m365-agents-ts
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references npm packages under the
@microsoftscope and the official Microsoft GitHub repository. These are verified trusted sources per the security policy. - [CREDENTIALS_UNSAFE] (SAFE): The skill defines placeholders for sensitive environment variables (e.g.,
AZURE_API_KEY,CLIENT_SECRET) and includes explicit best practices advising against hardcoding secrets. - [DATA_EXFILTRATION] (SAFE): No unauthorized data access or suspicious network requests were identified. All network operations are directed towards official Azure or Microsoft 365 endpoints.
- [PROMPT_INJECTION] (SAFE): The instruction set does not contain any attempt to override agent safety protocols or system prompts.
- [INDIRECT_PROMPT_INJECTION] (SAFE): While the agent processes user input in the
onMessagehandler, the provided examples are for demonstration purposes and do not expose high-privilege capabilities that would lead to a significant risk surface. - Ingestion points:
agent.onMessagehandlers inSKILL.md. - Boundary markers: None (standard echo/static prompt examples).
- Capability inventory: Calls to Azure OpenAI and Copilot Studio.
- Sanitization: Not demonstrated in basic examples, but no unsafe interpolation of user data into system commands is present.
Audit Metadata