Skills
skills/composiohq/awesome-claude-skills/docusign-automation/Gen Agent Trust Hub

docusign-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [Unverifiable Dependencies & Remote Code Execution] (MEDIUM): The skill requires connecting to an external MCP server at https://rube.app/mcp, which is not a whitelisted trusted source. As this endpoint provides the tools and schemas for the agent, it represents an unverifiable dependency. Source: https://rube.app/mcp, Method: MCP server registration, Status: Unknown/Untrusted. Finding downgraded in final verdict because this is the skill's primary stated purpose.
  • [Indirect Prompt Injection] (LOW): The skill ingests external data from DocuSign objects, creating a vulnerability to embedded instructions.
  • Ingestion points: Data enters the agent context via DOCUSIGN_LIST_ALL_TEMPLATES, DOCUSIGN_GET_TEMPLATE, and DOCUSIGN_GET_ENVELOPE.
  • Boundary markers: Absent; the instructions do not provide delimiters or 'ignore embedded instructions' warnings for processing external data.
  • Capability inventory: The skill can execute significant side effects, including DOCUSIGN_SEND_ENVELOPE and DOCUSIGN_ADD_TEMPLATES_TO_DOCUMENT_IN_ENVELOPE.
  • Sanitization: No validation or sanitization of ingested content is mentioned in the skill documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:05 PM