instantly-campaign-qc
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8).
- Ingestion points: Lead data is ingested from the Instantly API using the
list_leadstool as described in Step 4. - Boundary markers: No boundary markers or 'ignore' instructions are used to separate ingested lead data from the agent's instructions.
- Capability inventory: Capabilities are limited to campaign and lead retrieval via MCP tools; no evidence of arbitrary command execution or unauthorized network access was found.
- Sanitization: No sanitization or filtering of lead payload values is performed prior to the analysis and reporting phase.
- [EXTERNAL_DOWNLOADS]: The skill utilizes
ToolSearchto identify and load specific MCP tools, such asmcp__instantly-grundwerk__get_campaignandmcp__instantly-birdsview__get_campaign. These resources represent legitimate vendor-provided functionality for interacting with the Instantly platform.
Audit Metadata