apify-ultimate-scraper
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the Apify platform for web scraping. All referenced 'Actor' IDs (e.g., apify/instagram-scraper, clockworks/tiktok-scraper) are standard tools provided by the vendor (Apify) or recognized third-party developers on their platform.
- [SAFE]: The skill requests the user to store their API key in a
.envfile (APIFY_TOKEN=your_token), which is a recommended security best practice for managing credentials in development environments. - [SAFE]: Network operations are restricted to the official Apify API domain (
api.apify.com) and the Apify Console. These are necessary for the skill's primary function of running scrapers and retrieving data. - [SAFE]: The provided Node.js script (
run_actor.js) performs standard tasks: starting an actor run via a POST request, polling for completion, and downloading the resulting dataset to a local file or displaying it. The code is transparent and contains no obfuscation, privilege escalation, or persistence mechanisms.
Audit Metadata