Pandadoc mcp
AdvisoryAudited by Static analysis on May 5, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the agent could change or send PandaDoc documents in ways visible to customers or recipients.
The skill acknowledges that PandaDoc tools may perform high-impact account mutations, while also instructing the agent to get clear user intent first.
Write operations that create, send, update, complete, delete, or modify documents, templates, recipients, proposals, or document status can affect customer-visible signing workflows. Confirm clear user intent before invoking write tools
Only allow write actions after reviewing the target document/template and explicitly confirming the action with the user.
Installing or enabling the skill gives the agent access through PandaDoc OAuth credentials provisioned by Maverick.
The skill requires OAuth credential environment variables for PandaDoc. This is expected for the integration, but it grants access to the user's PandaDoc account data and actions.
"MAVERICK_PANDADOC_MCP_REFRESH_TOKEN", "MAVERICK_PANDADOC_MCP_CLIENT_ID", "MAVERICK_PANDADOC_MCP_ACCESS_TOKEN"
Use a PandaDoc authorization with the minimum needed account privileges and revoke the integration if it is no longer needed.
Anyone or anything with access to that local credential file may be able to use the PandaDoc OAuth tokens.
The initializer writes the supplied access and refresh tokens into a local mcporter credential file. This is normal OAuth wrapper behavior, but it creates persistent local credential material.
mcp_vault="${HOME}/.mcporter/credentials.json" ... tokens: {access_token: env.mcp_access, refresh_token: env.mcp_refresh, token_type: "Bearer"}Keep the runtime home directory protected, avoid sharing the mcporter credential vault, and rotate/revoke tokens if the environment is compromised.
Future npm package changes could affect the behavior of the installed mcporter CLI.
The skill depends on an external npm package installed at the latest version. The artifact discloses this and recommends pinning for stricter controls.
Auto-installed via `npm install -g --ignore-scripts mcporter` if missing on PATH ... The install spec uses unpinned `mcporter` (npm `latest`)
Pin mcporter to a reviewed version in controlled environments.
PandaDoc document and workflow data may be processed by the active MCP/tool provider for the integration.
The data flow to the active tool provider is disclosed and purpose-aligned, but it involves sensitive PandaDoc business data and the repository does not include a provider-owned PandaDoc MCP manifest.
Runtime tool calls, if present in the active OpenClaw environment, use Maverick-provisioned OAuth credentials and expose PandaDoc document, template, recipient, proposal, and status data to the active tool provider.
Use the skill only for PandaDoc-related tasks and avoid sending unrelated sensitive content through the tools.