Skills
skills/firecrawl/cli/firecrawl-browser/Gen Agent Trust Hub

firecrawl-browser

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx firecrawl to fetch and execute the vendor's official CLI package from the npm registry. This is a standard and expected mechanism for accessing the tool provided by the author.
  • [COMMAND_EXECUTION]: Provides an eval command that allows the execution of JavaScript within the remote Chromium environment. This functionality is intended for interacting with complex web elements and is confined to the sandboxed browser session.
  • [PROMPT_INJECTION]: The skill interacts with untrusted external web content, which presents a surface for indirect prompt injection.
  • Ingestion points: Data is ingested from external URLs via the scrape, snapshot, and open commands as documented in SKILL.md.
  • Boundary markers: Not specified; the instructions do not define delimiters to isolate external content from the agent's primary instructions.
  • Capability inventory: The skill allows navigation, interaction (clicks/forms), JavaScript execution within the browser, and writing output to the local filesystem via the -o flag.
  • Sanitization: No explicit sanitization or filtering of the scraped web content is described in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 10:10 PM