apify-content-analytics
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Data Exposure (MEDIUM): The skill explicitly reads from the .env file to extract an API token and passes it to an external CLI tool. While this is the intended mechanism for authentication, access to .env files is sensitive as they often contain multiple unrelated credentials.
- Unverifiable Dependencies (MEDIUM): The skill requires the global installation of an external Node.js package (@apify/mcpc) and executes a local script (run_actor.js) that is not provided in the skill payload.
- Indirect Prompt Injection (LOW): The skill accepts user-provided JSON input and Actor schemas which are interpolated into shell commands. This creates a surface for indirect prompt injection or command injection if the input source is untrusted. * Ingestion points: Actor ID and JSON_INPUT in Step 4. * Boundary markers: Absent. * Capability inventory: Shell command execution via mcpc and node. * Sanitization: None identified in the instructional markdown.
Audit Metadata