panda-doc-upload-docs
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates communication with PandaDoc, a well-known e-signature service, using its official API endpoints (api.pandadoc.com). All external communications described are within the scope of legitimate service functionality.
- [SAFE]: The documentation includes explicit security instructions for the agent to never log or display sensitive credentials, such as the PANDADOC_API_KEY, ensuring it is handled securely by the platform.
- [SAFE]: A thorough analysis of the skill's instructions, code examples, and metadata revealed no evidence of prompt injection, obfuscation, persistence mechanisms, or unauthorized privilege escalation.
- [SAFE]: While the skill involves processing and transmitting user-supplied data (e.g., recipient info, tokens), this is handled through structured JSON requests to a trusted service provider and does not introduce executable code risks.
Audit Metadata