firecrawl-upgrade-migration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's required workflow tells the agent to "Review Changelog" by opening the public GitHub releases page (https://github.com/firecrawl/sdk/releases), which requires reading untrusted, public third-party content that can directly influence upgrade decisions and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly runs "npm install @firecrawl/sdk@latest" at runtime, which fetches and can execute remote package code from the npm registry (e.g. https://registry.npmjs.org/@firecrawl%2fsdk) and is required for the upgrade workflow.