Skills
skills/firecrawl/cli/firecrawl-interact/Gen Agent Trust Hub

firecrawl-interact

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the firecrawl and npx firecrawl command-line tools to perform browser interactions. This involves executing shell commands to automate web tasks based on natural language prompts or provided code snippets.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes input via the --prompt and --code arguments, which may contain content derived from scraped webpages. This creates a surface for indirect prompt injection where malicious content on a site could attempt to influence the agent's browser actions.
  • Ingestion points: Data passed to the --prompt and --code flags in the firecrawl interact command, potentially sourced from prior scrapes.
  • Boundary markers: None identified; the skill relies on the underlying tool's handling of the input.
  • Capability inventory: Execution of browser actions (click, fill, navigate) and arbitrary script execution (Bash, Python, Node.js) within the browser session via the firecrawl tool.
  • Sanitization: No specific sanitization or validation of the input text or code is defined within the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 02:24 AM