Skills
skills/sickn33/antigravity-awesome-skills/m365-agents-py/Gen Agent Trust Hub

m365-agents-py

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill utilizes official Microsoft packages for agent hosting and activity management, ensuring a secure foundation.
  • [SAFE]: Security best practices are followed by using environment variables for sensitive credentials (ClientId, ClientSecret) via the python-dotenv library.
  • [SAFE]: The implementation incorporates jwt_authorization_middleware and MsalConnectionManager for robust authentication and authorization.
  • [PROMPT_INJECTION]: The bot processes user-provided message text without explicit sanitization, creating a potential surface for indirect prompt injection common to AI agents. Evidence: 1. Ingestion points: Message handlers in SKILL.md. 2. Boundary markers: Not present. 3. Capability inventory: send_activity, Azure OpenAI integration, and Microsoft Graph API access. 4. Sanitization: Not implemented in snippets.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 07:48 PM