firecrawl-map

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly states the "firecrawl map" command discovers and lists URLs by crawling arbitrary public websites (e.g., "Discover URLs on a site" and the example firecrawl map "<url>"), meaning the agent fetches and interprets untrusted third‑party web content that can influence follow‑on scraping/crawling actions.