Skills
skills/vm0-ai/vm0-skills/pandadoc/Gen Agent Trust Hub

pandadoc

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes curl to perform document lifecycle management tasks, such as creating, sending, and deleting documents. These operations are conducted using standard command-line tools and target legitimate PandaDoc API endpoints.
  • [CREDENTIALS_UNSAFE]: Authentication is managed via the PANDADOC_TOKEN environment variable. The instructions provide clear guidance on using the API-Key authorization scheme without hardcoding any sensitive tokens or secrets.
  • [DATA_EXFILTRATION]: Network activity is restricted to the official PandaDoc domain (api.pandadoc.com) for authorized document and contact management functions.
  • [REMOTE_CODE_EXECUTION]: There are no detected patterns of remote code execution, piped shell scripts, or unauthorized external package installations.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 02:45 AM