documenso-data-handling
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Comprehensive analysis of the provided markdown and code samples identifies no malicious instructions, obfuscation, or unauthorized access patterns.
- [DATA_EXPOSURE]: The skill promotes secure data handling by demonstrating PII encryption using AES-256-GCM and hashing (HMAC-SHA256). It correctly utilizes environment variables for sensitive parameters such as AWS credentials, encryption keys, and salts.
- [COMMAND_EXECUTION]: No dangerous shell commands, subprocess spawning, or privilege escalation techniques are present.
- [EXTERNAL_DOWNLOADS]: References to external services are restricted to well-known and legitimate entities (AWS S3 and Documenso API).
- [INDIRECT_PROMPT_INJECTION]: The skill includes logic for processing external document data. While it provides a sanitization function for logging, a low-level risk remains if an agent interprets malicious content within document titles or metadata as instructions. The skill mitigates this by emphasizing data minimization and structured handling.
Audit Metadata