microsoft-outlook
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the public npm registry. This is the official command-line tool for the Membrane platform, which is the vendor for this skill. - [COMMAND_EXECUTION]: The instructions involve executing various
membraneCLI commands to manage authentication, list actions, and interact with the Microsoft Outlook API. These commands are necessary for the skill's operation. - [DATA_EXFILTRATION]: The skill is designed to manage Microsoft Outlook data (emails, contacts, calendars). While this involves processing sensitive user data, the skill uses a managed authentication system where credentials are not stored locally or exposed to the agent directly.
- [PROMPT_INJECTION]: As the skill retrieves and processes external content from emails and tasks, it presents a surface for indirect prompt injection.
- Ingestion points: External data enters the agent context via
membrane action runandmembrane requestcommands in SKILL.md. - Boundary markers: None explicitly defined in the instructions.
- Capability inventory: The skill uses subprocess calls to the
membraneCLI across all documented workflows. - Sanitization: No specific sanitization or filtering of email/API content is documented in the instructions.
Audit Metadata