Microsoft Scout
vFrontier preview (experimental, announced Build 2026)Microsoft
Always-on autonomous personal agent for Microsoft 365, built on the open-source OpenClaw runtime. Announced at Build 2026 (2026-06-02) as an experimental Frontier-program release: a Windows/macOS desktop app that reads/writes files, runs shell commands, drives a browser, and manages email, calendar, and Teams. Pairs 2026's strongest enterprise governance โ per-agent Entra identity, task-scoped credentials, in-line Purview DLP, human sign-off โ with a heavily CVE-burdened OSS core.
Trust Vector Analysis
Dimension Breakdown
๐Performance & Reliability+
Assessment based on vendor-described capabilities and internal dogfooding; experimental preview with no independent benchmark or field data
Review of the documented tool stack combining OpenClaw's proven runtime tools with first-party Microsoft 365 integrations
Evaluation of documented autonomous execution modes and multi-step task handling
Review of cross-conversation memory and persistent agent identity design
Inference from the OpenClaw runtime plus the conformance checking design; no independent reliability data for the experimental release
Review of sub-agent delegation and skill extensibility
๐ก๏ธSecurity+
Architecture review: desktop-native execution with permission gating rather than isolation, scored against the OpenClaw core's exceptional CVE volume (including RCE CVE-2026-25253 and CVSS 9.9 privilege escalations CVE-2026-22172/CVE-2026-32922)
Review of identity architecture, credential scoping, approval gates, and permission granularity โ the strongest agent access-control story evaluated to date
Threat surface analysis of always-on ingestion of untrusted content combined with desktop shell/browser reach; governance gates credit partially offset the OpenClaw heritage and unattended autonomy
Review of in-line Purview DLP enforcement and tenant boundaries versus the broad local-plus-cloud reach of a single agent identity
Source availability assessment: inspectable OSS core (a transparency positive that also exposes its CVE record) with a closed proprietary shell
๐Privacy & Compliance+
Review of M365 enterprise retention commitments as applied to a preview service
Compliance posture assessment under Microsoft's certifications and the E7 suite's integrated compliance stack
Data flow analysis of first-party processing versus user-permitted web reach
Deployment options assessment: substantial local execution surface tethered to Microsoft's cloud
๐๏ธTrust & Transparency+
Documentation completeness review of the Learn corpus and admin guidance
Review of audit-trail-per-conformance-check design, identity attribution, and live progress visibility
Assessment of progress narration and pre-action approval clarity; autonomous background runs are less observable in the moment
Open source assessment of the hybrid OSS-core/proprietary-shell model
Community engagement analysis of upstream OSS activity versus the gated preview product
โ๏ธOperational Excellence+
Onboarding friction assessment covering Frontier enrollment, licensing prerequisites, and tenant configuration
Assessment of per-user agent model, sub-agent parallelism, and fleet governance via Agent 365
Pricing analysis of the fixed E7 seat cost stacked with variable usage-based Copilot Credits for a continuously running agent
Review of the integrated audit, identity, DLP, device management, and cost monitoring stack
Maturity assessment: weeks-old experimental preview of a new product category (always-on Autopilots) on a fast-moving OSS core
- +Best-in-class agent governance: each agent gets its own governed Entra identity instead of a shared service account
- +Task-scoped credentials that are redacted from logs and diagnostics
- +In-line Purview enforcement: sensitivity labels and DLP applied at the moment the agent acts
- +Human sign-off gates on sensitive actions, plus granular per-capability and per-command permissions
- +Policy conformance system where every check produces its own audit trail
- +Deep native M365 reach (mail, calendar, Teams, OneDrive, Office skills) with sub-agent delegation and custom SKILL.md skills
- +Open-source OpenClaw core with Microsoft contributing governance work upstream
- !Wraps a heavily CVE-burdened OSS core: OpenClaw logged 137 advisories in Feb-Apr 2026 alone, a 512-finding first audit, and critical RCE/privilege-escalation CVEs (CVE-2026-25253, CVE-2026-22172, CVE-2026-32922) โ Microsoft's governance layer cannot patch faster than upstream
- !Runs natively on the user's desktop with file/shell/browser reach โ permission-gated but not VM-isolated by default
- !Always-on ingestion of email, chats, and web content is a maximal prompt-injection surface, and Heartbeat/Automation runs execute unattended
- !Experimental Frontier preview: restricted functionality, may never reach GA, capabilities can change without notice
- !Expensive and hard to forecast: E7 Frontier Suite at $99/user/mo plus usage-based Copilot Credits ($0.01/credit, live 2026-06-16) for a continuously running agent
- !Heavy prerequisites: Frontier enrollment, opt-in attestation, Intune configuration, and Copilot licensing
- !Windows 11/macOS 12+ desktop only; no web, mobile, or self-hosted option
Use Case Ratings
research assistant
Parallel sub-agent research across M365 content and the web, with results delivered into Office documents
data analysis
Excel skill plus shell access support spreadsheet and scripted analysis within governed boundaries
content creation
Bundled Word/PowerPoint/Loop skills and co-create mode produce and jointly edit documents
customer support
Personal productivity agent, not a customer-facing bot; can triage a user's own inbox but is not built for support queues
code generation
Can edit code, run builds/tests via shell, and delegate code review to sub-agents, but GitHub Copilot remains Microsoft's dedicated coding agent