apify-content-analytics
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @apify/mcpc tool via npm and interacts with legitimate Apify service domains. These resources originate from a well-known service provider.\n- [COMMAND_EXECUTION]: The workflow involves running a Node.js script (run_actor.js) that performs network requests to the Apify API and saves scraping results to local files in CSV or JSON format. This functionality is consistent with the skill's stated purpose.\n- [DATA_EXFILTRATION]: The skill retrieves the APIFY_TOKEN from a .env file to authenticate requests to api.apify.com. This is a standard and safe method for managing API credentials.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface when processing data from external social media platforms.\n
- Ingestion points: Untrusted content is fetched from api.apify.com dataset items within the reference/scripts/run_actor.js script.\n
- Boundary markers: The script output uses simple text separators but lacks explicit delimiters or instructions to the agent to ignore any embedded commands within the content.\n
- Capability inventory: The agent has the ability to execute further commands and write to the filesystem across various scripts, which could be misdirected if malicious instructions are present in the scraped data.\n
- Sanitization: The script truncates long fields but does not sanitize the content for injection markers or escape special characters before displaying them in the chat.
Audit Metadata