Set up autonomously overnight, June 2, 2026. CLI installed and inspected; the audit commands below are ready to run the moment you authenticate.
Status
- ✅ HubSpot CLI installed —
hsv8.8.0 (global). - ⚠️ npm cache caveat:
~/.npmhas root-owned files from a priorsudo npm, so I installed using an alternate cache (--cache /tmp/npm-cache-jl). To permanently fix (so futurenpm -gandhs upgradejust work), run once:sudo chown -R 501:20 ~/.npm - ⏳ Blocked on auth — needs your authentication (below). I did not authenticate for you.
Key finding: the CLI can audit CRM data after all
The CLI is no longer "just CMS." Two commands change the game for an implementation audit:
- hs api <endpoint> — authenticated GET/POST/etc. to any HubSpot API that
supports personal access keys (PAKs). e.g. hs api /crm/v3/objects/contacts --json.
Whatever your PAK's scopes allow, we can inventory.
- hs custom-object (BETA) — list/manage custom objects.
- hs mcp setup — installs HubSpot's developer MCP servers (relevant to the
automation research — lets AI agents drive HubSpot dev workflows).
Full command surface: get-started, auth, init, config, account, sandbox, secret,
project, app, cms, hubdb, filemanager, api, custom-object, mcp, doctor, upgrade.
Step 1 — Authenticate (you do this; ~2 min)
Option A — Personal Access Key (fastest for an audit):
1. In HubSpot: Settings → Integrations → Private Apps, or the PAK page:
https://app.hubspot.com/personal-access-key
2. Generate a key with read scopes (CRM objects, schemas, owners, pipelines,
properties, lists, marketing, automation — read-only is enough for an audit).
3. On this Mac, run: hs init (or hs auth) and paste the key. Name the account, e.g. cmo-audit.
4. Verify: hs doctor and hs account list.
Security: the key lands in
hubspot.config.yml. Keep it out of git (this repo isn't a git repo, so low risk) and revoke it after the audit if it's a personal key.
Step 2 — The audit inventory (I run these once authed; all read-only)
# --- Account & owners ---
hs account list
hs api /account-info/v3/details --json
hs api /crm/v3/owners --json
# --- Data model: every object, its properties & pipelines ---
hs api /crm/v3/schemas --json # all objects incl. custom
hs api /crm/v3/properties/contacts --json # contact properties (repeat per object)
hs api /crm/v3/properties/deals --json
hs api /crm/v3/pipelines/deals --json # deal pipelines & stages
hs api /crm/v3/pipelines/tickets --json
# --- Volume / health snapshot ---
hs api "/crm/v3/objects/contacts?limit=1&archived=false" --json # total via paging/usage
hs api /crm/v3/lists --json # lists (if scoped)
# --- Automation & connected systems ---
hs api /automation/v4/flows --json # workflows (scope-dependent)
hs api /crm/v3/extensions/sales-email/... --json # connected inbox / email logging config
hs api /webhooks/v3/{appId}/subscriptions --json # webhook subscriptions (if any)
(Exact endpoints adjust to whatever scopes the key grants; 403 = missing scope, easy to add.)
Step 3 — What I'll produce from it
Implementation_Audit.md— inventory of objects, custom objects, property counts (flagging junk/duplicate/unused custom properties), pipelines & stages, owners, workflows, and the email/connected-inbox config (the check we folded in: connected inboxes, logging on/off, Never-Log list, sequences, Sales add-in deployment).- A health score + cleanup priorities for a new CMO.
CMS/dev side (the CLI's original wheelhouse)
Once authed we can also: hs project ... (local dev + deploy of apps/serverless),
hs cms ... (themes/modules), hs hubdb ... (data tables), hs secret ... (function
secrets) — covered in the automation research summary.
Next autonomous step tonight: when the deep-research workflow finishes, I'll write the executive summary + sources here and run a YouTube transcript pass. The authenticated audit waits for you — it's the one thing I can't do unattended.