Security Audit

apify-trend-analysis

github.com/apify/agent-skills

AI SkillCommit 0ea3e0099fde

TRUSTED

Scanned 9 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

apify-trend-analysis received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Path Traversal via unsanitized output filename.

The analysis covered 4 layers: dependency_graph, manifest_analysis, llm_behavioral_safety, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 11, 2026 (commit 0ea3e009). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

85%

Dependency Graph

100%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Path Traversal via unsanitized output filename The `SKILL.md` instructs the LLM to construct a `node` command that includes an `--output` argument for saving results to a file. The filename for this argument is intended to be derived from user preferences. The `reference/scripts/run_actor.js` script, which processes this argument, directly uses the provided `outputPath` (from `values.output`) in a file write operation (implied `writeFileSync` within the truncated `downloadResults` function) without proper sanitization. An attacker could provide a malicious filename containing path traversal sequences (e.g., `../../../../etc/passwd`) to write data to arbitrary locations on the filesystem, potentially leading to data corruption, unauthorized file modification, or even remote code execution if critical system files are overwritten. 1. In `reference/scripts/run_actor.js`: Implement robust sanitization for the `outputPath` argument. This should involve validating the filename to ensure it does not contain path separators (`/`, `\`) or directory traversal sequences (`..`). Consider using `path.basename()` to extract only the filename and `path.join()` with a designated, secure output directory to prevent writing outside of it. 2. In `SKILL.md`: Instruct the LLM to explicitly sanitize or validate user-provided filenames before constructing the `--output` argument, or clearly communicate to the user that only simple filenames without special characters or path separators are allowed.	Unknown	reference/scripts/run_actor.js:46

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/f1dff79055b5fbe0.svg)](https://skillshield.io/report/f1dff79055b5fbe0)