outlook-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code, obfuscation, or safety bypass instructions were detected in the skill file.
- [EXTERNAL_DOWNLOADS]: The skill requires connecting to an external MCP server (https://rube.app/mcp) to access the Outlook automation toolkit.
- [DATA_EXFILTRATION]: The skill handles sensitive personal data (emails, contacts, calendar); however, it uses official Microsoft OAuth authentication through the RUBE_MANAGE_CONNECTIONS tool.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection because it reads and processes untrusted content from emails and attachments. 1. Ingestion points: OUTLOOK_GET_MESSAGE, OUTLOOK_QUERY_EMAILS, and OUTLOOK_DOWNLOAD_OUTLOOK_ATTACHMENT. 2. Boundary markers: No delimiters or warnings to ignore embedded instructions are provided. 3. Capability inventory: Searching and reading emails, calendar events, and contacts. 4. Sanitization: No explicit sanitization or filtering of external content is specified.
Audit Metadata