Skills
skills/malue-ai/dazee-small/outlook-cli/Gen Agent Trust Hub

outlook-cli

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses PowerShell COM objects (Outlook.Application) to interact with the local Microsoft Outlook application. This grants the agent the ability to perform operations within the user's mail environment.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes data from external, untrusted sources (incoming emails and calendar events).
  • Ingestion points: Data is read from $inbox.Items and $calendar.Items as defined in SKILL.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to separate untrusted email content from agent instructions.
  • Capability inventory: The skill possesses the capability to send emails using the $mail.Send() method.
  • Sanitization: There is no evidence of content filtering or sanitization of the data retrieved from Outlook before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 04:20 PM