The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the global installation of the firecrawl-cli@1.4.1 package. This dependency is not from an organization on the trusted sources list and constitutes an unverifiable dependency.
COMMAND_EXECUTION (LOW): The skill utilizes shell commands to invoke the firecrawl CLI for scraping, crawling, and browser automation tasks. It also provides instructions for modifying the npm prefix and system PATH.
PROMPT_INJECTION (LOW): The skill has a significant surface area for indirect prompt injection from scraped web content. 1. Ingestion points: Web data retrieved via the search, scrape, and crawl commands in SKILL.md. 2. Boundary markers: The firecrawl-security rule recommends using the -o flag to isolate data in local files, preventing direct context injection. 3. Capability inventory: The skill can perform interactive browser actions like clicking and filling forms, and includes an autonomous agent command for extraction. 4. Sanitization: Security guidelines suggest quoting URLs and performing incremental reading (grep, head) to limit exposure to malicious content.

firecrawl