Skills
skills/firecrawl/firecrawl-claude-plugin/firecrawl-download/Gen Agent Trust Hub

firecrawl-download

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx firecrawl, which fetches the Firecrawl CLI package from the npm registry if it is not already installed locally.
  • [COMMAND_EXECUTION]: The skill executes bash commands using the firecrawl and npx tools to map and scrape website content to organized local directories.
  • [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes and saves content from external websites provided by the user.
  • Ingestion points: The skill downloads data from arbitrary URLs into local files (SKILL.md).
  • Boundary markers: None specified in the instructions.
  • Capability inventory: Bash command execution via the firecrawl tool.
  • Sanitization: No content sanitization or validation is described for the downloaded data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 08:19 PM