apify-core-workflow-b
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or behaviors were detected. The skill uses standard authentication practices and interacts with the well-known Apify platform through official libraries.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from external Apify storage and Actor runs, which constitutes an indirect prompt injection surface. This is expected behavior for a tool designed for scraping and automation.
- Ingestion points: Untrusted data is retrieved in SKILL.md (Step 1, Step 2, Step 4) via
listItemsandgetRecordcalls. - Boundary markers: The instructions do not specify delimiters or warnings to isolate retrieved data from system instructions.
- Capability inventory: Tool access includes
Bash,Write,Edit,Read, andGrepas defined in the skill metadata. - Sanitization: No explicit data validation or sanitization is present in the code examples.
Audit Metadata