Security Audit

apify-ecommerce

github.com/apify/agent-skills

AI SkillCommit 0ea3e0099fde

TRUSTED

Scanned 9 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

apify-ecommerce received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 0 medium, and 1 low severity. Key findings include Node lockfile missing, Arbitrary File Write via Unsanitized Output Path.

The analysis covered 4 layers: dependency_graph, manifest_analysis, llm_behavioral_safety, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 11, 2026 (commit 0ea3e009). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

85%

Dependency Graph

98%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Filesystem Write

2 findings

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Arbitrary File Write via Unsanitized Output Path The `run_actor.js` script uses the user-provided `--output` command-line argument directly in `writeFileSync` without proper sanitization or validation. An attacker can specify a path traversal sequence (e.g., `../../../evil.txt`) or an absolute path to write arbitrary data to any location on the filesystem where the script has write permissions. The `path.dirname` check only verifies the existence of the parent directory, not that the final resolved path is within an allowed boundary. Implement robust path sanitization and validation for the `outputPath` argument. This should include: 1. Resolving the path using `path.resolve()` to get an absolute path. 2. Ensuring the resolved path is strictly confined to a designated output directory (e.g., by checking if it starts with the absolute path of the allowed directory). 3. Disallowing absolute paths or paths containing `..` if only relative paths within a specific output directory are intended.	Unknown	reference/scripts/run_actor.js:178
LOW	Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution.	Unknown	/var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-4i91qrxv/repo/skills/apify-ecommerce/reference/scripts/package.json

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/40f45d4c29f9c7d0.svg)](https://skillshield.io/report/40f45d4c29f9c7d0)