Skills
AGENT LAB: SKILLS
skills/apify/agent-skills/apify-actor-development/Gen Agent Trust Hub

apify-actor-development

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
  • Remote Code Execution (CRITICAL): The skill instructs the agent to install the Apify CLI by piping remote scripts directly into the shell using curl | bash and irm | iex. This allows for arbitrary code execution from apify.com, which is not a whitelisted trusted source. Evidence: SKILL.md.
  • Indirect Prompt Injection (HIGH): The skill guides the creation of actors that ingest untrusted web content. This is a high-risk surface because the skill also provides capabilities to execute code locally and push code to a cloud platform. Mandatory Evidence: (1) Ingestion: Web content via crawlers in src/main.*. (2) Boundary markers: Absent. (3) Capabilities: apify run, apify push, npm install, pip install. (4) Sanitization: Absent.
  • Credential Safety (HIGH): The skill manages the APIFY_TOKEN for authentication. Handling sensitive credentials in an environment that executes remote scripts and processes untrusted data poses a significant risk of exposure or exfiltration.
  • External Downloads (MEDIUM): The development workflow relies on downloading templates and installing packages via npm and pip without source verification, creating a supply chain risk.
Recommendations
  • CRITICAL: Downloads and executes remote code from untrusted source(s): https://apify.com/install-cli.sh - DO NOT USE
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 15, 2026, 08:30 PM