npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

outlook-reader-mcp

v1.0.2

Published

MCP server for reading Outlook mail via Microsoft Graph: list, search, and fetch emails (batched), and download attachments.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jgimitolajgimitola

Keywords

mcpmodel-context-protocoloutlookmicrosoft-graphemail

Readme

outlook-reader-mcp

MCP (Model Context Protocol) server for reading Outlook / Microsoft 365 mail through Microsoft Graph. Read-only by design: list, search, and fetch emails — single or batched — and download attachments safely to disk.

Tools

| Tool | Description | | ---------------------- | ----------------------------------------------------------------------------------- | | authenticate | Sign in with a device code shown directly in the chat; reports current account | | sign_out | Remove the cached session from this machine; cancels any pending sign-in | | list_emails | List emails from any folder with OData filters, ordering, and paging (top/skip) | | search_emails | Keyword search across subject, body, sender, and recipients | | get_email | Full content of one email (plain-text body) | | get_emails | Full content of up to 50 emails in one batched Graph request | | list_folders | Mail folders with unread/total counts | | list_attachments | Attachment IDs, names, sizes, and types for an email | | download_attachment | Save one attachment to disk | | download_attachments | Save several (or all) attachments of an email in one call |

Setup

1. Create an Azure app registration

  1. Go to Azure Portal → App registrationsNew registration.
  2. Supported account types: pick what fits — "Personal Microsoft accounts only" for outlook.com/hotmail mailboxes, or an org option for Microsoft 365.
  3. No redirect URI needed. After creating, under Authentication enable Allow public client flows.
  4. Under API permissions add delegated Microsoft Graph permissions: Mail.Read, User.Read.
  5. Copy the Application (client) ID.

2. Configure your MCP client

{
  "mcpServers": {
    "outlook-reader": {
      "command": "npx",
      "args": ["-y", "outlook-reader-mcp"],
      "env": {
        "CLIENT_ID": "your-application-client-id",
        "TENANT_ID": "consumers"
      }
    }
  }
}

TENANT_ID: consumers for personal accounts, organizations or your tenant GUID for work accounts, common (default) for both.

Optional: [email protected] pins which cached account to use if several have signed in.

3. First run

Ask your assistant to run the authenticate tool (or just ask it to read your mail — any tool that needs auth will tell it to). The chat shows a URL and a one-time code: open the URL, enter the code, sign in. Sessions are cached, so this only happens once per machine.

Token cache & security

  • Tokens are cached per user in the OS application-data directory (%LOCALAPPDATA%\outlook-reader-mcp on Windows, ~/Library/Application Support/outlook-reader-mcp on macOS, $XDG_CONFIG_HOME/outlook-reader-mcp on Linux).
  • The cache is encrypted at rest with the OS credential store (DPAPI / Keychain / libsecret). If no store is available it falls back to a permission-restricted plaintext file and warns on stderr.
  • Scopes are read-only (Mail.Read); this server cannot send, modify, or delete mail.
  • Attachment filenames are sanitized (path traversal, reserved characters) before writing to disk, and existing files are never overwritten.
  • To revoke access: remove the app under account.live.com/consent/Manage (personal) or have your admin revoke sessions, then delete the cache directory.

Development

npm install
npm run mcp      # run from source (tsx)
npm run build    # compile to dist/
npm run format   # prettier

License

GPL-3.0