apify-content-analytics
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of the official
@apify/mcpcCLI and a local Node.js script for data processing. - Evidence: Instructions in
SKILL.mdfor fetching schemas and running actors via shell commands and node execution. - [DATA_EXFILTRATION]: The
run_actor.jsscript sends theAPIFY_TOKENand user-defined scraping parameters toapi.apify.comto perform the requested analytics tasks. - Evidence: API requests in
run_actor.jstargeting vendor-owned subdomains for starting actors and retrieving results. - [PROMPT_INJECTION]: The skill ingests untrusted data from social media platforms, creating a surface for indirect prompt injection.
- Ingestion points: Social media metrics, post content, and comments retrieved from the Apify API in
run_actor.js. - Boundary markers: The retrieved data is not delimited by specific markers to prevent the agent from interpreting instructions inside the data.
- Capability inventory: The skill can write files to the local file system and perform network operations.
- Sanitization: No specific sanitization or filtering logic is implemented for the data retrieved from external platforms before it is provided to the agent or saved to disk.
Audit Metadata