Skills
skills/firecrawl/firecrawl-claude-plugin/firecrawl-agent/Gen Agent Trust Hub

firecrawl-agent

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and execute the firecrawl package from the official npm registry.
  • [COMMAND_EXECUTION]: It utilizes the firecrawl agent command-line tool to automate web scraping and structured data extraction tasks.
  • [PROMPT_INJECTION]: The skill processes untrusted website content, which creates an attack surface for indirect prompt injection. 1. Ingestion points: Data is retrieved from external URLs via the firecrawl agent command. 2. Boundary markers: No delimiters or isolation instructions are present to separate website content from the agent's instructions. 3. Capability inventory: The skill can execute shell commands and write extracted data to the local filesystem. 4. Sanitization: No sanitization or validation of the retrieved website content is described in the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 08:19 PM