Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward wrapper for the official Microsoft 365 CLI, but it can access or change tenant data when used with a privileged account.

Install this only if you want an agent to operate Microsoft 365 through the PnP CLI. Use a least-privileged account, prefer device-code or certificate-based auth over username/password or client secrets, verify the npm package source/version, and require explicit confirmation before tenant-wide enumeration, reading sensitive mail/files/chats, or any write/admin command.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill documents a large set of Microsoft 365 administrative and data-access commands, including tenant enumeration, mail access, file access, and object management, but provides no meaningful safety guidance, permission scoping advice, or warnings about sensitive/destructive operations. In an agent context, repeated instructions to 'always call help first' can encourage broad capability discovery and use of high-privilege commands against real enterprise tenants, increasing the risk of unauthorized data exposure or harmful changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal