microsoft-mcp
Verified Safeby AojdevStudio
Overview
A comprehensive AI assistant toolkit for managing Microsoft 365 services including Outlook emails, Calendar events, OneDrive files, and Contacts.
Installation
uv run microsoft-mcpEnvironment Variables
- MICROSOFT_MCP_CLIENT_ID
- MICROSOFT_MCP_TENANT_ID
Security Notes
The server uses `os.getenv` for sensitive IDs (MICROSOFT_MCP_CLIENT_ID), stores tokens securely in a local cache (`~/.microsoft_mcp_token_cache.json`) via MSAL, and handles authentication via device flow. Input validation is implemented using Pydantic and custom validators (`email_params.py`, `validators.py`). HTML content is escaped using `html.escape` to prevent XSS. CSS inlining uses `xml.etree.ElementTree` and regex, not `eval` or `exec`. `ast.literal_eval` is used for internal flow cache from MSAL, which is generally safer than direct `eval` and is used on controlled data. Overall, the codebase demonstrates good security practices for an application interacting with a third-party API.
Similar Servers
ms-365-mcp-server
Interacting with Microsoft 365 and Office services through the Graph API via a Model Context Protocol (MCP) server.
cli-microsoft365-mcp-server
This MCP server allows users to execute CLI for Microsoft 365 commands using natural language, enabling management of various Microsoft 365 services like SharePoint, Teams, and Power Platform.
outlook-mcp
Enables AI assistants to interact with Microsoft Outlook for email, calendar, and SharePoint operations through the Microsoft Graph API.
outlook-mcp-server
AI-powered local email management for Microsoft Outlook, enabling search, composition, organization, and batch forwarding of emails using natural language commands.