teams-bot-infra
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Teams CLI by downloading a package directly from the author's GitHub repository (github.com/heyitsaamir/teamscli).
- [COMMAND_EXECUTION]: Executes shell commands to manage bot infrastructure, including 'teams app create' for registration, 'teams login' for authentication, and 'teams self-update' for tool maintenance.
- [DATA_EXFILTRATION]: No exfiltration detected. The skill specifically instructs the agent to display sensitive credentials (CLIENT_ID, CLIENT_SECRET, TENANT_ID) extracted from command output and prompts the user to manually add them to a .env file, explicitly avoiding automated file writes to maintain user control over secrets.
Audit Metadata