microsoft-teams
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill implements a standard action pattern to interact with Microsoft Teams via an external service. No malicious commands or patterns from the ten threat categories were detected.
- [Indirect Prompt Injection] (SAFE): The skill processes user-provided message content, creating a surface for potential instruction injection. However, as an action-oriented skill for messaging, this is a known behavioral risk rather than a malicious implementation. 1. Ingestion points: 'message_content' in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Remote workflow execution via 'refly' CLI. 4. Sanitization: None.
Audit Metadata