ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

HubSpot by altf1be

v1.0.1

Full HubSpot platform CLI — CRM contacts/companies/deals/tickets, CMS blog posts/pages, Marketing emails/forms/lists, Conversations, Automation workflows. Pr...

1· 89·0 current·0 all-time
byAbdelkrim from Brussels@abdelkrim
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (full HubSpot CLI) matches the actual behavior: the script implements CRM/CMS/Marketing/Conversations/Automation endpoints. Required env vars (HUBSPOT_ACCESS_TOKEN plus optional OAuth vars) are appropriate for a HubSpot integration; no unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs installing dependencies, setting a Private App token or OAuth credentials, and running the included Node CLI. The runtime instructions and the script operate on HubSpot APIs only. The instructions do not ask the agent to read unrelated files or exfiltrate data to third-party endpoints beyond HubSpot oauth/api endpoints.
Install Mechanism
No external download/install URLs; repository includes package.json and a single script plus dependencies (commander, dotenv) installed via npm. This is a low-risk, typical npm-based install.
Credentials
Only HUBSPOT_ACCESS_TOKEN is required (declared as primary). Optional HUBSPOT_CLIENT_ID, HUBSPOT_CLIENT_SECRET, HUBSPOT_REFRESH_TOKEN and HUBSPOT_MAX_RESULTS are justified for OAuth and configuration. The code only accesses these declared env vars.
Persistence & Privilege
always:false and no system-wide privileged settings. The script does persist OAuth tokens to a local cache (~/.cache/openclaw/hubspot-token.json) when using OAuth — expected behavior for token refresh. It does perform destructive API operations (delete endpoints), but delete commands require an explicit --confirm flag as documented.
Assessment
This skill appears coherent for a HubSpot CLI. Before installing, confirm you are comfortable providing a HubSpot Private App token or OAuth credentials (these grant full API access per the configured scopes). If using OAuth, a token cache (~/.cache/openclaw/hubspot-token.json) will be created in your home directory. Keep your .env out of version control and do not paste tokens into public chats. Remember delete actions call HubSpot delete endpoints — they require --confirm but still will delete real data when run. Review the included scripts/hubspot.mjs yourself if you want to confirm there are no additional network endpoints or behaviors beyond api.hubapi.com and api.hubspot.com/oauth/v1/token.
scripts/hubspot.mjs:36
Environment variable access combined with network send.
!
scripts/hubspot.mjs:17
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ee3vf8f42qkgygnhtykfg18380k2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🟠 Clawdis
EnvHUBSPOT_ACCESS_TOKEN
Primary envHUBSPOT_ACCESS_TOKEN

Comments