msgraph-teams

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes npx to fetch and run the npm package "@anthropic-ai/microsoft-graph-mcp" at runtime (e.g., "npx -y @anthropic-ai/microsoft-graph-mcp" — https://registry.npmjs.org/@anthropic-ai/microsoft-graph-mcp), which downloads and executes remote code required for the tool, so it directly controls runtime execution.