← 返回 Skills 市场
Teams Delegate
作者
Natnael Teshome
· GitHub ↗
· v1.0.4
473
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install teams-delegate
功能描述
Delegate Microsoft Teams inbox management to your AI agent for auto-replies, message summaries, priority filtering, and context-aware responses.
安全使用建议
This skill appears to do what it says, but review a few items before installing:
- Permissions: The Azure app requires powerful Graph scopes (read/write chat, send channel messages). Granting these lets the app read your Teams messages and send messages as you — only proceed if you trust the code and the maintainer.
- Admin consent: On corporate tenants you may need admin consent. If you are an employee, consult your IT/security team before granting these permissions to avoid policy violations.
- Local tokens: The tool stores auth data under ~/.teams-delegate (token cache and config). Ensure your home directory has appropriate file permissions and remove the token files if you stop using the skill.
- Dependencies: The scripts use the Python 'msal' library but the SKILL.md doesn't list how to install it. Install msal (pip install msal) and verify Python versions before running.
- Documentation mismatch: SKILL.md claims token.json but the code writes token_cache.bin and config.json — expect the code behavior (check ~/.teams-delegate for the actual files).
If you want extra assurance: inspect the scripts locally (they are small and readable) and run them in a controlled account or tenant with limited privileges before pointing them at your primary work account.
功能分析
Type: OpenClaw Skill
Name: teams-delegate
Version: 1.0.4
The skill requests broad Microsoft Graph API permissions (e.g., Chat.ReadWrite, ChannelMessage.Send, User.Read) which, while necessary for its stated purpose of delegating Teams inbox management, grant significant control over the user's Teams account. More critically, the SKILL.md instructs the AI agent to 'use cron or heartbeat' for auto-reply mode. This is a direct prompt injection vulnerability, as an agent capable of executing shell commands could be instructed to create arbitrary cron jobs, potentially leading to persistence or unauthorized execution if the agent's environment is not properly sandboxed. All network communication is directed to the legitimate Microsoft Graph API (graph.microsoft.com), and there is no evidence of intentional data exfiltration or malicious execution within the provided code.
能力评估
Purpose & Capability
Name/description (delegate Teams inbox) aligns with the code and requested Graph scopes. The scripts authenticate via device-code, list/read chats, summarize messages, and post replies using Microsoft Graph — all appropriate for the stated functionality.
Instruction Scope
Runtime instructions are narrowly scoped to Teams/Graph actions. However SKILL.md contains small inaccuracies (says token saved to ~/.teams-delegate/token.json, but the code writes token_cache.bin and config.json), and it asks the user to enable 'Allow public client flows' and grant admin consent when applicable (expected for device flow and certain tenant scenarios). The agent instructions do not attempt to read unrelated system files or exfiltrate data to non-Microsoft endpoints.
Install Mechanism
This is an instruction-only skill with no install spec. The Python code imports msal, which is not declared or described in the SKILL.md; the user must pip-install msal (and have Python available). Not including dependency installation instructions is an operational omission but not a security concern by itself.
Credentials
No environment variables or unrelated credentials are requested. The code stores token/cache and config under ~/.teams-delegate (expected for a CLI credential cache). Requested Graph scopes (Chat.Read, Chat.ReadWrite, ChannelMessage.Send, etc.) are required for reading and sending Teams messages — these are powerful (can post messages as the authenticated user) but proportionate to the skill's purpose and are disclosed in the README.
Persistence & Privilege
The skill persists tokens and a config in the user's home directory (~/.teams-delegate) and auto-refreshes tokens; it does not request 'always: true' or modify other skills. Persisting tokens locally is typical for CLI tools but means the stored tokens should be protected by the user (file permissions).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install teams-delegate - 安装完成后,直接呼叫该 Skill 的名称或使用
/teams-delegate触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.4
Update author display name to Nate Teshome and website to stellarsitesai.com
v1.0.3
Removed telemetry script. Clean package — only auth.py and teams.py.
v1.0.2
Added author attribution and anonymous install telemetry.
v1.0.1
Switched to MSAL for reliable auth, fixed device code flow, added multi-tenant support. Requires Microsoft 365 license for Chat API access.
v1.0.0
Initial release — delegate your Microsoft Teams inbox to your AI agent. Auto-reply, summarize, and filter messages via Microsoft Graph API.
元数据
常见问题
Teams Delegate 是什么?
Delegate Microsoft Teams inbox management to your AI agent for auto-replies, message summaries, priority filtering, and context-aware responses. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 473 次。
如何安装 Teams Delegate?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install teams-delegate」即可一键安装,无需额外配置。
Teams Delegate 是免费的吗?
是的,Teams Delegate 完全免费(开源免费),可自由下载、安装和使用。
Teams Delegate 支持哪些平台?
Teams Delegate 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Teams Delegate?
由 Natnael Teshome(@takeovernat)开发并维护,当前版本 v1.0.4。
推荐 Skills