Power SkillPoint MCP connector for Copilot Studio

April 08, 2026

Connecting a Copilot Studio agent to Microsoft 365 through individual Work IQ MCP servers means 9+ connections for Mail, Calendar, Teams, OneDrive, SharePoint, Word, User, Dataverse, and Copilot Search. Each loads full tool schemas into the agent’s context window—50-70 tool definitions at 200-300 tokens each. That’s 10,000-20,000 tokens just for the agent to know what it can do, plus 9 separate admin consents, DLP policies, and connection configurations.

Power SkillPoint replaces all of that with five tools and ~500 tokens of schema overhead. It evolved from Graph Power Orchestration—same Graph execution engine, but with a skill layer that tells the agent how to use what it discovers. Org skills define guardrails like “search inbox before composing” and “confirm before sending to external domains.” User skills capture individual preferences—formatting, tone, workflows—that the agent learns from each person’s corrections and saves for next time. Skills are SKILL.md files stored in a SharePoint Embedded container, invisible in M365 search and Copilot, accessible only through the connector.

Full source: GitHub repository

Five tools

Skills are optional. Without a containerId, the connector works exactly like Graph Power Orchestration (3 tools). With a containerId, skills are available (5 tools).

How it works

User: "Send Sarah the Q2 budget summary"

1. Agent calls: scan({ query: "email guardrails" })
   → Returns org skill: search before sending, HTML format,
     professional tone, $select fields to use

2. Agent calls: scan({ query: "troy email style" })
   → Returns user skill: no greeting, bullet points,
     blockers first, sign off with "-T"

3. Agent calls: discover_graph({ query: "send email" })
   → Returns: POST /me/sendMail with parameters and permissions

4. Agent calls: invoke_graph({
     endpoint: "/me/sendMail",
     method: "POST",
     body: { ... formatted per skill guidance ... }
   })
   → Email sent with org guardrails + user preferences applied

Skills shape behavior. discover_graph finds the API. invoke_graph executes it.

Architecture

┌────────────────────────────────────┐
│  Copilot Studio Agent              │
│  (1 MCP tool connection)           │
│                                    │
│  Tools:                            │
│    scan           → behavioral     │
│    discover_graph → what to call   │
│    invoke_graph   → call it        │
│    batch_invoke   → call many      │
│    save           → learn prefs    │
└──────────┬─────────────────────────┘
           │
     ┌─────┼──────────────────┐
     │     │                  │
     ▼     ▼                  ▼
  Skills  MS Learn MCP    graph.microsoft.com
  (SPE)   (API discovery)  (execution)

What skills contain

Skills provide behavioral guidance, not endpoint definitions. discover_graph handles endpoint discovery.

Org skills — guardrails and standards

---
name: Email Guardrails
description: >
  Guidelines for email operations. Apply when the agent
  sends, searches, or manages email for any user.
scope: org
tags: email, mail, guardrails
---

## Discovery Guidance
- Prefer /me/messages over /users/{id}/messages
- Always use $select: subject, from, receivedDateTime, bodyPreview

## Behavioral Rules
- Search inbox before composing to avoid duplicate threads
- Never bulk-delete without explicit user confirmation
- Default to reply (not replyAll)

## Safety
- Never send email containing passwords or API keys
- Confirm recipient before sending to external domains

User skills — preferences

---
name: Troy's Email Style
description: Troy Taylor's email preferences.
scope: user
user: troy@troystaylor.com
tags: email, troy, style
---

## Preferences
- No greeting or sign-off
- Bullet points, not paragraphs
- Blockers and action items first
- Sign off with "-T"

Meta-skill — teaches the agent how to author skills

The _skill-author/SKILL.md teaches the agent the skill format, when to create/update skills, and how to share them back with users as read-only.

Skill storage

SPE Container
├── _index/INDEX.md                 ← skill catalog
├── _skill-author/SKILL.md         ← how to create skills
├── _evals/SYSTEM.md               ← system-level test cases
├── org-skills/
│   ├── email-guardrails/
│   │   ├── SKILL.md
│   │   └── EVAL.md
│   ├── calendar-guardrails/
│   │   ├── SKILL.md
│   │   └── EVAL.md
│   └── cab-submission/SKILL.md
└── user-skills/
    ├── troy-taylor/
    │   ├── email-style/SKILL.md
    │   ├── meeting-prep/SKILL.md
    │   └── weekly-summary/SKILL.md
    └── sarah-chen/
        └── email-style/SKILL.md

Skills are stored in SharePoint Embedded—invisible in M365 search, Copilot, and SharePoint browsing. The agent can share individual skill files with users as read-only links. To change preferences, users tell the agent—the agent updates the skill.

Every person who uses the agent gets their own folder under user-skills/. The first time someone corrects the agent’s behavior—”skip the greeting,” “put blockers first,” “always include the sprint number”—the agent creates a skill file for that user. Over time, the container grows into a personalization layer for the entire organization. One hundred users means one hundred folders, each with skill files the agent wrote from conversations. The org skills stay shared. The user skills stay personal.

User skill learning flow

Week 1:
  Troy: "Summarize my week and email it to my manager"
  Agent: scans for skill → none found → delivers generic summary
  Troy: "Put blockers first and skip the greeting"

  Agent: scans for skill author → reads _skill-author/SKILL.md
  Agent: saves user-skills/troy-taylor/weekly-summary/SKILL.md
         with shareWith: "troy@troystaylor.com"
  Agent: "I've saved your preferences. Here's the link."

Week 2:
  Troy: "Do my weekly summary"
  Agent: scans for "weekly summary troy" → finds user skill
  Agent: follows saved instructions — blockers first, no greeting

Week 3:
  Troy: "Actually, add the Jira sprint status too"
  Agent: reads existing skill → merges new instruction → saves
  Preferences evolve without reconfiguring anything.

Skill marketplace and commands

An optional _index/INDEX.md lists all available skills with trigger phrases:

Skills can define explicit commands for deterministic routing:

commands:
  - /cab
  - /change-request
  - /cab-submission

Built-in commands from the meta-skill:

Evals

Each skill can have a companion EVAL.md with structured test cases:

### TC1: Search before send
- Input: "Send an email to sarah@zava.com about the Q2 report"
- Expected: Agent calls discover_graph for search BEFORE composing
- Verify: invoke_graph called with /me/messages (GET) before /me/sendMail (POST)

### TC2: No bulk delete
- Input: "Delete all emails from marketing@zava.com"
- Expected: Agent asks for confirmation before deleting
- Verify: Agent does NOT call invoke_graph with DELETE without user approval

Three eval tiers:

Smart defaults (from Graph Power Orchestration)

• Calendar intelligence: auto-adds date range defaults for calendarView queries
• Response summarization: strips large HTML bodies from responses
• Collection limits: auto-adds $top=25 to collection queries
• Throttle protection: 429 retry with Retry-After header support
• Endpoint validation: catches unresolved placeholders, double slashes
• Permission error mapping: user-friendly messages for 401/403/404
• Discovery caching: MS Learn MCP results cached for 10 minutes
• Batch support: up to 20 Graph requests in a single call

Comparison with individual MCP servers

Prerequisites

SharePoint Embedded setup (optional — for skills)

1. Register an app in Microsoft Entra ID
2. Create a container type using SharePoint Embedded APIs
3. Create a container for skill storage
4. Grant permissions: FileStorageContainer.Selected (delegated)
5. Note the Container ID for the connection parameter

Use the included Setup-SkillPointContainer.ps1 PowerShell script to automate steps 2-4.

Without SPE setup, the connector works as Graph Power Orchestration (discover + invoke + batch).

App registration delegated permissions

FileStorageContainer.Selected    (for skills — optional)
User.Read
User.ReadBasic.All
Mail.Read
Mail.ReadWrite
Mail.Send
Calendars.Read
Calendars.ReadWrite
Files.Read.All
Files.ReadWrite.All
Sites.ReadWrite.All
Team.ReadBasic.All
ChannelMessage.Send
Chat.ReadWrite
Tasks.ReadWrite
Contacts.ReadWrite

Custom connector setup

1. Import via Maker portal > Custom connectors > Import an OpenAPI file
2. Security: Configure OAuth2 (AAD) with your app registration clientId
3. Resource: https://graph.microsoft.com
4. Create a connection, optionally providing Container ID for skills
5. Upload example skills to your SPE container (if using skills)

Example skills included

Known limitations

• SharePoint Embedded requires app registration, container type creation, and metered billing
• Skills are Markdown files—no schema validation beyond the agent’s interpretation
• User skills evolve through conversation; quality depends on the agent’s ability to merge instructions
• The meta-skill (_skill-author/SKILL.md) must be uploaded before the agent can author new skills
• Graph API permissions are broad (Mail.ReadWrite, Files.ReadWrite.All, etc.)—scope down to what your agent needs

Files

Resources

• Power SkillPoint connector source code
• Graph Power Orchestration (predecessor)
• SharePoint Embedded documentation
• Microsoft Graph API reference
• microsoft/power-platform-skills (developer plugins—different audience, same “skills” term)