firecrawl-parse
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to use npx firecrawl, which downloads the CLI package from the npm registry. This is the standard distribution method for the vendor.
- [DATA_EXFILTRATION]: Local document contents are sent to the Firecrawl cloud service for parsing and AI processing, which is the core function of the tool.
- [PROMPT_INJECTION]: The parsing of untrusted documents provides a surface for indirect prompt injection if those documents contain instructions designed to manipulate the agent. Ingestion points: Local file paths provided to the firecrawl command. Boundary markers: Not used in output. Capability inventory: Bash shell access for firecrawl tools. Sanitization: Not explicitly mentioned.
Audit Metadata