apify-mcpc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — SKILL.md explicitly instructs the agent to fetch and interpret open web/docs/data (e.g., mcpc @apify tools-call apify-slash-rag-web-browser to fetch URLs, fetch-actor-details to read Actor READMEs, and get-actor-output to retrieve scraped datasets from public sites like Instagram/Google Maps), which are untrusted/user-generated sources and are used to build inputs and drive subsequent tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill issues runtime fetches of external Apify docs and Actor READMEs (for example via mcpc @apify-docs tools-call fetch-apify-docs url:="https://docs.apify.com/platform/proxy" and mcpc fetch-actor-details calls to Apify) and explicitly requires reading that fetched README/inputSchema to build inputs and drive agent decisions, so external content loaded at runtime directly controls the agent's prompts/instructions.