sales-reporting

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is authored by HubSpot and uses its own official CLI tools to interact with CRM data. Its behavior is entirely consistent with its stated purpose of sales reporting.
  • [COMMAND_EXECUTION]: The skill executes hubspot CLI commands along with standard local utilities like jq, date, and column. These are used for data retrieval and report formatting.
  • [DATA_EXFILTRATION]: Retrieves sensitive sales data (deal amounts, owner IDs) from the user's CRM. This data is processed locally and formatted for the user; no evidence of transmission to unauthorized external domains was found.
  • [PROMPT_INJECTION]:
  • Ingestion points: CRM data (deal names, owner names) retrieved via HubSpot CLI.
  • Boundary markers: None implemented in the instruction set.
  • Capability inventory: Subprocess execution of CLI tools and local file writing (/tmp/owners.tsv).
  • Sanitization: Relies on jq for structured data parsing and formatting.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 01:14 PM