hubspot-crm
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The skill performs network requests to api.hubapi.com. While this domain is not on the predefined whitelist, the traffic is required for the skill's primary function and does not involve accessing sensitive local system files.
- [Indirect Prompt Injection] (LOW): The skill has an attack surface for indirect prompt injection as it processes external email lists and list names. 1. Ingestion points: email addresses and list name strings passed to the upload_users_to_hubspot function. 2. Boundary markers: The skill uses json.dumps to structure payloads, which provides structural delimitation for the API request but does not isolate instructions if returned to an LLM context. 3. Capability inventory: The skill can search, create, and update contact records and list memberships via REST API calls. 4. Sanitization: No input validation or filtering is performed on the data beyond standard JSON serialization.
Audit Metadata