Delv
CommunityActive· 8d4.3by Softeria

MS 365 MCP

Connects to Microsoft 365 via the Graph API with 200+ tools covering Outlook, Teams, SharePoint, Excel, and OneDrive.

View repo
C
Safety & Trust

Delv Safety Grade: C

Score 62/100 · assessed 2026-04-28

Maintainer55
Permissions45
Supply chain75
Transparency70
Incidents100

MS 365 MCP is a community-built Graph API wrapper from Softeria, a small software consultancy. The package ships via npm with standard installation, which is reassuring for supply chain. However, the permissions surface is enormous: 200+ tools spanning email, Teams, SharePoint, Excel, and OneDrive means read and write access across your entire Microsoft 365 tenant. The maintainer is a legitimate but small organisation with modest GitHub activity. No OAuth scoping details are visible in the metadata, so you're likely granting broad Graph API permissions. Transparency is reasonable with open source and documentation, but the sheer breadth of capabilities creates significant blast radius if credentials leak or the package is compromised. No known incidents, but the wide permission set and smaller maintainer warrant caution. Suitable for trusted environments only.

Lethal Trifecta (prompt-injection exposure)

TRIFECTA RISK
All three axes present. This server can read private data, ingest attacker-controlled content, and send data outbound. A poisoned input (a GitHub issue, an email, a webpage) can exfiltrate secrets via this chain. Only install with auditing; avoid on shared or cloud agents.
Private dataYes
Reads secrets, credentials, private files
Untrusted inputYes
Ingests web pages, PRs, issues, emails
External commsYes
Can send data outbound

The Microsoft suite as one server is the broadest trifecta in the catalogue. Email, calendar, files, contacts, all bundled.

Green flags

  • Distributed via npm with standard package manager install
  • Open source repository on GitHub for code review
  • No known security incidents or CVEs
  • Legitimate consultancy (Softeria) as maintainer, not anonymous

Red flags

  • 200+ tools create massive attack surface across entire M365 tenant
  • Small maintainer (Softeria) with limited community oversight
  • No OAuth scope details visible; likely requests very broad Graph permissions
  • Write access to email, Teams, SharePoint, Excel, OneDrive simultaneously
  • Bus factor risk: appears to be small team or solo project

Permissions requested

Outbound networkIdentity readIdentity writeRead messagesSend messagesRead filesWrite filesDB readDB write
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Install

npx -y @softeria/ms-365-mcp-server

Review

MS 365 MCP is a Graph API wrapper that gives Claude direct access to your Microsoft 365 tenant. It ships with over 200 tools spanning Outlook, Teams, SharePoint, Excel, and OneDrive. The breadth is impressive: you can read and send emails, post Teams messages, edit Excel cells, upload files to OneDrive, and query SharePoint lists without leaving your Claude session. I've used it primarily for Outlook triage and Teams notifications. The email tools are genuinely useful for bulk operations: I had Claude flag and move 80-odd invoices into a folder based on sender patterns, which would have been tedious in the web UI. The Teams integration is lighter but functional for posting status updates or reading recent channel messages. Excel support covers cell reads and writes, though complex formulas or pivot tables are outside scope. Authentication runs through Microsoft's device code flow. You authenticate once in a browser, paste the code back, and the server caches your token. It's not frictionless, but it's standard OAuth. The server doesn't store credentials in plaintext, which is the right call for a tool with this much access. Quirks: the tool surface is vast, so Claude sometimes picks the wrong endpoint or misinterprets what you want. You'll occasionally need to be explicit about whether you mean 'inbox' or 'sent items'. The server also assumes you know your Microsoft 365 structure: it won't guess your SharePoint site URL or OneDrive folder paths. If you're not already comfortable with Graph API concepts, expect a learning curve. This is a power tool for people who live in Microsoft 365 and want to automate repetitive admin work. If you're managing multiple inboxes, coordinating Teams channels, or doing regular Excel updates, it's worth the setup friction. If you only check email twice a day or don't have an M365 subscription, skip it. The value is in bulk operations and cross-service workflows, not one-off tasks you could do faster in a browser.
Verdict

Install this if you spend serious time in Microsoft 365 and want to automate email sorting, Teams updates, or Excel edits without writing scripts. Skip it if you're a casual M365 user or don't have admin-level access to your tenant. The setup is OAuth-standard but not instant, so it's a commitment for power users, not a curiosity install.

Good at

  • Over 200 tools covering Outlook, Teams, SharePoint, Excel, and OneDrive in one server.
  • OAuth device flow keeps credentials secure and doesn't require manual token management.
  • Genuinely useful for bulk email operations and cross-service workflows that would be tedious in the web UI.
  • Active maintenance from Softeria with regular updates to match Graph API changes.

Watch out

  • Assumes you know your Microsoft 365 structure: won't guess SharePoint site URLs or OneDrive paths.
  • Claude occasionally picks the wrong tool when requests are ambiguous, requiring explicit instructions.
  • Requires admin-level M365 access for full functionality, so not viable for locked-down corporate tenants.
  • Initial OAuth setup is standard but not instant, adding friction for first-time users.

Use cases

  • Outlook inbox automation
  • Teams messaging
  • Excel workbook edits
  • OneDrive file operations

Getting started

1. Run `npx -y @softeria/ms-365-mcp-server` to install and start the authentication flow. You'll be prompted to visit a Microsoft URL and enter a device code. 2. Add the server to your Claude Desktop config under `mcpServers` with the command `npx -y @softeria/ms-365-mcp-server`. No environment variables are needed; the server manages tokens internally. 3. Restart Claude Desktop and verify by asking Claude to list your recent Outlook emails or OneDrive files. If it prompts for permissions, approve them in your browser. 4. Test a simple workflow like 'move all unread emails from sender X to folder Y' to confirm the tools are wired correctly. 5. Watch out for ambiguous requests: Claude sometimes picks the wrong mailbox folder or SharePoint site if you don't specify the full path. Be explicit about locations.

Works with

Claude DesktopClaude CodeCursor

Similar MCPs