communication-history

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the hubspot CLI tool to perform operations such as listing activities and retrieving object details. This is the intended behavior for a HubSpot-authored integration tool.
  • [DATA_EXFILTRATION]: A command is provided to dump call transcripts to /tmp/transcripts.jsonl. This involves storing sensitive CRM data locally. Users should be aware that files in /tmp may be accessible to other users on the same system depending on environment configuration.
  • [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by fetching and processing external data (call transcripts and activity descriptions).
  • Ingestion points: hubspot activities list and hubspot activities calls transcript get commands within SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic.
  • Capability inventory: Use of the hubspot CLI for data retrieval and jq for formatting as seen in SKILL.md.
  • Sanitization: No sanitization or filtering of the retrieved content is performed before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 01:14 PM