hubspot-automation

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the user to configure a remote MCP server endpoint at https://rube.app/mcp. This is the core infrastructure used to provide the HubSpot toolset and is documented as the primary setup step.
  • [DATA_EXFILTRATION]: While the skill interacts with sensitive CRM data (contacts, deals, account info), all operations are conducted through an authenticated HubSpot OAuth connection managed by the Rube platform. No unauthorized data transfer to third-party domains or hardcoded credentials were found.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for untrusted data as it reads and searches content from HubSpot CRM records (e.g., ticket descriptions or contact properties).
  • Ingestion points: Tools such as HUBSPOT_GET_CONTACT, HUBSPOT_SEARCH_TICKETS, and HUBSPOT_GET_DEAL in SKILL.md.
  • Boundary markers: None explicitly defined in the instructions.
  • Capability inventory: Includes write capabilities like HUBSPOT_CREATE_CONTACT and HUBSPOT_UPDATE_COMPANIES in SKILL.md.
  • Sanitization: Not specified in the skill instructions.
  • Although this surface exists, it is inherent to the skill's purpose of managing CRM data and is considered a low-risk, standard operational pattern.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 06:23 PM
Security Audit — agent-trust-hub — hubspot-automation