Apify Automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies (MEDIUM): The skill requires an external MCP server at https://rube.app/mcp. This domain is not a trusted external source, meaning the tools provided by this server are not verified by this analysis.
- Indirect Prompt Injection (LOW): The skill scrapes web content through Apify Actors, creating a vulnerability where malicious instructions embedded in web data could influence agent behavior. 1. Ingestion points: Data enters through tools like APIFY_GET_DATASET_ITEMS and APIFY_RUN_ACTOR_SYNC_GET_DATASET_ITEMS. 2. Boundary markers: None present in the skill definition to isolate untrusted web content from agent instructions. 3. Capability inventory: Includes executing actors and creating tasks. 4. Sanitization: No sanitization of scraped content is performed before it is presented to the model.
Audit Metadata