The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The skill constructs shell commands using grep, xargs, and mcpc that directly interpolate user-defined values such as SEARCH_KEYWORDS and JSON_INPUT. This pattern is vulnerable to command injection if the agent does not properly sanitize these inputs before execution.
[CREDENTIALS_UNSAFE] (MEDIUM): The skill explicitly instructs the agent to extract the APIFY_TOKEN from a .env file and export it to the shell environment. While necessary for the tool's operation, this method of secret handling can lead to credential leakage in process lists or logs.
[EXTERNAL_DOWNLOADS] (LOW): The skill depends on the installation of the @apify/mcpc package via npm. This is a legitimate tool but constitutes an external dependency.
[PROMPT_INJECTION] (LOW): The skill processes untrusted data from various social media platforms (Instagram, TikTok, etc.). This creates an indirect prompt injection surface (Category 8) where malicious content on scraped pages could influence the agent's summary or follow-up actions. Evidence Chain: 1. Ingestion: Scraped data from 55+ platforms. 2. Boundary markers: Absent. 3. Capability inventory: Shell execution (mcpc, node), file writing (CSV/JSON). 4. Sanitization: None specified.

apify-ultimate-scraper