firecrawl
Warn
Audited by Snyk on Feb 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill's commands (e.g., "firecrawl scrape https://example.com", "firecrawl search ... --scrape", "firecrawl crawl", and the browser/agent flows) explicitly fetch and ingest content from arbitrary public URLs and search results, so the agent will read untrusted third-party web content that could contain indirect prompt injections.
Audit Metadata