firecrawl-instruct

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's required workflow (SKILL.md) instructs the agent to run "firecrawl scrape """ to fetch arbitrary public web pages and then use "firecrawl interact" to read, navigate, click, fill forms, and extract data from those scraped pages, meaning untrusted third-party content can directly influence agent actions.