instantly-core-workflow-a
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill documentation and provided code snippets describe legitimate operations for managing cold email campaigns through the Instantly.ai API v2 and are consistent with the stated purpose of the skill.
- [PROMPT_INJECTION]: The skill facilitates the processing of external lead data which is interpolated into campaign templates. This represents a potential surface for indirect prompt injection where untrusted input from leads could influence the agent's behavior. Ingestion points: lead objects in main loop of SKILL.md. Boundary markers: absent. Capability inventory: Bash, Write, and Grep access. Sanitization: uses standard JSON serialization for API requests.
Audit Metadata