apify-market-research
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [DATA_EXFILTRATION]: The skill handles the APIFY_TOKEN stored in .env. The run_actor.js script transmits this token to api.apify.com as a query parameter in the URL. This practice can lead to sensitive credentials being recorded in server or proxy logs.\n- [COMMAND_EXECUTION]: The skill requires executing local shell commands, specifically the mcpc CLI and a custom Node.js script. These commands process environment variables and user-supplied JSON input.\n- [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the @apify/mcpc package from the npm registry.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and summarizes data from public social media and review platforms.\n
- Ingestion points: Data is fetched from Apify datasets via the downloadResults and displayQuickAnswer functions in reference/scripts/run_actor.js.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided in the workflow for summarizing findings in SKILL.md.\n
- Capability inventory: The skill can perform file system writes and initiate further cloud-based automation via the Apify API.\n
- Sanitization: Content is truncated and escaped for formatting, but no semantic sanitization is performed to prevent malicious instructions within the retrieved data from influencing the agent.
Audit Metadata