ClawHub

Hubspot Crm

Security checks across malware telemetry and agentic risk

Overview

This is a coherent HubSpot CRM automation skill, but it can change or delete live CRM records with a powerful token and lacks safety guardrails.

Install only if you intentionally want an agent or CLI to operate on live HubSpot CRM data. Use a dedicated least-privilege private app token, avoid granting unused email-related scopes unless required, test on sandbox or test records first, and require human confirmation before running update, association, activity logging, stage-move, or delete commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill documentation clearly instructs users to supply a HubSpot private app token and use networked automation, but it does not declare corresponding permissions or capabilities. This creates a transparency and consent problem: users may grant powerful CRM and data-access capabilities without an explicit permission boundary, increasing the risk of unauthorized data access or destructive account actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill advertises destructive operations such as contact deletion and deal updates/moves without any warning, confirmation guidance, or safety notes. In a CRM context, these actions can alter or delete business records, causing data loss, workflow disruption, and compliance issues if run accidentally or by an over-privileged user.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation instructs users to create and export a HubSpot private app token with sensitive CRM and email-related scopes, but it does not explain the privacy, security, or account-access implications of doing so. A compromised or misused token could expose customer data, email activity, and permit unauthorized modifications across CRM objects.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script performs an irreversible delete of a HubSpot contact immediately from a single command-line argument, with no confirmation, dry-run mode, or safety interlock. In an agent or automation context, this increases the chance of accidental or prompt-induced destructive actions against production CRM data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal