apify-market-research
Warn
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill executes shell commands (mcpc, node) using variables like ACTOR_ID and JSON_INPUT which are derived from user instructions or external data, creating a risk for command or argument injection.
- DATA_EXFILTRATION (LOW): The skill reads the APIFY_TOKEN from a .env file to authenticate requests to mcp.apify.com. This is necessary for its primary function but involves handling and transmitting sensitive credentials.
- EXTERNAL_DOWNLOADS (LOW): It requires installing @apify/mcpc globally. While from a known source, this is an external dependency used for dynamic tool calls and schema fetching.
- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection (Category 8) as it processes untrusted content from social media and third-party actor descriptions. * Ingestion points: Actor metadata via mcpc and scraped records via run_actor.js. * Boundary markers: No delimiters are identified in the provided instructions. * Capability inventory: The agent has shell access to run node and mcpc. * Sanitization: There is no evidence of sanitization for the data retrieved from external platforms.
Audit Metadata