Back to skill

Security audit

Create Icp Tiers

Security checks across malware telemetry and agentic risk

Overview

This HubSpot skill does what it says: it creates and verifies an ICP tier property and guides persistent CRM classification workflows, but users should run it with care because it uses HubSpot API access.

Before installing or running, confirm the target HubSpot portal, use a minimally scoped HubSpot private app token, and review the property name, tier criteria, and workflow activation sequence. Treat the workflow setup as a CRM-wide operational change and verify results before relying on the classifications.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill embeds executable Python that accesses environment variables and makes authenticated network calls to HubSpot, yet the skill metadata declares no permissions. That creates a trust and review gap: an agent or user may approve the skill believing it is documentation-only, while it actually has secret-access and external API capabilities.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The example code pulls a HubSpot API token directly from the environment and immediately uses it for authenticated API calls without any credential-handling warning or setup guidance. While this does not itself exfiltrate the token, it normalizes unsafe secret handling and increases the chance users expose powerful admin-scoped credentials in insecure execution contexts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.