← 返回 Skills 市场
alirezarezvani

Ms365 Tenant Manager

作者 Alireza Rezvani · GitHub ↗ · v2.1.1 · MIT-0
cross-platform ⚠ suspicious
1291
总下载
0
收藏
5
当前安装
2
版本数
在 OpenClaw 中安装
/install ms365-tenant-manager
功能描述
Microsoft 365 tenant administration for Global Administrators. Automate M365 tenant setup, Office 365 admin tasks, Azure AD user management, Exchange Online...
安全使用建议
This skill contains ready-to-run PowerShell and Python generators that will create and execute high-privilege Microsoft 365 actions. Before installing or using it: (1) only use in a non-production/test tenant first and review every generated script; (2) do not grant Global Admin or broad Graph scopes to untrusted code — prefer a least-privilege app registration with only required permissions or use managed identities/secure vaults; (3) remove or avoid examples that embed client secrets or use plaintext ConvertTo-SecureString -AsPlainText; store secrets in a secure secret manager and use certificate-based app auth where possible; (4) restrict agent/autonomous invocation or require explicit human approval before running scripts that change Conditional Access, license assignments, or revoke sessions; (5) verify there are no hard-coded secrets in the repository and audit logs after any run. If you cannot validate the author/source or cannot safely provide least-privilege credentials, do not enable this skill against production tenants.
功能分析
Type: OpenClaw Skill Name: ms365-tenant-manager Version: 2.1.1 The ms365-tenant-manager bundle provides tools for Microsoft 365 administration but contains vulnerabilities in its script generation logic. Specifically, the Python modules (powershell_generator.py, tenant_setup.py, and user_management.py) construct PowerShell scripts by embedding input parameters directly into f-strings without sanitization or escaping. This lack of input validation creates a risk of PowerShell injection if an attacker can influence the input data (e.g., user names, policy names, or company names). While the bundle's stated purpose is legitimate and it promotes security best practices in its documentation, the underlying code generation lacks the necessary safeguards to prevent exploitation.
能力评估
Purpose & Capability
The name, description, SKILL.md and included scripts all align: this is a Microsoft 365 tenant administration tool that generates PowerShell for tenant setup, CA policies, licensing, audit and user lifecycle. That capability legitimately requires high-privilege credentials (Global Admin or an appropriately permissioned app). The metadata, however, declares no required environment variables or primary credential — an omission that reduces transparency but does not by itself contradict the purpose.
Instruction Scope
SKILL.md and the included PowerShell templates direct the agent/operator to run high-privilege Graph and Exchange cmdlets (Connect-MgGraph with wide scopes, New-MgIdentityConditionalAccessPolicy, Set-MgUserLicense, Revoke tokens, etc.). Those commands are coherent with the stated purpose, but the instructions and troubleshooting docs also show examples that encourage embedding clientId/clientSecret and using ConvertTo-SecureString with plaintext secrets — an insecure practice that could lead to credential exposure. The skill references local files (CSV inputs) and does not call external endpoints beyond Microsoft APIs, so there is no explicit data exfiltration endpoint, but the agent will need tenant credentials to perform most actions.
Install Mechanism
There is no install spec (instruction-only behavior) and the package contains local Python script generators and documentation. Nothing is downloaded or executed from arbitrary remote URLs, and no package managers are invoked. This is lower-risk from an install-perspective, but the included code will generate and run PowerShell that acts on a live tenant.
Credentials
The skill performs operations that require Global Administrator or high privilege application permissions (Directory.ReadWrite.All, Policy.ReadWrite.ConditionalAccess, User.ReadWrite.All, ExchangeOnline). That level of access is proportionate to the functionality — but the skill declares zero required environment variables or primary credential, giving no explicit guidance on how to supply credentials safely. Additionally, the docs show insecure examples for application authentication (clientSecret assigned from plaintext), increasing the risk of credential leakage if users follow them.
Persistence & Privilege
The skill is not forced-always (always:false) and uses the default model-invocation behavior (agent may invoke autonomously). Autonomous invocation combined with high-privilege actions increases potential blast radius if the agent is allowed to act without human control. This combination is not flagged as outright malicious by itself, but you should treat autonomous runs with extra caution for admin-capable skills.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install ms365-tenant-manager
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /ms365-tenant-manager 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.1
v2.1.1: optimization, reference splits
v1.0.0
Initial release with comprehensive Microsoft 365 tenant administration automation for Global Administrators. - Automate M365 tenant setup, Office 365 admin tasks, and Azure AD/Exchange Online/Teams configuration. - Generate PowerShell scripts for bulk user management, Conditional Access, license assignment, and compliance auditing. - Includes workflows for tenant setup, security hardening, user lifecycle (onboarding/offboarding), and best practices. - Reference guides and troubleshooting resources provided. - Details prerequisites and required permissions for operation.
元数据
Slug ms365-tenant-manager
版本 2.1.1
许可证 MIT-0
累计安装 5
当前安装数 5
历史版本数 2
常见问题

Ms365 Tenant Manager 是什么?

Microsoft 365 tenant administration for Global Administrators. Automate M365 tenant setup, Office 365 admin tasks, Azure AD user management, Exchange Online... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1291 次。

如何安装 Ms365 Tenant Manager?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install ms365-tenant-manager」即可一键安装,无需额外配置。

Ms365 Tenant Manager 是免费的吗?

是的,Ms365 Tenant Manager 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Ms365 Tenant Manager 支持哪些平台?

Ms365 Tenant Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Ms365 Tenant Manager?

由 Alireza Rezvani(@alirezarezvani)开发并维护,当前版本 v2.1.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 留言讨论