Ledger Gateway Override

← Back to Enforcement Layer ledger-gateway-override.md

Ledger Gateway Override

This skill overrides all inline HubSpot write instructions in slash commands. Load this BEFORE executing any HubSpot writes. Governance overrides command text.

Rule

Every HubSpot write — Listing creation, object updates, association creation, engagement creation, property creation — MUST be routed through Ledger.

Slash commands contain inline mcp__hubspot__hubspot-batch-create-objects, hubspot-batch-update-objects, hubspot-create-engagement, and hubspot-batch-create-associations instructions. These predate Ledger and describe WHAT to write, not HOW to execute. Treat them as write specifications, not executable instructions.

Routing Pattern

When a slash command specifies a HubSpot write, spawn Ledger:

Agent(subagent_type: "ledger", prompt: "
  Write request from {command name}:
  - Operation: {create | update | associate | engagement}
  - Object type: {listings | appointments | contacts | notes | etc.}
  - Properties: {copy the properties block from the command}
  - Associations: {copy the association block from the command}
  Validate against property-index before writing. Return created/updated IDs.
")

What Ledger Does

  1. Loads agents/hubspot-write-gateway/AGENT.md for full context
  2. Runs ToolSearch to load HubSpot MCP write tool schemas
  3. Validates properties against skills/hubspot/property-index/ files
  4. Validates association types against skills/hubspot/property-index/associations.json
  5. Executes the write via local MCP (mcp__hubspot__hubspot-*)
  6. Returns confirmed IDs to the calling command

Fallback

If Ledger agent spawn fails (tool unavailable, MCP down), use the HubSpot CLI as a validated fallback:

node scripts/hubspot/api.js create {object} --props '{...}'
node scripts/hubspot/api.js associate {from_type} {from_id} {to_type} {to_id} --type {typeId}

Even in fallback, validate properties against property-index before writing.

Detection Triggers

If you catch yourself doing any of these, STOP and route through Ledger:

  • Calling ToolSearch to load hubspot-batch-create-objects or hubspot-batch-update-objects
  • Calling ToolSearch to load hubspot-create-engagement
  • Calling ToolSearch to load hubspot-batch-create-associations
  • Writing HubSpot CLI create/update/associate commands directly

These are signs of Ledger bypass. The only agent that should load HubSpot write tool schemas is Ledger itself.