Skills
skills/lawvable/awesome-legal-skills/outlook-emails-lawvable/Gen Agent Trust Hub

outlook-emails-lawvable

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Interacts with the Microsoft Graph API to retrieve email metadata and attachments.
  • Evidence: The script scripts/outlook_oauth.py makes network requests to graph.microsoft.com to fetch user messages and file attachments.
  • [CREDENTIALS_UNSAFE]: Uses a hardcoded Azure Client ID for authentication.
  • Evidence: scripts/outlook_oauth.py contains the variable CLIENT_ID set to ebaa3d3e-7da3-46ea-8845-c7db6dbae8f0. This ID is associated with the author's 'Lawvable' application, though users can override it with their own credentials via environment variables.
  • [PROMPT_INJECTION]: Potential for indirect prompt injection from processing external email data.
  • Ingestion points: scripts/outlook_oauth.py reads content from email bodies and attachments from Microsoft's servers, which are untrusted external sources.
  • Boundary markers: Absent. There are no explicit delimiters or instructions provided to the agent to ignore commands within the fetched email data.
  • Capability inventory: The skill can download files to the local filesystem (./attachments) and its output is intended to be used as input for other agent skills, increasing the risk of multi-step chains.
  • Sanitization: Absent. The content of emails and attachments is not sanitized or validated for malicious instructions before being presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 09:49 PM