Skills
skills/sickn33/antigravity-awesome-skills/hubspot-automation/Gen Agent Trust Hub

hubspot-automation

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server endpoint at https://rube.app/mcp which provides the tool definitions.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when processing untrusted data from HubSpot records.
  • Ingestion points: CRM data is ingested via search and read tools like HUBSPOT_SEARCH_CONTACTS_BY_CRITERIA and HUBSPOT_GET_COMPANY as described in SKILL.md.
  • Boundary markers: Absent. No delimiters or 'ignore embedded instructions' warnings are provided for the agent.
  • Capability inventory: The skill has the ability to create and update records using tools like HUBSPOT_CREATE_CONTACT and HUBSPOT_UPDATE_COMPANIES.
  • Sanitization: Absent. There is no evidence of validation or escaping for external CRM content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 09:33 AM