firecrawl-crawl
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses 'npx firecrawl' to download and run the vendor's package from the NPM registry. This is a standard and expected behavior for the firecrawl CLI.
- [COMMAND_EXECUTION]: The skill executes shell commands via the Bash tool to perform website crawling and results management.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from external websites. 1. Ingestion points: Data from URLs processed by the crawl command in SKILL.md. 2. Boundary markers: No delimiters or ignore instructions are present. 3. Capability inventory: Bash tool access and file writing capabilities. 4. Sanitization: No sanitization of ingested web content is described.
Audit Metadata