instantly
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides several
curlcommands wrapped inbash -cto interact with the Instantly.ai API. These commands are necessary for the skill's functionality and do not exhibit malicious intent. - [CREDENTIALS_UNSAFE] (SAFE): No hardcoded API keys or secrets were found in the skill. Authentication is properly handled using the
INSTANTLY_API_KEYenvironment variable, which is declared in thevm0_secretsmetadata. - [DATA_EXFILTRATION] (SAFE): Network requests are directed exclusively to the official API domain (
api.instantly.ai). There is no evidence of sensitive data being sent to unauthorized third-party servers. - [INDIRECT_PROMPT_INJECTION] (SAFE): 1. Ingestion points: The skill involves writing agent-generated JSON to
/tmp/instantly_request.json. 2. Boundary markers: Absent. 3. Capability inventory: Usesbash,curl, andjq. 4. Sanitization: Relies on the agent to correctly format JSON payloads. This pattern is standard for API integrations and does not present an exploitable surface in this context.
Audit Metadata