The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The file references/cli-actorization.md includes a Dockerfile example that executes a remote shell script using curl ... | sh to install the ubi utility. This installation method uses a non-trusted source (houseabsolute/ubi) and is a high-risk execution pattern during container builds.\n- [REMOTE_CODE_EXECUTION]: The inclusion of the curl | sh pattern in the documentation directly contradicts the explicit security advice in SKILL.md, which warns users against installing software via piping remote scripts to a shell.\n- [PROMPT_INJECTION]: The skill involves processing data from external web sources, which introduces an indirect prompt injection surface.\n
Ingestion points: Scraped web content and metadata are ingested into the Actor environment as part of its primary function, as noted in SKILL.md.\n
Boundary markers: While the instructions recommend sanitization, the provided code templates do not implement explicit boundary markers or instructions for the agent to ignore embedded commands in the untrusted data.\n
Capability inventory: The Actor environment has capabilities including shell command execution (references/cli-actorization.md), file system operations (Actor.push_data), and network access for crawling activities.\n
Sanitization: The SKILL.md file contains a dedicated security section advising users to sanitize crawled content and treat it as untrusted, but the templates rely on the user to implement these protections.\n- [EXTERNAL_DOWNLOADS]: The skill fetches a bootstrap script from a third-party GitHub repository (houseabsolute/ubi) and references various official vendor resources from Apify.\n- [COMMAND_EXECUTION]: The skill guides the use of the apify CLI for initialization, local execution (apify run), and deployment (apify push), and uses package managers such as npm and pip to install dependencies.

apify-actorization