firecrawl-competitive-intel
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is intended to crawl and analyze external competitor websites for business intelligence, which is a legitimate and safe use case. All external URLs and metadata point to the verified vendor, Firecrawl.
- [SAFE]: The skill handles authentication securely by requiring a FIRECRAWL_API_KEY input, adhering to established safety guidelines for credential management.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting data from external websites. However, the risk is assessed as safe given the primary purpose and restricted capability set.
- Ingestion points: External competitive websites (pricing, features, changelogs, blogs) as defined in SKILL.md.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the scraping logic.
- Capability inventory: The skill focuses on data extraction and text generation; no evidence of subprocess execution, file system modification, or unauthorized network writes was found.
- Sanitization: No explicit sanitization of the scraped data is mentioned in the workflow instructions.
Audit Metadata