apify-lead-generation
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
mcpcCLI tool and a local Node.js script (run_actor.js) to interact with Apify Actors and fetch lead data.\n- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the@apify/mcpcpackage, which is an official utility provided by the vendor.\n- [DATA_EXFILTRATION]: The skill reads theAPIFY_TOKENfrom a.envfile to authenticate and transmit data to the vendor's infrastructure atapi.apify.comandmcp.apify.com. This is necessary for the skill's primary function.\n- [PROMPT_INJECTION]: The skill ingests untrusted data scraped from external sources (e.g., Google Maps, Instagram, TikTok), creating an indirect prompt injection surface.\n - Ingestion points: Data returned from various Apify Actors as defined in
SKILL.md.\n - Boundary markers: No explicit instructions are provided to the model to delimit or ignore potential commands within the scraped content.\n
- Capability inventory: The skill can write files locally and perform network requests to the vendor's API endpoints.\n
- Sanitization: The processing script uses standard
JSON.stringifyfor data output and includes basic CSV escaping.
Audit Metadata