firecrawl-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's scripts (scripts/firecrawl_research.py and the FireCrawl /v1/search usage) explicitly search and automatically scrape full content from public web results via the FireCrawl API, ingest that untrusted, user-generated third-party content into markdown files, and then read/convert those files (e.g., scripts/generate_bibliography.py), exposing the agent to indirect prompt injection from arbitrary web sources.