ClawHub

Mog

v0.3.1

Microsoft Ops Gadget — CLI for Microsoft 365 (Mail, Calendar, Drive, Contacts, Tasks, Word, PowerPoint, Excel, OneNote).

6· 2.4k·1 current·1 all-time
by@visionik
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description, README, SKILL.md and included Go sources implement a Microsoft 365 CLI using Microsoft Graph (mail, calendar, drive, contacts, tasks, Office file operations). The code files and documented commands align with the stated purpose. Note: the package includes full source code (many .go files) even though the registry metadata described the skill as instruction-only (no install spec) — that's an inconsistency to be aware of but not necessarily malicious.
Instruction Scope
Runtime instructions (SKILL.md) are within expected scope: create an Azure AD app, run device-code auth, use mog auth login, and call the CLI commands. The docs ask to store tokens in ~/.config/mog and to use --body-file for message bodies; they do not instruct the agent to read arbitrary unrelated host files or exfiltrate data to unknown endpoints. The code uses exec to open a browser for device flow, which is expected for this workflow.
Install Mechanism
No install spec is present in registry metadata (skill treated as instruction-only), but the bundle contains full source, Taskfile, and build/install instructions (go install / go build). There are no downloads from unknown URLs or extract steps in the manifest. The absence of an install spec while shipping source is unusual but not necessarily dangerous — it means an operator would build/run the binary locally rather than the platform auto-installing arbitrary binaries.
!
Credentials
Registry metadata lists no required environment variables or config paths, but SKILL.md and the code clearly reference/store sensitive material: MOG_CLIENT_ID (env alternative to CLI flag), and local OAuth tokens at ~/.config/mog/tokens.json (or OS keyring). The skill effectively requires an Azure AD client ID and will obtain OAuth tokens; those sensitive items are not declared in the metadata. That mismatch reduces transparency and is worth flagging to users who expect declared required credentials.
Persistence & Privilege
The skill does not request always: true and does not attempt to modify other skills or system-wide agent settings in the provided sources. It stores tokens and caches slugs under the user's config directory (~/.config/mog), which is normal for a CLI that performs OAuth device flow.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contained detected unicode control characters. These can be used accidentally (zero-width chars) or intentionally to influence LLM parsing/prompting. Given no other blatant malice, this is suspicious and should be inspected (view the raw file in a hex/visible-control-char mode).
What to consider before installing
What to consider before installing/using this skill: - Source verification: the skill bundle includes full Go source but the registry metadata gives no homepage and an opaque owner ID. Prefer to install only from a known upstream (GitHub repo or the project's official release). If you plan to use it, fetch the code from the upstream repository (if available) and build locally rather than executing pre-built artifacts from an unknown source. - Credentials and tokens: the CLI uses OAuth device flow and will store tokens in ~/.config/mog/tokens.json (or OS keyring). Create and use your own Azure AD App (client id) as instructed; do not reuse a public/shared client id. Expect the CLI to request wide Microsoft Graph delegated permissions (Mail.ReadWrite, Files.ReadWrite.All, Calendars.ReadWrite, etc.) — grant only what you trust. - Metadata mismatch: registry metadata lists no required env vars/config paths, but SKILL.md and code reference MOG_CLIENT_ID and local config files. Treat the metadata as incomplete and verify the declared requirements yourself. - Inspect the code for hidden behavior: the pre-scan flagged unicode control characters in SKILL.md — view the raw files to confirm there are no hidden prompt injection strings or obfuscated endpoints. Also review internal/graph/client.go (not fully shown here) to confirm the HTTP endpoints are Microsoft Graph APIs rather than unexpected servers. - Build and run locally: if you decide to use the tool, clone the repository and build it locally (go build/go install) and run tests. Running on your machine gives you more control over what is executed and lets you audit the binary and source before trusting it with OAuth scopes. - Least privilege: when registering your Azure AD app, grant only the delegated permissions you need, and consider creating a test account with limited data for initial evaluation. If you want, I can: - Extract and show any remaining unreviewed files (graph client code) for a closer look, - Show commands to build/run the project locally and inspect tokens/config, - Highlight exact locations of any non-printing/unicode-control characters found in SKILL.md.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cty38zwp4tvekjwa6t5n44x7zz53b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments