firecrawl-browser

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's command interface requires embedding literal text into commands (e.g., fill @e3 'password'), so an agent performing logins would need to include user credentials verbatim in its generated commands, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly navigates and interacts with arbitrary web pages and extracts their content (see the "open " and "scrape" commands and the browser workflow in SKILL.md), so it ingests untrusted third-party web content that could contain instructions influencing subsequent actions.