The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on platform-specific pre-bundled binaries (e.g., msgraph_linux_amd64) stored in the bin/ directory. These are executed via launcher scripts (run.sh and run.ps1) that dynamically determine the operating system and architecture to select the appropriate executable path.
[EXTERNAL_DOWNLOADS]: The skill requires network connectivity to login.microsoftonline.com and graph.microsoft.com to facilitate user authentication (OAuth 2.0) and to execute Microsoft Graph API calls. These are official well-known service endpoints required for the skill's primary functionality.
[DATA_EXFILTRATION]: Once authenticated, the skill has the capability to access sensitive organizational data within the Microsoft 365 tenant, including emails, calendar events, and directory information. While the skill includes instructions for the agent to seek user confirmation before performing write operations, it possesses the technical capacity for broad data access.
[PROMPT_INJECTION]: The skill processes community-contributed query samples from references/samples-index.json. This presents an indirect prompt injection surface where a malicious sample could theoretically influence agent behavior, although this is mitigated by the local nature of the data and standard agent guardrails.

msgraph