← Back to Skills Marketplace
Open Agreements
by
Steven Obiajulu
· GitHub ↗
· v0.2.3
· MIT-0
132
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install open-agreements
Description
Fill standard legal agreement templates (NDAs, cloud service agreements, SAFEs) and produce signable DOCX files. Supports Common Paper, Bonterms, and Y Combi...
Usage Guidance
This skill appears to do what it says, but consider privacy and operational steps before using it: (1) Prefer the local CLI (npm/npx) if you will fill agreements containing sensitive data — the remote MCP option will send your template data to openagreements.org. (2) Verify the npm package (version 0.7.4) and confirm there are no unexpected install hooks before installing globally. (3) Be mindful that temp values are written to /tmp/oa-values.json — ensure the agent cleans it up and avoid placing secrets in template fields. (4) When sending for signature, you'll follow an OAuth flow with DocuSign (opens in browser) — do not provide DocuSign API keys to the agent. (5) If you require stronger assurance, review the open-source repo and confirm the hosted MCP's privacy policy before sending confidential agreements.
Capability Analysis
Type: OpenClaw Skill
Name: open-agreements
Version: 0.2.3
The 'open-agreements' skill facilitates legal document generation and DocuSign integration through either a remote MCP (openagreements.org) or a local CLI tool. The SKILL.md documentation is transparent about data privacy, explicitly warning the agent about data transfer in the remote path and providing security-conscious instructions such as pinning npm package versions (e.g., @0.7.4) and using OAuth instead of requesting raw API keys. No evidence of malicious intent, unauthorized data exfiltration, or deceptive prompt injection was found.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description align with the instructions: list/get/fill templates, produce DOCX, and send via DocuSign. No unrelated env vars, binaries, or config paths are requested.
Instruction Scope
Instructions are scoped to template discovery, collecting field values, filling templates, and optionally sending for signature. They explicitly document two paths (remote MCP that transmits data to openagreements.org, or local CLI). The only minor concerns: data is sent to the hosted MCP when using that path, and temporary values are written to /tmp/oa-values.json (SKILL.md advises cleanup).
Install Mechanism
No install spec in registry (instruction-only). The SKILL.md recommends using an npm package or npx (pins a specific version) as a fallback; this is proportionate to the stated functionality. The doc also recommends verifying npm scripts and claims no postinstall hooks.
Credentials
The skill requests no environment variables or credentials. DocuSign integration is handled via an OAuth flow (connect_signing_provider) rather than asking for raw API keys, which is proportionate and documented.
Persistence & Privilege
Skill is not always-on and does not request persistent privileges or modify other skills. Autonomous invocation is allowed (platform default) and is appropriate for this skill.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install open-agreements - After installation, invoke the skill by name or use
/open-agreements - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.3
Add explanatory note distinguishing skill version (0.2.3, versions the docs) from npm package version (0.7.4, the upstream tool). Scanner flagged the difference as suspicious — clarifying inline
v0.2.2
Address PaLM scanner feedback re: unpinned remote dependencies. Pin npx version to @0.7.4 (was @latest); add 'no postinstall scripts' disclosure (verified via npm view); add Install-Time vs Runtime Network Behavior table making the three execution paths (local CLI, npx, remote MCP) and their data flows explicit; add Offline/Pinned Installation section; add homepage field; switch domain references from openagreements.ai to openagreements.org (current default)
v0.2.1
Added Source Code and Audit section with GitHub/npm links, added Feedback section
Metadata
Frequently Asked Questions
What is Open Agreements?
Fill standard legal agreement templates (NDAs, cloud service agreements, SAFEs) and produce signable DOCX files. Supports Common Paper, Bonterms, and Y Combi... It is an AI Agent Skill for Claude Code / OpenClaw, with 132 downloads so far.
How do I install Open Agreements?
Run "/install open-agreements" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Open Agreements free?
Yes, Open Agreements is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Open Agreements support?
Open Agreements is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Open Agreements?
It is built and maintained by Steven Obiajulu (@stevenobiajulu); the current version is v0.2.3.
More Skills