firecrawl-knowledge-ingest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly directs the agent to use the Firecrawl browser to "open the portal and inspect navigation" and "scrape article content as markdown" from public or authenticated documentation portals and knowledge bases (including public URLs), which means it ingests untrusted third‑party web content that could contain instructions and enable indirect prompt injection.