The Agent Skills Directory

External Downloads (MEDIUM): The skill requires the installation of the 'firecrawl-cli@1.4.1' package via npm. Because this package is not from an organization on the trusted sources list, it is considered an unverifiable dependency.
Prompt Injection (LOW): The skill's primary function is processing third-party web data, creating a surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: 'search', 'scrape', 'map', 'crawl', 'agent', and 'browser' commands. 2. Boundary markers: Isolation of output in the '.firecrawl/' directory as recommended in rules/security.md. 3. Capability inventory: Shell command execution, file system access, and remote browser automation (including 'eval' support). 4. Sanitization: Instructions in rules/security.md direct the agent to use incremental reading and to ignore instructions found within fetched content.
Command Execution (LOW): The skill relies on shell commands to operate the CLI. While this is the intended functionality, it requires careful handling of user-supplied parameters to prevent command injection, which the skill addresses through URL quoting guidelines.

firecrawl