Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/hubspot-debug-bundle/Gen Agent Trust Hub

hubspot-debug-bundle

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses sensitive local files, including .env and application logs (logs/app.log), to package them into a diagnostic archive. Although the instructions provide sed commands to redact common HubSpot token patterns and email addresses, automated regex-based redaction is often incomplete and may fail to mask other forms of PII or non-standard credentials.
  • [COMMAND_EXECUTION]: The skill utilizes several shell commands via Bash, including curl for API interactions, sed and grep for data processing/redaction, and tar for creating the final diagnostic bundle.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to api.hubapi.com and status.hubspot.com. These operations are used to verify API connectivity, check token scopes, and retrieve service status, which align with the skill's stated diagnostic purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 04:41 PM