microsoft-teams
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the official NPM registry. This package is an official tool belonging to the author's organization and is necessary for the skill's core functionality. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to manage connections and execute actions within Microsoft Teams. These operations are restricted to the context of the user's authenticated Membrane account. - [PROMPT_INJECTION]: The skill handles data from external sources such as Microsoft Teams messages (ingestion points:
list-channel-messages,list-chat-messages). While it possesses the capability to run actions (capability inventory:membrane action run), it does not contain any patterns suggesting an attempt to bypass agent constraints or safety guidelines. - [SAFE]: No malicious patterns, such as data exfiltration or obfuscation, were detected. The skill specifically promotes the use of managed connections over raw API keys, enhancing the security posture of the integration.
Audit Metadata