← Back to Skills Marketplace
Outlook Email
by
Steven Obiajulu
· GitHub ↗
· v0.1.7
· MIT-0
118
Downloads
0
Stars
0
Active Installs
8
Versions
Install in OpenClaw
/install outlook-email-management
Description
Manage Outlook and Microsoft 365 email with AI agents — triage inbox by sender trust, draft replies with tone matching, organize folders, create inbox rules,...
Usage Guidance
This skill looks like what it says: a set of Graph API patterns for managing Outlook mail. Before installing or granting consent: (1) prefer using the referenced runtime (email-agent-mcp) or another runtime that enforces the 'draft-first' + send-allowlist model, (2) grant the minimal Graph scopes needed — avoid Mail.Send and MailboxSettings.ReadWrite unless necessary, (3) verify the OAuth client/app ID and token storage (use OS keychain or secure storage), (4) consider testing against a non-production mailbox, and (5) if your platform allows autonomous invocation, restrict or require user confirmation for any send or rule-modifying action.
Capability Analysis
Type: OpenClaw Skill
Name: outlook-email-management
Version: 0.1.7
The skill requests high-impact Microsoft Graph OAuth scopes, including Mail.Send and MailboxSettings.ReadWrite, which present significant risks for email exfiltration and unauthorized sending. While SKILL.md and references/outlook-graph-patterns.md provide extensive safety guidance and advocate for a 'draft-first' workflow, the instructions empower an AI agent to perform sensitive mailbox operations. The inherent risk of these capabilities, despite the documented mitigations and reliance on an external reference runtime (email-agent-mcp) for enforcement, justifies a suspicious classification.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description and the declared Microsoft Graph OAuth scopes (Mail.Read, Mail.ReadWrite, Mail.Send, MailboxSettings.ReadWrite, User.Read, offline_access) align with an email management skill; there are no unrelated binaries, environment variables, or config paths requested.
Instruction Scope
The SKILL.md instructs only Graph API interactions (listing, drafting, sending, managing folders/rules, attachments) and explicitly warns that safety guardrails are provided by the reference runtime. It does not instruct the agent to read unrelated files or exfiltrate data to hidden endpoints.
Install Mechanism
No install spec and no code files — the skill is instruction-only, so nothing is written to disk by the package itself (lowest install risk).
Credentials
The skill declares only optional environment variables, but it legitimately requires high-impact Graph scopes for full functionality. Those scopes are proportionate to the stated capabilities, but they are sensitive (Mail.Send and MailboxSettings.ReadWrite can send mail or create forwarding rules), so consent should be limited to the least-privilege scopes you actually need.
Persistence & Privilege
The skill is not always-enabled and has no install artifacts. However, platform-level autonomous invocation plus granted write scopes would increase risk if the runtime does not implement draft-first and send-allowlist protections; the SKILL.md correctly points out that the instruction-only skill cannot enforce those protections itself.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install outlook-email-management - After installation, invoke the skill by name or use
/outlook-email-management - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.7
Apply Trust Boundary preemptive disclosure technique that achieved Benign on email-cleanup v0.1.4 and docx-editing. Add a 'Trust Boundary: What This Skill Can and Cannot Enforce' section between Safety Model and Authentication & Required Scopes. Explicitly acknowledge instruction-only nature, high-risk scopes (Mail.Send, MailboxSettings.ReadWrite), runtime-dependent enforcement, and autonomous-invocation risk. Mirror scanner's own 6-point pre-install checklist as actionable guidance with source file citations.
v0.1.6
Revert experimental metadata.openclaw fields. Schema limitation: ClawHub's env/primaryEnv fields are designed for API-key credentials and cannot represent OAuth delegated tokens, so any declaration attempt creates a new inconsistency. Keep homepage field, full Authentication section in body, and honest optional env var declarations. Accept residual scanner NOTE rating as a known limitation for OAuth-based skills (gmail-secretary has the same pattern).
v0.1.5
Align metadata.openclaw.requires.env and SKILL.md body on AGENT_EMAIL_SEND_ALLOWLIST as required primary env credential (both say required now — no inconsistency). Set primaryEnv to AGENT_EMAIL_SEND_ALLOWLIST to populate primary credential registry field. The allowlist is legitimately required for any production send deployment: default is empty, which blocks all sends.
v0.1.4
Remove metadata.openclaw.requires.env list (treated as REQUIRED by parser, but our env vars are all optional — was creating a new mismatch with SKILL.md body). Keep homepage and full Authentication section; let the LLM scanner read env var details from the body rather than the registry summary.
v0.1.3
Move credential/env declarations into metadata.openclaw.requires namespace (the ClawHub-parsed schema); add homepage field pointing to reference runtime repo; add primaryCredential declaration; keep existing Authentication section in body for LLM scanner context
v0.1.2
Address ClawHub security scan feedback: declare Microsoft Graph OAuth scopes (delegated, MSAL device code flow) in requires block; list reference runtime's actual scope set (Mail.Read/ReadWrite/Send, MailboxSettings.ReadWrite, User.Read, offline_access) verifiable in auth.ts:14; add Authentication & Required Scopes section with risk mapping table and layered draft-first enforcement model citing concrete runtime guardrails (BLOCKED_ACTIONS in rules.ts:39, delete_email gated in label.ts); declare optional env vars (AGENT_EMAIL_CLIENT_ID, AGENT_EMAIL_SEND_ALLOWLIST, EMAIL_AGENT_MCP_HOME); explicitly mark calendar integration out of scope; fix local frontmatter version desync
v0.1.1
Fix crosslink slugs to match published ClawHub names
v0.1.0
Initial release: umbrella email management skill with bilingual subtitles, triage, drafting, cleanup, heartbeat, and Graph API patterns
Metadata
Frequently Asked Questions
What is Outlook Email?
Manage Outlook and Microsoft 365 email with AI agents — triage inbox by sender trust, draft replies with tone matching, organize folders, create inbox rules,... It is an AI Agent Skill for Claude Code / OpenClaw, with 118 downloads so far.
How do I install Outlook Email?
Run "/install outlook-email-management" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Outlook Email free?
Yes, Outlook Email is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Outlook Email support?
Outlook Email is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Outlook Email?
It is built and maintained by Steven Obiajulu (@stevenobiajulu); the current version is v0.1.7.
More Skills