kol-engager-icp
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The script reads sensitive local environment files (.env) to retrieve the APIFY_API_TOKEN. While this is necessary for authentication with the Apify platform, accessing configuration files is a sensitive operation.
- [EXTERNAL_DOWNLOADS]: The skill communicates with the Apify API (api.apify.com) to orchestrate data scraping and enrichment. This is a well-known service and is documented as part of the skill's intended functionality.
- [PROMPT_INJECTION]: The pipeline processes untrusted content from external LinkedIn profiles and comments, which presents an indirect prompt injection surface.
- Ingestion points: User-generated content from LinkedIn is fetched via the apify_dataset function in scripts/kol_engager_icp.py.
- Boundary markers: No explicit boundary markers or instructions to ignore embedded content are used during the data processing phase.
- Capability inventory: The skill has file-write capabilities in scripts/kol_engager_icp.py (export_csv and debug_save functions) and network access to the Apify API.
- Sanitization: Data is normalized for keyword matching but is not sanitized to prevent malicious instructions hidden in profile headlines or comments from influencing agent behavior.
Audit Metadata