Skills
skills/aaaaqwq/agi-super-skills/hubspot-automation/Gen Agent Trust Hub

hubspot-automation

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the configuration of a remote MCP server endpoint at 'https://rube.app/mcp' to provide the necessary HubSpot toolset. This is a functional requirement for the skill's operations.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests and processes untrusted data from external HubSpot records.
  • Ingestion points: Data enters the agent's context through tools such as HUBSPOT_SEARCH_CONTACTS_BY_CRITERIA, HUBSPOT_SEARCH_TICKETS, and HUBSPOT_GET_DEAL.
  • Boundary markers: The skill's instructions do not implement explicit boundary markers or 'ignore embedded instruction' warnings for the processed CRM data.
  • Capability inventory: The skill has broad capabilities to create and update records, manage deals, and modify CRM properties based on processed input.
  • Sanitization: No sanitization or validation logic is specified for the content retrieved from HubSpot before it is utilized by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:55 AM