firecrawl-crawl
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the firecrawl CLI and npx firecrawl commands within a Bash shell to manage website crawling and content extraction tasks.
- [EXTERNAL_DOWNLOADS]: It uses npx to retrieve the firecrawl package from the npm registry. This is a standard method for accessing the vendor's command-line tools and is consistent with the skill's purpose.
- [PROMPT_INJECTION]: The skill processes data from external websites, which introduces a surface for indirect prompt injection.
- Ingestion points: Website content is extracted and processed during crawling operations.
- Boundary markers: The instructions do not provide specific delimiters or warnings to ignore instructions within the crawled content.
- Capability inventory: The agent has access to the Bash shell to run specific vendor-approved firecrawl commands.
- Sanitization: No explicit sanitization or filtering of the retrieved web content is described in the skill documentation.
Audit Metadata