hubspot-list-meetings
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes local Python scripts (
list_meetings.py,check_hubspot_config.py) located in a system subdirectory. This is the primary intended function of the skill. - INDIRECT_PROMPT_INJECTION (LOW): The skill ingests data from external HubSpot meeting records, including fields like
hs_meeting_titleandhs_meeting_body. - Ingestion points: External data retrieved via
list_meetings.pyfrom HubSpot CRM. - Boundary markers: None mentioned in the skill definition to delimit external content.
- Capability inventory: No dangerous file-write or network-send capabilities are exposed in this specific markdown, though the scripts likely require network access to HubSpot.
- Sanitization: Not explicitly defined in the provided documentation.
- DATA_EXPOSURE (SAFE): The skill references authentication (tokens/scopes) but does not contain hardcoded credentials or expose sensitive local files beyond its own directory structure.
Audit Metadata