firecrawl-search
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the firecrawl CLI tool to perform web searches and content extraction, which is the core functionality intended by the vendor.\n- [EXTERNAL_DOWNLOADS]: The use of npx firecrawl may result in the download of the Firecrawl package from the npm registry if not present locally.\n- [SAFE]: The skill processes untrusted web content from searches and scrapes, which creates a surface for indirect prompt injection. This is inherent to the tool's primary function and represents an expected ingestion point. The capability inventory is limited to allowed Firecrawl commands, and data is stored in structured JSON format in the .firecrawl directory as a form of containment.
Audit Metadata