msgraph-visio
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses
python3andnpxto execute commands for network topology discovery and Microsoft Graph API operations. - [EXTERNAL_DOWNLOADS]: Downloads the official
@anthropic-ai/microsoft-graph-mcppackage from the npm registry at runtime usingnpx. - [CREDENTIALS_UNSAFE]: Requires Azure Active Directory credentials (
AZURE_CLIENT_ID,AZURE_CLIENT_SECRET) passed via environment variables for SharePoint authentication. No secrets are hardcoded in the skill code. - [PROMPT_INJECTION]: Features an indirect prompt injection surface where the agent processes data received from network devices.
- Ingestion points: Reads device names and neighbor information from
show cdp neighbors detailandshow lldp neighbors detailoutputs inSKILL.md. - Boundary markers: The workflow does not specify the use of delimiters or 'ignore' instructions when processing discovery output.
- Capability inventory: The skill can write files to SharePoint and execute administrative commands via the Microsoft Graph MCP server.
- Sanitization: No validation or sanitization logic is described for the incoming network discovery data before it is formatted into Visio OOXML or Mermaid content.
Audit Metadata