seo-firecrawl

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to run Firecrawl tools like firecrawl_crawl, firecrawl_scrape, and firecrawl_search to fetch and ingest content from arbitrary public website URLs (see the "crawl", "scrape", and "search" command sections), and that crawled page content is fed to downstream subagents for analysis, which meets all criteria for exposure to untrusted third-party content that could carry indirect prompt injections.