instantly-reference-architecture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests user-generated webhook payloads from the third-party Instantly service (e.g., "Instantly Webhooks" like reply_received routed by src/webhooks/handlers.ts and via API calls to https://api.instantly.ai), so untrusted recipient replies or external content are read and can influence campaign/handler actions.