← Back to Skills Marketplace
agent-teams
by
penglovemeng
· GitHub ↗
· v1.10.6
· MIT-0
193
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install peng-agent-teams
Description
Interact with Microsoft Teams - send messages, read channels, manage reactions
Usage Guidance
This skill does what it claims (control Teams), but it obtains credentials by reading the Teams desktop app's local cookie DB and stores a plaintext token in ~/.config/agent-messenger/teams-credentials.json. It also instructs the agent to read/write a persistent memory file at the start of each task. Before installing, consider: 1) Do you trust the npm package author (agent-messenger)? Inspect the package source on the registry or GitHub first. 2) Are you comfortable granting the tool access to app data (and possibly Full Disk Access on macOS)? That allows it to extract session tokens which effectively act as your account credentials. 3) If you proceed, run it from a dedicated account or isolated environment, limit filesystem permissions, and remove the credentials file when done. 4) Prefer OAuth/official integrations where possible; if your organization forbids using user tokens for automation, avoid this skill. Finally, consider asking the author to declare the config paths and credential behavior in the registry metadata so the access surface is explicit.
Capability Analysis
Type: OpenClaw Skill
Name: peng-agent-teams
Version: 1.10.6
The skill bundle provides a CLI for Microsoft Teams that authenticates by extracting session tokens (skypetoken_asm) directly from the local Teams desktop application's SQLite cookie database across macOS, Linux, and Windows (SKILL.md, references/authentication.md). While this high-risk credential extraction is the stated purpose for enabling 'seamless' authentication, accessing another application's private session data is a significant security risk. The bundle also includes instructions for the AI agent to manage a local persistent memory file (~/.config/agent-messenger/MEMORY.md), though it contains explicit safety directives to avoid storing sensitive credentials in that file.
Capability Assessment
Purpose & Capability
The skill is a CLI wrapper to interact with Microsoft Teams and the install (npm package agent-messenger -> binary agent-teams) is consistent with that purpose. Extracting a local Teams session token from the desktop app is coherent for a tool that posts as the user. However, the registry metadata claims no config paths or credentials required while the documentation and scripts clearly read app data directories and write ~/.config/agent-messenger/teams-credentials.json — an undeclared access surface.
Instruction Scope
SKILL.md and references explicitly instruct the agent/CLI to: locate Teams desktop app data, read Cookies SQLite databases to extract the skypetoken_asm cookie, store that token in plaintext under ~/.config/agent-messenger/teams-credentials.json, and maintain a persistent MEMORY.md that the agent must read at the start of every task and overwrite when updating. Those instructions cause the agent to access local app data and user config every run (and to request granting broader FS permissions), which is sensitive and broader than what the registry declares. The skill also tells agents to auto-extract tokens silently — this is expected for the stated purpose but has significant privacy/credential implications.
Install Mechanism
Installation is via a Node package (agent-messenger), producing the agent-teams binary. This is an expected and traceable install mechanism (npm). No ad-hoc downloads or remote archive extraction from arbitrary URLs are present in the manifest, which lowers install risk relative to raw URL downloads.
Credentials
No environment variables are declared or required, which superficially seems minimal. But the skill requires reading the Teams app's cookie DBs under OS-specific paths and writes a credentials file containing a plaintext Teams token. Those credential and filesystem accesses are not reflected in requires.config or requires.env and thus are underdeclared. The skill also recommends granting full-disk access on macOS to enable token extraction — a high-privilege action for a single-purpose skill.
Persistence & Privilege
The skill is not set always:true and uses normal autonomous invocation. It does create and manage persistent files under ~/.config/agent-messenger (teams-credentials.json, MEMORY.md, snapshots). This is expected for a CLI that needs tokens and caches IDs, but the registry metadata did not declare these config paths. The combination of autonomous invocation + undeclared credential storage increases the blast radius if the package were malicious or compromised.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install peng-agent-teams - After installation, invoke the skill by name or use
/peng-agent-teams - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.10.6
Update
Metadata
Frequently Asked Questions
What is agent-teams?
Interact with Microsoft Teams - send messages, read channels, manage reactions. It is an AI Agent Skill for Claude Code / OpenClaw, with 193 downloads so far.
How do I install agent-teams?
Run "/install peng-agent-teams" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is agent-teams free?
Yes, agent-teams is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does agent-teams support?
agent-teams is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created agent-teams?
It is built and maintained by penglovemeng (@penglovemeng); the current version is v1.10.6.
More Skills