instantly-deploy-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's webhook receiver (api/webhooks/instantly.ts) explicitly parses incoming event payloads (e.g., "email.replied" -> data) from Instantly—which are user-generated/untrusted email reply content—and routes that data into processing (syncReplyToCRM), so untrusted third‑party content is ingested and can influence subsequent actions.