The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script communicates with graph.microsoft.com and login.microsoftonline.com to fetch audit logs and mailbox settings. These are well-known, trusted Microsoft service domains required for the skill's functionality.
[COMMAND_EXECUTION]: The skill is implemented as a Python script using standard logic. It does not utilize dangerous functions such as eval(), exec(), or subprocess to execute dynamic commands.
[CREDENTIALS_UNSAFE]: The tool requires Azure AD credentials (client secret) as command-line arguments for authentication. While no secrets are hardcoded in the skill, users are advised to manage these secrets securely using environment variables or secret managers to prevent exposure in shell histories.
[PROMPT_INJECTION]: The skill processes untrusted external data such as mailbox rule names and audit log details. This represents a potential surface for indirect prompt injection if the output is processed by an LLM without proper sanitization or boundary markers. However, no evidence of malicious intent or behavior was found in the skill's own code or instructions.

analyzing-office365-audit-logs-for-compromise