firecrawl
Warn
Audited by Snyk on Feb 26, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests arbitrary public web content via the Firecrawl API (see SKILL.md examples and the scripts/firecrawl.sh "scrape", "crawl", and "search" functions), so the agent will read untrusted third‑party pages/search results that could contain instructions influencing its subsequent actions.
Audit Metadata