Microsoft 365 MCP Server
MCP server for Microsoft 365 services via Graph API covering mail, calendar, files, contacts, tasks, OneNote, Teams, and Excel
Score Breakdown
Server Info
- Package
- @softeria/ms-365-mcp-server
- Registry
- npm
- Repository
- softeria/ms-365-mcp-server
- Maintainer
- Community
- Category
- Communication
- Tags
- emailcalendarteamssharepoint
- Last Scanned
- 7 Apr 2026
Findings
7 issuesAuthentication & Identity
LOWImplements MCP OAuth spec for per-user authentication
Full MCP OAuth spec implementation with .well-known/oauth-authorization-server and .well-known/oauth-protected-resource endpoints. Supports both stdio (device code flow via MSAL) and HTTP/StreamableHTTP transport with bearer token auth. Microsoft OAuth proxy pattern for authorization_code and refresh_token grants. Multi-account support with account parameter injection. Optional Azure Key Vault for secrets. Read-only mode supported via --readOnly flag.
Document the required OAuth scopes for each tool.
Tool Schema Quality
HIGHRequired fields missing on 2 write operations
Write tools without required field declarations: login, logout.
Add required arrays to all write/delete tool schemas.
MEDIUMOnly 0 of 8 schemas have parameter constraints
Most schemas lack maxLength, enum, or pattern constraints on string parameters.
Add constraints to string parameters, especially on write operations.
CRITICALDangerous execution surface: execute-tool
Tool allows raw code/query execution which could be exploited via prompt injection.
Use parameterized queries or validated command sets.
LLM Safety
MEDIUM5 tool descriptions are too vague
Short or generic descriptions make tool selection unreliable.
Expand descriptions with specific actions, data types, and side effects.
HIGHTool descriptions contain instructional language
Descriptions include directives that could influence LLM behavior beyond tool selection.
Remove instructional language. Descriptions should be purely factual.
Maintenance & Trust
LOWCommunity-maintained by Softeria
No official vendor backing.
Seek vendor verification.
Tools
8 total| Name | Description | Risk |
|---|---|---|
| login | Authenticate with Microsoft using device code flow | admin |
| logout | Log out from Microsoft account | admin |
| verify-login | Check current Microsoft authentication status | read |
| list-accounts | List all Microsoft accounts configured in this server. | read |
| select-account | Select a Microsoft account as the default. | admin |
| remove-account | Remove a Microsoft account from the cache. | admin |
| parse-teams-url | Converts any Teams meeting URL format into a standard joinWebUrl. | read |
| [139 auto-generated Graph API tools] | Tools auto-generated from Microsoft Graph API OpenAPI spec covering: list-mail-messages, send-mail, get-mail-message, create-event, list-events, list-files, create-todo-task, etc. | write |
Deploy Microsoft 365 MCP Server securely
CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.
Deploy on CompleteFlow