instantly-reference-architecture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches data from the external Instantly API (e.g., instantlyRequest calls to https://api.instantly.ai/api/v1 and analytics endpoints) and accepts webhook payloads at /webhooks/instantly (including reply_text and event types) which are untrusted, user-generated content that the workflow reads and uses to drive CRM syncs, suppression actions, and campaign analytics, so third-party content can materially influence behavior.