← Back to search
@microsoft/teams.mcp
<p> <a href="https://www.npmjs.com/package/@microsoft/teams.mcp" target="_blank"> <img src="https://img.shields.io/npm/v/@microsoft/teams.mcp/latest" /> </a> <a href="https://www.npmjs.com/package/@microsoft/teams.mcp?activeTab=code" t
? Not scanned yet
Versions
1.0.0 latest May 20, 2026
2.0.11 May 15, 2026
2.0.10 May 14, 2026
2.0.9 May 6, 2026
2.0.8 Apr 17, 2026
2.0.7 Apr 7, 2026
2.0.6 Mar 25, 2026
2.0.5 Dec 9, 2025
2.0.4 Nov 17, 2025
2.0.3 Nov 17, 2025
2.0.2 Oct 13, 2025
2.0.1 Sep 18, 2025
2.0.0 Sep 18, 2025
@microsoft/teams.apps@2.0.0-preview.12 Sep 10, 2025
@microsoft/teams.apps@2.0.0-preview.11 Sep 10, 2025
@microsoft/teams.apps@2.0.0-preview.10 Aug 26, 2025
@microsoft/teams.apps@2.0.0-preview.5 Aug 6, 2025
@microsoft/teams.apps@2.0.0-preview.7 Aug 6, 2025
@microsoft/teams.apps@2.0.0-preview.8 Aug 6, 2025
@microsoft/teams.apps@2.0.0-preview.9 Aug 6, 2025
2.0.0-preview.4 Jun 6, 2025
Tools 0
No tools indexed yet.
Permissions 0
No permissions indexed yet.
Scan Findings 31
info
package.json metadata
info
Transport: streamable-http
info
Required env vars (29)
high
Hardcoded OAuth client secret in packages/apps/src/app.spec.ts
high
Hardcoded OAuth client secret in packages/apps/src/token-manager.spec.ts
high
Hardcoded OAuth client secret in packages/apps/src/test-utils.ts
medium
Permission: network access detected
low
Permission: filesystem access detected
high
Permission: shell access detected
low
Permission: env_vars access detected
medium
Excessive dependency count: 155 direct dependencies
medium
Suspicious package name: react-dom
medium
Suspicious package name: react-markdown
medium
Suspicious package name: react-router
medium
Suspicious package name: react-refresh
medium
Suspicious package name: lodash.camelcase
medium
Vulnerable dependency: turbo@2.4.0 (GHSA-3qcw-2rhx-2726)
medium
Vulnerable dependency: turbo@2.4.0 (GHSA-hcf7-66rw-9f5r)
medium
Vulnerable dependency: hono@4.12.16 (GHSA-hm8q-7f3q-5f36)
medium
Vulnerable dependency: hono@4.12.16 (GHSA-p77w-8qqv-26rm)
medium
Vulnerable dependency: hono@4.12.16 (GHSA-qp7p-654g-cw7p)
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.25.2 (GHSA-345p-7cg4-v4c7)
medium
Vulnerable dependency: uuid@11.0.5 (GHSA-w5hq-g745-h8pq)
medium
Vulnerable dependency: ws@8.18.1 (GHSA-58qx-3vcg-4xpx)
info
SLSA Build Level 1 detected
info
Could not connect to MCP server for output poisoning scan
info
Could not connect to MCP server for behavioral verification
info
SBOM generated: 1683 components
info
MITRE ATLAS technique coverage summary
info
ATLAS: Adversarial ML Supply Chain (AML.T0043)
info
ATLAS: Poison Training Data (AML.T0020)