Skills
skills/jeremylongshore/claude-code-plugins-plus/instantly-observability/Gen Agent Trust Hub

instantly-observability

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill ingests untrusted data from the Instantly API and interpolates it into terminal logs and Slack alerts without sanitization or delimiters.
  • Ingestion points: client.campaigns.list and client.accounts.list calls in SKILL.md retrieve campaign names and email addresses.
  • Boundary markers: Absent; data is directly embedded into strings like *${c.check}*: ${c.message}.
  • Capability inventory: The skill uses fetch for network operations and console.log for output, providing a path for instructions to influence agent behavior or be sent to external channels.
  • Sanitization: No escaping or validation is performed on strings retrieved from the API before they are processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 05:45 PM