microsoft-teams-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection through its integration with Microsoft Teams messaging.
- Ingestion points: The agent retrieves untrusted text from external sources using tools like MICROSOFT_TEAMS_SEARCH_MESSAGES and MICROSOFT_TEAMS_GET_CHAT_MESSAGE.
- Boundary markers: The skill lacks instructions for the agent to use data delimiters or to treat ingested content as non-executable.
- Capability inventory: The agent has permissions to perform sensitive actions such as posting messages and managing team memberships, which could be misused if an injection occurs.
- Sanitization: No sanitization or validation logic is provided to clean external data before the agent uses it in subsequent actions.
Audit Metadata