apify-lead-generation
Warn
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill constructs and executes shell commands in Step 2 and Step 4 by interpolating variables like 'ACTOR_ID' and 'JSON_INPUT'. This pattern allows for potential command injection if the agent processes maliciously crafted user input.
- EXTERNAL_DOWNLOADS (LOW): The skill requires the installation of the '@apify/mcpc' package via npm. While Apify is a known organization, the requirement to install and run external CLI tools increases the environment's attack surface.
- PROMPT_INJECTION (LOW): As a scraping tool, this skill is vulnerable to indirect prompt injection. Malicious instructions embedded in the data scraped from Google Maps, Instagram, or TikTok could influence the agent's behavior during the summarization step. Evidence Chain: 1. Ingestion points: Scraped data from various social platforms processed in Step 5. 2. Boundary markers: Absent. 3. Capability inventory: Shell command execution via 'mcpc' and 'node'. 4. Sanitization: No sanitization or validation of scraped content is mentioned.
Audit Metadata