The Agent Skills Directory

PROMPT_INJECTION (HIGH): The skill instructs the agent to execute python scripts/generate_input_schema.py "<description>". Because the <description> is an arbitrary string from the user, it provides a direct vector for command injection if the agent does not properly sanitize the input before shell execution. An attacker could craft a description that escapes the string literal to run arbitrary system commands.
COMMAND_EXECUTION (HIGH): The skill's core functionality relies on executing CLI tools including python, npm, and the apify CLI. This provides the agent with extensive capabilities to modify the file system and perform network operations, which can be maliciously co-opted via prompt injection.
INDIRECT PROMPT INJECTION (HIGH): Mandatory Evidence Chain for Category 8: 1. Ingestion points: scripts/generate_input_schema.py (via the <description> argument) and potentially the contents of websites during the 'scraped data validation' phase. 2. Boundary markers: Absent. There are no instructions or delimiters provided to protect the command-line interface from malicious content in the description. 3. Capability inventory: Shell execution (python, npm, apify), file system modification (init_actor.py), and the deployment of network-active code. 4. Sanitization: Absent. The instructions encourage raw interpolation of user content into shell commands.
CREDENTIALS_UNSAFE (LOW): The skill references apify login and the use of secrets via the @ prefix. While secret management on the platform is handled correctly, the local environment used by the agent will store persistent authentication tokens (typically in ~/.apify), which could be exfiltrated through the command execution capabilities if the agent is compromised.
MEDIUM (UNVERIFIABLE SCRIPTS): The skill references scripts/init_actor.py and scripts/validate_actor.py, but their source code is missing from the provided files. These scripts perform file system operations and validation that cannot be audited for safety.

apify-scraper-builder