QA mode · Tier:PUBLIC(override via ?tier=paid | premium)
← All Vendors
marketing_automation
HubSpot

HubSpot

47.4% pre-consent tracking rate across 198 sites while claiming SOC2/GDPR/CCPA compliance. Operates beyond typical CRM scope by maintaining commercial datasets of professionals and explicitly disclosing data sales and sharing under CCPA to advertising partners.

205 IOCs observed326 detections66% pre-consent193 sites
90
Vendor Risk Score
Tier: HOSTILE
Observation Coverage

BLACKOUT observes runtime behavior in the browser. This dossier reflects browser-side execution, which is one of five vendor data-egress classes. Server-to-server transfers, backend integrations, and offline data flows are outside this observation boundary.

BLACKOUT observes runtime behavior and cites the regulations that address that behavior pattern. Legal determinations are the customer's counsel's call.

How This Briefing Works

This dossier opens with key findings, then maps the gap between what HubSpot discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection evidence underneath. BLACKOUT observes runtime browser behavior and cites the regulations that address each pattern — legal determinations are your counsel's call.

Key Findings

At a Glance

Detections
326

across 193 sites

Pre-Consent Rate
66%

vendor fires before consent

Disclosure Gaps
3

1 HIGH

Claims-vs-Reality Classified
BTI-X05BTI-X08
Summary

Briefing

HubSpot is a publicly traded (NYSE: HUBS) marketing automation and CRM platform based in Cambridge, Massachusetts, detected on 198 sites with 285 total detections. The platform exhibits a 47.4% pre-consent tracking rate, creating tension with their SOC2, GDPR, and CCPA compliance claims. Critically, HubSpot operates beyond typical CRM scope by maintaining commercial datasets of professionals and explicitly disclosing data sales/sharing under CCPA, positioning it as both a marketing tool AND a data enrichment vendor.

Customer Impact

What This Means For You

If HubSpot tracks your website visitors, their code fires before consent on 47.4% of observed implementations — meaning nearly half your visitors may be tracked without authorization. Under GDPR Art 7, you bear liability for this pre-consent data collection. Beyond CRM, HubSpot maintains commercial datasets of professionals and explicitly sells or shares identifiers to advertising partners under CCPA. If you use HubSpot enrichment features, your customer data may flow into their commercial dataset where it becomes available to competitors using HubSpot data services. Their SOC2 Type II report requires an NDA to access, limiting your ability to independently verify their security posture before deployment.

Collapse Engine

Risk Channel Breakdown

Oracle
Truth Collapse
40

HubSpot tracking code fires pre-consent on 47.4% of detected sites, meaning attribution data is captured before users can consent. This distorts measurement by including visitors who would have opted out, inflating engagement metrics and corrupting conversion attribution.

Broker
Control Collapse
100

HubSpot maintains a commercial dataset of professionals and explicitly sells/shares identifiers to advertising partners under CCPA. Demand signals from your website visitors may flow to HubSpot enrichment products, potentially accessible to competitors using HubSpot data services.

Reaper
Safety Collapse
0

HubSpot serves as a central data aggregator across marketing, sales, and service touchpoints. A breach of their infrastructure would expose comprehensive customer journey data. Their widespread use (198+ sites detected) creates single-point-of-failure risk for business intelligence.

Counselor
Legitimacy Collapse
100

Despite SOC2/GDPR/CCPA compliance claims, 47.4% pre-consent tracking rate creates consent validity liability. HubSpot privacy policy explicitly discloses data selling/sharing, which may conflict with customer privacy expectations and regional regulations requiring explicit consent for such practices.

BTI Codes

Threat Indicators

Runtime-observed (BTI-C)

BTI-C01
Defeat Device

Evasion infrastructure, auditor bypass

BTI-C06
Behavioral Biometrics

Keystroke/mouse tracking

BTI-C07
Session Recording

Full session replay

BTI-C08
Cross-Domain Sync

Identity stitching

BTI-C09
Consent Bypass

Ignoring CMP signals

BTI-C10
Fingerprinting

Device identification

BTI-C14
Identity Resolution

PII deanonymization

BTI-C15
Tag Manager

Container/loader (neutral)

Claims-vs-Reality (BTI-X)

BTI-X05
Compliance Claim Mismatch

False certification claims

BTI-X08
Scope Creep

Collection exceeds disclosed scope

2
BTI Consequences Identified

Per-code narrative explanations of what each detected behavior means for your organization

Available in VIDB Subscription

Per-code evidence with full attribution chain, severity rankings, and consequence narratives See pricing →

MCP Vendor Intelligence

Agent Runtime — MCP Options

4 MCPs

HubSpot ships a first-party MCP server. 3 third-party wrappers are published as alternatives. If you're deploying an LLM agent that needs to read or write to HubSpot, this is the comparison set. Each option's severity reflects how a reasonable buyer should weigh it.

First-Party (built by HubSpot)
Third-Party Wrappers

@shinzolabs/hubspot-mcp

by Shinzo Labsv2.0.5

A community-built HubSpot MCP with the broadest tool coverage in our corpus (112 tools across HubSpot's full CRM surface), but with significant disclosure-versus-reality gaps. The package's PRIVACY.md states telemetry doesn't transmit IP or port; the runtime does. An undeclared HTTP server runs alongside the documented stdio mode that would expose HubSpot credentials if reachable on a network. The production dependency tree carries 17 known vulnerabilities (2 critical, 5 high), and telemetry defaults to 100% sampling with a 5-second export interval. If you need broad HubSpot tool coverage and you can run this in a tightly-controlled environment, the tool surface is real; for environments with privacy, compliance, or supply-chain attestation requirements, this MCP doesn't currently meet the bar.

6 findings6 BTI-M codesnpm
HIGH

peakmojo/mcp-hubspot

by peakmojo (Bary Huang)v0.2.0 (per pyproject.toml)

A Python-based HubSpot MCP that adds vector storage and persistent local caching of CRM data on top of HubSpot's API — features marketed as "context retention" for AI assistants. The headline concern is that the local cache is full plaintext JSON of HubSpot record content, with no encryption, a 7-day rolling window, and no documented retention policy. CLI-flag credential exposure in the host process list, an exact-pinned dependency with known CVEs, and tool-count discrepancies (16 tools registered, 7 documented) round out the concerns. If your organization has data residency requirements, encryption-at-rest mandates, or audit constraints on CRM data, this MCP places that data outside the control plane you've reasoned about.

6 findings7 BTI-M codes
HIGH

@chinchillaenterprises/mcp-hubspot (npm)

Closed-Source Third-Party
by Chinchilla Enterprisesv3.3.2

A multi-tenant HubSpot MCP that markets credential persistence as the headline feature — store keys for multiple HubSpot accounts in your OS keychain, switch between them at runtime. The architecture works as advertised, but every disclosure layer around it is thin: no public source repo despite shipping the source code in the package, no SECURITY.md, no PRIVACY.md, ten months of stagnation since the last release, internal AI-orchestration documents accidentally shipped in the npm tarball, and the same architectural template recurs across at least six of this publisher's MCPs spanning different vendors. If you specifically need multi-account credential management for HubSpot, the feature works as advertised — but 10 months of stagnation with no security policy means nobody is watching for issues in the code that holds your credentials.

8 findings10 BTI-M codesnpm
MEDIUM
BTI-M (MCP runtime) is BLACKOUT's taxonomy for agent-side risk — what a Model Context Protocol server does locally, what it stores, what it sends, and how it differs from what its README discloses. See the full MCP Vendor Intelligence corpus for cross-vendor patterns and the BTI-M code reference.
Disclosure Gaps

Claims vs. Reality

3
Gaps Observed
1 HIGH2 MEDIUM

BLACKOUT analyzed HubSpot's public claims against observed runtime behavior and identified 3 contradictions.

BTI-X05BTI-X08
Featured Gap
Pre-Consent Data Collection
HIGH
They Claim

"GDPR and CCPA compliance certified"

BLACKOUT Observed

47.4% of HubSpot tracking instances fire before consent is obtained

2 more gaps — with regulatory citations and evidence pointers — available with subscription.

Available in VIDB Subscription

Full claim-vs-reality gap analysis with claim text, observed behavior, severity, regulatory citations (GDPR, CCPA, ePrivacy), and evidence pointers per gap See pricing →

Recommended Actions

What To Do

Recommended Actions
10

5 for current users · 5 for evaluators

Negotiation Leverage
5

contractual leverage points

Available in VIDB Subscription

Role-specific actions (security / legal / marketing / procurement), full negotiation brief with contractual language, and BTI-code-specific consequences See pricing →

Ecosystem

Supply Chain & Pairings

Commonly Paired With
27

googletagmanager, googleanalytics4, linkedinads

Available in VIDB Subscription

Full supply-chain mapping (loads / loaded-by lists with vendor identities) and the undisclosed-subprocessor list with observation evidence See pricing →

Profile: hubspotFirst Seen: 2025-12-12Last Updated: 2026-05-30