Microsoft 365 Core MCP Server

Unverified
REPOroycedamien/m365-core-mcp
FRisk gradecritical blast radius
Catalogue entry updated 2 days ago
Auth postureNot probedno remote endpoint probed yet
Tools622 Destructive · 8 Execute · 41 Write · 10 Read · 1 Other
Worst categoryDestructivegrade tracks the peak, not the average
Capability mix
Destructive 2Execute 8Write 41Read 10Other 1
What it can reach
Ingests untrusted inputTouches secretsReaches networkRuns codeTouches filesChanges permissionsSends external commsPersistsDeletes dataMoves money
Tools 62
manage_azuread_devicesDestructiveHighmanage_offboardingDestructiveCriticalcall_microsoft_apiExecuteCriticalDynamicendpoint_automation_assistantExecuteCriticalexecute_graph_batchExecuteHigh
View all 62 tools
execute_graph_searchExecuteHighmanage_alertsExecuteHighmanage_intune_macos_devicesExecuteHighmanage_intune_windows_devicesExecuteHighoauth_authorizeExecuteHighcreate_intune_policyWriteHighcreateIntunePolicyWriteHighgenerate_html_reportWriteMediumgenerate_powerpoint_presentationWriteMediumgenerate_professional_reportWriteMediumgenerate_word_documentWriteMediummanage_authentication_strengthsWriteHighmanage_azure_ad_appsWriteHighmanage_azure_ad_devicesWriteHighmanage_azure_ad_rolesWriteCriticalmanage_azuread_appsWriteHighmanage_azuread_rolesWriteHighmanage_cis_complianceWriteHighmanage_compliance_frameworksWriteHighmanage_conditional_access_policiesWriteHighmanage_cross_tenant_accessWriteHighmanage_defender_policiesWriteHighmanage_distribution_listsWriteHighmanage_dlp_incidentsWriteHighmanage_dlp_policiesWriteHighmanage_exchange_policiesWriteHighmanage_exchange_settingsWriteHighmanage_graph_subscriptionsWriteHighmanage_identity_protectionWriteHighmanage_information_protection_policiesWriteHighmanage_intune_macos_appsWriteHighmanage_intune_macos_policiesWriteHighmanage_intune_windows_appsWriteHighmanage_intune_windows_policiesWriteHighmanage_m365_groupsWriteHighmanage_named_locationsWriteHighmanage_retention_policiesWriteHighmanage_security_alert_policiesWriteHighmanage_security_groupsWriteHighmanage_sensitivity_labelsWriteHighmanage_service_principalsWriteHighmanage_sharepoint_governance_policiesWriteHighmanage_sharepoint_listsWriteHighmanage_sharepoint_sitesWriteHighmanage_teams_policiesWriteHighmanage_user_settingsWriteHighbackup_policiesReadMediumexecute_delta_queryReadMediumgenerate_audit_reportsReadMediummanage_compliance_assessmentsReadMediummanage_compliance_monitoringReadMediummanage_evidence_collectionReadMediummanage_gap_analysisReadMediummanage_intune_macos_complianceReadLowmanage_intune_windows_complianceReadMediumsearch_audit_logReadLowtoolNameOtherLow
Change history
No changes recorded since first scan. Watched servers surface a diff within the hour.
Recommended policy
manage_azuread_devicesdeny
call_microsoft_apirequire approval
create_intune_policyrate limit
Read-only toolsallow
Full policy breakdown with enforcement rules →
// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.