communication-history
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
hubspotCLI tool to perform operations such as listing activities and retrieving object details. This is the intended behavior for a HubSpot-authored integration tool. - [DATA_EXFILTRATION]: A command is provided to dump call transcripts to
/tmp/transcripts.jsonl. This involves storing sensitive CRM data locally. Users should be aware that files in/tmpmay be accessible to other users on the same system depending on environment configuration. - [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by fetching and processing external data (call transcripts and activity descriptions).
- Ingestion points:
hubspot activities listandhubspot activities calls transcript getcommands withinSKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic.
- Capability inventory: Use of the
hubspotCLI for data retrieval andjqfor formatting as seen inSKILL.md. - Sanitization: No sanitization or filtering of the retrieved content is performed before it is presented to the agent.
Audit Metadata