Skills
skills/developersdigest/test-agent-skill-fc-10/firecrawl/Gen Agent Trust Hub

firecrawl

Warn

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires the installation of the firecrawl-cli npm package. Since the package is from a third-party source not included in the pre-approved trusted repositories list, it is flagged as MEDIUM.
  • [COMMAND_EXECUTION] (LOW): The skill relies on executing shell commands with the firecrawl utility. It provides safety instructions, such as quoting URLs, to prevent command injection.
  • [CREDENTIALS_UNSAFE] (LOW): The skill includes instructions for managing authentication via firecrawl login. No hardcoded API keys or secrets were found in the provided files.
  • [PROMPT_INJECTION] (LOW): Category 8: Indirect Prompt Injection risk from web ingestion. Evidence: (1) Ingestion points: Search and scraping commands that download external web content. (2) Boundary markers: The skill mandates using the -o flag to write output to the .firecrawl/ directory, keeping it isolated from the primary LLM context. (3) Capability inventory: Subprocess execution of the CLI and file system writes. (4) Sanitization: Includes instructions to use grep or head for incremental reading to limit exposure to potentially malicious instructions embedded in web content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 18, 2026, 08:40 PM