apify-actorization
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): Multiple instances of downloading and executing scripts from external URLs by piping them directly into bash, sh, or PowerShell (iex). These sources (apify.com and raw.githubusercontent.com) are not within the defined trusted organizations. -- Evidence: 'curl -fsSL https://apify.com/install-cli.sh | bash' in SKILL.md. -- Evidence: 'irm https://apify.com/install-cli.ps1 | iex' in SKILL.md. -- Evidence: 'curl --silent --location https://raw.githubusercontent.com/houseabsolute/ubi/master/bootstrap/bootstrap-ubi.sh | sh' in references/cli-actorization.md.
- [COMMAND_EXECUTION] (HIGH): The skill directs the user to perform high-risk command line operations including global software installation and executing dynamically generated scripts. -- Evidence: 'npm install -g apify-cli' in SKILL.md. -- Evidence: Instruction to run './start.sh' after 'chmod +x' in references/cli-actorization.md.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to analyze and process arbitrary project files and schemas, creating a surface for indirect injection if those files contain malicious instructions. -- Ingestion points: Local project files and '.actor/input_schema.json'. -- Boundary markers: None present. -- Capability inventory: Subprocess execution via 'apify run' and custom shell scripts. -- Sanitization: None detected.
Recommendations
- HIGH: Downloads and executes remote code from: https://apify.com/install-cli.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata