hubspot-core-workflow-a
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses the official and well-known
@hubspot/api-clientpackage to interact with HubSpot services. - [SAFE]: Access tokens are managed via environment variables (
process.env.HUBSPOT_ACCESS_TOKEN), which is a standard security practice for credential management. - [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes external lead data (emails, names, company names) into HubSpot records.
- Ingestion points: Ingests untrusted data through the
LeadInputinterface properties (e.g.,firstName,lastName,email). - Boundary markers: Absent; input data is passed directly into the HubSpot SDK client methods.
- Capability inventory: The skill performs API operations to search, create, and update contacts, companies, deals, and notes in the HubSpot CRM.
- Sanitization: No string sanitization or validation is applied to the lead input data before it is sent to the HubSpot API.
Audit Metadata