apify-actor-development
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill explicitly instructs the AI to treat all crawled web content as untrusted input and provides specific sanitization rules to prevent indirect prompt injection and code execution.
- [SAFE]: Setup instructions correctly advise using package managers (npm, brew) for CLI installation and warn against insecure patterns like piping remote scripts to the shell.
- [SAFE]: Security guidelines for secret management correctly recommend using environment variables (APIFY_TOKEN) and interactive logins rather than exposing credentials in shell history or source code.
- [SAFE]: The skill encourages best practices such as dependency pinning and the use of lockfiles to mitigate supply-chain risks.
- [SAFE]: All external references point to official documentation domains (apify.com, crawlee.dev) and verified GitHub repositories belonging to the Apify organization.
Audit Metadata