pp-apify
Pass
Audited by Gen Agent Trust Hub on May 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
apify-pp-clibinary usingnpx -y @mvanhorn/printing-press-libraryorgo install github.com/mvanhorn/printing-press-library/library/developer-tools/apify/cmd/apify-pp-cli@latest. These resources are provided by the skill's author to enable its core functionality. - [COMMAND_EXECUTION]: The skill requests
Read Bashpermissions to execute local CLI commands for running actors, searching cached data, and managing schedules (e.g.,apify-pp-cli actor-runs get,apify-pp search). - [DATA_EXFILTRATION]: The CLI includes a
--deliver webhook:<url>feature that allows output to be POSTed to a user-specified remote server. This is a documented orchestration feature for routing results to external sinks. - [INDIRECT_PROMPT_INJECTION]: The skill ingests and processes untrusted data from external sources via Apify scrapers and searches.
- Ingestion points:
apify-pp search,apify-pp-cli datasets get, andapify-pp-cli logsfetch external content into the agent context. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the prompt templates.
- Capability inventory: The skill possesses the
Read Bashcapability, allowing for shell interaction and local file system access. - Sanitization: The instructions do not specify sanitization or validation logic for the external data being processed.
Audit Metadata