m365cli

Security checks across malware telemetry and agentic risk

Overview

This Microsoft 365 helper is coherent and not malicious, but it gives an agent broad work-account access and documents risky sharing and deletion defaults that users should review carefully.

Install only if you are comfortable authorizing broad Microsoft 365 work-account access. Prefer narrow scopes where possible, require explicit confirmation before sending, deleting, uploading, or sharing, avoid anonymous links unless intentionally public, and do not expose the local credential file.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documentation presents OneDrive sharing links as defaulting to `--scope anonymous`, which can create publicly accessible links without emphasizing the exposure risk. In a corporate Microsoft 365 skill, this materially increases the chance of accidental data leakage because users may assume defaults are organization-safe.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The default login scopes grant broad read/write access to mail, calendar, and files, exceeding minimal permissions for many workflows, yet the reference does not prominently warn users about the breadth of access. In an agent skill context, broad defaults are more dangerous because the agent may be able to act over large amounts of enterprise data once authenticated.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal