← 返回 Skills 市场
859
总下载
4
收藏
3
当前安装
3
版本数
在 OpenClaw 中安装
/install outlook-delegate
功能描述
Read, search, and manage Outlook emails and calendar via Microsoft Graph API with delegate support. Supports sending as self, as owner (Send As), and on behalf of owner (Send on Behalf). Modified for delegate access from https://clawhub.ai/jotamed/outlook
安全使用建议
This skill appears to implement delegate Outlook access as described, but it requires you to create and store sensitive credentials (client_id/client_secret/refresh tokens) in ~/.outlook-mcp and to grant high-privilege Exchange permissions (FullAccess and either SendAs or SendOnBehalf). Before installing: 1) Review the scripts yourself (they call only Microsoft endpoints) and confirm you trust the source. 2) Do not grant both SendAs and SendOnBehalf — pick one per the docs. 3) Use a dedicated, limited 'assistant' account (not an admin or personal account). 4) Limit client secret lifetime, rotate credentials, and monitor mailbox/audit logs. 5) Because the registry metadata omits the required config/credentials, ask the maintainer to update metadata to explicitly declare the config path and secrets required. If you are not comfortable granting Full Mailbox Access or handling OAuth secrets, do not install/use this skill.
功能分析
Type: OpenClaw Skill
Name: outlook-delegate
Version: 1.1.1
The OpenClaw AgentSkills skill bundle for Outlook delegate access is classified as benign. The code and documentation consistently align with the stated purpose of managing Outlook emails and calendars via Microsoft Graph API with delegate support. Key security indicators include robust input sanitization using `jq` for JSON payloads and URL encoding for query parameters (e.g., in `scripts/outlook-mail.sh` and `scripts/outlook-calendar.sh`), secure handling of sensitive credentials (client secret via stdin, access token via temporary files with `chmod 600` in `scripts/outlook-token.sh`), and strict file permissions for configuration and credential directories (`~/.outlook-mcp/`). All network communications are directed to legitimate Microsoft OAuth and Graph API endpoints. There is no evidence of data exfiltration, unauthorized remote execution, persistence mechanisms, obfuscation, or prompt injection attempts within the `SKILL.md` or other documentation files. The broad permissions requested are necessary for the skill's stated delegate functionality.
能力评估
Purpose & Capability
The name/description align with the included scripts: they call Microsoft Graph and Exchange to read/write mail and calendars as a delegate. However the registry metadata claims no required config/credentials, while the runtime expects ~/.outlook-mcp/config.json and credentials.json containing client_id, client_secret, tenant_id, owner_email, delegate_email, and refresh/access tokens. That mismatch (metadata vs actual requirements) is an incoherence.
Instruction Scope
SKILL.md and references/setup.md give detailed OAuth and Exchange PowerShell steps; runtime scripts only interact with Microsoft endpoints (graph.microsoft.com, login.microsoftonline.com) and local config files. The instructions require running admin PowerShell commands to grant FullAccess and SendAs/SendOnBehalf — these are high-privilege operations but are coherent with the skill's purpose. No unexpected external endpoints or obfuscated network calls were found.
Install Mechanism
No install spec; code is delivered as shell scripts and docs. This reduces supply-chain risk vs downloading arbitrary binaries. The scripts use standard tools (curl, jq) and write to a per-user config directory. Nothing in the install story downloads third-party code from unknown hosts.
Credentials
The skill requires highly sensitive secrets (client_secret, refresh/access tokens) and tenant/admin consent for delegated permissions, but the registry metadata lists no required env vars or config paths. The scope requested (Full Mailbox Access, Mail.Send.Shared, Mail.ReadWrite.Shared, Calendars.ReadWrite.Shared) is broad but functionally justified for full delegate mailbox/calendar management — still, these privileges are powerful and should only be granted to a trusted assistant account. The omission in declared required credentials/config in metadata is the primary proportionality issue.
Persistence & Privilege
The skill stores credentials and config under ~/.outlook-mcp and enforces permissive file modes (chmod 700/600) in scripts. always:false and no modifications to other skills or global agent settings were detected. Persisting OAuth credentials locally is expected for this workflow, but it creates persistent access until tokens are revoked.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install outlook-delegate - 安装完成后,直接呼叫该 Skill 的名称或使用
/outlook-delegate触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.1
**Expanded support for sending as self, as owner, and on behalf of owner, with clear Exchange permission guidance.**
- Added explicit support and documentation for three sending modes: as self, as owner (Send As), and on behalf of owner (Send on Behalf).
- Clarified Exchange permissions required for each sending mode, emphasizing not to grant both SendAs and SendOnBehalf together.
- Updated configuration to include display names and tenant/timezone fields for improved customization.
- Improved setup instructions with step-by-step Microsoft Entra ID and Exchange permission guidance.
- Enhanced mode tables, explanations, and troubleshooting to prevent common permission mistakes.
v1.0.1
Initial script and documentation files added.
- Added shell scripts for managing Outlook mail (`outlook-mail.sh`), calendar (`outlook-calendar.sh`), and authentication tokens (`outlook-token.sh`).
- Introduced setup documentation in `references/setup.md`.
- Included metadata file `_meta.json`.
- No changes to functionality or usage; this update provides the initial code and instructions to support the skill.
v1.0.0
Outlook Delegate Skill v1.0.0 (Initial Delegate Edition)
- Breaking: All API calls use `/users/{owner}` endpoints instead of `/me`
- Added support for delegate scenarios with `owner_email` and `delegate_email` config fields
- Implemented send-on-behalf email functionality using the correct `from` field
- Permissions required are now the `.Shared` variants for delegated access
- Comprehensive documentation for delegate configuration and required permissions
- New token test verifies connectivity for both delegate and owner accounts
- Based on the original "outlook" skill v1.3.0 by jotamed, adapted for delegate workflows
元数据
常见问题
Outlook Delegate 是什么?
Read, search, and manage Outlook emails and calendar via Microsoft Graph API with delegate support. Supports sending as self, as owner (Send As), and on behalf of owner (Send on Behalf). Modified for delegate access from https://clawhub.ai/jotamed/outlook. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 859 次。
如何安装 Outlook Delegate?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install outlook-delegate」即可一键安装,无需额外配置。
Outlook Delegate 是免费的吗?
是的,Outlook Delegate 完全免费(开源免费),可自由下载、安装和使用。
Outlook Delegate 支持哪些平台?
Outlook Delegate 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Outlook Delegate?
由 87Marc(@87marc)开发并维护,当前版本 v1.1.1。
推荐 Skills