Skills
skills/davepoon/buildwithclaude/hubspot-automation/Gen Agent Trust Hub

hubspot-automation

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • Prompt Injection (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from an external CRM.\n
  • Ingestion points: Data retrieved via tools such as HUBSPOT_SEARCH_CONTACTS_BY_CRITERIA, HUBSPOT_SEARCH_DEALS, and HUBSPOT_SEARCH_TICKETS in SKILL.md.\n
  • Boundary markers: Absent; the instructions do not provide delimiters or warnings to ignore instructions embedded in HubSpot record fields.\n
  • Capability inventory: The skill grants broad write access, including HUBSPOT_CREATE_CONTACT, HUBSPOT_UPDATE_COMPANIES, and HUBSPOT_CREATE_PROPERTY_FOR_SPECIFIED_OBJECT_TYPE.\n
  • Sanitization: Absent; there is no mention of filtering or sanitizing content retrieved from CRM records before processing.\n- External Downloads (LOW): The skill requires the user to add an external MCP server endpoint (https://rube.app/mcp). While this is a configuration for tool-calling rather than a script execution, the source is not on the trusted providers list.\n- No Code (SAFE): The skill consists entirely of markdown documentation and YAML metadata; it does not ship with any scripts, binaries, or configuration files that execute code directly.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 08:19 AM