The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill interacts with the official Apify API and suggests the installation of the @apify/mcpc package from the npm registry. These are trusted resources from a well-known technology provider.
[DATA_EXPOSURE]: The skill instructions and scripts retrieve the APIFY_TOKEN from a local .env file. This is the standard and intended method for providing credentials to the automation service without hardcoding them in the source code.
[COMMAND_EXECUTION]: The workflow requires the agent to execute shell commands and Node.js scripts to fetch actor schemas and run scraping tasks. Parameters like Actor IDs and JSON inputs are passed to these commands as part of the intended functionality.
[DATA_EXFILTRATION]: The skill retrieves data from Apify's platform (which aggregates social media and business reviews) and saves it to the local filesystem. This behavior is the primary intended function of the skill and uses official API endpoints.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted content scraped from external websites.
Ingestion points: Scraped reviews and comments are fetched via run_actor.js from the Apify Dataset API and displayed in the agent's context or saved to files.
Boundary markers: No specific delimiters or instructions are provided to the agent to treat the scraped content as untrusted data during the summarization phase.
Capability inventory: The run_actor.js script has the ability to write files to the local system (writeFileSync), and the agent is instructed to execute shell commands based on the scraped metadata.
Sanitization: The script implements basic CSV escaping and truncates long strings for display, but does not provide specific sanitization against malicious instructions that might be embedded in the scraped text.

apify-brand-reputation-monitoring