docyrus-integrations-and-connectors

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill operates by executing specific docyrus connect CLI commands as seen in SKILL.md and references/connector-model-and-actions.md. These commands are used to interact with the Docyrus platform and its integrated third-party services like Microsoft Graph, Twilio, and Meta.
  • [SAFE]: The skill instructions in SKILL.md follow best practices by requiring an active session via docyrus auth and emphasizing the use of the --dryRun flag for actions with side effects to allow verification before execution.
  • [SAFE]: As documented in references/connector-model-and-actions.md, sensitive credential management and OAuth flows are handled through the Docyrus UI rather than the CLI, preventing the AI agent from directly handling or exposing tokens or secrets.
  • [DATA_EXFILTRATION]: SKILL.md describes the curl command which supports absolute URLs. While this allows making requests to external domains, it is a documented feature of the underlying CLI tool for interacting with APIs not yet mapped to specific connector actions; no malicious exfiltration patterns were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 07:23 PM
Security Audit — agent-trust-hub — docyrus-integrations-and-connectors