documenso-sdk-patterns
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and reference materials focus on legitimate integration patterns for the Documenso platform. Key security practices observed include:
- Secure credential management: The singleton client patterns retrieve API keys from environment variables (DOCUMENSO_API_KEY) rather than hardcoding them.
- Webhook security: The provided Python example for webhook handling includes HMAC signature verification using hmac.compare_digest to ensure request authenticity.
- Robust error handling: Detailed error mapping and retry logic with exponential backoff are provided to handle API rate limits and transient failures safely.
- Standard library usage: Network operations and file access patterns utilize standard language libraries and well-known SDKs for their intended purpose of document management.
Audit Metadata