← Back to Skills Marketplace
859
Downloads
4
Stars
3
Active Installs
3
Versions
Install in OpenClaw
/install outlook-delegate
Description
Read, search, and manage Outlook emails and calendar via Microsoft Graph API with delegate support. Supports sending as self, as owner (Send As), and on behalf of owner (Send on Behalf). Modified for delegate access from https://clawhub.ai/jotamed/outlook
Usage Guidance
This skill appears to implement delegate Outlook access as described, but it requires you to create and store sensitive credentials (client_id/client_secret/refresh tokens) in ~/.outlook-mcp and to grant high-privilege Exchange permissions (FullAccess and either SendAs or SendOnBehalf). Before installing: 1) Review the scripts yourself (they call only Microsoft endpoints) and confirm you trust the source. 2) Do not grant both SendAs and SendOnBehalf — pick one per the docs. 3) Use a dedicated, limited 'assistant' account (not an admin or personal account). 4) Limit client secret lifetime, rotate credentials, and monitor mailbox/audit logs. 5) Because the registry metadata omits the required config/credentials, ask the maintainer to update metadata to explicitly declare the config path and secrets required. If you are not comfortable granting Full Mailbox Access or handling OAuth secrets, do not install/use this skill.
Capability Analysis
Type: OpenClaw Skill
Name: outlook-delegate
Version: 1.1.1
The OpenClaw AgentSkills skill bundle for Outlook delegate access is classified as benign. The code and documentation consistently align with the stated purpose of managing Outlook emails and calendars via Microsoft Graph API with delegate support. Key security indicators include robust input sanitization using `jq` for JSON payloads and URL encoding for query parameters (e.g., in `scripts/outlook-mail.sh` and `scripts/outlook-calendar.sh`), secure handling of sensitive credentials (client secret via stdin, access token via temporary files with `chmod 600` in `scripts/outlook-token.sh`), and strict file permissions for configuration and credential directories (`~/.outlook-mcp/`). All network communications are directed to legitimate Microsoft OAuth and Graph API endpoints. There is no evidence of data exfiltration, unauthorized remote execution, persistence mechanisms, obfuscation, or prompt injection attempts within the `SKILL.md` or other documentation files. The broad permissions requested are necessary for the skill's stated delegate functionality.
Capability Assessment
Purpose & Capability
The name/description align with the included scripts: they call Microsoft Graph and Exchange to read/write mail and calendars as a delegate. However the registry metadata claims no required config/credentials, while the runtime expects ~/.outlook-mcp/config.json and credentials.json containing client_id, client_secret, tenant_id, owner_email, delegate_email, and refresh/access tokens. That mismatch (metadata vs actual requirements) is an incoherence.
Instruction Scope
SKILL.md and references/setup.md give detailed OAuth and Exchange PowerShell steps; runtime scripts only interact with Microsoft endpoints (graph.microsoft.com, login.microsoftonline.com) and local config files. The instructions require running admin PowerShell commands to grant FullAccess and SendAs/SendOnBehalf — these are high-privilege operations but are coherent with the skill's purpose. No unexpected external endpoints or obfuscated network calls were found.
Install Mechanism
No install spec; code is delivered as shell scripts and docs. This reduces supply-chain risk vs downloading arbitrary binaries. The scripts use standard tools (curl, jq) and write to a per-user config directory. Nothing in the install story downloads third-party code from unknown hosts.
Credentials
The skill requires highly sensitive secrets (client_secret, refresh/access tokens) and tenant/admin consent for delegated permissions, but the registry metadata lists no required env vars or config paths. The scope requested (Full Mailbox Access, Mail.Send.Shared, Mail.ReadWrite.Shared, Calendars.ReadWrite.Shared) is broad but functionally justified for full delegate mailbox/calendar management — still, these privileges are powerful and should only be granted to a trusted assistant account. The omission in declared required credentials/config in metadata is the primary proportionality issue.
Persistence & Privilege
The skill stores credentials and config under ~/.outlook-mcp and enforces permissive file modes (chmod 700/600) in scripts. always:false and no modifications to other skills or global agent settings were detected. Persisting OAuth credentials locally is expected for this workflow, but it creates persistent access until tokens are revoked.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install outlook-delegate - After installation, invoke the skill by name or use
/outlook-delegate - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
**Expanded support for sending as self, as owner, and on behalf of owner, with clear Exchange permission guidance.**
- Added explicit support and documentation for three sending modes: as self, as owner (Send As), and on behalf of owner (Send on Behalf).
- Clarified Exchange permissions required for each sending mode, emphasizing not to grant both SendAs and SendOnBehalf together.
- Updated configuration to include display names and tenant/timezone fields for improved customization.
- Improved setup instructions with step-by-step Microsoft Entra ID and Exchange permission guidance.
- Enhanced mode tables, explanations, and troubleshooting to prevent common permission mistakes.
v1.0.1
Initial script and documentation files added.
- Added shell scripts for managing Outlook mail (`outlook-mail.sh`), calendar (`outlook-calendar.sh`), and authentication tokens (`outlook-token.sh`).
- Introduced setup documentation in `references/setup.md`.
- Included metadata file `_meta.json`.
- No changes to functionality or usage; this update provides the initial code and instructions to support the skill.
v1.0.0
Outlook Delegate Skill v1.0.0 (Initial Delegate Edition)
- Breaking: All API calls use `/users/{owner}` endpoints instead of `/me`
- Added support for delegate scenarios with `owner_email` and `delegate_email` config fields
- Implemented send-on-behalf email functionality using the correct `from` field
- Permissions required are now the `.Shared` variants for delegated access
- Comprehensive documentation for delegate configuration and required permissions
- New token test verifies connectivity for both delegate and owner accounts
- Based on the original "outlook" skill v1.3.0 by jotamed, adapted for delegate workflows
Metadata
Frequently Asked Questions
What is Outlook Delegate?
Read, search, and manage Outlook emails and calendar via Microsoft Graph API with delegate support. Supports sending as self, as owner (Send As), and on behalf of owner (Send on Behalf). Modified for delegate access from https://clawhub.ai/jotamed/outlook. It is an AI Agent Skill for Claude Code / OpenClaw, with 859 downloads so far.
How do I install Outlook Delegate?
Run "/install outlook-delegate" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Outlook Delegate free?
Yes, Outlook Delegate is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Outlook Delegate support?
Outlook Delegate is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Outlook Delegate?
It is built and maintained by 87Marc (@87marc); the current version is v1.1.1.
More Skills