hubspot-create-contact
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes local Python scripts using shell commands with arguments derived from user input. While this is expected functionality, it relies on the underlying scripts to properly sanitize inputs to prevent command injection.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted user data (names, emails) and passes it to an external system (HubSpot). Evidence: 1. Ingestion points: CLI parameters in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: CRM write operation via python subprocess. 4. Sanitization: Handled by the target script (not visible).
Audit Metadata