crm-integration
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows secure coding practices for API integrations, including the use of environment variables for secrets and signature validation for webhooks.
- [EXTERNAL_DOWNLOADS]: The skill identifies several standard and well-known dependencies for CRM communication, such as
httpx,pyjwt, and the officialhubspot-api-client, all of which are sourced from established registries. - [DATA_EXPOSURE]: No hardcoded credentials were found. Authentication is handled via environment variables (e.g.,
CLOSE_API_KEY,HUBSPOT_ACCESS_TOKEN) or local file paths for private keys, which is appropriate for enterprise CRM integrations. - [PROMPT_INJECTION]: Analysis identified an indirect prompt injection surface due to the skill's primary function. 1. Ingestion points: External CRM data (leads, contacts, activities, and notes) entered into the agent context via API calls. 2. Boundary markers: The current templates do not implement specific delimiters or 'ignore' instructions when processing external text fields. 3. Capability inventory: CRUD operations on CRM records, webhook processing, and data synchronization. 4. Sanitization: The provided patterns focus on functional integration rather than content sanitization of CRM data.
Audit Metadata