The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The run_actor.js script appends the APIFY_TOKEN as a query parameter to API request URLs (e.g., https://api.apify.com/v2/acts/.../runs?token=...). This practice can expose the sensitive token in server logs, proxy logs, and browser history.
[COMMAND_EXECUTION]: The skill provides a Node.js script that accepts a user-defined --output file path. This path is passed directly to writeFileSync, which could allow the overwriting of sensitive local files if the path is manipulated and the execution environment lacks proper sandboxing.
[PROMPT_INJECTION]: The skill's primary function is to ingest and summarize large datasets from external e-commerce sites, which introduces an indirect prompt injection surface. Malicious actors could embed instructions on scraped pages to influence the agent's summary or behavior.
Ingestion points: Data is fetched from Apify datasets and processed via run_actor.js.
Boundary markers: No explicit markers or isolation techniques are used to separate scraped content from agent instructions in the suggested workflow.
Capability inventory: The skill can perform network requests (fetch) and write to the local file system (writeFileSync).
Sanitization: Scraped content is not sanitized for potential malicious instructions before being presented to the agent for summarization.

apify-ecommerce