firecrawl-data-handling
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructional code for data privacy and security. It includes patterns for redacting sensitive fields like API keys and passwords, and regex-based detection for PII such as emails and credit card numbers.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were found. The code snippets correctly treat fields like
apiKeyandpasswordas sensitive data to be redacted before logging. - [EXTERNAL_DOWNLOADS]: The skill does not perform any external package installations or script downloads. It includes links to well-known official documentation for GDPR and CCPA compliance (gdpr.eu, oag.ca.gov), which are handled neutrally as trusted resources.
- [PROMPT_INJECTION]: The instructions are focused on guiding the user through data handling steps and do not contain any attempts to bypass agent safety filters or override system instructions.
- [DATA_EXFILTRATION]: There are no patterns suggesting unauthorized data extraction. The logic provided specifically implements data minimization and secure export for compliance purposes (DSAR requests).
Audit Metadata