apify-audience-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches Actor schemas and result datasets from Apify's official API (api.apify.com) and Model Context Protocol server (mcp.apify.com). These are well-known services for web automation and data extraction.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to manage environment variables from the .env file and to run the Apify CLI tool (mcpc) as well as a local Node.js script (run_actor.js).
- [PROMPT_INJECTION]: The skill processes social media content (such as comments and profile descriptions) which is summarized by the agent. This creates a surface for indirect prompt injection if the ingested data contains instructions designed to manipulate the agent's behavior during the summary phase.
- Ingestion points: Dataset items retrieved via the fetch API in reference/scripts/run_actor.js.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the summary workflow defined in SKILL.md.
- Capability inventory: The agent has capabilities to write files and perform network requests to Apify endpoints.
- Sanitization: The script performs standard CSV and JSON data formatting but does not implement content-based filtering or sanitization for potential injection patterns.
Audit Metadata