firecrawl-download

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md) explicitly maps and scrapes arbitrary public websites via the "firecrawl download " flow, fetching and ingesting untrusted third-party web pages whose content and links drive which pages are discovered and saved — enabling indirect prompt-injection from site content.