ClawHub

Docusign MCP

Search, read, and manage DocuSign envelopes, recipients, templates, documents, and signing status via DocuSign's hosted MCP server (https://mcp.docusign.com/mcp). Use when the user asks about DocuSign envelopes, recipients, templates, documents, or signing workflows.

Audits

Pass
ClawScanPass

Agentic behavior and permission review.

Static analysisPass

Pattern checks against bundled files.

VirusTotalPass

Multi-engine malware detections and file reputation.

Install

openclaw skills install maverick-docusign-mcp

DocuSign

Quick start

Always invoke through bash {baseDir}/scripts/invoke.sh — never call mcporter directly. The wrapper seeds the OAuth vault from the env-supplied tokens when needed, then calls mcporter.

bash {baseDir}/scripts/invoke.sh list maverick-docusign --schema

For structured output (also surfaces transport errors as JSON envelopes — workaround for mcporter #153):

bash {baseDir}/scripts/invoke.sh call --output json maverick-docusign.TOOL_NAME key=value | jq '.result.content'

Safety

Write operations that create, send, void, update, or modify envelopes, recipients, templates, and documents can affect real signing workflows. Confirm clear user intent before invoking write tools — search and read tools are safe to call freely while exploring. Read envelope status, recipients, tabs, and document details before updating anything.

Authentication

Tokens are provisioned and rotated automatically. If a call returns HTTP 401 that doesn't recover within a few seconds, the OAuth grant has been revoked — re-authorize the integration to refresh credentials.

Data flow

Tool calls travel to DocuSign's hosted MCP service at https://mcp.docusign.com/mcp over HTTPS, authenticated via OAuth. DocuSign sees the envelope, recipient, template, document, and signing-status data referenced by each call. Use this skill for DocuSign-related work only; do not pass unrelated sensitive content through these tools.

Dependencies

  • mcporter (github.com/steipete/mcporter) — MCP CLI used to invoke DocuSign's hosted MCP server. Auto-installed via npm install -g --ignore-scripts mcporter if missing on PATH (see install spec in frontmatter). The install spec uses unpinned mcporter (npm latest); operators with strict supply-chain controls should override the install to pin a specific version (e.g. mcporter@<version>).
  • jq (stedolan.github.io/jq) — JSON processor used by the vault initializer. System dependency; install via your OS package manager (apt install jq, brew install jq, etc.).
  • flock (part of util-linux) — file locking used to serialize concurrent vault writes. Available by default on Linux; on macOS install via brew install flock.
  • shasum (Perl, ships with Digest::SHA) — computes the SHA-256 hashes used to derive the mcporter vault key and the provisioned-token marker. Preinstalled on macOS and on Debian/Ubuntu (incl. the deployed cloudflare/sandbox Ubuntu 22.04 image); on minimal Linux images install perl-Digest-SHA. The script invokes shasum -a 256 rather than GNU sha256sum so it runs on stock macOS without coreutils.