The Agent Skills Directory

EXTERNAL_DOWNLOADS (LOW): The skill requires the installation of the 'firecrawl-cli@1.4.1' package via npm. While this is an unverifiable external dependency, the severity is downgraded from MEDIUM because it is the primary purpose of the skill.
PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it processes untrusted third-party web content.
Ingestion points: Web content enters the agent context via 'search', 'scrape', 'crawl', 'agent', and 'browser' commands defined in 'SKILL.md'.
Boundary markers: The 'rules/security.md' file mandates isolating output in the '.firecrawl/' directory and using incremental reading (e.g., grep, head) to prevent raw web content from being interpreted as instructions.
Capability inventory: The skill executes shell commands for CLI operations and performs file writes using the '-o' parameter.
Sanitization: 'rules/security.md' provides instructions for quoting URLs to prevent shell command injection.
COMMAND_EXECUTION (SAFE): The skill provides clear instructions for executing local CLI commands. It specifically advises against using 'sudo' during installation and recommends quoting variables in shell commands to prevent injection.

firecrawl