Skills
skills/davepoon/buildwithclaude/docusign-automation/Gen Agent Trust Hub

docusign-automation

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection due to the ingestion of untrusted external data.
  • Ingestion points: Data returned from DOCUSIGN_LIST_ALL_TEMPLATES, DOCUSIGN_GET_TEMPLATE, and DOCUSIGN_GET_ENVELOPE (e.g., template names, descriptions, or envelope content).
  • Boundary markers: None specified in the instructions to separate external data from agent instructions.
  • Capability inventory: The agent can send emails and create documents using DOCUSIGN_SEND_ENVELOPE and DOCUSIGN_CREATE_ENVELOPE_FROM_TEMPLATE.
  • Sanitization: No mention of sanitization or validation of the data retrieved from DocuSign before processing.
  • [Remote Code Execution] (SAFE): The skill references a remote MCP endpoint (https://rube.app/mcp), which is a configuration for the Rube framework. No direct execution of untrusted scripts (e.g., curl | bash) was detected.
  • [Data Exfiltration] (SAFE): No evidence of unauthorized data transfer or hardcoded credentials. Authentication is handled via a managed OAuth connection tool (RUBE_MANAGE_CONNECTIONS).
  • [Obfuscation] (SAFE): No instances of Base64, zero-width characters, or other encoding techniques intended to hide malicious behavior were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 08:18 AM