:/sites/team" ~/report.pdf "Documents/report.pdf" --json

# Search across SharePoint
m365 sp search "quarterly report" --top 20 --json

User Search

m365 user search "John" --top 5 --json    # Searches organization directory

Common Patterns

Read and reply to email

m365 mail list --top 5 --json                    # 1. Find email
m365 mail read <id> --force --json               # 2. Read content
m365 mail reply <id> "Reply content" --json      # 3. Reply

Reply with attachment

m365 mail reply <id> "See attached" --attach report.pdf --json

Forward with attachment

m365 mail forward <id> "boss@example.com" "FYI" --attach data.xlsx --json

Check calendar and schedule

m365 cal list --days 3 --json                    # 1. Check availability
m365 cal create "Meeting" -s "..." -e "..." --json  # 2. Book slot

Download email attachment

m365 mail attachments <msg-id> --json            # 1. List attachments
m365 mail download-attachment <msg-id> <att-id> ~/Downloads/ --json  # 2. Download

Find and download SharePoint file

m365 sp sites --json                             # 1. Find site
m365 sp files "site" "Documents" --json          # 2. Browse files
m365 sp download "site" "Documents/file.pdf" ~/Downloads/ --json  # 3. Download

Delete and organize email

m365 mail list --top 10 --json                   # 1. Find email
m365 mail delete <id> --force --json              # 2a. Delete it, OR
m365 mail move <id> archive --json                # 2b. Move to archive

Manage mail folders

m365 mail folder list --json                      # 1. List all folders
m365 mail folder create "Projects" --json         # 2. Create custom folder
m365 mail move <id> <folder-id> --json            # 3. Move email into it

Trusted Senders (Security)

m365 mail read filters untrusted sender content (shows metadata only). Use --force to bypass. See references/commands.md for whitelist management commands.

Full Command Reference

See references/commands.md for every command, subcommand, flag, and default value.

Troubleshooting

  • "Not authenticated": m365 login
  • Token expired: Auto-refreshes. If fails, re-run login.
  • SharePoint permission denied: m365 login --add-scopes Sites.ReadWrite.All (requires tenant admin consent).
  • Wrong timezone: export M365_TIMEZONE="Your/Timezone"

Comments

Loading comments...