hubspot-search-contacts
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Command Execution (SAFE): The skill invokes local Python scripts within a dedicated system path to perform search operations. This is a legitimate functional requirement for CRM integration.
- Indirect Prompt Injection (LOW): The skill processes user-supplied search parameters and interpolates them into shell-executed script arguments.
- Ingestion points: User input for email, name, and company fields is passed directly to the
search_contacts.pyscript. - Boundary markers: Absent; no delimiters or instructions to ignore nested commands are provided to the agent.
- Capability inventory: Execution of local scripts with potential network access to external HubSpot APIs.
- Sanitization: Not explicitly documented; the skill relies on the underlying scripts to handle shell escaping of user-provided strings.
Audit Metadata