teams-anthropic-integration

[Skill Scanner] Natural language instruction to download and install from URL detected All findings: [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] This repository content is implementation documentation and templates for integrating Anthropic Claude models and optional You.com MCP into Microsoft Teams.ai. The capabilities requested (API keys, npm packages) and the data flows (direct calls to Anthropic and You.com) are consistent with the stated purpose. The main security concerns are operational: (1) tests explicitly run live API calls and require real API keys — this increases the chance of leaking credentials in CI or commits; (2) integrating web content from MCP introduces indirect prompt-injection risk which the docs note and provide mitigations for; and (3) guidance that may encourage saving tests/integration files at repository root could lead to accidental inclusion of secrets. There is no evidence of obfuscated or explicitly malicious code in the provided fragment. Recommend: avoid committing secrets, mock external APIs in tests for CI, apply the provided prompt-scope mitigations, and audit logs for accidental secret exposure. LLM verification: This SKILL.md documents a legitimate integration: embedding Anthropic Claude models into Teams.ai apps and optionally integrating You.com MCP for web search. There is no direct evidence of malicious code or backdoors in the provided fragment. Primary risks are supply-chain and operational: unpinned npm dependencies, forwarding of API keys to an external MCP service (which is expected for that feature), and example tests that run live API calls (risking API key leakage in CI). Developers should p