Skills
skills/danielmiessler/personal_ai_infrastructure/Apify/Gen Agent Trust Hub

Apify

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill includes mandatory instructions in SKILL.md requiring the agent to send a local notification via curl immediately upon invocation. While this is an instruction-override pattern, its purpose is for local workflow observability and does not attempt to bypass safety guidelines or exfiltrate data.
  • [COMMAND_EXECUTION]: The skill's architecture relies on the agent executing local TypeScript files using the bun runtime (e.g., bun run examples/instagram-scraper.ts). This is the intended "Code-First" design to improve token efficiency.
  • [EXTERNAL_DOWNLOADS]: The skill depends on the apify-client library, which is an official and trusted package from Apify. It also interacts with the official Apify API at api.apify.com.
  • [DATA_EXFILTRATION]: The skill is designed to ingest data from various web sources (Instagram, LinkedIn, Google Maps, etc.) through the Apify platform. This represents the primary functional purpose of the skill and is documented as such.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 12:44 AM