hubspot-automation
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the user to configure a remote MCP server endpoint at
https://rube.app/mcp. This is the core infrastructure used to provide the HubSpot toolset and is documented as the primary setup step. - [DATA_EXFILTRATION]: While the skill interacts with sensitive CRM data (contacts, deals, account info), all operations are conducted through an authenticated HubSpot OAuth connection managed by the Rube platform. No unauthorized data transfer to third-party domains or hardcoded credentials were found.
- [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for untrusted data as it reads and searches content from HubSpot CRM records (e.g., ticket descriptions or contact properties).
- Ingestion points: Tools such as
HUBSPOT_GET_CONTACT,HUBSPOT_SEARCH_TICKETS, andHUBSPOT_GET_DEALinSKILL.md. - Boundary markers: None explicitly defined in the instructions.
- Capability inventory: Includes write capabilities like
HUBSPOT_CREATE_CONTACTandHUBSPOT_UPDATE_COMPANIESinSKILL.md. - Sanitization: Not specified in the skill instructions.
- Although this surface exists, it is inherent to the skill's purpose of managing CRM data and is considered a low-risk, standard operational pattern.
Audit Metadata