Is Agent365 Bridge safe to use?

Agent365 Bridge has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Agent365 Bridge?

Agent365 Bridge can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with Agent365 Bridge?

Agent365 Bridge is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

Is Agent365 Bridge actively maintained?

Agent365 Bridge is recently maintained — last commit was 48 days ago. It has 7 GitHub stars.

Agent365 Bridge

Connect Claude Code to Microsoft Agent 365 MCP servers — giving Claude direct access to Outlook Mail, Calendar, Word, Excel, PowerPoint, Teams, SharePoint, OneDrive, Copilot Search, Knowledge, and User Profile data through the enterprise-grade MCP tooling gateway.

MaintainedNot tested

AI / ML Productivity

★ 7GitHub

22DNo CVEsmaintained

Quick Install

{
  "mcpServers": {
    "agent365-bridge": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Setup guide

No install config available. Check the server's README for setup instructions.

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/agent365-bridge)](https://mcppedia.org/s/agent365-bridge)

Should you use this server?

✓

Is it safe?

No package registry to scan.

No authentication — any process on your machine can connect.

License not specified.

✓

Is it maintained?

Last commit 48 days ago. 7 stars.

Will it work with my client?

Transport: stdio. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.

Loading README…

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Score Breakdown

MCPpedia Score

Click each category to see evidence

22D

Last scored 14h ago

How we score →

Security

2/30

No known vulnerabilities.

○

Known CVEs — No package registry to scan

○

Tool safety — No tools to analyze

○

Tool poisoning — No tools to analyze

○

Injection vectors — No tools to analyze

○

Tool stability — First scan — baseline recorded

○

Dependency health — No package to analyze

✗

License — No license specified

○

Authentication — No authentication required

○

Repository — active repo

CVEs checked daily via OSV.dev. Score algorithm is open source.

Reviews

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Agent365 Bridge safe to use?: Agent365 Bridge has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Agent365 Bridge?: Agent365 Bridge can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with Agent365 Bridge?: Agent365 Bridge is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.
Is Agent365 Bridge actively maintained?: Agent365 Bridge is recently maintained — last commit was 48 days ago. It has 7 GitHub stars.

Similar servers

View all →

Sequential Thinking MCP Server

OfficialNo CVEs98A

Dynamic problem-solving through sequential thought chains

1 toolsstdio84.0k112.2k/wk3d ago

XcodeBuildMCP

OfficialNo CVEs97A

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

2 toolsremote5.2k46.6k/wk1d ago

Scrumboy

No CVEs95A

a self-hosted project management & Kanban solution + Instant shareable boards

1 toolsremote168586.4k/wk1d ago

Python Sdk

OfficialNo CVEs95A

The official Python SDK for Model Context Protocol servers and clients

1 toolsremote22.7k166.4k/wk1d ago

MCP Security Weekly

Get CVE alerts and security updates for Agent365 Bridge and similar servers.

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Agent 365 Bridge for Claude Code

Connect Claude Code to Microsoft Agent 365 MCP servers — giving Claude direct access to Outlook Mail, Calendar, Word, Excel, PowerPoint, Teams, SharePoint, OneDrive, Copilot Search, Knowledge, and User Profile data through the enterprise-grade MCP tooling gateway.

Architecture

┌─────────────┐      stdio       ┌──────────────────┐     HTTPS + Auth     ┌─────────────────────────┐
│ Claude Code  │ ◄──────────────► │  MCP Proxy Bridge │ ◄──────────────────► │  Agent 365 MCP Servers  │
│ (CLI / IDE)  │   MCP protocol   │  (this project)   │   StreamableHTTP    │  (Mail, Calendar, Word, │
└─────────────┘                  └──────────────────┘                      │   Teams, SharePoint...) │
                                                                           └─────────────────────────┘

The bridge runs as a local stdio MCP server that Claude Code connects to. When Claude calls a tool (e.g. createMessage, getEvents), the bridge authenticates with Azure Entra ID using delegated permissions and forwards the call to the appropriate Agent 365 MCP server — acting on behalf of the signed-in user.

Two-Layer Disk Caching

Claude Desktop enforces a 5-second timeout on tools/list requests. Since discovering 14 Agent 365 servers takes ~20 seconds, the bridge uses a two-layer caching strategy to serve tools instantly:

sequenceDiagram
    participant User
    participant Login as npm run login
    participant Disk as ~/.agent365-bridge/
    participant Bridge as Bridge Process
    participant Claude as Claude Desktop

    Note over User,Login: One-time setup
    User->>Login: npm run login
    Login->>Login: Device code auth
    Login->>Disk: auth-record.json
    Login->>Login: Discover 14 servers (56 tools)
    Login->>Disk: tools-cache.json

    Note over Bridge,Claude: Every subsequent launch
    Claude->>Bridge: initialize
    Bridge->>Disk: Load tools-cache.json
    Bridge-->>Claude: initialize response
    Claude->>Bridge: tools/list
    Bridge-->>Claude: 56 tools (instant, <1ms)
    Note over Bridge: Discovery runs in background (~20s)
    Claude->>Bridge: tools/call SearchMessages
    Note over Bridge: Waits for live discovery if needed
    Bridge-->>Claude: Email results

Compatibility Layer

The bridge automatically fixes common MCP compatibility issues:

Schema Sanitization: Strips oneOf, allOf, and anyOf from tool schemas (which Anthropic API rejects), merging properties where possible.
Name Deduplication: Detects tools with identical names across different servers (e.g. GetDocumentContent in both Word and Excel) and automatically namespaces them (e.g. GetDocumentContent_Word) to prevent collisions.

Why this project exists?

While Microsoft provides a rich set of tools for building and managing AI agents, there is currently a "protocol gap" for 3rd-party coding agents like Claude Code:

Protocol Translation: Claude Code and most local IDEs speak the stdio dialect of the Model Context Protocol (MCP). However, the Agent 365 Tooling Gateway (the enterprise cloud back-end) speaks StreamableHTTP. This project acts as the necessary protocol translator.
Access to the "Synthetic Workforce": Agent 365 is designed to be the control plane for a new generation of autonomous agents. This bridge allows Claude to tap into that same infrastructure, giving a 3rd-party LLM the same enterprise-governed tools used by Microsoft's first-party agents.
Action over Search: Unlike pure semantic search tools (like WorkIQ), this bridge focuses on deterministic actions. It exposes the granular Tooling Servers for Mail, Excel, Word, and Teams, allowing Claude to manipulate data, not just find it.
Developer-First Auth: It simplifies the complex "Frontier Preview" and "StreamableHTTP" authentication handshake into a standard MCP sign-in flow that just works.

Status

✅ **Production-tested a

... View full README on GitHub