ms365-tenant-manager
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Dynamic Execution (MEDIUM): The skill dynamically generates PowerShell scripts (.ps1) based on user-provided parameters and CSV data. This creates a risk where unsanitized inputs could lead to the generation of malicious code.
- Indirect Prompt Injection (LOW): The skill ingests untrusted data from CSV files for bulk user operations. Evidence: (1) Ingestion points: scripts/user_management.py via the --csv parameter; (2) Boundary markers: None identified in templates; (3) Capability inventory: High-privilege user provisioning and tenant configuration; (4) Sanitization: No explicit validation or escaping logic documented in the skill files.
- External Downloads (LOW): The skill directs the installation of several official Microsoft PowerShell modules (Microsoft.Graph, ExchangeOnlineManagement, MicrosoftTeams). Since these originate from trusted sources, this finding is downgraded to LOW.
- Privilege Awareness (SAFE): The skill correctly identifies the requirement for Global Administrator privileges. While high-risk, this is necessary for the skill's stated purpose and is clearly documented.
Audit Metadata