Skills
skills/firecrawl/cli/firecrawl-search/Gen Agent Trust Hub

firecrawl-search

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses npx firecrawl, which downloads the Firecrawl command-line tool from the npm registry. This is a legitimate resource from the skill author.
  • [COMMAND_EXECUTION]: The skill requires permission to execute the firecrawl CLI and npx commands to perform web searches and data extraction.
  • [PROMPT_INJECTION]: The skill processes untrusted web data from search results and scraped pages, creating a surface for indirect prompt injection.
  • Ingestion points: Web search results and full-page markdown content extracted from arbitrary URLs.
  • Boundary markers: The skill instructions do not specify any delimiters or warnings to ignore instructions embedded in the scraped content.
  • Capability inventory: The agent has the ability to execute firecrawl and npx commands in the shell.
  • Sanitization: No sanitization or validation of the external web content is described in the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 09:19 PM