instantly-prod-checklist
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill makes network requests to the Instantly.ai API to retrieve account health, warmup analytics, and campaign configurations. These operations are necessary for the skill's functionality and target a well-known service domain.
- [PROMPT_INJECTION]: The skill processes data from the Instantly.ai API and displays it, creating a surface for indirect prompt injection. Malicious instructions embedded in API-sourced content could potentially influence the agent's actions. * Ingestion points: API responses from instantly() calls in SKILL.md. * Boundary markers: No delimiters or instructions are used to separate API data from the agent's context. * Capability inventory: The skill is granted file system access and shell execution tools, which are potential targets for exploitation. * Sanitization: The skill does not perform sanitization or validation on strings received from the API.
Audit Metadata