hubspot-update-contact
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection surface detected. Ingestion points: Search results from
search_contacts.py. Boundary markers: Not specified in the instructions. Capability inventory: Data modification viaupdate_contact.py. Sanitization: No evidence of sanitization for incoming CRM data. - COMMAND_EXECUTION (SAFE): The skill executes local scripts via hardcoded relative paths. No suspicious command patterns or privilege escalations were identified.
Audit Metadata