skills/jeremylongshore/claude-code-plugins-plus-skills/firecrawl-deploy-integration/Gen Agent Trust Hub
firecrawl-deploy-integration
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill references and downloads the official Firecrawl SDK (@mendable/firecrawl-js) and uses verified Docker images for Firecrawl and Redis services from their official repositories.
- [PROMPT_INJECTION]: The skill establishes an attack surface for indirect prompt injection by configuring endpoints that process untrusted data retrieved from the web via the Firecrawl API.
- Ingestion points: External data is ingested through the req.json() calls in the scraping and webhook handlers within api/scrape.ts and api/webhooks/firecrawl.ts.
- Boundary markers: The provided code examples do not include delimiters or specific instructions to the agent to disregard potential commands embedded within the scraped content.
- Capability inventory: The agent environment has access to file system modification tools and shell command execution through various platform CLIs (vercel, fly, gcloud).
- Sanitization: No logic is provided in the templates to validate, filter, or sanitize the content returned by the scraping service before it is presented to or processed by the agent.
Audit Metadata