HubSpot just made one of the boldest declarations we’ve seen from a major CRM vendor: not only should AI agents be able to run on HubSpot, they should be able to run HubSpot. In a recent blog post, Chief Product and Technology Officer Duncan Lennox laid out a vision of an open ecosystem where every workflow, every action, and every piece of context is reachable through APIs and the company’s MCP server — with the explicit goal that no capability lives behind a UI alone.
For those of us who live inside marketing automation and CRM systems every day, this is a watershed moment. It also raises a question that gets too little airtime in the excitement: when an agent can touch every record and trigger every workflow, what exactly is standing between “autonomous efficiency” and “autonomous disaster”?
From human-first to agent-ready
The premise behind HubSpot’s move is hard to argue with. Agents don’t click through dashboards or read tooltips. They call APIs, parse structured outputs, and act. Software designed for human hands has to evolve to be genuinely usable by machines, and that means full API parity — anything you can do in the interface, you should be able to do programmatically.
HubSpot is pairing that access with what it calls an intelligence layer: the scores, benchmarks, and contextual signals that tell an agent what “normal” looks like for a given business. Their argument is that the real differentiator in the AI era isn’t the model or even the raw data — it’s context. An agent reasoning over bare records has no idea what a healthy pipeline looks like for a mid-market SaaS company versus an enterprise manufacturer. Context is what turns a generic action into a good decision.
We agree. And it’s precisely because we agree that we want to slow down and talk about the part that doesn’t fit neatly in a launch announcement.
Autonomy moves at machine speed — and so do mistakes
The same openness that makes agents powerful makes them dangerous when the foundation underneath them is weak. HubSpot itself acknowledges the stakes, pointing to incidents the whole industry watched nervously: an AI coding agent that wiped an entire production database and its backups in seconds, and a breach that handed attackers customer API keys. The lesson wasn’t that agents are reckless. It’s that agents inherit whatever permissions, data quality, and guardrails you give them — and then act on them faster than any human can intervene.
A person who notices a campaign emailing the wrong segment can hit pause. An agent operating end-to-end through your APIs can have already sent ten thousand messages, re-scored your database, and reassigned leads before anyone refreshes a dashboard. Friction, it turns out, was doing some quiet, useful work all along.
This is the gap between capability and control — and it’s where most B2B marketing teams are least prepared.
Agents are only as trustworthy as the data and governance beneath them
Here’s the truth we’ve learned across more than a hundred B2B marketing automation deployments: an agent acting on dirty data doesn’t make smarter decisions. It makes confident wrong ones, at scale. Duplicate contacts, stale field values, junk records, inconsistent lead statuses, untracked touchpoints — these are merely annoying when a human is in the loop. Hand them to an autonomous agent with write access, and they become systemic risk.
Lennox is right that openness and trust matter more than ever in the agent era, and that trust and governance have to be treated as core infrastructure rather than an afterthought. But trust isn’t something you switch on at the vendor level. It’s something you engineer into your own instance:
- Clean, standardized data. Deduping, removing junk records, normalizing fields, and maintaining database hygiene aren’t housekeeping anymore. They’re the precondition for letting any agent act on your behalf.
- Scoped permissions and clear boundaries. Agents should be able to see and do only what their job requires. The PocketOS lesson is that agents can find pathways to APIs beyond their intended scope when boundaries are loose.
- Custom API and webhook design. Full API parity is powerful, but raw access isn’t the same as safe access. Thoughtful API customization, integration logic, and validation steps put intelligent friction back where it belongs.
- Observability and audit trails. You need to know exactly what every agent and connected tool can access and what it’s actually doing — continuously, not at the quarterly review.
- Context that reflects your business. Benchmarks across HubSpot’s network are valuable, but they have to be reconciled with your scoring models, your segment definitions, and your real lead lifecycle.
Where RightWave fits
This is the work we’ve quietly done for B2B marketers for two decades — long before “agentic” entered the vocabulary. Marketing Automation as a Service was always about letting marketers focus on strategy and creativity while we handle the data, the integrations, the configuration, and the operational discipline underneath. The agent era doesn’t change that mission. It raises the stakes on it.
An agent-ready CRM is a genuine opportunity to deliver faster, more consistent, more personalized customer experiences. But the platforms are handing you the keys; they’re not detailing your data, scoping your permissions, or building the guardrails that make autonomy survivable. That part is on you — and it’s exactly what we do.
HubSpot built the open road. Before you let agents drive on it, make sure the vehicle is roadworthy. We’d be glad to help you get there.
Reference – https://www.cxtoday.com/crm/hubspot-prepares-to-hand-the-crm-keys-to-ai-agents/
