pp-firecrawl

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs storing the access token via a CLI command (firecrawl-pp-cli auth set-token YOUR_TOKEN_HERE) which requires embedding the secret value verbatim in generated commands (even though an env-var alternative is mentioned), creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md documents commands like "scrape", "scrape-and-extract-from-urls", "crawl", and "firecrawl-search" which fetch and extract from arbitrary public URLs (using LLMs), so the agent ingests untrusted third‑party web content that can materially influence subsequent actions.