Skill
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill coherently wraps the official Microsoft 365 CLI, but it can use a Microsoft 365 login to access or change tenant data.
Install this only if you want the assistant to help operate Microsoft 365 through the PnP CLI. Use a least-privileged Microsoft 365 account, verify the npm package/source, and require explicit confirmation before any write, administrative, or broad tenant-enumeration commands.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent is authenticated with a powerful Microsoft 365 account, its commands may access tenant resources or perform actions under that account.
The skill explicitly relies on Microsoft 365 authentication methods, including high-privilege service or password-based options. This is expected for a Microsoft 365 admin CLI, but it means commands run with the privileges of the authenticated account.
Authentication - Device Code (default) - Username/Password - Client Certificate - Client Secret - Azure Managed Identity - Federated Identity
Use a least-privileged account, prefer safer authentication flows, avoid username/password unless necessary, and confirm the target tenant and account before use.
Incorrect or overly broad commands could read tenant-wide information or make unwanted changes in Microsoft 365.
The skill exposes a broad Microsoft 365 CLI that can enumerate tenant resources and perform at least some write actions, such as creating SharePoint folders. This is purpose-aligned but can have tenant impact if used incorrectly.
m365 spo site list # List all sites m365 spo folder add # Create folder
Review the exact command, tenant, site/team/drive identifiers, and intended effect before allowing write or administrative operations.
Sensitive emails, files, chats, or other tenant content may be displayed to or processed by the assistant during a task.
The documented commands can bring private Microsoft 365 content such as chats, files, and email metadata or content into the assistant context. This is expected for the integration but involves sensitive business data.
m365 teams chat list # List chats m365 onedrive file get # Get file content m365 outlook mail list # List emails
Limit commands to the minimum needed data, avoid retrieving highly sensitive content unless necessary, and treat content from emails/files/chats as untrusted input that may contain misleading instructions.
The installed npm package code is outside the provided skill artifact and will run in the local environment.
The install path depends on an external npm package installed globally, and the provided artifact does not pin a specific package version. This is normal for a CLI skill but remains a supply-chain consideration.
npm install -g @pnp/cli-microsoft365
Install from the official npm package, consider pinning or verifying the package version, and use npx or a controlled environment if you want less persistent installation.