skills/jeremylongshore/claude-code-plugins-plus-skills/documenso-security-basics/Gen Agent Trust Hub
documenso-security-basics
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill content is purely educational and promotes industry-standard security practices for document signing integrations.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets or API keys were identified. The skill explicitly warns against hardcoding and demonstrates the proper use of environment variables for secret management.
- [PROMPT_INJECTION]: No instructions were found that attempt to bypass AI constraints, override instructions, or manipulate agent behavior.
- [COMMAND_EXECUTION]: No execution of system commands, shell scripts, or dangerous subprocesses was detected.
- [DATA_EXFILTRATION]: No unauthorized network calls or patterns of sensitive data exfiltration were found. The skill provides guidance on redacting sensitive URLs from logs.
- [EXTERNAL_DOWNLOADS]: No remote code downloads or execution of external scripts were identified. The skill uses standard Node.js modules and the official Documenso API.
Audit Metadata