hubspot-rate-limits
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or persistence mechanisms were detected in the skill instructions or code snippets.
- [EXTERNAL_DOWNLOADS]: The skill recommends using official and well-known libraries, specifically
@hubspot/api-clientandp-queue, which is standard for the described use case. - [COMMAND_EXECUTION]: Includes a diagnostic
curlexample for checking HubSpot rate limits. This command uses an environment variable for the authentication token, which is a secure practice compared to hardcoding secrets. - [PROMPT_INJECTION]: The skill handles data from HubSpot API responses (headers and body), which represents a surface for indirect prompt injection. The risk is considered minimal as the logic focuses on numeric header values. * Ingestion points: HubSpot API response headers and JSON bodies processed in the provided code snippets. * Boundary markers: No explicit delimiters or boundary warnings are included in the code templates. * Capability inventory: The skill is configured with
Read,Write, andEdittools. * Sanitization: External data from headers is validated usingparseIntbefore being used in logic.
Audit Metadata