firecrawl-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly describes performing web searches and optional full-page scraping of arbitrary public web pages (see the "--scrape" / "fetches full content" options), so the agent will ingest untrusted third-party content that could contain instructions.