fadada-esign
WarnAudited by ClawScan on May 10, 2026.
Overview
This appears to be a real Fadada e-signature integration, but it can immediately start legal signing workflows and relies on persistent credential/config handling that should be reviewed before use.
Before installing, verify that this is the intended Fadada integration, use sandbox first, store credentials securely, restrict or remove local .fadada.json/fadada_config.json files you do not trust, and require explicit approval before sending, cancelling, deleting, or managing any contract, template, or seal.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent invocation could start a contract signing process immediately, potentially notifying signers and creating legally or operationally significant records.
Creating an e-sign task defaults to automatically starting and finishing the workflow. For legal/business contracts, this is a high-impact action and the artifacts do not show a required confirmation step before launch.
def create_sign_task(... auto_start: bool = True, auto_finish: bool = True) ... "autoStart": auto_start, "autoFinish": auto_finish
Require explicit user confirmation showing the file, signer identities, task subject, environment, and whether the task will start immediately before calling create/send operations.
The agent may treat seal or template administration as in-scope even if the user expected only contract sending and status/download functions.
A second included SKILL.md expands the scope beyond send/query/download into template and seal/signature management, which are more privileged account operations.
使用场景:(1) 发送合同给对方签署 ... (5) 创建和管理签署模板;(6) 印章与签名管理。
Separate privileged seal/template administration into clearly scoped commands and require stronger approval and role checks for those operations.
A wrong or poisoned local config could make the agent use the wrong Fadada account or send signing/API traffic to an unintended endpoint.
The skill loads app secrets and server_url from persistent home and current-directory config sources. For a contract-signing account, silently trusting local config and arbitrary server destinations can cross credential and account boundaries.
GLOBAL_CONFIG_PATH = Path.home() / ".fadada" / "config.json" LOCAL_CONFIG_FILES = [".fadada.json", "fadada_config.json"] ... "APP_SECRET": "app_secret", "SERVER_URL": "server_url"
Declare the credential requirement, prefer explicit config paths, protect config files with strict permissions, and warn or block unless server_url is an approved Fadada production/sandbox host.
Install-time prompts may not make clear that a corporate Fadada credential is needed.
The registry metadata does not declare credentials, while SKILL.md and the code require FADADA_APP_ID, FADADA_APP_SECRET, and FADADA_OPEN_CORP_ID. This is purpose-aligned but under-declared.
Required env vars: none Env var declarations: none Primary credential: none
Update metadata to declare the required provider credentials and describe the permissions those credentials grant.
Contracts and signer details may leave the local environment and be processed by Fadada or the configured upload endpoint.
The selected local contract file is uploaded to a provider-supplied URL. This is central to e-signing, but it is still a sensitive external data flow.
with open(file_path, 'rb') as f:
response = requests.put(upload_url, data=f, timeout=60)Use only intended files, avoid unnecessary personal data, verify the configured provider endpoint, and test in sandbox before production.
Installing in a shared environment could pull a dependency version the user did not review.
The package defines an installable CLI and an unpinned lower-bound dependency. This is normal for a Python SDK, but it means installation provenance and dependency resolution matter.
install_requires=[
"requests>=2.25.0",
],
entry_points={
"console_scripts": [
"fadada=fadada_esign.cli:main",
],
}Install in a virtual environment from a trusted source and consider pinning dependencies for production use.