documenso-prod-checklist
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: Employs kubectl, curl, and npm to automate deployment, rollback, and testing workflows.
- [EXTERNAL_DOWNLOADS]: Fetches status information from Documenso's official status page and performs health checks against user-specified application endpoints.
- [DATA_EXFILTRATION]: Includes a smoke test command that transmits an authentication token ($USER_TOKEN) to a remote application URL. This is a standard verification practice but involves network transmission of credentials.
- [PROMPT_INJECTION]: The skill ingests untrusted data from external command outputs, creating a surface for indirect prompt injection where malicious content in logs or API responses could influence agent behavior. * Ingestion points: Reads kubectl logs and JSON responses from curl commands defined in implementation-guide.md. * Boundary markers: No markers are used to delimit external data from instructions. * Capability inventory: Access to shell execution (kubectl, curl) and file reading. * Sanitization: External outputs are processed without explicit validation or escaping.
Audit Metadata