firecrawl-scraper
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions direct users to install code from a third-party GitHub repository (BenedictKing/firecrawl-scraper) which is not among the verified or trusted organizations.
- [PROMPT_INJECTION]: The skill is inherently susceptible to indirect prompt injection as its primary purpose is fetching and processing untrusted data from the public web.
- Ingestion points: Web pages, crawl results, and PDF documents accessed via the Firecrawl API.
- Boundary markers: There are no specified delimiters or instructions within the provided skill file to help the agent distinguish between scraped data and system instructions.
- Capability inventory: The skill enables network operations for deep crawling, scraping, and parsing external content.
- Sanitization: The documentation does not specify any sanitization, filtering, or validation steps for the content retrieved from external sources.
Audit Metadata