Skills
skills/aiskillstore/marketplace/microsoft-graph-api/Gen Agent Trust Hub

microsoft-graph-api

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill communicates with official Microsoft API endpoints (graph.microsoft.com and login.microsoftonline.com) to perform email and calendar operations.
  • [EXTERNAL_DOWNLOADS]: The skill depends on the official @azure/msal-node library to handle secure authentication and token management.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from email bodies and calendar descriptions, which represents a surface for indirect prompt injection.
  • Ingestion points: The emails.ts and calendar.ts scripts read and display content from external sources (Office 365 mailbox).
  • Boundary markers: The scripts do not explicitly wrap external content in security delimiters before outputting to the agent.
  • Capability inventory: The skill has the capability to send emails and create calendar events, which could be targeted by malicious content in read messages.
  • Sanitization: Data is returned in structured JSON format, but no specific sanitization or filtering for prompt injection instructions is performed on the content of the emails or events.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 10:29 AM
Security Audit — agent-trust-hub — microsoft-graph-api