The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/agent.py is designed to accept an Azure AD client secret as a command-line argument (--client-secret). While this avoids hardcoding credentials, passing secrets via CLI arguments is a sub-optimal practice as they may be visible in process listings or command history on the host machine.
[DATA_EXFILTRATION]: The skill performs read operations on sensitive Office 365 data, including mailbox forwarding rules, delegation settings, and directory audit logs. This data is collected and output to the terminal in JSON format for analysis. This behavior is consistent with the skill's primary purpose of security auditing.
[COMMAND_EXECUTION]: The Python script executes automated network requests to Microsoft's official Graph API and authentication endpoints (graph.microsoft.com and login.microsoftonline.com) to retrieve the audit data.

analyzing-office365-audit-logs-for-compromise