firecrawl
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official vendor package
firecrawl-cli@1.14.8from the npm registry. This is a standard installation of the primary tool required for the skill's functionality. - [COMMAND_EXECUTION]: The skill executes shell commands for web operations, including
firecrawl scrape,firecrawl search, andfirecrawl map. These commands are used as intended to interact with the Firecrawl API and process web data. - [CREDENTIALS_UNSAFE]: The skill manages the
FIRECRAWL_API_KEYand provides a manual authentication flow (firecrawl login). It appropriately instructs users to handle credentials via environment variables or secure CLI prompts rather than hardcoding them. - [DATA_EXFILTRATION]: Web scraping and search operations involve sending URLs and queries to the vendor's infrastructure (
firecrawl.dev). This is documented as the core functionality of the service. - [PROMPT_INJECTION]: The skill includes a dedicated security file (
rules/security.md) addressing the risks of indirect prompt injection from third-party web content. It recommends specific mitigations such as output isolation in the.firecrawl/directory and incremental reading of fetched data to prevent the agent from executing instructions found in scraped content.
Audit Metadata