docuseal-code

Integrates DocuSeal document signing and template management into web and mobile apps using various frontend frameworks and REST API.

Install this skill

or

42/100

Security score

The docuseal-code skill was audited on Jun 9, 2026 and we found 18 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 8

Webhook reference - potential data exfiltration

SourceSKILL.md

8	and webhooks. Use when the user wants to integrate DocuSeal document

medium line 23

Webhook reference - potential data exfiltration

SourceSKILL.md

23	- `references/api/` — REST API endpoints and webhooks. One file per endpoint/webhook with parameters, schemas, code examples, and response samples.

medium line 87

Webhook reference - potential data exfiltration

SourceSKILL.md

87	\| 11 \| Acting on client-side `completed` events \| Browser events can be forged. Drive state changes from `form.completed` webhooks with HMAC verification, not from `<docuseal-form>` JavaScript cal

medium line 155

Webhook reference - potential data exfiltration

SourceSKILL.md

155	### Webhooks

medium line 157

Webhook reference - potential data exfiltration

SourceSKILL.md

157	- [Form Webhook](references/api/form-webhook.md)

medium line 158

Webhook reference - potential data exfiltration

SourceSKILL.md

158	- [Submission Webhook](references/api/submission-webhook.md)

medium line 159

Webhook reference - potential data exfiltration

SourceSKILL.md

159	- [Template Webhook](references/api/template-webhook.md)

medium line 161

Webhook reference - potential data exfiltration

SourceSKILL.md

161	Configure webhook URL: https://console.docuseal.com/webhooks

medium line 168

Webhook reference - potential data exfiltration

SourceSKILL.md

168	4. Track completion: poll `GET /submissions/{id}` or configure webhooks for `form.completed`

medium line 180

Webhook reference - potential data exfiltration

SourceSKILL.md

180	8. Auth, URL handling, webhook verification, or any security-sensitive embedding? Load [references/embed/signing-form-security-recommendations.md](references/embed/signing-form-security-recommenda

low line 14

External URL reference

SourceSKILL.md

14	homepage: https://www.docuseal.com/docs

low line 66

External URL reference

SourceSKILL.md

66	\| JavaScript \| — \| `https://cdn.docuseal.com/js/form.js`, `https://cdn.docuseal.com/js/builder.js` \|

low line 85

External URL reference

SourceSKILL.md

85	\| 9 \| Embedding signing forms behind enumerable URLs \| DocuSeal slugs are random, but an embedding page like `https://yourapp.com/contracts/123/sign` lets an attacker iterate integer IDs to reach

low line 99

External URL reference

SourceSKILL.md

99	Get your API key: https://console.docuseal.com/api

low line 105

External URL reference

SourceSKILL.md

105	\| Global Cloud \| `https://api.docuseal.com` \|

low line 106

External URL reference

SourceSKILL.md

106	\| EU Cloud \| `https://api.docuseal.eu` \|

low line 107

External URL reference

SourceSKILL.md

107	\| Self-hosted \| `https://docuseal.yourdomain.com/api` \|

low line 161

External URL reference

SourceSKILL.md

161	Configure webhook URL: https://console.docuseal.com/webhooks

Scanned on Jun 9, 2026

View Security Dashboard

Installation guide →

GitHub Stars 7

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

frontend react docx git api mobile backend frontend-developer backend-developer product-manager development product

docusealco/docuseal-agent-skills