instantly-campaign-qc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires calling Instantly MCP tools (e.g., mcp__instantly-*_get_campaign in Step 2 and list_leads in Step 4) to fetch campaign config and lead payloads — untrusted, user-generated third-party content that the agent must parse and use to drive QC decisions.