instantly-data-handling
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill contains standard implementation patterns for interacting with a third-party SaaS API. The technical instructions are consistent with the stated purpose of managing lead data and compliance.
- [DATA_EXFILTRATION]: While the skill handles sensitive lead information (emails, names, company data), the operations are confined to the defined scope of the Instantly.ai API. Data is transmitted to expected service endpoints for legitimate lead management tasks.
- [PROMPT_INJECTION]: The skill processes external data (lead details) as part of its primary function. While any data ingestion point presents a surface for indirect prompt injection, this skill implements standard validation (email regex) and does not suggest susceptibility to malicious instruction override.
Audit Metadata