HubSpot by altf1be

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed HubSpot command-line integration with powerful but purpose-aligned access to CRM, CMS, marketing, conversations, and workflows.

Install only if you intend to let an agent operate on HubSpot data. Use a dedicated HubSpot Private App or OAuth app with the least scopes needed, review write/delete commands before running them, protect any .env file, and secure or remove ~/.cache/openclaw/hubspot-token.json when OAuth mode is used.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill requests broad HubSpot scopes covering CRM, marketing, conversations, and automation, and the documentation encourages storing long-lived credentials locally while only briefly mentioning token caching later. This creates real privacy and security risk because compromise of the local environment or cache can expose sensitive customer data and enable destructive actions across a HubSpot tenant.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script persists the OAuth access token to a predictable file in the user's home cache directory without setting restrictive file permissions or warning the user that bearer credentials are being stored locally. If another local user, process, backup system, or malware can read that file, the token can be reused to access the connected HubSpot account until expiry.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal