Skills
skills/firecrawl/firecrawl-cli/firecrawl-agent/Gen Agent Trust Hub

firecrawl-agent

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the firecrawl and npx firecrawl CLI tools to perform its primary function of navigating websites and extracting structured data.
  • [EXTERNAL_DOWNLOADS]: The skill references the firecrawl package via npx, which involves downloading the tool from the official npm registry, a well-known technology service.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external websites, creating an indirect prompt injection surface common to AI-based scrapers.
  • Ingestion points: Web content is ingested from external URLs provided to the agent as described in SKILL.md.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are specified in the skill's command templates.
  • Capability inventory: The skill is authorized to run firecrawl commands and write extracted data to the local .firecrawl/ directory.
  • Sanitization: No explicit sanitization or validation of the retrieved web content is defined within the skill's instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 05:33 PM