crm-integrations
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or unauthorized data access patterns were detected.
- [EXTERNAL_DOWNLOADS]: The skill connects to well-known services including HubSpot (api.hubapi.com), Pipedrive (pipedrive.com), Zapier (zapier.com), and Make (make.com) for lead data synchronization.
- [DATA_EXFILTRATION]: Network activity is confined to intended CRM endpoints for lead processing. The skill mandates GDPR compliance and hashing of sensitive data like IP addresses.
- [PROMPT_INJECTION]: The skill contains no instructions aimed at overriding system prompts. It processes external form data, creating an indirect injection surface. Ingestion points: Form data entering via the POST handler in references/automation.md. Boundary markers: Absent. Capability inventory: Outbound fetch calls to CRM APIs in references/hubspot.md and references/pipedrive.md. Sanitization: Employs Zod schema validation to verify input data structure before processing.
Audit Metadata