firecrawl

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's MCP tools (firecrawl_scrape, firecrawl_crawl, firecrawl_search, firecrawl_extract) fetch and scrape arbitrary public web pages and search results—untrusted, third-party/user-generated content—that the agent is expected to read and interpret.