Critical-risk tools in HubSpot MCP
17 of the 112 tools in HubSpot MCP are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
calls_archiveDestructiveArchive (delete) a call record
-
calls_batch_archiveDestructiveArchive (delete) multiple call records in a single request
-
crm_archive_associationDestructiveArchive (delete) an association between two objects
-
crm_archive_objectDestructiveArchive (delete) a CRM object
-
crm_batch_archive_associationsDestructiveArchive (delete) multiple associations in a single request
-
crm_batch_archive_objectsDestructiveArchive (delete) multiple CRM objects in a single request
-
emails_archiveDestructiveArchive (delete) an email record
-
emails_batch_archiveDestructiveArchive (delete) multiple email records in a single request
-
engagement_details_archiveDestructiveArchive (delete) an engagement
-
meetings_archiveDestructiveArchive (delete) a meeting
-
meetings_batch_archiveDestructiveArchive (delete) multiple meetings in a single request
-
notes_archiveDestructiveArchive (delete) a note
-
notes_batch_archiveDestructiveArchive (delete) multiple notes in a single request
-
products_archiveDestructiveMove an Object identified by ID to the recycling bin.
-
products_batch_archiveDestructiveArchive (delete) a batch of products by ID
-
tasks_archiveDestructiveArchive (delete) a task
-
tasks_batch_archiveDestructiveArchive (delete) multiple tasks in a single request
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.