msgraph-files
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and executes the @anthropic-ai/microsoft-graph-mcp package via npx. This package is an official integration tool provided by a well-known and trusted organization.\n- [COMMAND_EXECUTION]: Executes shell commands using python3 and npx to orchestrate interactions between the agent and the Microsoft Graph API.\n- [DATA_EXFILTRATION]: Provides features to read file content from and write data to Microsoft cloud storage. This involves transferring data between the agent environment and authorized SharePoint or OneDrive locations.\n- [PROMPT_INJECTION]: Potential for indirect prompt injection via data retrieved from processed files.\n
- Ingestion points: Untrusted content can enter the agent context through the graph_get_file_content operation in SKILL.md.\n
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present when processing file content.\n
- Capability inventory: The skill possesses capabilities to write files, create directories, and list site structures (SKILL.md).\n
- Sanitization: File content is handled as raw data without explicit sanitization or filtering logic.
Audit Metadata