instantly-migration-deep-dive

SUSPICIOUS. The skill’s core behavior mostly matches its stated migration purpose and its network paths align with official Instantly APIs, so it is not fundamentally incompatible or clearly malicious. However, it requests broader execution capability than necessary, handles raw mail credentials, logs OAuth/session details, and references an unverified follow-on skill, making the overall footprint somewhat broader and riskier than a narrowly scoped migration guide.