Apify

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The skill contains an explicit, mandatory "Voice Notification" that orders the agent to immediately run a curl POST to a local endpoint before any action—an out-of-scope, behavior-forcing external call unrelated to the described scraping functionality and therefore a deceptive/unsafe instruction.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill directly calls Apify actors such as scrapeWebsite, scrapeInstagramProfile, scrapeTwitterTweets, searchGoogleMaps and related dataset.listItems calls to crawl and return public social media, Google Maps, Amazon and arbitrary website content (user-generated / third‑party) which the agent is expected to read and interpret as part of its workflow.