The Agent Skills Directory

[SAFE]: The skill implements a standard webhook integration for the Instantly service.
[SAFE]: Secret management follows best practices by using environment variables (INSTANTLY_API_KEY, INSTANTLY_WEBHOOK_SECRET) rather than hardcoding credentials in the code.
[SAFE]: Network operations are directed solely to the official service domains (api.instantly.ai).
[SAFE]: The skill processes external data from webhooks (Indirect Prompt Injection surface). \n
Ingestion points: Webhook payload (req.body in SKILL.md). \n
Boundary markers: Not explicitly used in code snippets. \n
Capability inventory: Network access via fetch and curl, CRM updates, and Slack notifications. \n
Sanitization: Not implemented in the illustrative snippets, but includes a basic authentication check using a shared secret to verify the source of the data.

instantly-webhooks-events