apify-public-registries

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.78). Outsider free text is ingested when the DE/UK/RO workflows call Apify scraping actors (e.g., reference/scripts/DE/fetch_all.py → mcpc ... call-actor for radeance/handelsregister-api, reference/scripts/UK/fetch_all.py → dhrumil/company-house-scraper, reference/scripts/RO/fetch_all.py → apify/website-content-crawler), and the actor’s scraped page text is returned as structuredContent/items that the script then serializes and (in the agent’s runtime) can be placed into LLM context.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes Apify actors at runtime (e.g., via "apify call apify/website-content-crawler" and mcpc calls to actors like "radeance/handelsregister-api", "dhrumil/company-house-scraper", and "minute_contest/poland-krs-financial-scraper"), which executes remote scraping code on Apify and is a required runtime dependency for DE/UK/PL/CZ/RO lookups — this meets the criteria for executing remote code during skill runtime.