DocuSign Automation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is primarily documentation-based, providing configuration templates and API usage examples for DocuSign workflows. No malicious command execution or unauthorized data exfiltration patterns were detected.
- [PROMPT_INJECTION]: The skill processes untrusted external data, creating a potential surface for indirect prompt injection.
- Ingestion points: Data enters the context through user-provided variables such as
contract_name,document_type, and recipient details (signer_1_name,signer_1_email) which are interpolated into envelope and template configurations. - Boundary markers: The configuration uses standard Handlebars-style interpolation but lacks explicit boundary markers or instructions to the agent to disregard embedded commands within these fields.
- Capability inventory: The skill utilizes several MCP tools (
docusign_envelope,docusign_template,docusign_signing,docusign_webhook) to interact with the DocuSign API, allowing for the execution of document management actions based on processed inputs. - Sanitization: There is no evidence of input validation or sanitization logic to filter potentially malicious instructions within the document metadata.
Audit Metadata