apify-ultimate-scraper
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's primary functionality is delivered through the execution of the Apify CLI. It provides instructions for searching actors, retrieving input schemas, and running scraping tasks (Actors) on the Apify platform.
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
apify-clipackage from the official NPM registry as a prerequisite. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests and processes data from external, untrusted sources such as social media comments, web pages, and forum posts.
- Ingestion points: Data enters the agent's context through the
apify datasets get-itemscommand. - Boundary markers: The instructions do not specify the use of clear boundary markers or delimiters for the scraped content.
- Capability inventory: The agent can execute CLI commands, write files to the local system, and perform network operations via the Apify platform.
- Sanitization: There are no explicit instructions for sanitizing or escaping the content retrieved from external platforms before it is processed by the agent.
Audit Metadata