msgraph-visio
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads and executes the '@anthropic-ai/microsoft-graph-mcp' package via npx. This resource originates from a trusted organization.
- [COMMAND_EXECUTION]: Utilizes local Python and shell commands to perform network discovery and manage files, correctly leveraging environment variables (e.g., $AZURE_CLIENT_SECRET) for authentication.
- [PROMPT_INJECTION]: The skill processes untrusted CDP and LLDP neighbor data from network devices, which represents an indirect prompt injection surface. * Ingestion points: pyats_run_show_command in SKILL.md * Boundary markers: Absent * Capability inventory: graph_upload_file and graph_create_sharing_link in SKILL.md * Sanitization: Absent
Audit Metadata