An authenticated MCP app that calls Microsoft Graph API via OBO flow and renders interactive Fluent UI widgets inside M365 Copilot Chat.
Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.
@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse
Anthropic's MCP TypeScript SDK has a ReDoS vulnerability
Vite Vulnerable to Arbitrary File Read via Vite Dev Server WebSocket
Vite has an `server.fs.deny` bypass with an invalid `request-target`
Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling
process.env. You'll be asked to provide them before it can run.ENTRA_CLIENT_ID— your-client-id>ENTRA_CLIENT_SECRET— your-client-secret>ENTRA_TENANT_ID— your-tenant-id>INPUTPORT— 3. Set remaining env vars (ENTRA_CLIENT_ID, ENTRA_TENANT_ID, ) as App SettingsUSE_MOCK_DATA— Mock data fallback — toggle =true for demos without Graph access[](https://m8ven.ai/mcp/ramakrishnan24689-agent365-mcpapp-0dr3dm)