firecrawl-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill fetches and ingests arbitrary public web content (see fc.py: scrape_markdown, extract_data, search_web, crawl_docs which call Firecrawl.app.scrape/app.search/app.crawl on user-provided URLs/queries), so the agent will read and interpret untrusted third‑party webpages and search results that could contain injected instructions.