Skills
skills/tomgranot/hubspot-admin-skills/assign-unowned-contacts/Gen Agent Trust Hub

assign-unowned-contacts

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The Python scripts (before.py, execute.py, after.py) communicate with the official HubSpot API endpoints (api.hubapi.com). This is the intended behavior for a HubSpot data-enrichment skill.
  • [DATA_EXFILTRATION]: The skill manages HubSpot access tokens through environment variables, which is a standard and safe practice for secret management. There is no evidence of data being transmitted to unauthorized or unknown external domains; all network traffic is restricted to official HubSpot infrastructure.
  • [COMMAND_EXECUTION]: The skill uses Python scripts to perform CRM operations. No arbitrary shell command execution or unsafe subprocess calls were detected.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface where it reads owner names and contact IDs from HubSpot.
  • Ingestion points: scripts/before.py (fetches owner names and emails via GET /crm/v3/owners), scripts/execute.py (fetches contact IDs via POST /crm/v3/objects/contacts/search).
  • Boundary markers: Not applicable, as the ingested data is used for console logging and API parameters rather than being interpolated into instructions for the LLM.
  • Capability inventory: Network requests via the requests library and local CSV file writing for audit trails.
  • Sanitization: No specific sanitization is performed on owner names/emails before printing, but since they are not used as executable code or prompt instructions, the risk is negligible.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 04:20 AM