Skills
skills/connorads/dotfiles/firecrawl/Gen Agent Trust Hub

firecrawl

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute firecrawl and npx firecrawl commands for web searching, scraping, and browser automation as described in SKILL.md.
  • [EXTERNAL_DOWNLOADS]: The skill documentation in rules/install.md and rules/security.md guides the installation of the firecrawl-cli package from the npm registry.
  • [REMOTE_CODE_EXECUTION]: The firecrawl browser command features an eval capability which allows for the execution of arbitrary JavaScript code within a remote browser environment.
  • [PROMPT_INJECTION]: The skill processes data from external websites which presents an indirect prompt injection surface. The rules/security.md file defines a security model to handle this untrusted data.
  • Ingestion points: Untrusted web content is retrieved via scrape, search, and crawl commands.
  • Boundary markers: Use of the -o flag is encouraged to isolate fetched content within the .firecrawl/ directory.
  • Capability inventory: The skill has the ability to write to the local filesystem and perform network operations through the CLI tool.
  • Sanitization: The documentation recommends quoting URLs and using incremental reading tools like grep or head to limit exposure to potentially malicious content embedded in web pages.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 03:37 PM